Apple unleashes monster patch batch on Mac faithful Apple released a massive security update on Tuesday that patched at least 80 vulnerabilities in its Tiger and Leopard operating systems, many of which were critical. The massive patch batch amounts to a download of more than 105MB, and that doesn't include a separate 25MB file that installs version 3.1 of Apple's Safari …
So when Apple happily announced 5 milliion customers, it really means they lured 5 million customers to pay for a beta version of its OS.
I use both Windows Vista and Mac OS and so far I had more problems and much larger updates on my Mac than on Windows. Okay, the Mac UI is nice but I'm having a feeling Apple was not ready for Leopard.
The reason MS has to be so careful is because Windows is such a rats nest. UNIX based systems on the other hand are much less monolithic and so it is feasible to update services independently. Also, the open source nature of many of the tools in OS X mean that bugs are often identified on other platforms so OS X is inheriting bug fixes affecting other UNIX based platforms.
At least with OS X I feel like things are being fixed rather than 'patched' (which I read as bodged).
Just looked at the downloads page (http://www.apple.com/support/downloads/) and there is indeed a number of different versions of this patch. Looks like the server version is much larger (makes sense, there is more software in OS X server). So is the Universal version, which also makes sense as that will include builds for both PPC and Intel (minus a little common stuff).
The largest is actually 108mb for the Leopard Server.
The update to Safari looks nice, especially the development tools which will be a god-send to those of us who miss FireBug and other extensions from FireFox whenever we have to sue Safari.
You've missed the point of what the author was saying; MS create and release x bug patches per month, each month. Apple on the other hand, things "damn, we should fix that" and throws some resources at it.
At the end of the day, who cares about the mechanics behind the patching as long as it gets done.
I'm still using Tiger on my MacBook, and I got the 100+Mb security update. It isn't an exaggeration, the item wasn't just clearly identified.
If you'd look at the security update details, you'd see that some of the fixes were indeed inherited from open source software that is included in Mac OS X.
So this is the, what 4th or 5th time that Apple has tried to make it "Perfecter", nah it's just that you're all Apple Kool Aid Drinkers and OS X has been and always will be holier than swiss cheese, security and bug wise. AKADs are so deep in denial.
Next time you bash Linux or Windows, look in the mirror as see a stupid hypocrite.
Ok, MS may have got to the stage where they can release a small patch bundle each month, but that's on the back of spending the past few years shipping monsters to patch copious numbers of glaring holes highlighted by the scrotes out there.
Now it seems that said scrotes have their sights set on MacOS. I suspect that there's more where this came from and that Mac users may be in for a taste of what Win users have had to live with 'til recently (big patches rushed out to fix urgent exploits that break other things when you apply them).
O/S stability / security is inversely proportional to the number of devious bastards trying to break it. Live with it.
I have regularly had to update XP on pre-SP1 machines. Now that takes some time. It's interesting to note that since XP came out Microsoft have issued around 1.5GB worth of critical security patches. Now, if I bought a car that had to go back to the garage every other Tuesday...[insert own rant]
The ssh problems have been identified as being caused by a hack installed by Rogue Amoeba's Instant Hijack plug-in (part of Audio Hijack and other tools). Quite how the hell they managed to break OpenSSH by installing an audio proxy is anyone's guess, but "good work boys!"
The gmail bug is caused by a workaround for Safari originally coded in the Gmail v1.0 interface. A workaround (until Google fix, or rather un-fix, it) is to run with Gmail v2.0 - you may have to swap to English (US) to do this however.
When I was a working programmer (yes, back in the dark ages kiddies) a patch was something you did at four o'clock in the morning because the system was down. It was keyed in at the console in a hex representation of machine code. Twenty or thirty bytes typically. 100 tops. Then next day you would fix the problem properly, reassemble the segment(s) and load it/them to the system. That's not a patch, it's a new version.
All this talk of "patches" being 100MB or more just bemuses me.
Mines the very very old one with the muffler.
Isn't OSX based on a 'NIX of some sort? It can't, then, be THAT bad for reliability/security/etc. can it?!
The AKAD comment can be used in many places, but I don't think this really counts; save your insults for when they're appropriate. Linux and Windows both have live-update functionality so you don't really see the number of updates you get. Download all the updates for XP-SP2 or even Vista since launch and I bet they'd exceed 100Mb comfortably! Linux would probably be similar.
