10th May 2005, 08:28 PM
10th May 2005, 09:29 PM
10th May 2005, 11:32 PM
whats a FUD? sorry, i need to catch up on this kind of jargon.
10th May 2005, 11:57 PM
I get my news from
11th May 2005, 06:40 AM
Fear Uncertainty Doubt.
Originally Posted by nightpiper
A technique often used by a certain large software company to 'scare' people away from Open Source and various free sofwares.
This Apple security issue is understandable. It's a re-run of the latest Mozilla XPI issue and the entire the entire class of IE/Windows Active X issues.
If you are going to allow a web browser to download code from the net, you are in trouble. The bad guys are continuely going to try and breach the 'trust' model you wrap around this 'feature'.
Apple at least doesn't run Safari in the kernel contex like MS does with IE. I haven't looked at the dashboard app in detail yet. I hope Apple haven't been as stupid as to give the dashboard app implied admin rights...
Interestingly most of the past Apple security patches have been in OSS parts of OSX (although there have been patches for the proprietory components as well). The security fixes for the OSS components have been mostly for POTENTIAL security issues found by code inspection. Very few make it to a real exploit. As apposed to another popular OS's security patches which are generally in response to an exploit getting out into the 'wild'.
11th May 2005, 08:27 AM
i guess the more services you have listening on your machine, you will always be prone to more attacks. With Mac, we arent too afraid of kernel level attacks as we do not run as root most of the time, but believe me, an attack on the middleware or services could proof as troublesome. Patching and updates is still a must. Not so much of FUD....
11th May 2005, 09:22 AM