eWeek: Leopard has more Holes than Spots

Discussion in 'macOS' started by aceducy, Nov 2, 2007.

  1. aceducy macrumors member

    Joined:
    Sep 28, 2007
    #1
    eWeek: Leopard has more Holes than Spots

    http://www.eweek.com/article2/0,1759,2209676,00.asp?kc=EWKNLENT110207FEA1 [if that link doesn't work just search eweek.com for Leopard security flaws]

    These guys haven't even scratched the surface of Leopard security issues. Bottom line: There hasn't been a patch/update since 11 days before its release. Inexcusable.

    If we try real hard, we can catch up to the MSWindows security level
     
  2. skunk macrumors G4

    skunk

    Joined:
    Jun 29, 2002
    Location:
    Republic of Ukistan
    #2
    The article seems to contradict itself pretty comprehensively.
     
  3. Sky Blue Guest

    Sky Blue

    Joined:
    Jan 8, 2005
    #3

    Nonsense. Leopard was released a week ago. An update by mid-November is reasonable. Same thing happened with 10.4 and 10.3..
     
  4. aceducy thread starter macrumors member

    Joined:
    Sep 28, 2007
    #4
    Get a grip, oh 7000 post wonder. It was frozen for production on Oct 17th. Pout, toss a fit if you like, but it's already almost a month old.

    And don't compare the complexity of 10.5 with 10.x - this is a totally different animal. It requires itself to be handled quite differently. This behemoth MUST be patched daily - and no whinning about update server overloads like on the 26th.

    Everything in that article was right on - and they only mentioned about 15% of the security issues
     
  5. kresh macrumors 6502a

    kresh

    #5
    You would be hard pressed to find a bigger Apple hater than eWeek

    Why is it that only the publications and analysts that have a vested interest in keeping users on Windows are the one who are bashing Leopard?

    Some of eWeeks diatribe is purely opinion:

    I welcome this change, it has replaced my need for Little Snitch.

    I am not swallowing the whole "Leopard is full of holes" just because some Apple haters say it.

    In regards to OS X. I like it, I use it, and I've never been hit with malware, and if the only malware that pops up is socially engineered stuff, I will always be safe.
     
  6. Sky Blue Guest

    Sky Blue

    Joined:
    Jan 8, 2005
    #6
    Ummm, I have 1200 posts over 3 years, but thanks for playing.
    I'm not 'pouting', merely suggesting that with previous OSs Apple has posted a .1 update a couple of weeks after release...they do have to test it after all. i did like the 'behemoth' bit though, very funny.

    Please do explain how 10.5.0 is different to 10.4.0. You might also like to point out the security holes in 10.4.0 (I'm sure goggle will help you out there) and how quickly Apple fixed them.

    Also, I'd be interested in these "server overloads". You might want to make your trolling a little less obvious.
     
  7. Celeron macrumors 6502a

    Joined:
    Mar 11, 2004
    #7
    I read said article. Unless I missed it all it complains about is deficiencies in the OS X Firewall. Is this really that big of a deal? I personally don't trust workstation firewalls anyway and protect all of my machines using my Cisco router. For devices inside my network that are untrusted I have these seperate into individual VLANs with ACLs preventing access to anything but the Internet.

    In any case, I don't think the complaints here are really cause for "immediate patching" or any other sort of immediate action. Assuming the firewall is off, are there any services on OS X that are even exploitable at this point?
     
  8. mkrishnan Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #8
    This is a fair point, but at the same time, it does seem that the firewall does not behave in the way a reasonable person would expect. The firewall is there for security -- it doesn't do anything else except its stated purpose. So saying that whether or not it does what it says it does is unimportant because you don't trust software firewalls anyways is nice for you, but absurd for everyone else. My Mac sits behind a completely closed airport base station also. So of course I can just turn my firewall off. But things like networked games are sold for Macs quite commonly (and require port access), and just because I don't play them doesn't make those users' needs irrelevant.

    What if Cisco had sold you a router whose firewall functioned in the way that Leopard's appears to? Would you simply write it off, or would it suddenly be important to the world because it fits your usage profile? Right?
     

Share This Page