You missed one. Buy a cheap PC, put Ubuntu on it for surfing, and leave Mac for offline work - which is what I shall do shortly.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Issues Network Time Protocol Security Fix for OS X Users
- Thread starter MacRumors
- Start date
- Sort by reaction score
You missed one. Buy a cheap PC, put Ubuntu on it for surfing, and leave Mac for offline work - which is what I shall do shortly.
The SHA1 on the certificate itself will be different than the SHA1 for each individual update. The certificate is used to sign the package (which the OS uses for Gatekeeper verification), whereas calculating the SHA1 of the package doesn't involve the certificate — it's just a checksum of the bits inside the .pkg. Using individual .pkg SHA1 checksums from Apple is usually rather pointless, as Apple tends to serve the pages listing the checksums via unencrypted HTTP. The best bet is to instead verify that the certificate used to sign the .pkg is valid, which you've done.
An even cheaper option would be a chromebook or chromebox, if all you need is a web browser.
Apple's "dot" versions are very different from MS's, so it's not a useful comparison. All that really matters is that with Apple, you have to update your OS at least every 2 years to get full support (about every 4 years for security updates), and with Microsoft, you have a lot more time. Windows 7 and Snow Leopard came out around the same time. Thank goodness you can still use Windows 7 and have complete support because everyone hates Windows 8.
----------
Exactly, it does nothing but create new problems! I'm sick of being harassed about updates every year. Apple for some reason can't just leave me alone with my OS that works perfectly fine. I have to update every 2 years (purely for Xcode; otherwise I wouldn't) and have to fix whatever new problems arise, usually slowing down my computer in the process.
They care so much about simplicity. It's nice how there are fewer hardware configurations out there (instead of thousands of models like Dell), but they ruin it by needlessly making so many versions of OS X.
Last edited:
More than understandable... I tend to agree and hope that mentality doesn't become 'old-fashioned'
. That said, I am leaning toward Chrome OS in situations where someone else needs a computer but I don't have the time to administer it for them. So long as people are aware of what is entailed with running inside Google's ecosystem, I think it's a good choice in certain circumstances.
I have been involved with several network security profiles. Getting "in the head" of the people that write these pieces of malware. Typically, they are very strong talents that come from socially or economically suppressed backgrounds. If they were in an more open job market, most would code something much more productive.
Well, that's not very bright of Apple...to ditch security updates for users who are still using these OS's is just not smart, some can't, or don't want to update to a newer OS X. Some people have invested large $ in hardware and software that works, and they should not be left with an un-secure system...OS X upgrades may be free now, but, software updates to work with them may not be. Frankly, 10.6.8 Snow Leopard is still the most stable Mac OS X Apple has made yet (and, with the exception of Yosemite, perhaps the fastest), and I've used every single Mac OS since Mac OS 8.
In fact, even though Apple wants people to update to Yosemite, I have to go back to what I used to recommend and say, you're better off waiting for 10.10.3 before upgrading, if you haven't yet.
I used to wait for 10.x.3 updates before upgrading, but, I read Mavericks betas were decent, and it was free, and it started out better than Mtn Lion, and Mtn Lion was a bit of a sluggard, so, for the first time in years, I upgraded right away.
This is the problem with making the upgrades free, people are adopting it faster than they really should be. That is, only because Apple releases OS's lately that are not ready for consumption.
Actually, with Microsoft, you're going to get a lot LESS time than you used to have, starting with the end of Windows XP support that happened last year. Mainstream support for Windows 7, for instance, ends on January 13. And with the move from Windows 8.1 to Windows 10, the rapid release cycle is being adopted by Microsoft as well. The paradigms between he two aren't nearly as far apart as you might think.
Yeah, about that....
Typing from phone so this is brief.
1. You nailed me on the 90s mentality. I'm still mad at Apple for not delivering a promised update way back then.
2. I just can't get over being LIVID that they won't issue a 1 MB patch for a critical security flaw to people who have machines they can't afford to upgrade. This doesn't affect me, I can buy whatever I want. But that wasn't always the case and I know what it's like to be left in the cold. I don't think anyone at Apple knows what that's like. They put the code out there in its flawed state. Their refusal to fix their problem speaks to a lack of character IMO.
3. Good post on your part & points being considered.
You could say the same of Windows XP. The reality is that there comes a time where older software and hardware needs to be left behind, particularly when the current version of OS X still supports 7 year old hardware, and is just as stable.
How long is long enough? Should Apple still be required to patch System 7? ProDOS?
Wut?
----------
More than understandable... I tend to agree and hope that mentality doesn't become 'old-fashioned'
That said, I am leaning toward Chrome OS in situations where someone else needs a computer but I don't have the time to administer it for them. So long as people are aware of what is entailed with running inside Google's ecosystem, I think it's a good choice in certain circumstances.
