• This is a political forum that is non-biased/non-partisan and treats every person's position on topics equally. This debate forum is not aligned to any political party. In today's politics, many ideas are split between and even within all the political parties. Often we find ourselves agreeing on one platform but some topics break our mold. We are here to discuss them in a civil political debate. If this is your first visit to our political forums, be sure to check out the RULES. Registering for debate politics is necessary before posting. Register today to participate - it's free!

Massive OSX and iOS security flaw yet again.. still unpatched.

P

PeteEU

DP Veteran
Joined
Mar 11, 2006
Messages
38,999
Reaction score
14,334
Location
Denmark
Gender
Male
Political Leaning
Centrist
Major zero-day security flaws in iOS & OS X allow theft of both Keychain and app passwords | 9to5Mac

Researchers were able to upload malware exploiting the vulnerabilities to both iOS and Mac App Stores, despite Apple’s vetting. The compromised apps were approved for both platforms.
Click to expand...

Err not good, but this is a new bug right?..... no..

The Register says the team reported the flaws to Apple in October of last year. At that time, Apple said that it understood the seriousness of the flaws and asked the researchers to give it six months to address them before the exploit was made public. In February, Apple requested an advance copy of the paper, yet the flaws remain present in the latest versions of both operating systems …
Click to expand...

Wait what... Apple has had over half a year to fix it, and nothing? Well that is normal it seems.. they have still not fixed the SMS bug in on iPhones despite it being known for months now.

But the OSX and iOS zero day exploit.. come on Apple you cant leave your whole freaking system open for over half a year without any reaction... oh wait yes you can, because you have done it before..
 
PeteEU said:
Major zero-day security flaws in iOS & OS X allow theft of both Keychain and app passwords | 9to5Mac



Err not good, but this is a new bug right?..... no..



Wait what... Apple has had over half a year to fix it, and nothing? Well that is normal it seems.. they have still not fixed the SMS bug in on iPhones despite it being known for months now.

But the OSX and iOS zero day exploit.. come on Apple you cant leave your whole freaking system open for over half a year without any reaction... oh wait yes you can, because you have done it before..
Click to expand...


Hey, let's go easy on poor Apple.

They do not have enough cash to devote to bugs in their systems.

They only have $178 billion in reserves.

Apple
 
PeteEU said:
Major zero-day security flaws in iOS & OS X allow theft of both Keychain and app passwords | 9to5Mac



Err not good, but this is a new bug right?..... no..



Wait what... Apple has had over half a year to fix it, and nothing? Well that is normal it seems.. they have still not fixed the SMS bug in on iPhones despite it being known for months now.

But the OSX and iOS zero day exploit.. come on Apple you cant leave your whole freaking system open for over half a year without any reaction... oh wait yes you can, because you have done it before..
Click to expand...
A positively Microsoft level of performance.
DA60 said:
Hey, let's go easy on poor Apple.

They do not have enough cash to devote to bugs in their systems.

They only have $178 billion in reserves.

Apple
Click to expand...

Whaa....Whaa......Whoooo (insert caroonistic sound effects)

Still hasn't reached Linux levels of security performance (a properly set up Linux mind you).
 
People got all upset at MS because they corrected a bug a couple days later than an arbitrary three month time limit set by Google...and Apple is given a pass. :roll:
 
PeteEU said:
Microsoft would have fixed it by now.. now the Microsoft of 10-15 years ago.. well.
Click to expand...

There are still memory leaks in nearly any version of Windows that you car to run. Leave you windows up and running for 2 weeks, and see how crappy the performance gets. How much trashing around the hard drive gets. Reboot and it's back to normal.

You know, I have Linux machines that typically stay up and running 6 months at a stretch without that same performance degradation, and they are pretty much penetration proof, if configured properly.
 
eohrnberger said:
There are still memory leaks in nearly any version of Windows that you car to run. Leave you windows up and running for 2 weeks, and see how crappy the performance gets. How much trashing around the hard drive gets. Reboot and it's back to normal.

You know, I have Linux machines that typically stay up and running 6 months at a stretch without that same performance degradation, and they are pretty much penetration proof, if configured properly.
Click to expand...

