Slashdot Mirror
Apple Drops Snow Leopard Security Updates, Doesn't Tell Anyone
Freshly Exhumed writes "As Apple issued an update for Mavericks, Mountain Lion, and Lion yesterday, Snow Leopard users have not seen a security update since September, 2013. This would not be noteworthy if Apple, like a host of other major software vendors, would clearly spell out its OS support policies and warn users of such changes, but they have not. Thus, the approximately 20% of Mac users still running Snow Leopard now find themselves in a very vulnerable state without the latest security updates."
This update had one security fix. The fix for the recent SSL bug. This bug did not affect OSX Snow Leopard or earlier, therefore this update is not needed.
It's not at all a sign that Apple no longer supports Snow Leopard.
I won't buy Apple products since February, 2014. Won't tell Apple.
Are there Macs that can run Snow Leopard but cannot run Lion?
My 2006 Mac Pro 1,1 supports Lion, and it's one of the oldest Intel Macs. I don't think there's many people "stuck" on Snow Leopard; they should be able to upgrade to Lion and get security updates. Apple has historically only supported the current and previous versions of OS X. Basically, Lion users are getting unexpected support right now, and I think it's because of the large installed base that can't run anything newer than Lion.
Surely someone has written open source equivelents to Snow Leopard's software by now. Even if no one did, there is no logical reason for software to become EOL'd. You either fix problems for the life of the hardware, or you provide the information for your customers to fix those problems themselves. That should be law, btw.
Time is what keeps everything from happening all at once.
Snow Leopard is particularly important for many users because it was the last release to support Rosetta. Anyone who still needs PowerPC apps can't upgrade.
My wife still uses Apple Works, so upgrading won't work for her.
Also, Apple has been known to push upgrades that break things without warning, so upgrading is often a last resort. For example, we were running 10.5, and iTunes asked if we wanted to update our iPad to the lastest release. After doing so, it said we had to upgrade iTunes. But we couldn't upgrade iTunes because that required 10.6. There went our ability to sync the iPad.
IIRC, the bug was introduced (fairly) recently. iOS 5 doesn't have it, either.
Best Slashdot Co
Snow Leopard isn't vulnerable.
Mavericks is a free update from SL. My mac came with Leopard originally, and runs Mavericks fine.
Apple just like Microsoft is out to make a profit. Hate Microsoft all you like but they had a clear road map for expiration of support.
There are some older Intel based Macs that will not run anything later than Snow Leopard. Also, Snow Leopard will NOT run on PowerPC based Macs. The latest OS that will run is Leopard.
They do not need to clearly spell out support policies and warn user of anything because it just work. This is obviously a case of user error, simply replace the user and continue.
Given that it costs you nothing to upgrade to the latest OS X now, why are people still running the old version?
I have a MacBook Pro made in 2007 that I bought from a friend last year because I needed a Mac, not because I wanted the bragging rights that come with the latest shiny. It came with 10.6 (Snow Leopard) - because he was lazy, and I gave Apple the vast amount of 13 British Pounds to upgrade to 10.8 (again, because I needed it - Xcode didn't like 10.6, and the guy with the latest OS X DVD was on holiday). I did all this only because I needed the stuff there and then an Apple was taking its time with the latest shiny, so I wasn't planning to upgrade to 10.9 if they wanted more money for it. But since they offered it for free I didn't wait long.
If it costs money to upgrade I understand the reluctance - that's what's keeping XP still alive and kicking (it has an even more incentive to stay around as the upgrade costs a hell of a lot more than Apple used to charge), but it's free people! You don't even have to get a cracked copy off the Pirate Bay!
Waiting for the responses that "company policy", "IT department won't approve", bullshit. Kick the IT department in the nuts. They're the ones that will need to fix your Macs when your VPN login details get pastebinned.
Question for religious people: where do unrepentant masochists go when they die?
Any Macs with Core Duo processors (e.g. 2006 era iMacs) can run Snow Leopard but not Lion.
Someone noticed !! Who says Mac is dead !!
