eWeek: Leopard has more Holes than Spots

aceducy

macrumors member
Original poster
Sep 28, 2007
37
0
eWeek: Leopard has more Holes than Spots

http://www.eweek.com/article2/0,1759,2209676,00.asp?kc=EWKNLENT110207FEA1 [if that link doesn't work just search eweek.com for Leopard security flaws]

These guys haven't even scratched the surface of Leopard security issues. Bottom line: There hasn't been a patch/update since 11 days before its release. Inexcusable.

If we try real hard, we can catch up to the MSWindows security level
 

Sky Blue

Guest
Jan 8, 2005
6,860
10
These guys haven't even scratched the surface of Leopard security issues. Bottom line: There hasn't been a patch/update since 11 days before its release. Inexcusable.

If we try real hard, we can catch up to the MSWindows security level

Nonsense. Leopard was released a week ago. An update by mid-November is reasonable. Same thing happened with 10.4 and 10.3..
 

aceducy

macrumors member
Original poster
Sep 28, 2007
37
0
Nonsense. Leopard was released a week ago. An update by mid-November is reasonable. Same thing happened with 10.4 and 10.3..
Get a grip, oh 7000 post wonder. It was frozen for production on Oct 17th. Pout, toss a fit if you like, but it's already almost a month old.

And don't compare the complexity of 10.5 with 10.x - this is a totally different animal. It requires itself to be handled quite differently. This behemoth MUST be patched daily - and no whinning about update server overloads like on the 26th.

Everything in that article was right on - and they only mentioned about 15% of the security issues
 
You would be hard pressed to find a bigger Apple hater than eWeek

Why is it that only the publications and analysts that have a vested interest in keeping users on Windows are the one who are bashing Leopard?

Some of eWeeks diatribe is purely opinion:

Regarding the firewall's allow all, deny all, or pick by application choices, Mogull noted that the choices are a step backward from the flexibility of Mac OS X 10.4, where the firewall was network service-based, not application based.
I welcome this change, it has replaced my need for Little Snitch.

I am not swallowing the whole "Leopard is full of holes" just because some Apple haters say it.

In regards to OS X. I like it, I use it, and I've never been hit with malware, and if the only malware that pops up is socially engineered stuff, I will always be safe.
 

Sky Blue

Guest
Jan 8, 2005
6,860
10
Get a grip, oh 7000 post wonder. It was frozen for production on Oct 17th. Pout, toss a fit if you like, but it's already almost a month old.

And don't compare the complexity of 10.5 with 10.x - this is a totally different animal. It requires itself to be handled quite differently. This behemoth MUST be patched daily - and no whinning about update server overloads like on the 26th.

Everything in that article was right on - and they only mentioned about 15% of the security issues
Ummm, I have 1200 posts over 3 years, but thanks for playing.
I'm not 'pouting', merely suggesting that with previous OSs Apple has posted a .1 update a couple of weeks after release...they do have to test it after all. i did like the 'behemoth' bit though, very funny.

Please do explain how 10.5.0 is different to 10.4.0. You might also like to point out the security holes in 10.4.0 (I'm sure goggle will help you out there) and how quickly Apple fixed them.

Also, I'd be interested in these "server overloads". You might want to make your trolling a little less obvious.
 

Celeron

macrumors 6502a
Mar 11, 2004
704
9
I read said article. Unless I missed it all it complains about is deficiencies in the OS X Firewall. Is this really that big of a deal? I personally don't trust workstation firewalls anyway and protect all of my machines using my Cisco router. For devices inside my network that are untrusted I have these seperate into individual VLANs with ACLs preventing access to anything but the Internet.

In any case, I don't think the complaints here are really cause for "immediate patching" or any other sort of immediate action. Assuming the firewall is off, are there any services on OS X that are even exploitable at this point?
 

mkrishnan

Moderator emeritus
Jan 9, 2004
29,777
12
Grand Rapids, MI, USA
In any case, I don't think the complaints here are really cause for "immediate patching" or any other sort of immediate action. Assuming the firewall is off, are there any services on OS X that are even exploitable at this point?
This is a fair point, but at the same time, it does seem that the firewall does not behave in the way a reasonable person would expect. The firewall is there for security -- it doesn't do anything else except its stated purpose. So saying that whether or not it does what it says it does is unimportant because you don't trust software firewalls anyways is nice for you, but absurd for everyone else. My Mac sits behind a completely closed airport base station also. So of course I can just turn my firewall off. But things like networked games are sold for Macs quite commonly (and require port access), and just because I don't play them doesn't make those users' needs irrelevant.

What if Cisco had sold you a router whose firewall functioned in the way that Leopard's appears to? Would you simply write it off, or would it suddenly be important to the world because it fits your usage profile? Right?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.