---
The fact is that as people learn more about the systems theyre using they'll find more ways to break them. Then patches will be released. Though on pretty homogenous hardware like Apples there's no excuse!
I would say, though, that a hundred megabytes counts as a Service Pack rather than a mere "patch".
---
Still, Apple stuff is more of an extravagance- a mere high-tech toy if you will- rather than a "proper" computer. So I've got to ask where the IT angle is?
Some of the patches probably relate to software developed internally at Apple. As stated above, many of them relate to open source software that Apple just happen to use.
Using open source components where they are appropriate is admirable — it's a form of adherence to open standards. Patching them when they're broken is also admirable. So there's no controversy in that.
As far as these patches affect Apple-developed code (and I have literally no idea), I don't think anyone has ever seriously argued that the Apple engineers always produce perfect code first time round, and I don't think anyone will argue that they shouldn't release security updates.
If there is any debate, it's about the way the different OSs are set up from a security perspective, i.e. the probability that flaws will be findable and the probability that they will be exploitable. Because it's a probability debate, the existence of each flaw adds empirical evidence but is nothing like a complete answer. And there's a question of measure and degree concerning each flaw — the extent to which each opens up the system.
I have no idea what fixes Apple are offering or what information they provide concerning that type of evaluation. I'm just making the point that without it, the debate is false.
No? That's because the OS X updates are pre-emptive and identified (mostly) by the Open Source community to ensure that the code is safe.
MS tends to act reactively to vulnerabilities that are found by third parties inform - thus raising the chances of unpatched vulnerabilities being exploited (as is often the case).
And so what if it's a big patch. Most people are on broadband and OSes these days are multi-gigabyte affairs so of course the patches are going to be large...
Re: "Apple stuff is more of an extravagance- a mere high-tech toy if you will- rather than a "proper" computer."
They use the same components as Windows and x86 Linux computers, so you're obviously not talking about hardware.
They have a different GUI from both of those systems, but software available for them includes Microsoft Office and the full Adobe suite (InDesign, Photoshop, Illustrator...). So I guess you're not talking about the tasks you can perform with available application software.
The OS is a certified UNIX. So I guess you don't mean that either.
In that case I guess your definition of a "proper" computer presumably means "one that is as cheap as the sum of the individual hardware component costs will allow"? I think you might be at odds with quite a few people there. Argue that Macs cost too much if you want, but it's not accurate to say that they aren't "proper" computers.
Just downloaded the "patches" and applied them. They included a keyboard firmware update.
Previously my Macbook Pro suffered from the well-known "doesn't register the first character keyed into a form box" bug that Apple has been denying for several months. Now when I am working in an Excel spreadsheet, about 50% of the time it only registers the first character typed in a cell. When I click on another cell then go back for a second attempt it's usually OK.
What is going on Steve?
Paris because she had some experience with cells.
Vista SP1 may indeed cover n versions of Windows (and who's fault is that?) and it may also be smaller if you d'load it via Windows Update (of course I found out about it via Windows update and WU reported it as being a 435MB dl on a fully patched system as well so I'm not sure this correct anyway but nevertheless . . . ).
So, even if we pretend that the WU version is a more sane size this is pretty much irrelevant to most IT pro's. I never install MS Service Packs via Windows Update. I always dl them for offline installs as I don't want to have to keep dl'ing them over and over again every time I have to do a cruft reduction re-install.
Of course YMMV
" have regularly had to update XP on pre-SP1 machines. Now that takes some time. It's interesting to note that since XP came out Microsoft have issued around 1.5GB worth of critical security patches. Now, if I bought a car that had to go back to the garage every other Tuesday...[insert own rant]"
yeah but the equilivent of hackers and virus's attacking your windows install. would be some one running up to your car and taking bits off so you have to get it repaired but if no one touches it it runs just fine (oh and before some one says about built in faults i'd point out cars thave them to the pug 206 had 7 recalls and a renault model adds 2 miles to the mileage every time you open the drivers door. the difference if that once a car manufacturer finds this fault it can fix it on the next batch manufactued and it pulls the pre sold cars in for repair. microsoft equilent is patching preinstalled windows and then releasing an service pack for new machines) so yeah i would get made if i had to take me to get it fixed every week but the solution is shooting the guy who keeps breaking it or put it in a garage at night so he can't get to it (equvilent of a decent av and firewall)
From the Rogue Amoeba Knowledge Base:
Application Enhancer Technology
Several Rogue Amoeba products optionally make use of Application Enhancers technology, also known as APE, from Unsanity Software. The Instant Hijack component utilizes Application Enhancers to pull in audio from applications that are already running. By default, this component is not installed. If you attempt to hijack audio from a running application, you will be prompted to install the Instant Hijack component or relaunch the application. You can install or uninstall Instant Hijack from the Install Extras... window, under the application's main menu (the Audio Hijack Pro menu in Audio Hijack Pro).
