MacOS Kernel Flaw Could Allow Full-System Compromise

Toggle sidebar Toggle sidebar
Status
Not open for further replies.
*A rootkit as old as macos x. Why aren't we surprised any more? Toy software for toy computers.
(I wonder why Tom's refuses to fix this annoying transferring between .co.uk and .com, that just breaks everything and constantly sends you to redirection error pages)
 
I could don the tinfoil hat and suspect it's likely Perch that doesn't care to pay for the fix. All of the bugs in the website seem to essentially cause users to reload the website, which in turn, causes the website to throw all the advertisements at a user's machine anew. So, if all of the flaws on Tom's website were corrected, I suspect revenue would go down, even if only slightly. That isn't likely to motivate management to fix things they don't have to deal with personally on a daily basis.

In response to the article, it makes the talk of a Windows PC being less secure than an Apple PC sound like nothing more than a bunch of ignorance.

Hopefully folks remember, or at least learn the reason OS 9 was replaced by a bought and paid for OS was (which Apple essentially customized), because Apple can't write good, long term software solutions. It seems the more Apple tinkers with the product they bought, the more problems the users end up with. This has been an ongoing problem for the company. How many people remember that Apple paid Microsoft to write some of their original software? Look how badly Apple software products perform on a Windows PC. The company has some pretty serious issues when it comes to making fast, stable, and secure, long term software solutions.
 
As much as I'm not a fan of Apple products these days, I do find the way the researcher published this as quite sleezy. No prewarning to give time to fix, and providing proof of concept code on day of bug publication, all while doing this over a holiday.
 
When you have companies that behave as unscrupulous as Apple, some people are willing to throw unsuspecting users under the bus to take a shot at them. On the other hand, this pretty much forces Apple to refrain from putting the fix on the back burner as they have done in the past. When Apple's automatic update software was causing drive-by-download attacks on Windows PCs, Apple seemingly couldn't be bothered to roll out a fix for about a half-year. There will probably never be a single correct approach to security, so we can argue the merits and flaws of this particular researcher's approach, but it's been the case in the past that sometimes a little arm twisting is necessary to make large companies take action.
 
"Hopefully folks remember, or at least learn the reason OS 9 was replaced by a bought and paid for OS was (which Apple essentially customized), because Apple can't write good, long term software solutions."

Couple of issues with this, one, a good portion of what became OSX was developed at Next when Jobs was there, then he came back to Apple. Two, would anybody be complaining that Apple cant make their own OS if the exact same situation existed and Apple used Linux as the base for OSX instead of Mach/Darwin? Or some other flavor of Unix/Unix clones?

As for the Windows performance of Apple apps, it might just have to do with competition. Why would apple go out of their way to make the Windows app work and perform as good as the Mac app when they are also trying to sell Macs? They'll make it work just well enough to not kill sales of their trendy portables for Windows users, while making the Mac experience that much better.
 
Not good especially for something so old. Surprising it hasn't been found before.

Though by IT standards, it's assumed that all security measures are ineffective once you have physical access to a machine.

And of course we won't get into any windows bugs, viruses, or even vendors putting key loggers in audio drivers.
 
When Jobs was there, at NeXT? Jobs founded NeXT, with employees that he took with him after leaving Apple. Jobs was never not a part of NeXT. Jobs didn't just come back to Apple so much as Apple reacquired him as a condition of their purchase of the NeXT company.

NeXTSTEP, the NeXT operating system product, is an amalgam of the MACH kernel, BSD source code, and their own custom GUI work. For the most part, NeXT just used the existing, license-able UNIX software of the time and kernel research done by Carnegie Mellon, and built off of that.

Probably.

I suspect the same would be true for Microsoft or anybody else as well. If all Microsoft did was make their own distribution of Linux or UNIX, people would likely say they too didn't write their own operating system. Do folks insist that Red Hat has written their own OS? Apple should get credit where it's due, which is mostly in putting a pretty interface on something.

It might have to do with the fact that instead of porting their software to work natively on Windows, they force it to work through a slow, bloated API wrapper.

 
"I suspect the same would be true for Microsoft or anybody else as well. If all Microsoft did was make their own distribution of Linux or UNIX, people would likely say they too didn't write their own operating system."

Almost certainly, though I'd imagine it would be that with the amount of closed-source code MS would stuff into "MS Linux" distro, the Linux people would be throwing a fit. I mean, just look how many people consider Nvidia to be evil for tainting the kernel with their closed-source video drivers.

"It might have to do with the fact that instead of porting their software to work natively on Windows, they force it to work through a slow, bloated API wrapper."

Agreed, and they cant be bothered to write a native Windows application for reasons above.

I was just pulling that Next stuff off the top of my head, I couldnt remember whether Jobs founded it or was simply there was the early inklings of OSX were developed, but I was certain they laid the groundwork for Apple's OS, and since most people think Jobs=Apple, it really does mean that they developed their own OS, unless we want to claim, like you said, that any variation on Unix is not really new.

Besides, the same people complain that Windows has become such a bloated kludge, that should we even be proud that MS *did* create their OS from the ground up?

Probably should have headed to Wikipedia first about the Next history, but oh well.
 
No worries. I'm not sure we're actually disagreeing about much, if anything.

I just feel that, in my own opinion, NeXT, while creating a product, used off the shelf research and code libraries to start with. They didn't really do the heavy lifting of creating a new OS, and frankly, that's not necessarily a bad thing. I believe they were some 6 employees at first.

The problems start cropping up when a company doesn't actually have the technical ability to create complex software from scratch or maintain it's code base long term, and as their product ages, starts to become something of a spaghetti mess that is no longer maintainable, or is difficult and time consuming to make changes to. That's a problem Apple was looking at with OS 9. Features like preemptive multitasking and protected memory were planned and implemented up to a point, but ultimately OS X OS was far better than where Apple was at and was headed with their own, original in-house product.

That's the same reason NT 5 had to be completely rewritten and Windows 2000, the resulting product, was both delayed, and good driver support was hard to come by for a long time. Companies lost faith in Microsoft shipping 2k so didn't get their drivers ready in a timely fashion. On the other hand, Microsoft's re-write of NT 5 was actually worth the wait.

For a bloated kludge, Windows 10 is showing pretty impressive performance in Snapdragon demos. I may not be a fan of Windows 10, but it looks like Microsoft is finally realizing their goal of full Windows on ARM that they started with Windows 8, including full legacy support, which I am a big fan of. Apple's version of progress means removing all 32-bit software support.
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom