Say what you like about Apple, but at least they've got their OS update strategy sorted on mobile. C'mon Google + OEMs. Step it up.
Got an Apple Mac, iThing? Update it right now – there's a shedload of security holes fixed
Apple has posted security updates and feature improvements for its desktop, mobile, and developer gear. The Cupertino giant today issued updates for iOS, OS X, and watchOS, plus iTunes on Windows, Safari on OS X, and Mac firmware. The OS X El Capitan update also "improves compatibility with Microsoft Office 2016," so if you' …
COMMENTS
-
-
Thursday 22nd October 2015 10:00 GMT Planty
The update strategy that means they have to update the whole OS each time a secuirty issue crops up? You wait months for the update. Google send out updates really quickly for things like webview as its servived via the play store, as are updates to many other core apps and services.
Google's strategy is far far superior, which is why Android has had far less (less thsn half) reported issues in 2015 compared to iOS, and the average fix time is 4x better.
I know this doesn't fit the FUD that's usually spewed about Android, but it's the truth.
http://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49
https://www.cvedetails.com/product/19997/Google-Android.html?vendor_id=1224
-
Thursday 22nd October 2015 11:15 GMT Naselus
"Google's strategy is far far superior"
Now, I hate Apple as much as the next man, but really, Google's don't have a strategy with Android updates beyond the Nexus. Yes, the iOS invulnerability myth is a lie spread by idiots and fanbois, and yes, iPhones have about as many security problems as any other device, but Apple's got way more control over the distribution vectors than Google's 'let's write an update and hope like hell the OEMs can be arsed handing it out' approach.
-
Thursday 22nd October 2015 13:06 GMT Anonymous Coward
"...Google's don't have a strategy with Android updates beyond the Nexus.... but Apple's got way more control over the distribution vectors than Google's 'let's write an update and hope like hell the OEMs ..."
Apple have their own phones and they provide timely updates for them. Google have their own phones and GPE phones that they provide updates to.
Google also Open Source the software for anyone to use and change as they wish. OEMs do that and create custom versions. Google have made a device independent way of updating a lot of that (the apps, Google Play services etc) but if an OEM has customised open source software then they can't and shouldn't be responsible for it.
The same way that someone can create a custom Linux system, you wouldn't expect to get updates sent directly. The kernel will be updated and then third party with incorporate it when they are ready.
The advantage is that you can often use a different Android install that is completely up to date for your handset and not have to worry about the third party if you want to lose their customisations.
So you either go Apple route and choose a device from the OS provider (Nexus, GPE), go to a third party with a custom OS or use an third party device with a fourth party Android install. So much choice...
-
Friday 23rd October 2015 12:08 GMT Ian Joyner
Strange - you will find the next man does not have some irrational and pathological dislike of Apple. Apple has done so much for this industry, like invent it (at least the part that says computers are for everyone, not just hobbyist geeks) and still lead it today. Android and Windows before it have just copied.
-
-
Thursday 22nd October 2015 11:45 GMT Anonymous Coward
The update strategy that means they have to update the whole OS each time a secuirty issue crops up? You wait months for the update
Not quite. The last update was actually rather recent - I must admit I'm getting a bit annoyed with seeing OSX getting to early Windows levels of update frequencies. Next thing you know we get patch Tuesdays, but at least you still have some control over it. On the other hand, this 10.11.1 update was expected - consider it the equivalent to a Service Pack to a new OS and in that context it's actually rather fast.
As for updating the whole OS, you do have a point. I suspect because it's not just security, usually a point update also included functionality improvements. Otherwise them whole 6180417545 bytes would be indeed rather wasteful..
-
-
-
Thursday 22nd October 2015 06:23 GMT Anonymous Coward
Closed that jailbreak hole pretty quick
Used to be a bit slower to close those up. The jailbreak people do them a service by finding holes for Apple to close - not that the tethered attacks are really worth much concern but the untethered jailbreaks are legitimate security bugs that get fixed thanks to the jailbreak folks.
-
Thursday 22nd October 2015 07:20 GMT Kevin Fairhurst
Re: Closed that jailbreak hole pretty quick
9.1 has been in beta since before 9.01 came out; I suspect that Pangu knew that the full 9.1 release would close the hole, and therefore released the jailbreak for those willing to put tweakability* before security.
* having insisted on only getting an original iphone once they could be jailbreaked to allow unlocking & custom apps to be run - remember this was before the original app store launched - i have now gone the other way; I no longer see a value in jailbreaking, as it causes more problems than it solves. e.g. my online banking apps can tell if the phone has been jailbreaked, and thus they refuse to work!
-
-
Friday 23rd October 2015 05:13 GMT Anonymous Coward
Re: Closed that jailbreak hole pretty quick
Why should the apps be any worse than a browser? Apple provides APIs for SSL, and I assume Android does the same, so why should a banking app roll their own? I mean, they can, but so can browsers - and they do: Firefox uses NSS, Chrome used to use it and switched to OpenSSL, and then I believe Google forked that to "BoringSSL". Which API does Android use? Who knows. Is NSS more or less secure than the iOS APIs, and even if NSS is judged "more secure" today how about a month from now if some major exploit is discovered?
Worrying about the SSL a banking app is using is not high on my list...
-
Friday 23rd October 2015 16:45 GMT Dan 55
Re: Closed that jailbreak hole pretty quick
It's more than just the app calling a crypto library. The crypto library reports info and error conditions back to the apps but the apps don't verify the authenticity properly, they don't check if they're out of date, they don't check if they've been withdrawn, they don't cope with MITMs, etc.. etc... etc...
Don't touch banking apps, use a browser. They've had years to get this right, the banking app was knocked up a year or two ago and it looked OK so it passed QA.
Worrying about the SSL a banking app is using is not high on my list...
Why, are you a Talk Talk customer?
http://www.theregister.co.uk/2014/01/13/banking_apps_insecure_and_badly_written_say_researchers/
http://www.theregister.co.uk/2014/02/14/fake_ssl_cert_peril/
http://www.theregister.co.uk/2015/04/28/sourcedna_ssl_bug_ios/
-
-
-
-
-
This post has been deleted by its author
-
-
-
Thursday 22nd October 2015 18:41 GMT Anonymous Coward
Still - you end up with two lines and a URL added to every post that are of no relevance to the discussion. But hey, if that sort of .sig is acceptable, let's all have a go. Just need to dig up a fortune program now.
----
Entirely handcrafted post
-
-
-
-
Thursday 22nd October 2015 13:31 GMT Quortney Fortensplibe
Not Much Point Updating the Software...
When the hardware is allergic to planet Earth!
Just had a nice run in with Apple, after the display backlight died on £1200+ Macbook Air. The laptop had been well looked after and never had anything spilled on it. Apple quote 'up to £800' to repair and won't do it under warranty because one of the 'Liquid Damage Sensors' has turned very slightly pink which apparently indicates "If not a direct spillage, excessive humidity in the air" –to quote the 'Genius' we spoke to.
We live in England, fer feck's sake. The air is humid 10 months of the year. Maybe Apple should mark their gear with "Caution: Suitable for Use in California Only".
Icon for my current opinion of Apple. F**KING C**TS! --->
</spleen venting>
-