MacDailyNews - Where Mac news comes first

I like how the entire article is fairly reasonable, and takes great lengths to see both sides of the issue and the pros and cons of each approach, ...

... then the last paragraph just throws out the (completely unsupported) idea that "Apple might have to change it's policy," (based on the similarly unsupported and un-stated assumption that Apple is "slow" at handing out patches), and leaves it there stinking at the end.

Classic dumbass writing.

First off, Windows has a HUGE market share that demands it's updates occur more frequently because of the impact of even minor security issues.

Apple has allowed SERIOUS public vulnerabilities to go unchecked for several months before issuing a fix.

So the answer in my opinion is yes, Apple needs to issue more frequent updates, but then we all know that Apple rolls OS X features (bloat) into those updates first and treats the security issues as second rate.

Is Apple's approach better than Microsoft's?

If you go by vunerabilities, then of course the answer is yes.

But Apple could do better to not allow any vunerabilty the chance to exist more than a few days or weeks, instead of waiting for months before a update.

Who knows what has hack our boxes?

And what about checking the current install of OS X for alterations with each update? Instead of just fixing the bugs?

How do we know if something bad hasn't altered OS X itself from previous exploits?

For instance with Windows, once it's compromised, it has to be cloned from a pristine copy with all the current updates before getting on the interenet/LAN. Because the previous exploit turned the OS into swiss cheese.

What is Apple doing about that? Huh?

Anyone? Bueler?

By the way, Time Machine is nearly worthless because one can't boot from it.

So one can't simply clone it and apply the updates to get back to a unhacked version of OS X.

Nov 17, 08 - 01:40 pm Comment from: Cubert

A few years ago Micro$ucks decided to release patches every Tuesday and not just the first of the month - too many zero day exploits.

The article doesn't seem to address a larger question - what percentage of Mac users actually *stay* updated, compared to Windows users?

@Raving MacHead - Well, you got half of your name right anyway.

Raving MacHead - Well, you got half of your name right anyway.

Raving - because I live/work near a severely Liberal Flamer enviroment with Leftist Loonies from hell.

MacHead - because I'm a lifelong Mac user from day one. But now forced to use Windows (VISTA and XP under Fusion 2.0, nice) because I predict Apple will no longer offer a matte screen laptop and will have to buy a DELL.

Now you know why I'm MAD as a hatter.

That's hatter not hater. You Liberal SWINE!!

If microsoft do release security patches on the second Tuesday of every month, doesn't that mean that they hold back security fixes for up to a month?

Making fixes available when tested seems better to me. It does not prevent IT teams from having their own 'patch tuesday' if they want to work to that schedule.

Though I did agree with a point above, that Apple might do better to separate out security fixes from feature updates, to make sure we always get ( and apply ) the latest fixes. I'd like Apple to work at the speed of AntiVirus.

"MacHead - because I'm a lifelong Mac user from day one. But now forced to use Windows (VISTA and XP under Fusion 2.0, nice) because I predict Apple will no longer offer a matte screen laptop and will have to buy a DELL."

Chill dude. Just apply a matte film to the thing and quit whining.

Nov 17, 08 - 02:00 pm Comment from: Cubert

Raving Machead,

2 things: Time Machine was never advertised or intended to be a bootable clone, but it does what it is supposed to do - back up files! It has saved me big time on more than one occasion.

The issue with a Winblows computer needing to be offline to be repatched after it has been compromised speaks to the ubiquitous nature of Windoze viruses, the vulnerability of the OS, and how quickly a machine can become compromised. So, why does Apple have to do something for a problem that doesn't exist on their platform?

Nov 17, 08 - 02:14 pm Comment from: Sixvodkas

@Raving MacHead

RTFM;

Boot from your installation disc, go to utilities menu and choose "restore from TM", follow the instructions.

You have just done a complete restore of a bootable OS using Time Machine, so there is no need to boot from your Time Machine backup.

@ Sixvodkas

I was thinking that. And also I think that it's more secure to boot off a read-only disk than a potentially compromised HDD backup.

Nov 17, 08 - 02:19 pm Comment from: DLMeyer

It's true ... Apple has left several serious potential vulnerabilities open for multiple patch cycles. You'd almost expect us to have mal-ware up the gooch by now. Funny ... I don't recall having to clean out any infestations. Did I miss something?
And ... how does Mac use equate to "liberal"? "W" uses a Mac, as does Rash Limburger! Many of the Mac folks who get their Mac news here are conservatives - and many of the loonies who hang around just to flame seem conservative as well, but ... who can tell? <b><i>MDN, any way to tag the platform and/or browser a poster uses? Be interesting to know.

Nov 17, 08 - 02:21 pm Comment from: Cheule

To raving machead:

You're somewhat confused on how time machine works. It's true that you cannot boot from a time machine backup, but then again why in the world would you want to?! I can see it now, a machine infected with a trojan that stays in ram after a warm reboot (it's happened before) boot off the backup, and it becomes infected.

No, the proper way to do this is boot fresh off a non-writable presite source, AKA your leopard install disk. And right from the pull down menu of your leopard installer there is an option to restore from time machine.

So in essence, yeah you can restore right from a time machine backup as long as you have the leopard disk.

Nov 17, 08 - 02:35 pm Comment from: HolyMackerel

How come I can still install updates on my Parallels PC without entering a password even though it is XP SP3?