I have an old pre-unibody MacBook Pro that has the old Core Duo (not Core 2 Duo) CPU - it's a 32-bit chip and Lion won't run on it, so I'm stuck with Snow Leopard. Which I don't mind, really - it's still quite snappy after installing an SSD. I think I can get another couple of years out of it.
Who's the other major software vendor? Microsoft? They spell out their support policies quite clearly. Everyone knew well in advance when Microsoft was ending support for XP, an OS that's been supported far, far longer than anything from Apple. My Intel iMac at home is stuck at OSX 10.6.8. It was built several months too soon and lacked some random bit of hardware related to the BIOS which disqualified it from being a proper 64-bit machine. By the time Apple announced it was dropping support for that version I hadn't seen updates in about a year anyway.
Instead of just criticizing Apple for what they do wrong, there seems to be this compulsion to make everything relative so that Apple doesn't look so bad. I'd argue that in this particular case Microsoft is a lot better than Apple. Apple seems content to sweep things under the rug as long as they can get away with it.
This is not accurate. Only Mavericks (v10.9.x) was vulnerable to the SSL issue - the security updates to Mavericks, Mountain Lion (10.8.x) and Lion (10.7.x) contained a ton of security updates in them - at least a good chunk of which would affect Snow Leopard.
http://support.apple.com/kb/HT...
However much I dislike reading this, Snow Leopard is today almost 5 years old, which is Apple's publically stated support time for their products.
Did the summary say anything about being "stuck" with Snow Leopard when you read it? It doesn't say that now as I read it. It just says that a large minority of Mac users use Snow Leopard.
In my office we have a machine or two that shipped with SL and are still within the 3 year applecare warranty period.
Who said anything about not being able to run Lion? Snow Leopard was the last version that wasn't iOS-ified. Starting with Lion some apps broke and many users prefered the Snow Leopard way of things.
I have one computer at home which stays at Snow Leopard despite being able to run Mavericks (and probably beyond). The other one has two start volumes, one with Mavericks and one with Snow Leopard.
This is not accurate. Only Mavericks (v10.9.x) was vulnerable to the SSL issue - the security updates to Mavericks, Mountain Lion (10.8.x) and Lion (10.7.x) contained a ton of security updates in them - at least a good chunk of which would affect Snow Leopard.
http://support.apple.com/kb/HT...
Please do not try to fight the reality distortion field.
You're replying to one of the biggest Apple fangirls on the site. Apple said Windows was insecure and Macs don't get viruses.
Well, fortunately there are no virus for Apple products, at least according to the guy at Best Buy who sold me this PowerBook.
The last time Apple sold a Mac that couldn't upgrade to 10.7 was back in 2007, when they discontinued their final 32-bit Mac. Apple is not Microsoft, and if you look back at support life cycles, you'll see that they've already provided support for 10.6 longer than they typically do, even releasing security updates for 10.6-compatible software as recently as last month. It also continues to get updates to XProtect, OS X's built-in anti-malware tool.
If you're still running 10.6 for some reason, your computer is either a low-end one from at least 7 years ago, or you've made an intentional choice to remain on 10.6 for some reason (likely because it was the last release that could run Rosetta, OS X's tool for running PowerPC apps), in which case you knew what you were getting yourself into when you chose not to upgrade.
I've been trying to upgrade to Mavericks for eons now. Nothing short of a full rebuild of snow leopard will solve my issue apparently. I've tried everything but the App Store always hangs. Why can't I just download it and install it?
F***Apple.
---Up Up Down Down Left Right Left Right B A START
Snow Leopard was dropped in the Sep 2013 updates.
There were stories similar to OP's back in Dec 2013 when more updates came out and people noticed no Snow Leopard.
::raises hand::
That's me --- I can't move off of Mac OS X 10.6.8 until I find a replacement for Macromedia FreeHand --- I suppose at some point in time I'll just have to resort to running it in a virtual machine (there was a recent post about doing that: http://www.freehandforum.org/f... ), but for now, it's simpler to just stick w/ 10.6.8
Sphinx of black quartz, judge my vow.
