, 2005-08-18
According to the Apple Web site, Security Update 2005-007 was released to the public on August 12, 2005. And, as with all of their recent security updates, it is available to all Apple customers free of charge. I'm sure none of you reading this article will argue with me about that being a good thing.
Expand all |
Post comment
It's only a matter of time...
2005-08-18
Anonymous (2 replies)
Anonymous (2 replies)
"First of all, not all of OS X is open source, rather, some of the more important parts are not."
This is a clasic trap that management tends to fall into. The "but the really important parts are more secure than the OS ones" argument is a fallacy.
If someone can hack in through a compromised OS software piece and plant keystroke loggers and root kits it won't matter how hardened your kernel is. Their in. And if they succeed in getting their exploit software on your machine, they will most definitely, given time, get your passwords, personal information and if you do any banking from that machine your account information.
Let's not forget that these exploits already exist for most Unices, and any exploit that runs on unpatched BSD machines open source software will in fact run very nicely on ANY Mac OS X implementation of the same that has not been patched.
That would be anything from zlib to gzip to any other GNU software that got installed.
Don't get too comfortable, as soon as Mac went to BSD it became vulnerable in exactly the same ways.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/348/32283#32283