It is being reported on the news today that some sort of major security issue has been found on Apple products. Everybody who has a mobile Apple device (iPhone, iPod, etc.) is being urged to download a security update. But it was reported there is no security update available yet for Apple desktop computers. People who have MacBook Pros and other Apple computers are urged to be careful at public internet cafes. There was no word when a security update would come out for desktop computers.
Apple product security issues
- Thread starter Mystic
- Start date
- Status
That is interesting. After I saw this reported on the news (I was concerned because I have an iMac in addition to a Windows computer). I checked online and Slate had an interesting article on this, but there also was a website reporting that Germany was warning about security issues involving Apple mobile devices and Apple computers. So perhaps the NSA actually may have been involved developing ways of obtaining data from Apple mobile devices and computers (hopefully Apple did not help them do it-that was being discussed in that article). I think this NSA stuff is getting out of hand. And you can bet that the bad guys will probably back engineer the software and have this technology themselves.
And worse of all this spying on millions of ordinary people does nothing to stop terrorists. Terrorism in Boston could have been prevented if they had paid attention to a couple of telephone calls from the Russians.
And worse of all this spying on millions of ordinary people does nothing to stop terrorists. Terrorism in Boston could have been prevented if they had paid attention to a couple of telephone calls from the Russians.
The NSA apparently approached Linus Torvalds about inserting a "back door" into the Linux kernel, too.
Here is some info about the iOS and OSX SSL vulnerability: https://threatpost.com/apple-ssl-vulnerability-affects-osx-too/104434
Here is some info about the iOS and OSX SSL vulnerability: https://threatpost.com/apple-ssl-vulnerability-affects-osx-too/104434
Quote:
The NSA apparently approached Linus Torvalds about inserting a "back door" into the Linux kernel, too.
OT: I don't understand they whole report behind that; Linux is OSS and thousands of people are reviewing the source code. The NSA has even contributed a commonly used security tool called SE-Linux to the code base.
Approaching L.T. regarding this seems to be a wild disconnected request, with no clear understanding of the whole development model or their own participation in it.
The NSA apparently approached Linus Torvalds about inserting a "back door" into the Linux kernel, too.
OT: I don't understand they whole report behind that; Linux is OSS and thousands of people are reviewing the source code. The NSA has even contributed a commonly used security tool called SE-Linux to the code base.
Approaching L.T. regarding this seems to be a wild disconnected request, with no clear understanding of the whole development model or their own participation in it.
Quote:
http://www.forbes.com/sites/erikkain/2013/12/30/the-nsa-reportedly-has-total-access-to-your-iphone/
I guess Apple might regret making that 1984 commercial. lol
http://www.forbes.com/sites/erikkain/2013/12/30/the-nsa-reportedly-has-total-access-to-your-iphone/
I guess Apple might regret making that 1984 commercial. lol
Originally Posted By: simple_gifts
OT: I don't understand they whole report behind that; Linux is OSS and thousands of people are reviewing the source code. The NSA has even contributed a commonly used security tool called SE-Linux to the code base.
You are assuming that everyone in the NSA knows what everyone else in the NSA is doing. I am sure the SELinux code was submitted by people other than the black suit and sunglass-wearing thugs doing the asking.
http://en.wikipedia.org/wiki/Security-Enhanced_Linux
OT: I don't understand they whole report behind that; Linux is OSS and thousands of people are reviewing the source code. The NSA has even contributed a commonly used security tool called SE-Linux to the code base.
You are assuming that everyone in the NSA knows what everyone else in the NSA is doing. I am sure the SELinux code was submitted by people other than the black suit and sunglass-wearing thugs doing the asking.
http://en.wikipedia.org/wiki/Security-Enhanced_Linux
I heard a story, I do not know if it is true or not, that the FBI many years ago tried to have a backdoor into OpenBSD. Nobody has ever been able to confirm or deny that story.
OpenBSD is considered extremely secure and is developed in Canada.
OpenBSD is considered extremely secure and is developed in Canada.
Originally Posted By: simple_gifts
Approaching L.T. regarding this seems to be a wild disconnected request, with no clear understanding of the whole development model or their own participation in it.
As uc50ic4more points out, there are obviously different and competing interests in the NSA, like anywhere else. The people who wanted a backdoor obviously were of the group that had zero computer skills. The tech people in the NSA may have even told them that this wasn't feasible and it fell on deaf ears. In any event, I bet the tech people had a chuckle at such a stupid request when they heard about it.
Approaching L.T. regarding this seems to be a wild disconnected request, with no clear understanding of the whole development model or their own participation in it.
As uc50ic4more points out, there are obviously different and competing interests in the NSA, like anywhere else. The people who wanted a backdoor obviously were of the group that had zero computer skills. The tech people in the NSA may have even told them that this wasn't feasible and it fell on deaf ears. In any event, I bet the tech people had a chuckle at such a stupid request when they heard about it.
