Version: 2008
  • On mySimon: Emu Stinger Mini Girls Boots

Comments on: Mac OS flaw exposes Apple users

Apple is working to patch operating-system vulnerability that could be exploited to install rootkits, backdoors.

Add a Comment (Log in or register) (13 Comments)
  • prev
  • 1
  • next
ah the first brick starts to crumble
by capfan12 February 21, 2006 1:17 PM PST
and the first brick starts to crumble
Reply to this comment
Maybe....
by Earl Benser February 21, 2006 1:28 PM PST
.... but right now it's more like a crack easily fixed before anything
serious happens. Meanwhile, we still have hundreds of thousands
of MS bricks shattered into dust at the bottom of the window.
View all 2 replies
Not really
by MacHeadCase February 21, 2006 1:58 PM PST
As the article says... Simply disable "Open "safe"
files after downloading which prevents any file
to be automatically decompressed. There is a test online to see
if Safari is safe. Mine passed...

Test for Safari is talked about in this Ars Technica article</
strong> and is available here.
More Like a Grain of Sand Falling Out of the Industrial-strength Mortar ...
by Joe Blow February 21, 2006 2:23 PM PST
between some pretty solid bricks, and it's only a _potential_ problem if you're using Safari at the moment, that will likely be fixed a lot faster than the typical Windoze critical vulnerability. Some highly-critical Microsloth gaps have been around for more than six months without even being acknowledged by them, much less fixed, even with their endless stream of patches. I'm using FireFox, so I don't need to worry about this OS X issue, and even a newbie Safari user will get an automatic update with a fix offered as soon as it's available, not whenever Microsloth decides to fix it, much less deploy it according to its patch/"upgrade" cycle.

Note that this is a vulnerability, and there's no evidence of an exploit (yet - and given Apple's fairly quick response to this kind of thing, it probably won't be worth the time to develop an exploit, as has been the case to this point). Also, an exploit would have to be hosted on a site controlled by "evil-doers" (which your average Safari user isn't going to get to before the fix is installed), or a site run by dweebs who don't know any better than to quarantine uploaded files until they've been screened for malware before they can be downloaded.

And, before any other Microsloth-o-philes start trying to pile on, your time would be better spent making sure you've installed the latest security patches, and then complaining to Billy Grates about why there are still so many critical vulnerabilities in his products (not just Windoze) that haven't been addressed. One of these days, some sharp lawyer is going to bother reading the Microsloth End User License Agreements (EULAs) and realize that there are whole classes of users that they don't apply to - government agencies, and large corporations which have maintenance contracts, for instance, and then file class-action lawsuits to demand all of that junk gets fixed, or refunds are in order, with accrued interest since the date of purchase/licensing - treble damages to be awarded, indeed (at last count there were still over 250 lawsuits stemming from Microsloth's conviction as an abuser of monopoly power, so maybe every lawyer who can spell "high-tech" is already gainfully-employed with other law suits). Where are the lawyers when you really need them? Oh, yeah, they're all waiting for Dick Cheney to go on another quail hunting expedition to the deepest, darkest reaches along the Texas Gulf Coast. I'm surprised quail haven't been designated terrorists on the watch lists, yet (maybe Dan Rather should dress up as a quail and try to board an airliner to find out if they have been! :D ).

All the Best,
Joe Blow
I don't see it
by corelogik February 21, 2006 1:45 PM PST
I don't see what they are so concerned about. I don't know what
configuration they are using, but my Safari does not "automatically"
open zip or any other archive files,....
Reply to this comment
It is a serious issue!
by pdude February 21, 2006 2:00 PM PST
I have tried it out and it's as scary as the report says it is. By the way, I program Windows, Mac and Linux. Every application in the OSX is scriptable and IMHO, Mac is a disaster waiting to happen!
View reply
It is only a matter of time...
by coryschulz February 21, 2006 1:47 PM PST
It is only a matter of time before the Mac OS becomes as popular a target as Windows. There will be a direct relationship between its share of desktop systems and the amount of viruses created to attack it.

Generally the UNIX based OS has proven more secure, but I do believe that with Vista Microsoft is taking a very serious approach to security issues. They will both be challenging to create viruses for, but there will still be programmers out there who will test their abilities against such a challenge.
Reply to this comment
time?
by moopie23 February 21, 2006 1:51 PM PST
there presently is not a "direct relationship" between market share
and the amount of viruses for Mac, so why would that start now?

And seriously, Microsoft taking a serious approach to security is a
joke. Until they rewrite the core of the OS, they won't have serious
security.
You willing...
by UntoldDreams February 21, 2006 1:52 PM PST
To put money on a Microsoft 1.0 project the size of Vista, and go on record stating that it will probably be secure and challenging to write viruses for?

Because if you are I'd be willing to take those odds and put lots of money down...
(13 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET