An open community
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Register Log In

Home Forums Networks & Cross-Platform Networking Big Apple boo-boo ...

Print Thread

Big Apple boo-boo ... #28217 02/25/14 10:05 AM
Joined: Aug 2009 Likes: 4 North of 49th Parallel grelber OP
OP grelber Joined: Aug 2009 Likes: 4 North of 49th Parallel	... in more ways than one. Apple rushes to fix glaring security flaw: 'As bad as you could imagine' Why is this just now coming to light â€” especially in this forum?! And what's the best way of protecting one's online time?

Re: Big Apple boo-boo ... grelber #28219 02/25/14 10:25 AM
Joined: Aug 2009 Likes: 15 artie505
artie505 Joined: Aug 2009 Likes: 15	I found out about it earlier, here. I'm running DNSCrypt, and my deuced Mac(hina) passes the test to which the article links. Edit: Nope! I just turned DNSC off and quit/relaunched Safari, and I'm still "protected". (Safari 5.1.10) Hmmm... I dunno. Last edited by artie505; 02/25/14 12:54 PM. Reason: Edit & Add link The new Great Equalizer is the SEND button. In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Re: Big Apple boo-boo ... artie505 #28220 02/25/14 10:47 AM
Joined: Aug 2009 Likes: 4 North of 49th Parallel grelber OP
OP grelber Joined: Aug 2009 Likes: 4 North of 49th Parallel	Merci, artie. I'm running Firefox and according to https://gotofail.com/ it's safe. Hotcha!

Re: Big Apple boo-boo ... grelber #28221 02/25/14 12:43 PM
Joined: Aug 2009 Likes: 15 artie505
artie505 Joined: Aug 2009 Likes: 15	Per the CNET article: "Therefore, until a fix is released you might consider downloading and using Firefox, which has been deemed safe from this bug." The new Great Equalizer is the SEND button. In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Re: Big Apple boo-boo ... grelber #28226 02/25/14 05:02 PM
Joined: Aug 2009 Likes: 8 California Ira L
Ira L Joined: Aug 2009 Likes: 8 California	Other articles have pointed out that to exploit the bug, someone must be on the same local network as you. The article advised caution with (i.e., avoid!) free access networks and local hotspots. If you really want to be paranoid, check out this article, which talks about the proof-of-concept malicious app that can unknowingly recorded screen taps on your iDevice. On a Mac since 1984. Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.

Re: Big Apple boo-boo ... Ira L #28227 02/25/14 06:22 PM
Joined: Aug 2009 Likes: 3 dkmarsh Moderator
dkmarsh Moderator Joined: Aug 2009 Likes: 3	In the rush to tout the severity of the bug, it appears that the tech media generally have done a poor job of explaining the issues. First, it's not a flaw in Safari; it's a flaw in the handling of SSL by multiple Apple apps, including Mail. Changing browsers removes the vulnerability only when browsing, but an unpatched system is still vulnerable through these other apps. Second, with respect to OS X, only systems running Mavericksâ€”10.9.1 or 10.9.2â€”are affected. You folks on Snow Leopard, Lion or Mountain Lion are unaffected, and the 10.9.2 update patches the problem for Mavericks users. Third, the vulnerability, as Ira points out, is limited to shared networks. That's a big deal with mobile devices, but not quite as wide an exposure for those of us using Macs on private networks in our homes. dkmarsh—member, FineTunedMac Co-op Board of Directors

Re: Big Apple boo-boo ... dkmarsh #28228 02/25/14 06:39 PM
Joined: Aug 2009 Likes: 4 North of 49th Parallel grelber OP
OP grelber Joined: Aug 2009 Likes: 4 North of 49th Parallel	Security updates for OS X (Mavericks 10.9.x, Mountain Lion 10.8.x, Lion 10.7.x) are now available on the Apple Support website.

Re: Big Apple boo-boo ... grelber #28229 02/25/14 08:01 PM
Joined: Aug 2009 Likes: 16 Fort Worth, Texas joemikeb Moderator
joemikeb Moderator Joined: Aug 2009 Likes: 16 Fort Worth, Texas	Originally Posted By: grelber Security updates for OS X (Mavericks 10.9.x, Mountain Lion 10.8.x, Lion 10.7.x) are now available on the Apple Support website. â€¦and the App Store If we knew what it was we were doing, it wouldn't be called research, would it? — Albert Einstein

Moderated by alternaut, dianne, MacManiac

Link Copied to Clipboard

Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)

Responsive Width:

PHP: 7.4.33 Page Time: 0.024s Queries: 30 (0.016s) Memory: 0.6053 MB (Peak: 0.6854 MB) Data Comp: Zlib Server Time: 2024-04-18 09:47:57 UTC
Valid HTML 5 and Valid CSS