Apple skewered over missing DNS patch

Discussion in 'OT Technology' started by piratepenguin, Jul 30, 2008.

  1. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    OS X: no thank you.
     
  2. Limp_Brisket

    Limp_Brisket New Member

    Joined:
    Jan 2, 2006
    Messages:
    48,422
    Likes Received:
    0
    Location:
    Utah
    you don't say?
     
  3. impulse_Z

    impulse_Z The Champagne of OTers ™

    Joined:
    Aug 29, 2001
    Messages:
    41,393
    Likes Received:
    47
    Location:
    Boston
    It just works.
     
  4. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    OS X Server sucks. Everyone knows this. Its a niche product, and you shouldn't rely on it unless you have a really good reason.

    Fortunately there is Linux. Or Solaris.
     
  5. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    but but but but apple...... just works :eek3:
     
  6. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    The desktop OS has 1% of the problems of Windows. I know that burns, but its true. Which is why you recommend OS X to people.

    B b b ut you have a COMPLEX over that fact! OH NOES!
     
  7. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    my win-based dns server was patched, negro. good thing i wasn't using os x!
     
  8. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    Yes. Because noone says that Mac OS X Server 'Just Works.'

    In fact, it JUST SUCKS.

    But its not the same product as the desktop OS, is it?
     
  9. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    methinks the core is methinks
     
  10. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    yawn. who cares? who uses OSX server anyway, especially for running something like DNS? and don't you all realize that this kind of shit is a constant for Winders and has been for years? Windows is a server OS that gets used quite often, yet i'm certain that it has tons of gaping holes just waiting to be exploited right now. shit, that's why every install of Windows, both desktop and server, needs tons of 3rd party software to help plug the security holes. you need personal firewalls and all kinds of virus/adware/spyware/malware scanners to keep Windows alive and well. oh, and now you've found one real flaw for a barely used version of OSX for a job that no one in their right mind would use OSX for? good job.
     
  11. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
  12. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    Apparently the patched BIND isn't stable on OS X Server, so they're sort of stuck for the moment.
     
  13. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    This is just the Apple attitude towards security on all of their products and YOU ALL KNOW IT.
     
  14. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    Name another instance of this happening, and you might have an argument.
     
  15. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    You got starry eyes, my friend.



    http://www.securemac.com/applescript-tht-trojan-horse.php



    According to secunia: still not fixed :dunno:

    I believe I've lost the blog post where the hacker (who discovered this flaw iirc) discussed Apple's attitude to security on the whole, and they are useless to sum-up.
     
  16. critter783

    critter783 OT Supporter

    Joined:
    Jul 15, 2005
    Messages:
    1,785
    Likes Received:
    0
    There's also an unpatched flaw with ARD agent that allows arbitrary code to execute as root without authentication. Apparently, Apple has known about it for over a year without releasing a patch.
     
  17. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    that's the flaw that trojan exploits.


    apple has not got security right.

    but at least they look purdy :rofl:
    (for rape)
     
  18. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    Haha. They've known about it for 4 years.
    http://rixstep.com/1/20080625,00.shtml

    I forgot the old thread we had about this that got derailed & locked. http://forums.offtopic.com/showthread.php?p=101252929 (actually I remembered it, but I can't search the forums since I have no sub. However, Firefox 3's amazing history search came to the rescue)

    Satisfied with your 'other instance' Peyomp? :mamoru:

    If not, I would say to you 1. you are a careless dumbass as bad as apple and 2. google apple opener. It shouldn't come to that.

    Stay safe.

    mac-hacking: just works.
     
  19. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    i'd just like to see examples of Mac's getting compromised. i'm sure every single person here has anecdotal evidence of Windows PCs being wrecked by adware, spyware, viruses, trojans and the like. Now, Apple computers are getting to the point where most of us should know a few people who are running OSX. Let's hear the actual evidence of people getting their OSX computers fucked up due to any sort of malware. so far all you have posted is hypothetical, possible, someone could, maybe, might hack a vulnerable mac and thus used that to claim that OSX is insecure.

    how about this? how about one of you finds a few examples of compromised systems? you can use the internet to find some anecdotal info. go ahead.

    i'll start. it isn't completely current, but it is recent enough... your turn.
    http://www.computerworld.com.au/index.php/id;128348660;fp;16;fpid;1
     
  20. critter783

    critter783 OT Supporter

    Joined:
    Jul 15, 2005
    Messages:
    1,785
    Likes Received:
    0
    You're a system admin. You know that the bridge from possible to actual is just effort and ambition. Proof-of-concept is absolutely enough.

    Would you feel better if I used the ARD exploit to run a "Hello World" app on all the Macs on my campus? How about I add a dozen lines of code that send an email to an address. How about I have them all send a thousand emails to an address? Maybe I download some plist files and fuck up all the program settings?
    Its not "if." Its when.
     
  21. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    it's been around for a year. when?

    proof of concept isn't enough when you can compare it to the real world of Windows.
     
  22. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    People have gone into Apple stores and wrecked havoc on their insecure machines. (some Apple stores have manually fixed one or two of the, er, zero days)

    http://rixstep.com/2/1/20080718,00.shtml

    I can tell you: If Apple doesn't get their act together OS X, sir, will be fucked. The introduction of the iPhone could be OS X's downfall, or Apple's. Because they are fooking useless.

    If Mozilla had this attitude it would be the same situation for them. It's not about market share numbers (they come into target appeal obviously), it will ultimately come down to the attitude and the CARE. And it looks like OS X is doomed.

    Apple have a lot of work to do, but further, they have to get their priorities right.

    Proof of concept is a good indication of what would or could happen if OS X ever had the target appeal of Windows.
     
  23. trouphaz

    trouphaz New Member

    Joined:
    Sep 22, 2003
    Messages:
    2,666
    Likes Received:
    0
    http://gizmodo.com/5034839/windows-vista-pwned-by-web-exploit-that-cant-be-stopped

    http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1324395,00.html#

    hmm... this sounds MUCH worse than that DNS problem. it is a Vista vulnerability that theoretically can't be fixed because it is inherent to the architecture of Vista.

     
  24. Peyomp

    Peyomp New Member

    Joined:
    Jan 11, 2002
    Messages:
    14,017
    Likes Received:
    0
    Did you guys notice that this was patched?
     
  25. piratepenguin

    piratepenguin New Member

    Joined:
    Jun 18, 2006
    Messages:
    1,067
    Likes Received:
    0
    Location:
    Ireland
    I heard the day it was patched. What's your point lol?

    As for Windows. I would never have called Microsoft security minded, but the last few years I feel they're fighting back (often at the user's expense). Not that I use it or follow it much.

    I know one thing: and that is that the number one thing about a product being secure isn't even market-share, it is effort and care. Firefox has about a quarter the market-share of IE or more. You do not want to see the day that OS X has a quarter of the market share of Windows. If Apple weren't to change how they treat security issues, they would probably be sued for negligence 157 times.
     
    Last edited: Aug 10, 2008

Share This Page