All Apple customers must do is spend $10,000 on new hardware, another $10,000 on the very latest software, and if they are lucky before their old machine gets eaten by virii, they can spend a few thousand more on software to transfer their old data to their new system. Send Apple a one-time $3500 recycling fee, along with the old hardware shipped (shipping prepaid by user), and you are good to go. I know Apple folk have a "Money is no object" philosophy, and neither does Apple. So $40,000 and this problem is as good as fixed. If Apple wanted to make it even easier for people, they could just write an iPhone app. (available for purchase at any Apple Store(tm)) that automatically deducts the money from users bank accounts (along with a small processing fee), and scours the users private data for address. Two Apple people come to your house (for an additional fee), transfer your data, take your old hardware, leave the new hardware, and you are done. One button, $50,000 and done!
Snow Leopard is the last usable version of the Mac OS.
In the latest, you have what once was a snappy UI marred by excessive animations that you simply can't turn off if you want the faster UI.
From Safari's "flying cockroach" download icon, to the damn forced animated roll out and roll up of all disclosure triangles, Apple's addition of animations to EVERYTHING and without "a please don't animate this, I liked it when I clicked on something and the results were instant" switch, the Mac UI has gotten more and more annoying and distracting to use.
Bouncing Safari screens? Windows that pop open in your face? Email that flies off the screen? Who needs them? Not me.
Previously, you could hold control command D over text in Safari, in Mail and in TextEdit and the results would display as fast as they could in a dictionary window.
Now, the word highlights, pops open, then shrinks back, the dictionary pops open, then cascades the results down as it draws the window.
All this distracting animation, when all the user wanted was to see the definition of the word as fast as they could see it. That's why they pressed the command keys in the first place.
Apple's UI designers have lost their focus and are no longer creating user interfaces that help users without getting in their way. All too often, the interface appears to exist simply to be as busy and as distracting as it can be.
This is why I still use Snow Leopard as my primary operating system on my 5 Macs at home.
- Zav - Imagine a Beowulf cluster of insensitive clods...
Can the open source community create a super long term support Linux distro? Most of the components of a Linux desktop have been just fine for a long time. I would be still comfortable with a KDE3 or GNOME2 desktop, for example. So stick with something that works, and concentrate on support and quality assurance for 10 years. Seeing all the bugs and unnecessary reinventing of things is very tiring and I would jump into that kind of distro in an eyeblink.
Many people wanted still to stay abroad even with crusty Windows XP (no desktop compositor, terrible security) despite the extended support ending, so there is clearly an interest for this kind of long-term conservative OS.
I think the issue is not how long they support an OS for, but how public they make their road map. With Microsoft users have a fairy clear and well publicized timeframe of support and lots of warning for when a particular version of Windows will no longer receive updates.
Based on the +5 Insightful rating of this post now, a lot of others read it the way you did, but I read it like this:
"This would not be noteworthy if Apple would clearly spell out its OS support policies and warn users of such changes like a host of other major software vendors [already do], but they have not."
So, totally agree with your post, but I think the author of the summary also agrees with you based on my interpretation.
1) Microsoft kept selling XP until 2010, a full year after Windows 7 was released. Apple wasn't selling systems running Panther (four versions older) at the same time they were selling Snow Leopard.
2) Which also drastically shortens the difference between Snow Leopard and XP, since Microsoft finally stopped selling their OS in October 2010 and Lion was released in July 2011.
3) XP was sold for so long because Microsoft screwed around (and around and around) with Longhorn, and then released that half-assed POS known as Vista. If Longhorn had come out moderately behind schedule in 2004, XP would have been dumped years ago.
4) Vista was such an ungodly abomination that going back to XP was an upgrade in terms of both user experience and performance. And Vista was way too bloated to run on Netbooks, which were booming at the time.