Even MacOS X Rhapsody had better security.

Nov 17, 08 - 02:36 pm Comment from: shen

Raving MacHead:

you know that over the years you have come to have less than zero credibility on this site due to your constant barrage of stupidity, right?

....and now we find you are a right wing tard.

is there anything left of your character to destroy?

"It is not true that all conservatives are stupid, but it is demonstrably true that the vast majority of stupid people are conservative." -Mill

thanks for backing that up!

Anyone who equates computer usage to political affinity truly is off his/her head, and in so many ways. As for being 'forced' to use windows through an emulator on a Mac because you fear a glossy screen means you will have to use it in the future, well that truly is a complex that needs serious medical attention.

"More than likely, an 'update' is a 'patch' -- a code modification designed to protect against the latest virus, worm or other security threat."

Anyone else having trouble with this statement? The way I see it, an update and/or patch is applied to correct bugs, i.e. errors, or to change the behavior of the system to a more desirable state. It may, or may not, include the fixing of vulnerabilities, but that is not it's primary function. Although the mainstream media seems to see it this way, unfortunately.

What troubles me most about the articles viewpoint is that it does not refer in any way to security related system architecture, where I see a very different approach between Mac OS X and Windows, with the latter one being extremely sloppy. Which means that Apple does not need that many patches and does need to fix some vulnerabilities because the system architecture is designed to not be affected that much by vulnerabilities in applications compared to Windows.

Raving MacHead---ummm why don't you just buy a matte screen. I don't get it. I realize Apple doesn't offer a matte screen on some systems and I agree with you about glossy sometimes but I have never found it to be such a big deal. If I want matte I jack in to my matte display and life goes one. I also use a Dell machine and you MIGHT think you will like it because of the screen but I assure you, you will HATE it...the dock is super nice but gosh darn it, the DELL is a freakin BRICK to carry around. I hate it.

Or is a more flexible, whenever-it's-needed strategy a better idea, regardless of who's using the OS?

How about a whenever-it's-READY strategy?

Getting critical updates out ASAP is certainly a Good Thing.

Rushed updates that break & in turn need re-patching certainly aren't!

A regular schedule for non-critical fixes makes sense.

Anyone who equates computer usage to political affinity truly is off his/her head

Really? Computers are just another consumer product, and as such certain ones carry stereotypes.

For example, one person drives a Detroit SUV, the other a Prius. What are their views? Or one person uses a iMac, the other a Dell. What are their views?

Fair or not, that's the way it works.

As for Apple's security strategy, of course it differs!! Windows needs security software, Mac OS X does not. Case closed.

Nov 17, 08 - 03:34 pm Comment from: Hm...

Folks, don't feed the trolls. Then 'Raving Machead' will starve and disappear...

Let's not get crazy zeolotry here. Windows is targeted more often. That's probably indisputable, but no system is invulnerable. Mac OS belongs with UNIX and Linux, so of course their security strategies are different from MSFT/Windows, and so far *nix systems have not gone to a need for regular vendor assigned regular patch day.

Note: any predictability is a vulnerability (like knowing an OS only gets updates once a month on 2nd Tuesdays). Crackers don't work on a schedule or release their viral wares on schedule either.

Nov 17, 08 - 05:47 pm Comment from: HMCIV

Ki>"...one person drives a Detroit SUV, the other a Prius. What are their views?"</i>

Detroit SUV: The Road
Prius: The SUV

Nov 17, 08 - 06:45 pm Comment from: G4Dualie

Detroit SUV: power
Prius: power

So, MicroSloth has updates ready, but they wait until a certain date? That's stupid.

So Mac, the most virus, malware free system in the world should copy MicroSloth's patch release schedule? Because . . . ? Just because the author thinks so?

I would look at the results. Whichever platform is more stable is the one that is doing it right, and the OTHER one should try to copy IT.

Nov 17, 08 - 11:48 pm Comment from: ken1w

How is once a month, on the second Tuesday, a reasonable strategy? Do hackers release malware on a schedule?

Also, how is it any faster at getting releases to the public? Apple releases security updates as needed, which may or may not be more frequent than once a month. The frequency is "as needed."

Nov 18, 08 - 12:58 am Comment from: Logan

So Apple is supposed to release a security fix every second Tuesday of each month, regardless of whether or not a security fix is needed?

Both of you, just give us the security fixes as soon as you can, whenever you can. That's enough for me. I don't really care what day it is and "IT" shouldn't either.

- Do hackers release malware on a schedule?

Yes, on the second Wednesday of the month.

Note how reasonable my comments are in this article.

-- Principal Analist of da Enderle Group

Ah, you must be a member of the Party Of Tolerance.

Uh, just a second folks

Any exploit will CERTAINLY infest itself on a Time Machine drive, or anything else wirelessly or physically attached to a infected machine for that matter.

So in actuality the 'c-boot from OS cd and restore from Time Machine drive' is not nearly as good security wise as a 'c-boot from OS cd, wipe the infected drive and reverse clone from pristine uninfected copy method'.

Plus when BlueRay drives/disks become more affordable, it will be possible to clone one's entire boot drive onto a BDVD, allowing multiple time spaced copies of your complete boot drive. Just in case the exploit occured some time back and Apple dragged their knuckles in getting out a patch.