for a given apple device on the interweb you know exactly what low level firmware is in it. microsoft; not so much.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Study Finds Significant Number of Macs Running Out-of-Date Firmware Susceptible to Critical Exploits
- Thread starter MacRumors
- Start date
- Sort by reaction score
for a given apple device on the interweb you know exactly what low level firmware is in it. microsoft; not so much.
Although most PCs running Windows get OS security patches from Microsoft, systems running XP and earlier are mostly phased out for security updates. <TL;DR>The latest security patch for XP was distributed for an emergency situation in May, 2017. Most EFI/BIOS updates for PCs have to come from the PC manufacturer, and generally conform to the hardware abstraction spec's Microsoft stipulates for Windows compatibility. This has led to some issues with the installation of non-Windows systems (such as Linux and BSD), which can sometimes have conflicts with SecureBoot settings set up by default by manufacturers with pre-installed Windows distributions. In any case, the ubiquity of the EFI standard on PCs now being sold is having an effect on OS compatibility and "legacy" support for older BIOS hardware. For example, the boot drive for any EFI hardware must use GPT (GUID Partition Table) rather than the older MBR (Master Boot Record)<end of TL;DR>. XP, which was first released in 2002, is likely at a dead end for further MS security support. MS support is still available for Windows 7 (released in 2009) and later, leaving a 7-8 year window of hardware support for systems running Windows.
The situation is different for Apple, since it supplies both hardware and software for its Macs. EFI has been used by Apple Macs since its switch to Intel processors back in 2006 with the Core Duo and Core Solo processors (both 32-bit). EFI firmware updates and support, and security updates in general, for Macs is exacerbated by the phasing out of support for 32-bit processor architecture at both firmware and OS/Application levels. I'd guess these issues to lie at the core of problems with EFI updates for older Macs. I have an old MBP 1,1 (2006) which stopped receiving software, security, and firmware updates from Apple about 5 years ago - so Apple supported that machine for about 6 years. I can still run Snow Leopard on it, but rarely do so if the machine is placed on the internet - too many security holes. By updating the original Apple EFI to rEFInd firmware, I'm able to still run a patchable Linux OS (which I can put on the internet) on it, so I guess one can say that Linux still supports this 11-year old MBP. I would hope that Apple can still maintain at least 6 year support for its hardware - just the Apple "tax" expense ought guarantee that.
Didn’t write that it was Apple and you make it clear that big brother is watching everything.
I have to point out continually to my brothers in the corporate world that the computer belongs to the boss and what we are doing is or can be monitored.
Given the rapidity of hardware/software development over the last ten years, I'm not asking for "forever"; however, if Apple makes sufficiently robust hardware and software to demand and get their relatively high prices, I don't think asking 6 or 7 years of OS support is unreasonable - particularly if the hardware tends to have at least that life expectancy. I won't go so far as to claim "planned obsolescence" is behind withdrawal of support after 5 years or so, but if I spend 3-5 thousand dollars for an iMac I expect that machine to have a 6-7 year reasonable support line. With minor, if any, hardware issues in that time frame I don't think that's out of line. PC's have not, in the past at least, had as long a projected lifetime. Desktop/laptop work PC's tend to be retired/recycled after 3 years or so, or if not, they are easily upgradeable (more memory, disk upgrades, even CPU upgrades). Apple hardware is not so easily upgradeable, at least on the user end, with glued parts, et al. Given the cost of the hardware, and the high price-point for Apple hardware repair/upgrades, robust software support would be nice. In any case, the original article was about firmware support, which is not quite the same as overall OS support. Firmware and hardware are so closely wedded that obsolete firmware can render the hardware unusable, if not literally, then practically due to unacceptable security problems.
Eh? My MacBook Pro 17-inch and iMac 27-inch are both Mid-2010, and they have been upgraded to macOS High Sierra (10.13) with no problem. I see no performance penalty due to older hardware. Actually, everything's peach...
I have an MSI 7870. It’s not flashed or anything, so when it rebooted for the firmware update, the screen was black. I don’t know what happened the first time, other than I followed the steps (hold the power down until the long time) and the update didn’t work. I put the GT120 in and tried again so I could watch the progress, and it worked. It could be that it was just a coincidence, as Apple doesn’t place any restriction on third party cards—it’s just that there’s not EFI component to show the early boot progress. I just kept the GT120 for such purposes.