I'm starting to think that my next machine might be something I set up to triple boot ChromeOS/Linux/Windows.
I have a 2007 MacBook Pro in *great* (not "old, beat up") condition. It runs just fine, does everything I want, and there is no reason whatsoever I should replace it . . . except that it cannot be upgraded past Lion, because Apple has artificially limited their support for this older hardware.
I don't plan on replacing it for a few more years, so I guess I'm just SOL WRT security issues until then :/
Best of luck with that. I've used Ubuntu, it's a great OS, runs my web servers quite well. Just understand Ubuntu's standard support cycles: 6 months for mainstream updates, and 18 months for standard versions (yes, including security updates). The LTS cycles are 18 months mainstream and five years for security, of which 8 months of the most recent LTS has already gone by (leaving you 4 years, 4 months to go on security, and just 10 months to go on mainstream). The LTS security updates are about the same as the historical support cycles for OS X versions, and the mainstream support cycles are way, way less.
And all of those past, unsupported installations all have the same NTP bug that's got you riled up on the Mac today. The situation is no different there. Arguably even a bit "worse," assuming you like running outdated software. The answer to that is the same as on the Mac: Update your OS.
EDIT: My bad... starting with the last version, Ubuntu reduced the non-LTS lifecycle to 9 months, from 18. Including security updates.
Last edited:
Actually it is more profitable. They are not going to go through all that trouble if it was not.
"Artificial" is subjective. Your hardware is going on 8 years old. That's a pretty good run for a laptop.
I've already laid out possible alternatives that allow you to keep your OS. They just require a little extra work and some reading to get up to speed on.
Microsoft supported XP for ten years because nobody would buy its replacement.
----------
Thank you. My ex girlfriend's early 2008 iMac will run Yosemite just fine.
Most people (Note that I said MOST) who come on these forums clamoring about how Apple abandoned them because they don't put out a convenience update for Snow Leopard, or Leopard actually have machines that will run the later (free) operating systems.
But they're like vegans. They want to make a lot of noise so that people will pay attention to them.
Now I've ticked off the old OS users and the vegans. Watch the fireworks now...
New versions of OS X have a lot of bugs and are usually slower than previous versions.
While I agree about "hackers," I'm just pointing out that actually a lot of these hackers do have jobs. You know their are companies/people who get paid just to try to hack into systems and figure out security flaws, right? So some of these "hackers" you're talking about actually do have jobs. Their job is just to do what they like to do.
fix no fix on Mountain Lion 10.8.5
I installed OS X NTP Security Update 1.0 from the app store, Updates section. All that seems to have happened is time stamp updates to
/usr/sbin/ntpd
and
/private/etc/ntp-restrict.conf
Neither file has changed byte wise, although diff does report ntp differs, but no diff in ntp-restrict.conf
Either way, I still seem to be running:
ntpd - NTP daemon program - Ver. 4.2.6
I have since disabled ntpd from the Date & Time pref pane.
I installed OS X NTP Security Update 1.0 from the app store, Updates section. All that seems to have happened is time stamp updates to
/usr/sbin/ntpd
and
/private/etc/ntp-restrict.conf
Neither file has changed byte wise, although diff does report ntp differs, but no diff in ntp-restrict.conf
Either way, I still seem to be running:
ntpd - NTP daemon program - Ver. 4.2.6
I have since disabled ntpd from the Date & Time pref pane.
Hmm... same here on 10.10.1: Ver. 4.2.6. For what it's worth, "what /usr/sbin/ntpd" says 92.5.1, which is what Apple says should be there, but I'm going to play it safe and disable time sync as well.
oh, what. Yes, I am getting PROGRAM:ntpd PROJECT:ntp-77.1.1
vs
PROGRAM:ntpd PROJECT:ntp-77.1
on the old.
be nice is there was on version of getting the version.
vs
PROGRAM:ntpd PROJECT:ntp-77.1
on the old.
be nice is there was on version of getting the version.
Are you actually out of your mind?
Penetration-testing, application/network-security etc. is a multi-billion dollar industry.
You know, because companies want to find critical bugs before blackhats do.
Kids these days...
----------
Mainstream Support meaning new features and security-bugfixes.Wut?
After that date, it's an additional five years of security-bugfixes until January 13th 2020, called Extended Support.
Know your facts.
And that's an excuse for not providing it with security updates anymore? Microsoft platforms receive security updates for at least a decade. MS also communicates very clearly the support cycle of a product before it is even launched. But unlike Apple, they are serving enterprise customers where you simply cannot expect your customers to roll out a new operating system every year. Maybe that explains their much better support cycles...