And this has what to do with lack of critical Apple security updates..
 
Mycroft said:
People got all upset at MS because they corrected a bug a couple days later than an arbitrary three month time limit set by Google...and Apple is given a pass. :roll:
Click to expand...

Its more than that.. have you been following the whole Apple Music vs Taylor Swift thing? Taylor Swift pulls her latest album (not all of her music) from Apple Music because the free trial means no money to the artists. Apple caves, Taylor Swift brings her album back. Problem is now that the amount Apple is going to pay the artists both during trial and after trial has come out, and it is LESS than Spotify... which Taylor Swift removed ALL her songs from because Spotify was not paying enough to artists. The media has not jumped on this point yet, and I suspect they wont. Too me it looks like Apple and Taylor Swift colluded in pulling the wool over the consumers eyes for promotional purposes.

Apple gets away with a lot of crap that no one else would... SMS bug on iOS for example. Still not patched.
 
eohrnberger said:
There are still memory leaks in nearly any version of Windows that you car to run. Leave you windows up and running for 2 weeks, and see how crappy the performance gets. How much trashing around the hard drive gets. Reboot and it's back to normal.

You know, I have Linux machines that typically stay up and running 6 months at a stretch without that same performance degradation, and they are pretty much penetration proof, if configured properly.
Click to expand...

For someone who doesn't know how to handle MS systems perhaps, this computer has been running non-stop since the last clean install about 2 years ago, runs fast and smooth, no issues, no slow downs. I do however have much of MS automation locked up so it can't do anything I don't specifically ask it to do. Very few people I've learned bother to learn about their OS's outside of what's necessary to play games and surf the internet. Seems everyone thinks their anti-virus will be the solution to security, but it's only one small step. I have no anti-virus at all, and from time to time, about every six months, I install one and let it run a deep scan... never had a worm, virus, or trojan. A few adspy cookies make it in to the system, but my firewall is so locked down that they can't send the spy data back to whomever is hoping to receive it.

The problem I've had on the few Macs I've had to work with at other people's offices, is that they are very difficult to lock down the way I've locked down Windows, at the moment it's Windows7, but I've done the same with Win95, Win98SE, WinXP, and Win7. And now that Apple products are so popular, hackers are no longer just focusing on Windows.
 
Summerwind said:
For someone who doesn't know how to handle MS systems perhaps, this computer has been running non-stop since the last clean install about 2 years ago, runs fast and smooth, no issues, no slow downs.
Click to expand...

Yeah, I suspect that with the large number of installed software programs that I have is aggravating the issue. FireFox for example, doesn't seem to want to let go of it's virtual memory allocation once it's got it, so that's gotta shutdown and restart every few days to free it up.

Summerwind said:
I do however have much of MS automation locked up so it can't do anything I don't specifically ask it to do. Very few people I've learned bother to learn about their OS's outside of what's necessary to play games and surf the internet. Seems everyone thinks their anti-virus will be the solution to security, but it's only one small step. I have no anti-virus at all, and from time to time, about every six months, I install one and let it run a deep scan... never had a worm, virus, or trojan. A few adspy cookies make it in to the system, but my firewall is so locked down that they can't send the spy data back to whomever is hoping to receive it.
Click to expand...

Must not visit very many web sites that are questionable. I wonder, how is it that you collect all the IPs of the 'spy data' destinations? Gotta figure that this list is long, and if long enough might have a firewall performance impact, if it runs short of compute capability.

Summerwind said:
The problem I've had on the few Macs I've had to work with at other people's offices, is that they are very difficult to lock down the way I've locked down Windows, at the moment it's Windows7, but I've done the same with Win95, Win98SE, WinXP, and Win7. And now that Apple products are so popular, hackers are no longer just focusing on Windows.
Click to expand...

Yup. Macs are becoming more of a target, especially the iPhones and iPads.
 
eohrnberger said:
A positively Microsoft level of performance.


