BlackberryOS. Since day 1, crowned “most secure OS on the planet”.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Researchers Delve Into Major Vulnerability Patched in iOS 16.3 and macOS 13.2
- Thread starter MacRumors
- Start date
- Sort by reaction score
Simple numbers game, more interactive features more bugs. Today we want automation, collaboration, sharing everything. A good example of be careful what one asks for.
The Internet opened Pandora's Box ... or maybe Pandora's Network. It's never going back.
Everyone defending Apple should realize every piece of hardware Apple needs to write software for is in Apple’s ecosystem. It’s not like Apple has to deal with 3rd party motherboards or chipsets. Hell, even 3rd party Apps need to be approved by Apple before they hit the store.
With this & the fact Apple used to get revisions right the first time invokes a fair assessment. Apple has divested from at least it’s quality control with at least iOS & not only should provide more assets from a usability standpoint, but from a security position as well.
With this & the fact Apple used to get revisions right the first time invokes a fair assessment. Apple has divested from at least it’s quality control with at least iOS & not only should provide more assets from a usability standpoint, but from a security position as well.
This is why new devices should be rolled out in September and new iOS versions rolled out in January
Anker finally comes clean about its Eufy security cameras
Anker lied, ignored, deflected — but now, we have answers.
www.theverge.com
Billions of lines of code, millions of interactions between components of the code.
Owning something doesn’t change the facts of modern software. There will always be bugs, vulnerabilities, and exploits. Period.
No they didn’t. Over the years apple has had its fair share of bugs.
Bugs are in virtually every piece of software that exists. I say this as someone who leads teams in developing bespoke software that starts in the six figures and routinely gets into the seven and eight figures. We can chase the long tail of diminishing returns if the client wants us to, but when the choices are between (1) 99% of what you want at 100% the cost, or (2) 90% of what you want at 10% the cost, almost every client will choose the latter.
Outside of heavily regulated industries where that level of attention to detail is warranted (and the prices they can charge are commensurately higher), clients who chase after that last 1% rarely stay in business. I'm reminded of Steve Jobs demanding a particular welding technique while he was at NeXT. It was wildly expensive, but it allowed his cube-shaped computer to have perfect 90° angles...that no one cared about. Decision-making like that is what led to NeXT being on a downhill trajectory, but served as a valuable lesson for him as he came back to Apple.
Outside of heavily regulated industries where that level of attention to detail is warranted (and the prices they can charge are commensurately higher), clients who chase after that last 1% rarely stay in business. I'm reminded of Steve Jobs demanding a particular welding technique while he was at NeXT. It was wildly expensive, but it allowed his cube-shaped computer to have perfect 90° angles...that no one cared about. Decision-making like that is what led to NeXT being on a downhill trajectory, but served as a valuable lesson for him as he came back to Apple.
Who else do you expect to fix it for them, Microsoft, Google, three alphabet government agency 😝
here's the full listing of security documents
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.
About the security content of macOS Ventura 13.2.1 - Apple Support
This document describes the security content of macOS Ventura 13.2.1.
About the security content of iOS 16.3.1 and iPadOS 16.3.1 - Apple Support
This document describes the security content of iOS 16.3.1 and iPadOS 16.3.1.
The human body, millions of years of evolution, gets ‘bugs’. No system is free of weaknesses or being used in unintended ways. Especially no system using the complexity and multifunctional aspects of modern tech.
The exploits have been there for many years, just only recently discovered.
See above.
I don't know if people believe that is true, but many of these bugs should be caught in the engineering phase or the design phase. Others should be caught by tools that are available to analyze source code. With a good choice of language and compiler one can even have the ability to prevent writing code that has certain classes of bugs. Much of this (all?) has been well known in computer engineering and computer science for decades. Compiler design and choice of language help a lot.
Apple seems to be doing better than others, but when products (features, OSs and OS updates) are rushed to market without enough time to design and code well, you get things like this. Obviously nothing is perfect, but some of the bugs are amateurish.
I happen to have experience in the area - computer engineering and computer science degree undergrad and grad computer science at a UC school and now a lot of years experience. I have never said any platform is without problems or vulnerabilities, it is easy to attack a straw man but serves no purpose.
See my reply above, but you are right about writing code for an impatient world. Apple needs to slow down. Have proper engineering, proper design, proper coding and proper testing. If this means 18-24 month updates, so be it. If features take longer, that's fine too. Constructive criticism is good and should be allowed for debate, not grounds for attack. In both my personal and professional opinion, I think Apple's software is head and shoulders above others. Things like ADP being critical In that regard. Their commitment to privacy is great, even if not perfect. ADP went a long way to showing they are willing to ignore statists who don't believe in privacy being a human right.
I've been using Apple since the Apple ][, 128k Mac, through today so perhaps you are projecting about not liking Apple. I would prefer Apple to improve and state valid areas where it needs to, not play ostrich when they clearly have some problems in the engineering and development area.
Ignoring a problem or wishing it away won't stop it from happening again. When you have more than a billion devices that are active bugs that are being actively exploited the consequences can be immense. Particularly so for people who are in professions that particularly rely on security. Particularly so for sources whose lives could be at stake.
I can't speak for others, but that's why I point out poor engineering or design, probably caused by the deadlines imposed on the engineering teams.
As some say: you can have it fast or good, but you can only pick one. Apple needs to stop imposing artificial deadlines and ship it when it is ready.
Last edited:
Have you considered writing senior vice president of Software Engineering Craig Federighi at Apple with your thoughts and ideas on how to create software that's 100.0% perfect 100.0% of the time? From your perspective it seems they could use your help.
If not, will you do it?
Let's compromise. MacOS is a walled garden with many lovely gates.
Again, I never said 100% perfect, 100% of the time. However, when software engineering is under an artificial time constraint, quality suffers. And throwing more bodies at it won't help.
Personally, I'd prefer quality software even if it took an extra 6-9 months. I suspect he is aware of it, but when your boss says this is the deadline, you ship whatever is there and hope the public beta etc was sufficient.
It would be interesting to know whether Apple is developing tools of their own or integrating the sort of memory fuzzing that Google use to pick up those memory related issues preemptively. I think it is impossible to catch every memory related vulnerability but ideally Apple should be working on tools that would enable them to preemptively fixing the problems before they arise.
Last edited:
Every operating system that you all on this thread have used will have had some type of vulnerability. Might not have been exploited, but it will have been there.
Every operating system that we all will use in the future will also have vulnerabilities. Software is too complex for this not to happen. The important thing is the speed at which the producers of that OS can react and fix vulnerabilities once they’ve been found. I think, In this instance, Apple did a decent job.
Every operating system that we all will use in the future will also have vulnerabilities. Software is too complex for this not to happen. The important thing is the speed at which the producers of that OS can react and fix vulnerabilities once they’ve been found. I think, In this instance, Apple did a decent job.
You should assume so. Apple announced that they won't guarantee that they patch all known vulnerabilities in older operating systems.