Applications that use the optional Instant Hijack component:
Airfoil
Audio Hijack Pro
Nicecast
Maybe it's Unsanity's problem, not Rogue Amoeba's?
BTW, the older (original) Audio Hijack does not have instant hijack, only the Pro version (current release). As I have the legacy version, I will now install the patches.
Apple or any of its software were any safer than MS products.....
The more the number of user the more patches you will be downloading.
its just the number of people there are to add onto spamming list and botnets that warrant the developments of worms and look for vulns in a software.
Stop buying MACs is the only answer to this problem
Preethi
Bet they've still not fixed the issue the above command line "fixes"...both my 10.5 macbooks (1st gen and 3rd gen) are both running freshly-crippled wireless, thanks to some crappy code in 10.5. (both run ok on 10.4 or when bootcamping XP).
Thanks Apple, you bunch of gits. How many disgruntled users will it take to get you to fix this damned issue? And how long is going to take - another 6 months????
Grrr...
Despite Apple's attempt to hide the OS X Safari 3.1 update download from PC users, it can be found at
For Leopard (39MB):
http://appldnld.apple.com.edgesuite.net/content.info.apple.com/Safari3/061-4224.20080318.V3oi5/Safari31UpdLeo.dmg
For Tiger (49MB):
http://appldnld.apple.com.edgesuite.net/content.info.apple.com/Safari3/061-4222.20080318.Vrie3/Safari31UpdTiger.dmg
PPC and Universal included; reboot required.
"MS tends to act reactively to vulnerabilities"
What rubbish MS have a team of very experience security testers with access to the source code but as even people in the Open Source community know having access to the source doesn't guarentee you can find all issues. MS have spent a fortune and i can't complain about their effort to find issues it's the amount of time they take getting the fixes out that bothers me.
So if OSX is *INX certified you can use terminal and commands like sudo? Havent played with OSX much mainly due to not being willing to blow Jobs. (let the flames commence) But didnt bother checking that out the two or three times I have used it.
@Webster Freaky
cant speak for the rest but I myself do read them if only so I can try to figure out what your talking about because I like puzzles.
On the Vista/OSX/*NIX debate Im of the firm belief that when 99% of the computers (and users) are all using Windows based systems, and your the "hacker" writing the viruses or whatever, which would you choose? Personally if it was me and I did this stuff I would want to cause the most damage possible. But once OSX and *NIX become more prevelant you will start to see more and more "bugs" for each.
/mines the asbestos jacket with the fire hat.
"""but it's not accurate to say that they aren't "proper" computers"""
No, but its fun to tell people their problems are because they bought a toy computer.
Its more often the Mac user that breaks a Mac, not the computer itself.
The real problem with the Macs is that they manage to sell completely ordinary Intel laptops wrapped in some sort of mystical field which convinces people that they're better than the Intel laptops without all the white plastic.
You can hardly blame the strategy though - they're probably making 5 times the profit off each laptop that Dell and others get, and they sell the same thing, but uglier.
And OS X has a pretty useless interface, specifically designed to murder any ability to multi task and get work done. Obviously real men use Fluxbox or similar.
Tiger 10.4.11 After installing security and safari Updates. I cannot start safari, mail, Itunes and to cap it all of Software Update doesn't work either now.
Seemingly there are quite a few people with this problem.
http://discussions.apple.com/forum.jspa?forumID=752&start=0
Hopefully the fix for the fix wil lbe out soon.
Apple sofware update offered me a copy of Safari 3.1 for my Vista system. IE7 is not perfect, and Firefox wont display any of my ISP (Virgin)'s pages, so I'm thinking...what the heck.....
At end of install it said safair had a bad signature and gave up........................so did I .
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
