Huge news from Apple: No, not mags, games or TV – more than 50 security bugs to patch In addition to teasing the world with a glimpse of subscriptions services for newspapers and magazines, gaming, and video entertainment, Apple on Monday released iOS 12.2, which patches 51 security vulnerabilities. The fruit-themed company's fixes cover some serious flaws and should be applied as soon as possible. Apple fixed …
As least they didn't describe it as "opening their kimono". There's just something particularly sleazy-sounding (not to mention sexist and perhaps somewhat misogynist and exploitative) about that particular phrase, and I really just do not understand why certain Reg hacks seem to have a special attraction to it.
(Perhaps in the case of Apple, it might be more appropriate and egalitarian to refer to Tim Cook teasing us with his budgie-smugglers, but I'm not really convinced that that would be a very mature way to refer to news announcements either.)
Once again, this raises the question of whether Apple should tie their security patch schedule to major media events. This isn't "Patch Tuesday", it's "Patch Keynote".
To be fair, the fruity tat reseller has issued out of plan security patches when needed in the past. Many of the CVE's fixed in these releases are not yet widespread if at all.
While I do think a lot of Apple users are living in the past, I don't think Apple are. They've generally been fairly good at patching things relatively quickly, and getting those patches installed by a lot of users.
Not perfect by any means, but they've done a good job. At least they haven't done a Microsoft, and put tracking systems in that have caused users who fear their privacy being invaded to disable the update mechanism incase it installs spyware.
As for patching vulnerabilities as and when they happen, what would you prefer? that your phone or computer be exposed for a couple of days longer, or that you have to reboot the thing 51 times in a few days?
How exactly do you "patch them as and when the fixes are tested stable" if they have to test every fix individually instead of in batches? The chances of one fix conflicting with another at some point would be pretty large, and people would have "update fatigue" if they were notified of a new iOS update on a near daily basis.
There's no need to rush patches if there are no known exploits in the wild. If something is being actively exploited Apple has been good about doing a x.y.z release within a week of becoming aware of the issue.
There's a reason why Microsoft adopted "patch Tuesday" instead of dribbling out fixes on an ad hoc basis, after all. And they do the same thing where if something is serious, they will issue an out of cycle fix without waiting for the next applicable Tuesday.
"No, no, that is called "being populist", get with it already."
Are you referring to Apple being populist. Wrong. Apple introduced these technologies without any guarantee that they would be accepted. They introduced the Macintosh at great risk. Similarly with the iPhone. Being populist is doing whatever the people are wanting and saying they want. Apple introduced these products with no demand. They took a risk in saying "this is what we think the future of computing will be". There was no demand for it, no populism.
Now after Apple introduced the products and the market accepted them, the competition saw that market and introduced similar products to feed that market. Now that was being populist.
Are you referring to Apple being populist.
Umm, no.. I know it's for humorous effect, like everything! Yahoo! has! to! have! an! exclamation! mark!, but it gets a bit tired after a while.
For me personally it also introduces a feel of bias in the reporting which I will then have to offset, which the Yahoo! exclamation mark joke does not because it has no positive or negative connotations in itself, "tat" has. But that's my personal opinion, your mileage may differ :).
Why is this "huge news".. It's not like they didn't know that they had problems : proof, they patched them...
Huge News would have been a price reduction, at least to a reasonable level...
Huge News would have a less kiddy like interface.
Huge News would have been a user replaceable battery, or insertable memory or a less walled garden...
Click bait : Oh yes, just as Huge as Apple's announcement. Cynical, who me .......
"Huge News would have a less kiddy like interface."
iOS or MacOS? The iOS interface is no worse than various Android offerings and while the MacOS GUI might be a refugee from the 1980s (the days of needing a fixed menu bar at the top are 30 years gone) its certainly not childish and a lot more usable that anything MS are dishing up these days.
Mac GUI is certainly not a refugee from the 1980s.
