Apple's macOS Gatekeeper asleep on the job: Exploited flaw put users 'at grave risk' of malware infection Apple has released macOS 11.3, fixing a serious flaw that allowed an attacker to sneak malicious files past the operating system's Gatekeeper security mechanism. Gatekeeper is one of the primary macOS defenses against the installation of malware, explained Cedric Owens, the security researcher who found the bug, in a message …
The Apple support policy is to cover the current release plus the two prior releases for security-related updates, providing what amounts to a minimum of total of 3 years coverage per major release. Also, all hardware is fully supported for security patches for at least 7 years from the listed date of the device these days. By comparison, Windows 10 Pro offers 18 months worth of patches for a given major release and most OEMs only support hardware with required BIOS updates and other patches for 5 years these days if you’re lucky.
Unless you’re willing to take a punt on a Librem device and run an LTS Linux distro with only the LTS-supported components (e.g. RHEL-based) the days of expecting old stuff to be patched are long gone,
The difference between these arguments is that MS considers an in OS change a major version change, whereas Apple considers a new OS a major version change.
So if windows 10 is kept up to date you are looking at a far longer period of support, especially considering 7 still had security updates even after 8 came out, and kept getting them for 11 years after release.If you are on some of the more specialised branches (embedded scientific devices etc.) you are still getting support patches today.
Microsoft's decision to stick with the name Windows 10 when pushing out "feature updates" indicates that it is moving towards Apple's policy. It's probably only due to the large enterprise customer base that it will continue to provide support for older versions.
While I can understand Apple's general approach, I have occasionally been extremely annoyed by their insistence on fixing some bugs only in new versions: a bug in Bluetooh in Lion was particularly annoying and AFAIK never fixed. There are always good reasons for not upgrading immediately to the latest MacOS as evinced by the frequency of subsequent patches.
I’ve said it before, I’ll say it again: macOS Sabretooth would have been awesome. And then there’s Cave Lion, Clouded Leopard, and, of course, Siberian Tiger. There are lots more cats out there. And if they start to run out for real, there’s always cat relatives, like, oh, Spotted Hyena, the most woke animal in Africa. (Hint: girl spotted hyenas are bigger, badder, and, umm, better equipped than guy spotted hyenas. Look it up.)
Our governments are keen to stop people Driving While Black, Smoking Hash and Grass, Protesting, Making their own whisky, Voting without a picture ID, or even - in the US not voting for republicans, etc., etc., but there's nothing done to stop malware infections, spam, fake phone calls, fraud etc etc etc.
I just got a text on my phone telling me my order had been canceled and a link to visit for the details - hack attempt deleted because nobody cares and the law supports Freedom of Hacking and Speech. Ops, pick which one was a mistake.
like the deep magic, it simply is. There are those who still remember it's ways, and many more who have forgotten them, the shell cares not.
Do not blame the shell for your mortal failings, but instead, do not ask it to do what should not be done, or what cannot be done.
If thou dost ask the shell to do what cannot be undone, do so at your peril and with caution, as all, even the shell itself, is subject to its action.
Last, do not suffer the shell access of fools. If they cannot abide these tenets, then it is just and right that the ~ shall define their sole domain.
The days when the shell and the account known as "root" wielded supreme power have come to a close.
For these are the days of the System Integrity Protection and the Secure Boot. The power of the shell has faded and waned, even the almighty "root" cannot overcome it.
Yea, even the misplaced rm -Rf / will no longer bring a system to its knees. Even the shell suffers from the mighty Gatekeeper, and not even a chmod 777 will overcome its wrath.
/bin is now beyond the power of the shell to change, as is /sbin. The shell can see the read-only system volume hidden from GUI eyes, but it is powerless to change it.
Do not blame the shell for your mortal failings, but instead, do not ask it to do what should not be done, or what cannot be done. ..... Anonymous Coward
Because of the latest revisions to the Master Sees, AC, postmodernised versions of the Sublime Instruction Set advise humanity of the following abiding 0day exploit vulnerability and Persistent Advanced ACTive Cyber Threat and/or Treat. ...... Do not blame the shell for your mortal failings, but instead, do not ask it to do what should not be done whenever anything and everything can be done with immunity and impunity.
It is no small change in the Great Schema of the IoT Thing.
What is it with Apple stories that as soon as anybody criticises Apple there is always some commentard who will wade in with "but Microsoft..."
This is a story about an Apple vulnerability but is seems a large section of the faithful believe only Apple and MS exist and as long as you can claim Apple are better than MS then that makes everything OK.
I'm sure a shrink would have a field day with these people.
It's because people rationalise their past choices. If you choose wrongly (MS/Apple/Linux in this case) then that makes you look bad. We generally invest serious amounts of money and time into our choice of digital infrastructure, so if something happens so that others can point and laugh then we go down the road of "yeah but ...". Potential humiliation is a great motivator.
I am not immune to this just like every other person on this planet but being aware of it is helpful. I try to look at Windows, MacOS & Linux as just toolboxes to be deployed as required. I prefer Linux because it gives me more choices but I use the others where it makes sense to do so.
But all that is just a distraction. Digital Hygiene is hard enough for us technicians, how on earth are the majority non-technical people supposed to cope with all this? The answer is they won't ever, in fact it will only ever get worse.
This is why we trended towards MacOS for desktops. When you run a TCO assessment, you only end up with Microsoft if you omit staff time losses which adds up to a great deal more than hardware costs (although I'm still looking for decent metrics for usability, we just run scenarios).
That said, some companies have sunk so much cost in especially customisation that they've locked themselves into a box they cannot escape from without a great deal of extra expense, especially if they don't have an open standards dictat like we have imposed on us - I don't given them much chance to change. Which, of course, was the whole point.
Pretentious fear-mongering twat........ iron
It is hardly an Earth shattering exclusive identifying the ubiquitous useful idiot, iron, whenever terrestrial news media is both lock. stock and barrel infested and so heavily root invested in and plagued by such Remote Access Trojans on the sinking ships of empires past built and presently vastly failing and fast fading in the full glare and and shady shadows broadbandcast by the SMARTR Lights of Sublime Internet Networking Virtual Machinery simply pumping and dumping and pimping undeniable home-grown truths, which to deny, return again and again to destroy the doubting Thomases and Thomasinas alike, sparing none the moronic mercy of baying crowds.
Fear, Uncertainty and Doubt, Doom and Gloom, Raging Conflict and Imminent Collapse is their Stock in Trade and Fare and Store. Tell me that isn't perfect fodder for pretentious fear-mongering twats and we will fundamentally disagree.
Cast you eyes across and open your ears to what it has been decided to be made available for presentation to you today, and tell me it isn't true, and neither is anything in all of that so easily and clearly freely shared above.
Tell us all here that aint no Code Red, Colonel Jessup .... and such are not akin to a crime against humanity and an act of war against innocent civilian beings in an ignorant state, for all here to disagree with you, LOUDLY AND CLEARLY again.
And if you support Code Reds there be consequences which may or may not be very much like that shown in this brief clip spotlighting an arrogant fall from grace and assumed power ....... Jessup Is Arrested
* ..... in Advanced IntelAIgent Eras of Greater Brainwashing Revolts.
Be careful out there, as strange as things are, they aint like they used to be, and are definitely getting even stranger. :-) IT's practically primeval and a primitive virtual virgin jungle.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