Originally Posted By: Mystic
I heard a story, I do not know if it is true or not, that the FBI many years ago tried to have a backdoor into OpenBSD. Nobody has ever been able to confirm or deny that story.
OpenBSD is considered extremely secure and is developed in Canada.
Theo De Raadt, the lead developer of OpenBSD, had said that they actually lost some valuable work with the U.S. gov't because of their refusal to inject back doors into the kernel.
OpenBSD is indeed extremely secure; partly due to the correctness of their heavily-audited code and partly due to the design choices they make (like disabling some outward-facing services by default). Sadly, OpenBSD is miles from being a workable desktop OS for a casual user as open source software is showing itself to be the only viable and effective technological resistance to tyrannical police states.
I heard a story, I do not know if it is true or not, that the FBI many years ago tried to have a backdoor into OpenBSD. Nobody has ever been able to confirm or deny that story.
OpenBSD is considered extremely secure and is developed in Canada.
Theo De Raadt, the lead developer of OpenBSD, had said that they actually lost some valuable work with the U.S. gov't because of their refusal to inject back doors into the kernel.
OpenBSD is indeed extremely secure; partly due to the correctness of their heavily-audited code and partly due to the design choices they make (like disabling some outward-facing services by default). Sadly, OpenBSD is miles from being a workable desktop OS for a casual user as open source software is showing itself to be the only viable and effective technological resistance to tyrannical police states.
I guess what disturbs me the most is the possibility that Apple may have helped the NSA. At least that possibility was being discussed in Germany. Also the NSA can apparently easily get past any security on Apple mobile devices and Mac computers. And now that this has all come out the bad guys certainly can try to back engineer the malware that was developed.
There is already some flaws in programming that can potentially allow malware to get past any antivirus program. And now all of this. And people probably never would have known without Snowden.
If these issues are not corrected and soon Apple computers and devices could have a very poor security rating compared to Windows.
And it would be funny if it was not so serious but all of this mass spying on everybody does not seem to stop the terrorists. They are spending billions to spy on everybody and the terrorists go right through. And when the Russians make two simple telephone calls to try to warn us about potential terrorists nobody listens. I guess the telephone calls are too low tech.
There is already some flaws in programming that can potentially allow malware to get past any antivirus program. And now all of this. And people probably never would have known without Snowden.
If these issues are not corrected and soon Apple computers and devices could have a very poor security rating compared to Windows.
And it would be funny if it was not so serious but all of this mass spying on everybody does not seem to stop the terrorists. They are spending billions to spy on everybody and the terrorists go right through. And when the Russians make two simple telephone calls to try to warn us about potential terrorists nobody listens. I guess the telephone calls are too low tech.
The CEO of Apple is denying that Apple helped the NSA. I certainly hope Apple did not help the NSA. Some people are saying in order to install the NSA software there has to be physical contact with the device but the NSA was supposed to be developing a way to install the software remotely. And since it was around 2008 when the NSA had developed the original software they have probably had time to develop the software that can be installed remotely.
The only thing we can hope is that the updates that Apple releases will block it.
The only thing we can hope is that the updates that Apple releases will block it.
This Apple security problem is looking worse and worse. Apple announced that there was an update for people using iPhones, iPods, etc., but they did not at first even say that the same problem was in Mac OS X Mavericks. Independent researchers found out that the security issue affected Safari, Apple Software Updates, Mail, etc., in Mavericks. So basically there is currently a zero day exploit for Mac OS X Mavericks computers until Apple issues a security update. Apple has said that update will be coming soon. Since Apple 10.9.2 is supposed to be coming out some think it will be included in that update, or else it will be a separate security update.
Apparently the Mac OS 10.9.2 Mavericks update that came out today includes the security update to take care of the security problems. Hopefully they fixed all of the security problems-not just the Safari one. But the update did not highlight the security update. It just talked about security updates in addition to other new features.
Originally Posted By: Mystic
Apparently the Mac OS 10.9.2 Mavericks update that came out today includes the security update to take care of the security problems. Hopefully they fixed all of the security problems-not just the Safari one. But the update did not highlight the security update. It just talked about security updates in addition to other new features.
It's in there... Test you Mac here: https://gotofail.com
Apparently the Mac OS 10.9.2 Mavericks update that came out today includes the security update to take care of the security problems. Hopefully they fixed all of the security problems-not just the Safari one. But the update did not highlight the security update. It just talked about security updates in addition to other new features.
It's in there... Test you Mac here: https://gotofail.com
Originally Posted By: Mystic
The CEO of Apple is denying that Apple helped the NSA.
Do you expect him to admit, apologize and repent?
Added: all OSes are full of holes. Coded function is a set math instructions making sys calls. Depends on your skill level. Dedicated breakers fly through the holes at will. Algebra can be quite poetic. Just relearn how to use paper and pencil..
