Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Mac OS X Security Update 2004-05-03
- Thread starter MacRumors
- Start date
- Sort by reaction score
Earendil
macrumors 68000
Awimoway said:
And let's remember, Apple is keeping up with the times (as far as we know) even though NO one has yet exploited any holes in OSX. Microsoft on the other hand is playing catch up on security holes that are CURRENTLY being exploited, and have been around for months/years.
Microsoft does appear to be getting better at quick patches though. Maybe if they get good enough, LongHorn can be bought as a "serious of patches!", which is what XP is turning into.
And if they really want to make some money, charge ¢2 for the OS, and ¢1 for every patch 😀
Tyler
Earendil
Snappier
Does this mean that Apple will release G5 Powerbooks this week?
Sorry, but someone had to say it... 😉
Does this mean that Apple will release G5 Powerbooks this week?
Sorry, but someone had to say it... 😉
Fuchal
macrumors 68030
OS X contains many open-source projects which are continually updated. As these are updated, possibly fixing any flaws in those segments, OS X must be updated to remain as secure as possible.
It is NOT like Microsoft releasing update after update to fix security holes in their OS.
It is NOT like Microsoft releasing update after update to fix security holes in their OS.
funkywhat2 said:
What? Did that whole, first OS X virus thing turn out to be a fake! that woudl be amazing! how did I miss this? (or am I misreading?).
In other news, c'mon, apple, c'mon...you shouldn't NEED security updates. I mean, yeah, I'm never going to rate one negative, b/c it's always better that they come out with it, but... man, my patience is being tried....
hmph
Balooba said:
I'm sorry myself... I'm not sure someone actually HAD to say it... 😉
And, excuse me, the proper post is
"YAY!!! THIS MEANS G5 POWERBOOKS ON TUESDAY!"
nobody who does these posts actually puts the ambiguity in it of asking a question....jeeze, don't you know how to mock yourself? 😉
realityisterror
macrumors 65816
Fuchal said:
if there not really a security issue (i.e. our data or hardware is at risk to be stolen or damaged or something) i wouldn't call it a security update... the term itself is sort of disconcerting... maybe call it "defense against possible future security attack"? 🙂
but really, i don't like the term security update used that way... it makes me think i am insecure... plus, it reminds me of windows 😱
reality
update problems
My iBook has frozen a couple of times since I downloaded the update an hour ago or so while I was using Safari and then iChat. Has this happened to anyone else??? And what should I do???
My iBook has frozen a couple of times since I downloaded the update an hour ago or so while I was using Safari and then iChat. Has this happened to anyone else??? And what should I do???
hgoodman said:
I recommend that you finish your comment first.
But for me, no problems so far on 3 G5s, an iMac and a PB.
jemeinc said:
Man, that's what I used to gloat about. Now my panther crashes on me about once a week :'(
still, no viruses, and I'm sure it's more stable than a wintel piece of crap. slap my wrists for wanting perfection 😉
macrlz9
macrumors 6502a
umm.... i don't see it in my software update... and i can't find it on apple's website. anyone have the link or have it downloaded that could send it to me please? my email address is macrlz9@mac.com
Awimoway said:
Wrong!
"A Microsoft patch was released on 13 April and revised on 28 April."
Knock MS all you want but at least be truthful about it.
titaniumducky
macrumors 6502a
dontmatter said:
This has been stated before!
OS X is largely based on open source. If one of these open source components is updated, OS X needs to release a patch to update this portion of OS X. They are NOT like M$ security patches fixing a hole in the OS. "Security Update" is also the general term for miscellaneous updates.
sorry to change the obviously serious convo. that seems to be going on but i plan on purchasing a new PB and i was wondering how long they take to ship if its BTO. im leaving for vacation on the 18th and i want to be able to take it with me to Puerto Rico 😀
shamino
macrumors 68040
The funny thing is that they probably don't have to require this if their Mach/BSD system is in any way similar to what I've seen on other UNIX systems.realityisterror said:
On my Linux box, the only time I have to reboot is when the kernel is updated. Other updates (openssh, XFree86, glibc, etc.) can simply be installed without a restart. After installation, you stop and restart the service that you replaced, and leave the rest of the system alone. Heck, I've even replaced my SCSI card's drivers without a reboot (of course, this only works because that computer's boot disk is IDE - that upgrade did force me to temporarily unmount all SCSI devices.)
