More minor security flaws in Mac OS X

In comment to Jeremy Wright's post regarding the serious nature of recently published exploits for OS-X, I want to say I fully agree and am happy someone else sees the big picture.

In Jeremy's words, "We're just really lucky they're figuring them out [i.e., the exploits] before they get public."

But much as I hate to reveal it, Jeremy, they're already about as "public" as it gets.

My G5 was hit by the BOMArchiveHelper exploit several days ago while attempting to download Windows freeware from MajorGeeks dot com.

My new, 'improved' Firefox browser v1.5.0.2, which had just been installed, was hacked so badly that Java rendering and draw had gone woebegone... stringing web pages out horizontally rather than vertically and the auto-update function was locked into always-on mode.

Safari crashed completely.

Later I discovered that during the episode a hacker had been able to penetrate NetBarrier's defenses and tamper with several of my stored documents, so that I was unable to open them by any means.

As well, it was impossible thereafter to decompress Stuffit hqx archives. After two successive formats/reinstalls of OS-X v10.3.9 I've come to suspect that a firmware-targeted rootkit may have been deployed against me. It's the 'gift that keeps giving,' you know.

Several anomalies surfaced during the first format... glitchy little things I'd never seen before; afterwards, with the new system laid in I was still unable to decompress archives.

During the second format/install, after DiskUtility had completed the zeroing-out process, I got the dreaded RED ARROW on the disk image, and an advisory to the effect that "I could not install OS-X to this disk because OS-X could not boot from this disk," etc. Scary stuff.

I figured my goose was fully cooked and my wabbit woasted; but after a forced shutdown and subsequent reboot with CD the OS-X installer ran okay. Phew!

So I suspect a firmware anomaly in the shape of a partial rootkit file, which may have (hopefully) consisted of faulty code. At any rate, the BOMArchiveHelper anomaly still exists, particularly when attempting to decompress Stuffit-wrapped installer packages from mizog dot com (SecretShredder).

All PowerPC Macs use a type of CMOS flash technology which tends to become evident after a reinstall job, when some of my old settings preferences re-emerge. That ain't just by chance, sportsfans.

Going through the full plethora of 10.3.9 updates, which I keep stored on media, there were no problems in decompressing Apple .dmg packages. So I don't know what's going on; only that Stuffit hqx archives are off limits for now... whereas other zipped and compressed packages open fine.

10.

Hypocrites? We don't have time for that. We're too busy buying our subscriptions and updating and running Norton, McAfee, Panda, Spybot, Ad aware, Microsoft AntiSpam, Grissoft, etc. etc. etc....

How is "Don't open an attachment from someone you don't know or trust" a security flaw?

Especially when the two security companies who *have* rated this issue rated it "extremely critical" and "critical".

I love how every time Microsoft issues a patch the snark flows like lava from Krakatoa, but when it's on the Mac it's "minor".

What a bunch of hypocrites.

It's irresponsible to call these "minor" security flaws. Let's be clear: by opening an image, an attacker can execute any code he damned well wants on your machine, with root privileges.

Apple's response of taking this seriously is appropriate (as per the article linked). Calling this minor is downright foolhardy. Apple'll fix it soon enough, all the flaws are fairly fundamental (which make them, in some respects alarming), but none are complex.

You'll be "safe" again. But, as per Brent, "safe" is relative. Apple patches roughly 100 security issues per .x release, according to release notes. We're just really lucky they're figuring them out before they get public.

This notion that Macs ship "safe and sound" is a myth. It's a shame the Apple community can't acknowlege this. For something that doesn't have "regular security updates" I get them on at least a monthly basis. Actually, their frequency outpaces that of my Windows machine.

Since January, I have received 10 updates. That's more than 2 per month. Each update normally has 15 or so specific fixes. Again, this outpaces what I've experienced with my Windows machine. I also count 24 iTunes-related updates since this time last year. Such frustration is compounded by the requirement to by a new license for QuickTime Pro each time they update that product to a new version.

I'd heard so much hype about Macs before I purchased mine. Sadly, little of if has proved to be true. As time goes by, I get the feeling this is a company that ships slow and shoddy hardware with software that's not quite ready for market, hence the steady barrage of updates. This doesn't make them the exception, however - it's a company that operates like any other.

I don't have a problem with receiving updates for either OS, but I wish people would be a bit more honest about what might be expected with a purchase from Apple. You can expect the same number of annoyances as with a Windows machine, only in different areas...

MacOS doesn't have so much bugs as Windows, so it doesn't require regular security update

From what I've noticed they only seem to do security updates on Mac OS X 10.3.9 and Tiger. I think they've stopped supporting Panther in that respect.

Kevin, that's a good question. I know there have been a couple of updates in the past two months. If you didn't get them, you might want to ask Apple directly. Of course, I think one was a problem with Widgets, which wouldn't effect you.