The CEO of Apple is denying that Apple helped the NSA.
Do you expect him to admit, apologize and repent?
Added: all OSes are full of holes. Coded function is a set math instructions making sys calls. Depends on your skill level. Dedicated breakers fly through the holes at will. Algebra can be quite poetic. Just relearn how to use paper and pencil..
Last edited:
I fell for this :-( After reading few blurbs, I realized that Apple had made this patch available to the old devices too, so I went and decided to update my IPhone 4S. At first I had to come up with free 3.7GB of storage! With 3.7GB code, I could sequence the entire DNA of the universe and then some!! Why in the world does it need that much storage for a patch???
After the update process was already one hour in to it, I suddenly realized that it was actually installing the iOS 7; I thought Apple had made patch available for iOS 6 too and that was what was being installed on my phone as it was running 6.
Oh well, it was too late to back out and I needed to have the security fix installed to access banking websites. After another couple of hours, the installation finally succeeded.
I hate the new icons and blazing white color; is there anyway to get the black background back with iOS 7?
After the update process was already one hour in to it, I suddenly realized that it was actually installing the iOS 7; I thought Apple had made patch available for iOS 6 too and that was what was being installed on my phone as it was running 6.
Oh well, it was too late to back out and I needed to have the security fix installed to access banking websites. After another couple of hours, the installation finally succeeded.
I hate the new icons and blazing white color; is there anyway to get the black background back with iOS 7?
A lot of Apple updates are really big. Sometimes it seems a mere update replaces the entire operating system. In comparison sometimes Microsoft updates are only a few tens of megabytes.
And when Apple comes out with a new operating system in seems often times your printer and scanner will not work for a while. That is very aggravating and is one of the things I like the least about Apple.
That GoTo Fail security issue was ridiculous. It should have been found before the operating systems were released. They think some programmer was overworked and in a hurry. That huge security hole apparently existed from the time Mavericks and the most recent iOS operating systems were released. If the bad guys would have discovered it they easily could have had fake banking websites, and even fake software updates for Apple computers because even the Apple software update was apparently affected.
It seems to me that all of this does not look like state of the art software development.
And when Apple comes out with a new operating system in seems often times your printer and scanner will not work for a while. That is very aggravating and is one of the things I like the least about Apple.
That GoTo Fail security issue was ridiculous. It should have been found before the operating systems were released. They think some programmer was overworked and in a hurry. That huge security hole apparently existed from the time Mavericks and the most recent iOS operating systems were released. If the bad guys would have discovered it they easily could have had fake banking websites, and even fake software updates for Apple computers because even the Apple software update was apparently affected.
It seems to me that all of this does not look like state of the art software development.
JHZR2
Staff member
Originally Posted By: Vikas
I fell for this :-( After reading few blurbs, I realized that Apple had made this patch available to the old devices too, so I went and decided to update my IPhone 4S. At first I had to come up with free 3.7GB of storage! With 3.7GB code, I could sequence the entire DNA of the universe and then some!! Why in the world does it need that much storage for a patch???
After the update process was already one hour in to it, I suddenly realized that it was actually installing the iOS 7; I thought Apple had made patch available for iOS 6 too and that was what was being installed on my phone as it was running 6.
Oh well, it was too late to back out and I needed to have the security fix installed to access banking websites. After another couple of hours, the installation finally succeeded.
I hate the new icons and blazing white color; is there anyway to get the black background back with iOS 7?
I have a picture of my wife for the background, and Ive gotten used to the icons. In a way their brighter coloration is nice, though I suppose a bit less "professional". Of course folks swoon over droid with their highly colorful (from what ive seen) interface. Im OK with it.
For iOS7, I think the update for my phone and ipad was about 13.5MB. For my laptop it was more like 850MB!
I fell for this :-( After reading few blurbs, I realized that Apple had made this patch available to the old devices too, so I went and decided to update my IPhone 4S. At first I had to come up with free 3.7GB of storage! With 3.7GB code, I could sequence the entire DNA of the universe and then some!! Why in the world does it need that much storage for a patch???
After the update process was already one hour in to it, I suddenly realized that it was actually installing the iOS 7; I thought Apple had made patch available for iOS 6 too and that was what was being installed on my phone as it was running 6.
Oh well, it was too late to back out and I needed to have the security fix installed to access banking websites. After another couple of hours, the installation finally succeeded.
I hate the new icons and blazing white color; is there anyway to get the black background back with iOS 7?
I have a picture of my wife for the background, and Ive gotten used to the icons. In a way their brighter coloration is nice, though I suppose a bit less "professional". Of course folks swoon over droid with their highly colorful (from what ive seen) interface. Im OK with it.
For iOS7, I think the update for my phone and ipad was about 13.5MB. For my laptop it was more like 850MB!
- Status
