__________________ 32GB iPad 1 WiFi. 2011 Mac Mini Server (used as a workstation) 2GHz quad-core i7/8GB/1TB, 24" BenQ LCD, 17" NEC LCD, Magic Trackpad. MacBook 2.4GHz Core2 Duo/2GB/200GB/DL-DVDRW. Apple TV 2, 32" flat panel TV, Logitech DiNovo Edge BT keyboard & trackpad. >5TB of FW drives, 16GB iPhone 4S. In memoriam: my Sawtooth "Frankenmac" with upgraded dual 1.3GHz G4/2GB/360GB striped RAID/DVDRW/ATI Radeon 9000 Pro
I think its good that these security issues are being brought to light by the community as a whole. It benefits us to know that these wholes exist so Apple can patch them as well as starts to give credibility to the platform that the outside community is starting to take the OS (both server and client) more seriously as a player in the real world....
_________________________________________________ Digital Transitions
David Thompson firstname.lastname@example.org
Apple Consultants Network
ACSA (v10.5) - ACTC (v10.5) - Xsan Admin (v1.1) Specializing in Systems Administration, Integration, and Windows migration
You do have to remember that these are security holes being found within Apple's work and also the large contingent of Open Source Software included with Darwin.
These holes are not being exploited, and most of the holes will not effect many people at all if they are exploited. The windows world recieves a few of these a day in many applications. Many get fixed quite quickly, but I find it strange that the only Windows flaws that are well known are those exploited while news services like C|Net and others will have entire articles on a security flaw found in OS X but you can't be exploited very easily unless the hacker has access to the machine or is connected to the network.
These flaws may be concerns within a computer lab environment where many people use the computers, but for most of the flaws that have been found the risk of outside intrusion is very low.
If you're a l33t hax0r, and you're going to exploit holes in an operating system, are you going to go after the operating system with 5% of the market, or 95% of the market?
Plus, I don't buy the excuse that since some of the holes are in the open source software Apple includes with Mac OS X, they're really not Apple's fault. Sure, Apple didn't write the code, but they included it in their product. I mean, if Apple wants to project the image that Mac OS X is a safe, secure, and stable operating system, you'd think they'd spend extra time examining and testing the software they got from third parties.