This say something about sysadmins with 10-10.000 Mac in there fleet. In the report:
Mac sysadmins too often ignore the importance of EFI firmware updates, or actively remove them due to past issues with their deployment. The process of applying EFI firmware updates used to be a laborious process that required hands-on interaction by IT support staf.
It say nothing about our Mac's at home, they are not in the test.
Mac sysadmins too often ignore the importance of EFI firmware updates, or actively remove them due to past issues with their deployment. The process of applying EFI firmware updates used to be a laborious process that required hands-on interaction by IT support staf.
It say nothing about our Mac's at home, they are not in the test.
I patched that on my Mini's years ago, but I can't remember if it got folded into the OS updates after the fact.
My $4000 obsolete Mac Pro is still faster than many Apple Macs Apple is currently selling!
Sure, tell me the Mac Mini will beat a XEON. HAHA!
Try to disable Wi-Fi debug logging
Code:
/System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport debug -AllUserland -AllDriver -AllVendor
You should never ditch your hardware if it still works! my 2010 MBP still does 95% of what I need it to do, and won't get replaced until it flat-out dies.
I'm still running Mac OS Lion v10.7.5 on a 3.33 GHz six-core Intel Xeon Mac Pro (with no anti-virus apps installed) that I've had since June of 2012 and I've never been the victim of any intrusively exploitive attacks.
Having wasted hundreds of dollars over the years on anti-virus software for my previous Dell computer running various versions of WinDoze, I'm convinced that the millions (or billions?) of dollars made by anti-virus software companies is the direct result of successfully instilling fear in the hearts of anyone who is a potential customer of theirs. And considering the popularity of computers, that's a pretty big audience. Even my Mom asked me once if the ones writing the "bad" viruses for computers work for the ones that are selling the prevention or cure. Then I quickly surmised the possibility that they are one and the same, one entity that creates something that makes you sick so it sell you its snake-oil remedy to make you feel better again.
Although perhaps difficult to ever prove in court beyond a reasonable doubt that such a criminal conspiracy actually exists, I did find my mother's probing curiousity to at least cause me to pause and ponder why I always sent Norton that US $40 or so every year until eventually their software's inability to play in its own sandbox the way object-oriented apps coded for Macs are designed rendered my PC a worthless piece of humming buzzing metallic junk. Uninstalling the anti-virus software with the assistance of my younger brother who's wiser than me in these matters returned that shiny piece of electronic junk to a vague resemblance of its former self, anthropomorphically speaking. But after discovering I was still being auto-billed the $40 annual fee even after I had officially requested a cancellation, I decided that the real crooks weren't necessarily the ones coding the malicious malware and data-hungry trojan horses.
Although I'm not citing similar selfish motivations to those referenced in this article who are alleging they've discovered some previously hidden loophole that makes certain Macs vulnerable, I do offer one suggestion that renders their input virtually meaningless:
Don't power off your Mac unless you have to.
I've left my Mac Pro on (as in fully powered) for almost two years now with only one shutdown that occured during a brief local power outage. I don't even put the hard drives to sleep in defiance of recommendations by the so-called computer experts of the world and they (the hard drives) still do what they're supposed to do (stealthily I might add). In addition to keeping my bedroom warmer in the winter, keeping my Mac Pro on makes it impossible for anyone with access to a potentially compromised EFI on my Mac Pro to shift control over to their presumably nefarious designs since any such unwarranted transition would need to take place during if not before the process of booting kicks in unless I've simply been misguided all these years as to what takes place in the guts of any Mac once it is instructed to leave the silence of its energy-depleted state behind and venture back into the light of electron-fortified existence where it can once again meaningfully enhance the conscious existence of the one with the knowledge of the right button to press.
Having wasted hundreds of dollars over the years on anti-virus software for my previous Dell computer running various versions of WinDoze, I'm convinced that the millions (or billions?) of dollars made by anti-virus software companies is the direct result of successfully instilling fear in the hearts of anyone who is a potential customer of theirs. And considering the popularity of computers, that's a pretty big audience. Even my Mom asked me once if the ones writing the "bad" viruses for computers work for the ones that are selling the prevention or cure. Then I quickly surmised the possibility that they are one and the same, one entity that creates something that makes you sick so it sell you its snake-oil remedy to make you feel better again.