5) XP was and is a security hellhole. After a reinstall, you could find your computer compromised before you could download updates to fix Microsoft's vulnerabilities. Whereas Apple's UNIX-based operating system had real privilege separation, didn't run everything as an administrator, and didn't' leave unneeded services running all over the place. This is of course a story about a bad bug from Apple, but they haven't had to release as many fixes as Microsoft because they haven't needed to.
XP isn't supported out of the goodness of Microsoft's heart, but because of their sloppy design process and delayed products.
Uh...I didn't even get a security update for Mountain Lion. I have one for the App Store, which requires a restart, but that's it.
I'm hoping the App Store update will finally let me hide "Upgrade to Mavericks!" messages.
It used to be that low IQ was failing to identify the continuation of some trivial numerical sequence on some trivial test. The new low IQ is use-case blindness, the inability to even hazard a guess at the myriads of reasons other people live differently than you do. The ravening mob of blindness promulgators are ever with us. Pity.
Here's my story.
I bought my wife a second generation Core Duo iMacs, which I believe has never been upgraded from the original Leopard. I use this computer so rarely (about ten hours per years) that I can barely keep track of which leopard presently holds court.
The computer works—until some piece of software offers to "upgrade" itself, then restarts with a whole new user interface (I'm looking at you, iTunes). Then I'm constantly told the computer doesn't work any more, but the real problem is that she hasn't figured out where all the familiar functions were forcibly relocated.
I'm not willing to sit down at her desk and chase GUI tidbits from point A to point B, so I just told her "don't click upgrade". When something visibly breaks, then I'm willing to sit down and deal with it. Meanwhile I have enough sysadmin on my plate with my own Linux desktop, where I'm heavily invested in ZSH, and my FreeBSD server, where I'm making very heavy use of ZFS. This is where my neural matter wants to go.
I have a very low tolerance for having something trivial I've mastered at the autonomic level yanked back to the center of my attention. It took me close to a decade to cease seething about the relocation of the CTRL key in favour of a CAPS LOCK key that should have been ALT-NUMLOCK or, even better, CTRL-ALT-INSERT. FFS I can type ~50 wpm in ALL CAPS using the right shift key for six of my fingers, alternating to the right shift key for the other two. But guess what? The CAPS LOCK key is more prominent to my left pinkie than ENTER is to my right pinkie. If we normalize the utility of the ENTER key to 100, the utility of the CAPS LOCK key comes out around -1000.
The problem with most upgrades is that it's always more of this father-knows-best groupthink bullshit.
It's a huge project just to figure out what's going to change. The only recourse one has to all these unnecessary relearning cycles is to skip as many releases as humanly possible. I'd be thrilled if XP is the last Microsoft OS I learn how to use in this lifetime. I was an early adopter of Windows 2000 and I stayed there until 2000 went out of support. Later I ended up using XP in a different work environment and I can't name a single thing that improved, except that I had to disable a lot more bling for half a day. Long ago I held out on MSDOS until I could jump straight to Windows NT which I adopted within weeks of the Intel P6 becoming available. That was a real upgrade, one well worth reprogramming a decade of autonomic habits. I never used any of the shitshow 3.1/95/98 for more than the very occasional hour.
These upgrades change a lot of stuff for extremely dubious benefits. An upgrade is going from UFS to ZFS. That I can buy into. An upgrade is going from System 7 to OS X. On that one I can sell my wife.
What I really want concerning these fairly useless system frobs is the semantic web: searchable metadata describing every user interface action that formerly existed and whether it still exists in the new version, plus a mapping to a more-or-less equivalent version, if such a thing has even been retained. Oh yes, Apple is good at silent castration. Ideally the OS would track which user interface functions have been regularly used, and list out all the things the upgraded user will be instantly forced to relearn. But no. It's sexy. No assistance offered retraining for sexy. That what sexy means, lo
There is no "very vulnerable" state for 10.6.8 users, and the recent SSL vulnerability only affected 10.9 among Mac users. The central contention of the original post is false.
Are you sure? I swear my Macbook has had security updates more recently than September...