Whaa....Whaa......Whoooo (insert caroonistic sound effects)

Still hasn't reached Linux levels of security performance (a properly set up Linux mind you).
Click to expand...

and a properly setup linux has not reached the levels of bsd in security.this is sad because bsd is the base system for both ios and osx,yet they took one of the most secure operating systems that made linux look weak,and turned it into one of the most insecure.
 
Summerwind said:
For someone who doesn't know how to handle MS systems perhaps, this computer has been running non-stop since the last clean install about 2 years ago, runs fast and smooth, no issues, no slow downs. I do however have much of MS automation locked up so it can't do anything I don't specifically ask it to do. Very few people I've learned bother to learn about their OS's outside of what's necessary to play games and surf the internet. Seems everyone thinks their anti-virus will be the solution to security, but it's only one small step. I have no anti-virus at all, and from time to time, about every six months, I install one and let it run a deep scan... never had a worm, virus, or trojan. A few adspy cookies make it in to the system, but my firewall is so locked down that they can't send the spy data back to whomever is hoping to receive it.

The problem I've had on the few Macs I've had to work with at other people's offices, is that they are very difficult to lock down the way I've locked down Windows, at the moment it's Windows7, but I've done the same with Win95, Win98SE, WinXP, and Win7. And now that Apple products are so popular, hackers are no longer just focusing on Windows.
Click to expand...

wow wow slow down you have locked down win 95 and 98se???????????? those were among the most vulnerable ever produced to date,due to the fact it had so many backdoors,and win me prior had direct acces to the bios,making it possible for viruses like cih to physically destroy a computer.locking that down is like parting the red sea,it requires amazing programer knowledge.


which brings me to win 8,the new bios,uefi,is highly integrated with windows,to the point if a second os was installed without proper location,windows could reqrite the boot order making you unable to load anything but windows.but with secure boot,and windows having access to the bios like it did in the old days,its only a matter of time before a windows virus will overload a bios with gibberish and render is physically incapable.
 
Mycroft said:
People got all upset at MS because they corrected a bug a couple days later than an arbitrary three month time limit set by Google...and Apple is given a pass. :roll:
Click to expand...

Might have so0mething to do with people liking IOS and OSX, while Windows, well, not so much.
 
Redress said:
Might have so0mething to do with people liking IOS and OSX, while Windows, well, not so much.
Click to expand...

Bingo!!

Most of the whining, crying and screaming about MS comes directly from Apple fanboys.
 
Mycroft said:
Bingo!!

Most of the whining, crying and screaming about MS comes directly from Apple fanboys.
Click to expand...

And people pissed off at Microsoft for the abortion that was Windows 8.
 
Redress said:
And people pissed off at Microsoft for the abortion that was Windows 8.
Click to expand...

Even that stuff came mostly from Apple fanboys.

Oh...and those folks who were unable to wrap their minds around anything but a Start Button.
 
Mycroft said:
Even that stuff came mostly from Apple fanboys.

Oh...and those folks who were unable to wrap their minds around anything but a Start Button.
Click to expand...

No, that is just spin from Microsoft apologists and salespeople.
 
Redress said:
No, that is just spin from Microsoft apologists and salespeople.
Click to expand...

ummm...

Okay. If you say so, I guess you believe that but I read a LOT of complaints...and not just here...about Win8 and they all fell into the "Where's my Start Button!! WTF is a Start Screen?? This OS sucks!!" category.
 
eohrnberger said:
Yeah, I suspect that with the large number of installed software programs that I have is aggravating the issue. FireFox for example, doesn't seem to want to let go of it's virtual memory allocation once it's got it, so that's gotta shutdown and restart every few days to free it up.
Click to expand...
Oh, yes, I shut down Firefox and VideoEditor and similar heavy users as soon as I'm done with them for the day, so I don't shut off the puter, but I do close most programs at the end of the day.



Must not visit very many web sites that are questionable. I wonder, how is it that you collect all the IPs of the 'spy data' destinations? Gotta figure that this list is long, and if long enough might have a firewall performance impact, if it runs short of compute capability.
Click to expand...
Nope, I just have it set so everything that wants to enter the internet has to ask permission, so if it's not Firefox or Email or a program I am currently running, it doesn't get permission. Even the Windows Support and such are all locked from going online without permission.



