Shellshock Security Threat

Started by David, October 02, 2014, 10:32:08 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

David

October 02, 2014, 10:32:08 AM
it's time for an update...


QuoteLate Friday, Apple reassured Mac OS X users that most were protected by default, but nonetheless that it was working on a patch. The vulnerability in Bash, which stands for Bourne Again Shell, also affects Linux and UNIX systems. - See more at: http://threatpost.com/apple-patches-shellshock-vulnerability-in-bash-for-os-x#sthash.UPXUEAQu.dpuf




http://threatpost.com/apple-patches-shellshock-vulnerability-in-bash-for-os-x


Prepress guy - Retired - Working from home
Livin' la Vida Loca

StudioMonkey

#1
October 03, 2014, 04:59:40 AM Last Edit: October 03, 2014, 05:16:45 AM by StudioMonkey
Time flies like an arrow - fruit flies like a banana

Joe

#2
October 03, 2014, 09:59:46 AM
There was already a non-Apple fix before Apple finally got off their ass. Fortunately almost no one with a Mac uses SSH.
Mac OS Sonoma 14.2.1 (c) | (retired)

The seven ages of man: spills, drills, thrills, bills, ills, pills and wills.

frailer

#3
October 05, 2014, 10:24:01 PM
Quote from: StudioMonkey on October 03, 2014, 04:59:40 AMAlso here:  http://slashdot.org/story/14/09/30/1228234/apple-fixes-shellshock-in-os-x

but this is worrying:  http://slashdot.org/story/14/10/02/1216243/new-os-x-backdoor-malware-roping-macs-into-botnet
This seemed like an informed/balanced comment.
QuoteHmm, I've been on UNIX since SunOS days and Solaris was the new kid on the block. I've written a device driver that shipped in a commercial UNIX kernel. That said, I chose as my desktop a hybrid BSD/Microkernel architecture with POSIX compliance and a modern GUI. Or in other words, a Mac.
Macs are not stupid, they are made to be simple to use. That external simplicity hides a deep complexity underneath. I think people who don't understand that making something complex to be simple to use is one of the hardest things in Computer Science. A good size for desktop computers now is about 8GB of RAM or more. At any given time, 8GB will give you 2^(8*(2^23)) states, which of course will change in a nanosecond. Mac OS tries to, as much as possible, hide the states that don't mean anything to you. It's not that the MacOS guys don't know they exist. They just feel YOU don't need to know they exist. Maybe they're wrong, but it's a conscious decision where they know the states that exist and they feel that showing the states is less helpful than the confusion it would engender.. Not stupidity.
The main issue (and where you have a point though you exaggerate it way past its validity) is sometimes things are complex, and if you hide that complexity, you actually cause a disservice. Apple hides a lot of its security notices. As Macs become more and more of a target, they really need to not hide the complexity as much so that people can make valid choices on how to prevent malware infections.
Forgotten good guys: Dennis Ritchie, Burrell Smith, Bill Atkinson, Richard Stallman
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Now just an honorary member.
Print
Go Up Pages1
User actions