Apple should be able to do the same thing and upgrade most components (except for the kernel and file-system drivers) without a reboot. For everthing else, they should be able to just restart the affected service - even the Finder.
shamino
macrumors 68040
An antivirus company released a "proof of concept" trojan horse program as a publicity stunt to convince MacOS X people that they need to buy antivirus software.dontmatter said:
The program they released didn't use any exploits in the system. They used a trick that has existed since MacOS version 1. They wrote a classic application (code in CODE resources) and stored MP3 data in its data fork (nothing wrong with doing that) and created an icon that looks like an iTunes MP3 icon.
The idea is that you see the icon and double-click it, not realizing it's an application. So the application runs.
The antivirus company is claiming "see how easy it is for someone to trick you into launching a virus". But they're wrong. In order for this to work, the file has to be sent to you in a format that preserves resource forks (e.g. BinHex, MacBinary or Stuffit format) and music files are never transmitted that way. And the ability to write a program like this has existed since 1984, so they haven't even invented anything new.
Combined with the fact that nobody has actually released an exploit with this trick in the entire history of MacOS, most of us consider the whole thing a hoax.
As long as a computers are attached to the internet, there will be potential security holes that have to be plugged. To believe that any piece of software is invulnerable is simply wishful thinking. When the inevitable security holes are discovered, they should be patched ASAP. Which is what Apple does.dontmatter said:
The use of open source is a double-edged sword here. Having thousands of eyeballs all over the code means that these bugs are found and fixed quickly. But it also means that those bugs can be exploited quickly if they aren't fixed, since the virus-writing community won't have to reverse-engineer anything.
shamino said:
Apple could likely get by with a user logout. But if there were updates to some of the background services such as Web, Remote Login or File sharing services, then they would need to be restarted too. But of course that would mean that you were about 90% rebooted anyways, so you might as well go all the way.
With OS X, there are so many dependances that are not part of Linux. Normally, this is a good thing which makes the overall Mac experience so worthwhile.
But come-on! Make a little sacrifice and click that "Restart..." button.
maybe the fix for the following Quicktime problem is the reason for this latest update?
Apple fixes QuickTime flaw
Apple Computer has released a fix for a flaw in its QuickTime software which was discovered and notified to it by eEye Digital Security in February.
eEye released an advisory giving full details of the flaw which it said could allow an attacker to create a movie file that would cause malicious code to execute when opened.
http://smh.com.au/articles/2004/05/03/1083436515481.html
Apple fixes QuickTime flaw
Apple Computer has released a fix for a flaw in its QuickTime software which was discovered and notified to it by eEye Digital Security in February.
eEye released an advisory giving full details of the flaw which it said could allow an attacker to create a movie file that would cause malicious code to execute when opened.
http://smh.com.au/articles/2004/05/03/1083436515481.html
Awimoway said:
That's mac propaganda. Microsoft did release the patch nearly two weeks ago with a whole bunch of other updates. I love Apple as much as anyone here, but can we stick to the facts? 🙂
iBook error
Hi - i'm getting some serious problems with my ibook g4
basically Itunes doesn't work any more, and also safari and ichat are quitting unexpectedly.
don't install update ibook users out there....
Hi - i'm getting some serious problems with my ibook g4
basically Itunes doesn't work any more, and also safari and ichat are quitting unexpectedly.
don't install update ibook users out there....
parrothead
macrumors 6502a
Can someone please tell me what the big deal is about having to restart your computer? I would understand if we were talking about force restarting it because of a crash, but come on. It's not like you can only turn your mac off 5 times and then it will die. Macs may be designed to never have to be turned off, but sometimes it makes sense. Maybe I am missing something here, but if you can't wait the 1-2 minutes it takes to restart a computer, then you need to work on your patience.
hgoodman said:
On the first reboot, my monitor resolution was way out of wack. However after the zapping the PRAM, and repairing permissions, all is well
Oh By the way, running a single 1.8Ghz G5
Well, well...was this in response to...?
Would this be in response to the Proof Of Concept we read about here recently?
funkywhat2 said:
Would this be in response to the Proof Of Concept we read about here recently?