"the days of needing a fixed menu bar at the top are 30 years gone"
No, this is fundamental to the Mac GUI design. It is known as Fitts's Law, that says to make it easy to hit a target. The edge of the screen is easy to hit – anything in the middle is much harder to hit. Mac users just flick the pointer towards the menu, Windows users must carefully put the cursor over the menu item.
Here is the explanation:
https://asktog.com/atc/principles-of-interaction-design/#fittsLaw
Menus belong at the top of the window, not at the top of the screen and its rather confusing when you think one app has focus but the finder bar has options for a completely different one and then to get the menu you want you app to click on one of the app windows THEN move the mouse to the finder bar. Its assinine.
"anything in the middle is much harder to hit."
Sure, if you're 90 and have arthritis, poor eyesite and bad co-ordination it might be an issue to move a mouse to the top of a window accurately, otherwise thats BS.
Whoever Fitt was he's talking out of his backside, the finder bar is a PITA.
Mr Benny - it is you who are "talking out of your backside" to put it in your terms. You don't understand Fitts's Law so you dismiss it. Read the references. It has nothing to do with your condescending attitude to the old. Anything at the edge of the screen IS easier to hit.
It is also why Macintosh users really USE the whole screen. Microsoft Windows way to use the whole screen is just to maximise a single window to the whole screen. That is actually against the philosophy of a window as invented by Alan Kay. Despite calling their system Windows, Microsoft really doesn't understand windows.
The author made a good point when he said:
These are the types of bugs that advanced (nation-state) adversaries exploit to remotely infect targets," said Wardle, who lamented that Apple's iOS platform rules disallow security tools that could thwart or at least detect this sort of attack.
Just about every computing platform has some sort of antivirus or anti malware product available for it except iPads and iPhones. With as many vulnerabilities that are being patched you’d think that Apple would come up with their own software, ala windows defender, or allow 3rd party apps to help secure their supposedly “secure” devices.
It is good to see Apple fixing these problems – some found by them, some reported by others either in research or practice. This is the way it should work.
Just remember that Apple has a more secure system than both Linux or Windows. This is actually in the fundamental design. Linux has 22 million lines in the kernel. The kernel should be the smallest process supervisor, maybe 10s thousands of lines of code. If a process fails, it fails independently. But in Linux wayward device drivers could bring down the whole lot. This also causes a problem for security as well. Instead of dangerous inter-process calls being brokered, for speed Linux allows things to be directly connected. Those problems are by architecture and can't be fixed.
https://github.com/satoru-takeuchi/linux-kernel-statistics
OK, but to be fair, that is a balance we have to accept if we want Linux to work everywhere (Microsoft has the same problem, just can't be bothered to put as much effort into doing it right - it just blames everyone else. A bit like Trump).
Apple's main advantage is that it has 100% control over the equipment it runs on, whereas Linux runs on so many different platforms it's impossible to keep track - it is a *fantastic* achievement and testament to the original UNIX design that it does very well despite that.
That said, that also creates a problem for Apple: it is 100% itself responsible for the problems that show up and for producing fixes, whereas with Linux you can sometimes have initial patches within hours of publication of a problem because everyone has access to the source code.
Security is always a matter of choosing which risks you can live with and which you address, also driven by available resources (budget, people, time). I think both Apple and Linux are not too shabby at it.
Linux everywhere - let's hope not. Linux is good in the server space, but not the end-user space. In my original post I pointed out that the Linux kernel is 22 million lines. Any one of those lines crashes or has a security weakness, it affects the whole lot.
Apple's BSD Mach based system has a real kernel that isolates the drivers and other software elements from each other. If there is a line that crashes in there it only takes down that one component, not the whole lot. Security issues are similarly isolated and checked.
"Security is always a matter of choosing which risks you can live with and which you address"
No it is NOT just a matter of what you can live with – the topic is far more complex and has many more solutions than that.
You are right they are both not to bad at it, but Linux depends on how well written it is. While Apple's core is also well written, it does not depend on that.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