Yup. Macs are becoming more of a target, especially the iPhones and iPads.
Click to expand...
No doubt.
 
beerftw said:
wow wow slow down you have locked down win 95 and 98se???????????? those were among the most vulnerable ever produced to date,due to the fact it had so many backdoors,and win me prior had direct acces to the bios,making it possible for viruses like cih to physically destroy a computer.locking that down is like parting the red sea,it requires amazing programer knowledge.


which brings me to win 8,the new bios,uefi,is highly integrated with windows,to the point if a second os was installed without proper location,windows could reqrite the boot order making you unable to load anything but windows.but with secure boot,and windows having access to the bios like it did in the old days,its only a matter of time before a windows virus will overload a bios with gibberish and render is physically incapable.
Click to expand...

My firewall is set to not do ANYTHING in or out without permission. So to date I've never ever had a virus or worm or trojan on any of my puters dating back to Win95 that I ran til 1999, when I finally got 98SE which I kept til I got this machine 2+ years ago. I don't use standard firewalls that don't allow for absolute control, ie some set of standards is preset and not able to override the presets. Again, the way I do things takes a little bit of time all the time, in that I have to be responding to those requests, and then once online, the site requests, as I have NoScript also locked down. For example just coming to this site I have to "allow" DP and yahooapis, but I don't make those permissions permanent on any site. Even google.com is generally locked out unless I need to use google maps, then as soon as I'm leaving the page I revoke it's permissions.
 
Redress said:
Might have so0mething to do with people liking IOS and OSX, while Windows, well, not so much.
Click to expand...

Not everyone likes them though. I can't stand the Apple OS. I've actually excused myself from consideration on a couple of jobs simply because they had Macs. Apple doesn't allow for tweaking and such, or if it does, it's way too damned well hidden. I can understand why people that just want to use may like them better, but people like me that want to control their computers, not doable with a Mac that I could find.
 
PeteEU said:
Microsoft would have fixed it by now.. now the Microsoft of 10-15 years ago.. well.
Click to expand...

No one cares.

The market has spoken, and the market likes Apple. As such, Apple is the highest valued company in the entire ****ing world.

Whatever their magic sauce is (even if that magic sauce is refusing to fix some sort of bug), it's working alright. And? I use an Apple Ipad and my sister has an Iphone and so far nothing bad has happened yet. Maybe you're blowing things way out of proportions.
 
Luftwaffe said:
No one cares.

The market has spoken, and the market likes Apple. As such, Apple is the highest valued company in the entire ****ing world.

Whatever their magic sauce is (even if that magic sauce is refusing to fix some sort of bug), it's working alright. And? I use an Apple Ipad and my sister has an Iphone and so far nothing bad has happened yet. Maybe you're blowing things way out of proportions.
Click to expand...

What's your sister's phone number? I have a text message she might...or might not...like to see. LOL!!

Just kidding, of course.
 
Luftwaffe said:
No one cares.

The market has spoken, and the market likes Apple. As such, Apple is the highest valued company in the entire ****ing world.

Whatever their magic sauce is (even if that magic sauce is refusing to fix some sort of bug), it's working alright. And? I use an Apple Ipad and my sister has an Iphone and so far nothing bad has happened yet. Maybe you're blowing things way out of proportions.
Click to expand...

Am I blowing it out of proportions? Just because the Apple friendly media dont tell you about the security holes does not mean they are not there. This is a big hole, and the tech media and normal media are all but silent about it. Had this been Microsoft, then it would be everywhere. That hackers have the ability to put malware and spyware into legit apps in the Apple App store is very very worrying.
 
beerftw said:
and a properly setup linux has not reached the levels of bsd in security.this is sad because bsd is the base system for both ios and osx,yet they took one of the most secure operating systems that made linux look weak,and turned it into one of the most insecure.
Click to expand...

Apple miss-configured the BSD core? Or Apple's GUI stuff just written as insecure as MS's GUI open up exploits?

Either way it's not good for Apple and their users.
 
You must log in or register to reply here.
Back
Top Bottom