Apple Patches 144 Security Flaws Across Seven Products

CommanderFrank

CommanderFrank

Cat Can't Scratch It
Joined
May 9, 2000
Messages
75,399
If you are old school like many of us, you probably remember the old days when Apple products were considered to be malware-proof by a majority of its users. Those days are now gone for good and Apple is patching its products on a regular basis. Most recently, Apple just released patches for 144 vulnerabilities for seven different product lines.

More security updates may be coming on Monday, October 20 when Apple releases iOS 8.1. Expect many of the bugs fixed in Yosemite also to be fixed in iOS.
Click to expand...
 
mynamehere said:
This thread should get interesting. :p
Click to expand...

x86 Windows has tons of malware and that's simply not the case for OS X. So the question is why. Probably market share more so than any inherent superior security in OS X. However it's impossible possible to prove it one way or the other but I find it difficult to believe that if the market share situation were reversed that there wouldn't be a lot more malware for OS X and probably a lot less for Windows. All software development, including malware, tends to be prioritized by platform market share
 
I really like how you presented the information in a bias free manner. It's what we should expect from journalists.

As you can see this is of course a massive contrast to the 100 or so bug and security patches Red Hat has issued over the last 4 months.

Of course Ubuntu is just as teeny tiny small of a list of hot fixes and security patches. And by teeny tiny I am referring to the size of the scroll bar on the page.

And I just opened Windows Update and it wants me to download 150MB worth of security patches.

So what's the point? Operating Systems are not free from attack because we do not want Operating Systems that are free from attack. Yosemite offers a TON of interactivity across several forms of networking standards across multiple devices. Why would you ever think that is inherently safe?
 
I'm going to buy a used Amiga. Since no one is writing software and there is next to nothing for a user base, there is no new malware :)

Seriously, software development is a mess. Companies push for difficult deadlines. The poor developers barely meet the deadlines (and not always). Code reviews? Phahh...who has time. Solid architect planning? Haha... Last minute scope changes? Pretty much the norm. Guess how much time those last minute changes get reviewed.
 
if i buy a car and the engine explodes i can sue whoever made that car or did repairs on that particular component. if software has more gaping holes than "ur mom", you're SOL. identity theft? bank account empty? trade secrets stolen? data on your computer manipulated? your problem. yea, software is so complex yadda yadda. there really needs to be more liability in software development. unfortunately that would hurt open source even more because noone would dedicate time on development with full liability. sux.
 
steakman1971 said:
Seriously, software development is a mess. Companies push for difficult deadlines. The poor developers barely meet the deadlines (and not always). Code reviews? Phahh...who has time. Solid architect planning? Haha... Last minute scope changes? Pretty much the norm. Guess how much time those last minute changes get reviewed.
Click to expand...

Low quality software can have a tremendous ROI. That's not to say software full of functional bugs is of value, but poorly written, hard to maintain and poorly documented that's functionally sound can still be of great value. Of course the value would be higher for well written, easier to maintain and well document software. But how much greater value the extra investment would bring in improving non-functional quality is difficult to analyze in many situations.
 
westrock2000 said:
I really like how you presented the information in a bias free manner. It's what we should expect from journalists.

As you can see this is of course a massive contrast to the 100 or so bug and security patches Red Hat has issued over the last 4 months.

Of course Ubuntu is just as teeny tiny small of a list of hot fixes and security patches. And by teeny tiny I am referring to the size of the scroll bar on the page.

And I just opened Windows Update and it wants me to download 150MB worth of security patches.

So what's the point? Operating Systems are not free from attack because we do not want Operating Systems that are free from attack. Yosemite offers a TON of interactivity across several forms of networking standards across multiple devices. Why would you ever think that is inherently safe?
Click to expand...

Honestly, in my opinion, I think the bigger issue here is Apple's continued way of perpetuating the fallacy that is security through obscurity.

It's not to say that others aren't guilty, but that Apple continuously and openly encourages their overtly loyal following that they are "more secure" and hide behind the guise of a veritable "Walled Garden" approach that is inherently flawed. I mean it's on their site for crying out loud.

[Intentionally polarizing comment] They might be more secure if their primary market end user didn't have the gullibility of the average 5 year old and average intelligence coefficient of a garden hose. As what is frequently joked about amongst help desk techs: 'The problem exists between the keyboard and chair.'[/Intentionally polarizing comment]

The overall point here is they intentionally mislead their following for years by hiding behind semantics and lies which resulted in misinformed end-users and in turn "Geniuses" regurgitating marketing jargon used to exploit the under-educated and misinformed simplistic userbase lulling them into a false sense of security. You're only as strong as your weakest link, if your userbase operates under a broken premise of expected security you cannot expect them to honestly be secure in their behaviors. (we could even argue that even those trained to be secure in their behaviors are even then expected to be flawed due to human nature.)

Now let's be honest, there is always going to be a vulnerability somewhere until some AI comes along and can self adapt to become "perfect" (which is even then still disputable). But the reason why everyone loves pointing and laughing at Apple is because they still continue to hide behind the "We're more secure" disguise and people still eat it up. There's always going to be some way to exploit software, end of story.

TL;DR: We're not surprised at Heartbleed and POODLE and all of these other exploits because we've either known about it or no one is sitting there touting their infallibility (TLS has superseded SSL for years, yet people still prefer SSL because... well it goes back to the human element mentioned previously). We're laughing at the Apple fanboys who continue to defend Apple even though they continue to perpetuate their fallacy that they're "better" than everyone else. The problem is, they're not, they are just like everyone else.
 
144 flaws? That has to be a typo. Everyone knows that Apple Products Just Work And Never Have Any Problems. They Are Magical Devices.
 
You must log in or register to reply here.
Back
Top