In any case, I can't justify $1,200 on a new laptop when the only thing my 1st Gen Macbook doesn't do is last on battery for longer than 3 hours when I have Facebook open, and when it rarely leaves my bedside anyways (considering I have an Asus tablet with keyboard dock, Android phone, plus work-issued laptop and tablet). Sure, there are cheaper laptops, but none of them feel as good to use as my Macbook.
PowerBooks are discontinued for years and years and years now.
As a public institution that is told to hold bake sales (only healthy ones) when we need money, keeping up with Apple's ever shorter life-cycles has been difficult.
Apple does not provide much of a discount anymore, and forces us to buy directly from them. Apple resellers are not allowed to sell hardware or software to public K-12 schools. :-(
Thankfully Ubuntu runs great on older Intel and PPC Macs. :-)
As a public institution that is told to hold bake sales (only healthy ones) when we need money, keeping up with Apple's ever shorter life-cycles has been difficult.
Apple does not provide much of a discount anymore, and forces us to buy directly from them. Apple resellers are not allowed to sell hardware or software to public K-12 schools. :-(
Thankfully Ubuntu runs great on older Intel and PPC Macs. :-)
They did.
Windows 8 requires processors with NX instructions, dropping earlier Pentium 4 (Willamette and Northwood) support, even when the systems have compatible hardware, run Windows 7 great, and could run the betas.
10.6.8 is the last version that you can use if you don't want to have an Apple ID as everything after (Lion, Mountain Lion, Mavericks) requires it during installation.
If they release a version of Mavericks with Rosetta and without forced Apple ID then I'll upgrade. Otherwise I'll just run Linux/Windows on them when Apple does stop supporting Snow Leopard.
My very expensive Mac Pro 8-core 16GB-ram 3.0GHz machine is orphaned onto Snow Leopard because of it's 32-bit boot ROM. I have been mad about my inability to upgrade the ROM and my inability to benefit from subsequent enhancements. I was consoling myself by considering the machine a general workstation capable of running GNU language tools and such, but I thought web and email would still be there. Although the CPU's are not the latest, 3.0GHz Xeon 8-core is still a muscle machine. Let me guess, Apple doesn't have enough money to pay engineers to back-port security fixes? You know I would have paid several hundred dollars to solve the boot-rom problem so I could move on with post SL operating systems. There is no doubt that I am happier on Mac OS X, but there is no reason for Apple to squeeze us this hard with this short upgrade cycle on the hardware. If I were just buying a thousand dollar notebook from them every three years, I could deal with that, but as a developer I am used to buying developer class machines. My current MacBook Pro was over three thousand dollars. 15" with retina, 2.8GHz Intel Core i7, 16GB-ram(1600 MHz DDR3) 750GB-SSD. I am curious how long this notebook will remain viable. The MacBooks I bought for my father and sister several years ago are already version restricted as well. Our family have been and want to remain pro-Apple but this is becoming more difficult as Apple's hardware design decisions cause continuing pain for the faithful. If I lose the remainder of my AppleFaith(tm) I will be transitioning to non-Apple hardware and *nix for generic workstation activity.
That Snow Leopard doesn't get updated every time Lion and Mountain Lion (and Now Maverics) gets updated?
Stop the fucking presses!!!
If the boneheads who wrote TFS and TFA had been watching the security-announce-requests@lists.apple.com for the last 7 years they would see many cases where older OS versions did not get updated on the same schedule because the different OS versions are not always susceptible to the same security issues. Duh! They would have also noticed that sometimes the older OS versions got updates that the newer OS versions didn't get... because..... wait for it... the different OS versions are not always susceptible to the same security issues. Duh!
The angst over which machines move forward with new OS versions and which ones get left behind is definitely a touchy issue... Apple has never let on which machines will be abandoned until they release the OS to the public. Let's face it. If your machine is going to be left behind, Snow Leopard 10.6.8 is a nice stretch of the boondocks to be pastured in. Snow Leopard is Apple's Windows XP.
For my part I am sticking with Snow Leopard until it is not viable to stick with it, because Lion and forward broke compatibility in major ways and I am not going to spend thousands of dollars for software upgrades just to have the latest OS abortion from Cook and Co. Sure the OS is free... but the app upgrades are NOT.
Fuck you Adobe, MS, et al. How much arm twisting did it take to get Cook to hand you a sweet deal like this?
PS: This time there was no CPU transition to justify breaking compatibility.... 64 bit had almost no impact. So WTF was so important that breaking compatibility was acceptable? It wasn't the sand-boxing. That can be turned off on per application. It wasn't Dynamic Allocation Randomization. AFAIK that is transparent to applications. No app developer worth their salt tries to predict where the allocator will put the next Phys allocation, and it doesn't matter to the App since it's living in a Logical Address Map anyway. AFAICT the ONLY reason Lion and greater broke compatibility is to generate revenue for the big 3rd party devs.
If they release a version of Mavericks with Rosetta and without forced Apple ID then I'll upgrade.
Rosetta isn't coming back, ever. It got cut a long time ago because it was a pain in the ass for Apple to keep it going. Would've been easy if it was just an emulator, but it's not -- it required Apple to keep building all system libraries for PowerPC, to maintain the layer which translated PPC system calls to x86 system calls, and to essentially double their application compatibility testing workload. All for a tiny handful of holdouts, whom they want to encourage to move on to native apps.
As for Apple ID, there is no need to wait. It's not forced. You need one to download Mavericks from the Mac App Store, but once you've got it, you do not have to enter an Apple ID during installation if you don't want to. When you get to the install step which asks, either there's a skip button (*) or you just hit command-Q (the normal "quit" shortcut) and you can bypass it.
* - I don't remember offhand whether there's a button for this now. I want to say there is, but I haven't installed recently enough to be confident in that. Nevertheless I'm quite sure that there is a way and that it's either a visible button or cmd-Q, because months ago I installed Mavericks in virtual machines for testing purposes several times, and for some of them I deliberately didn't enter an ID.
My macbook pro was $2200 in mid-2007, not quite "low end." It's had enough hardware problems without losing software support from its manufacturer. I have not replaced this machine because there was a financial crash. You may have heard. Things where I live are not so well improved as WSJ says the country is.
My macbook pro was $2200 in mid-2007, not quite "low end."
But what about the other possibility I laid out? After all, I said if it wasn't a low-end machine, it must be the other option, and I'd certainly agree with you that yours was not a low-end machine. Let's re-read what I said:
If you're still running 10.6 for some reason, your computer is either a low-end one from at least 7 years ago, or you've made an intentional choice to remain on 10.6 for some reason
Clearly your machine was not a low-end one, but given that all of the MacBook Pro models released in the mid-2007 update (e.g. what I believe is your machine, based on the price you provided) are still fully supported and capable of running Mavericks, I can only assume that if you're still on 10.6, you're there by choice. The last time Apple sold a MacBook Pro that was incapable of upgrading to 10.7 or beyond was October 2006, when they discontinued the first-gen MacBook Pros that used Core Duo chips (yours uses a Core 2 Duo, in contrast).
So, again, I'd still suggest you're on 10.6 by choice, particularly so since the update to Mavericks is free for you, and last time I checked, free means free, regardless of if you live near the WSJ HQ or not. ;)
P.S. I may have it wrong, however, if you purchased your machine right before the mid-2007 updates. Even if you did, however, you'd still be able to upgrade to 10.7 and receive security updates via it, so that wouldn't disprove the assertion I made in my previous comment.
try right-clicking the "Upgrade to Mavericks!" and it will give a drop down option to hide the upgrade ;)
Oh and there is a version of Security Update 2014-001 for Mountain Lion. If your App store still doesn't show it you can go to http://support.apple.com/downl... and download/install manually.
I think the issue is not how long they support an OS for, but how public they make their road map. With Microsoft users have a fairy clear and well publicized timeframe of support and lots of warning for when a particular version of Windows will no longer receive updates.
What good is a public roadmap if companies don't follow through?
Of course news about a fake are Fake News.