Although perhaps difficult to ever prove in court beyond a reasonable doubt that such a criminal conspiracy actually exists, I did find my mother's probing curiousity to at least cause me to pause and ponder why I always sent Norton that US $40 or so every year until eventually their software's inability to play in its own sandbox the way object-oriented apps coded for Macs are designed rendered my PC a worthless piece of humming buzzing metallic junk. Uninstalling the anti-virus software with the assistance of my younger brother who's wiser than me in these matters returned that shiny piece of electronic junk to a vague resemblance of its former self, anthropomorphically speaking. But after discovering I was still being auto-billed the $40 annual fee even after I had officially requested a cancellation, I decided that the real crooks weren't necessarily the ones coding the malicious malware and data-hungry trojan horses.
Although I'm not citing similar selfish motivations to those referenced in this article who are alleging they've discovered some previously hidden loophole that makes certain Macs vulnerable, I do offer one suggestion that renders their input virtually meaningless:
Don't power off your Mac unless you have to.
I've left my Mac Pro on (as in fully powered) for almost two years now with only one shutdown that occured during a brief local power outage. I don't even put the hard drives to sleep in defiance of recommendations by the so-called computer experts of the world and they (the hard drives) still do what they're supposed to do (stealthily I might add). In addition to keeping my bedroom warmer in the winter, keeping my Mac Pro on makes it impossible for anyone with access to a potentially compromised EFI on my Mac Pro to shift control over to their presumably nefarious designs since any such unwarranted transition would need to take place during if not before the process of booting kicks in unless I've simply been misguided all these years as to what takes place in the guts of any Mac once it is instructed to leave the silence of its energy-depleted state behind and venture back into the light of electron-fortified existence where it can once again meaningfully enhance the conscious existence of the one with the knowledge of the right button to press.
(...)
People with out-of-date EFI versions should know that pre-boot firmware exploits are currently considered to be on the bleeding edge of computer attacks. They require large amounts of expertise, and, in many—but not all—cases, they require brief physical access to the targeted computer. This means that someone who uses a Mac for personal e-mail, Web browsing, and even online banking probably isn't enough of a high-profile user to be targeted by an attack this advanced. By contrast, journalists, attorneys, and people with government clearances may want to include EFI attacks in their threat modeling.
(...)
https://arstechnica.com/information...remain-vulnerable-to-stealthy-firmware-hacks/
The ordinary Joe should not worry too much (and in most cases wouldn’t even be aware of the potential danger ...)
I happily consider myself unimportant enough to still employ my trustworthy (?) late 2009 Mac mini with its outdated and not upgradable EFI (and OS)
People with out-of-date EFI versions should know that pre-boot firmware exploits are currently considered to be on the bleeding edge of computer attacks. They require large amounts of expertise, and, in many—but not all—cases, they require brief physical access to the targeted computer. This means that someone who uses a Mac for personal e-mail, Web browsing, and even online banking probably isn't enough of a high-profile user to be targeted by an attack this advanced. By contrast, journalists, attorneys, and people with government clearances may want to include EFI attacks in their threat modeling.
(...)
https://arstechnica.com/information...remain-vulnerable-to-stealthy-firmware-hacks/
The ordinary Joe should not worry too much (and in most cases wouldn’t even be aware of the potential danger ...)
I happily consider myself unimportant enough to still employ my trustworthy (?) late 2009 Mac mini with its outdated and not upgradable EFI (and OS)
Same. Mine won't die. Even if it is slow it still does everything I need. Upgrading is a sour proposition with the current pricing model.
Except Apple doesn't RANDOMLY decide that at all. It's carefully calculated based on a number of factors, including a subjective opinion of the level of performance they see when using a given hardware/software combo, and features that won't work because the hardware chip needed is missing on a given machine.
Microsoft would never dare attempt this because 99% of the hardware is made by other companies. They don't know for sure what's in any given PC. Now that they make the Surface line of products though? You might start seeing them obsoleting OS's on them too, just like Apple does.
Microsoft would never dare attempt this because 99% of the hardware is made by other companies. They don't know for sure what's in any given PC. Now that they make the Surface line of products though? You might start seeing them obsoleting OS's on them too, just like Apple does.
I’ve thought many times about changing the battery and upgrading to an SSD (it’s already maxed out at 8Gb memory). But, like you, it’s doing what little I ask of it. Makes it easier to decide not to put any more money into an aging machine.
The other part of that is thanks to Apples long delay in coming out with a new MBP I started using an iPad, which I happily use 95% of the time now and look forward to one day upgrading it to a Pro model.