shopify agency of the year

Oct 16,2009 Shopify API

Worms in the New Apple OS

Wow, Apple patrons are NOT happy with the OS X 10.6.1 Snow Leopard, and who can blame them? Problem #1: apparently it has a bug that causes it to EAT YOUR DATA. Not all the time, just if you log in as a guest after upgrading from Apple’s previous OS (Leopard-10.5). And not ALL of your data, just whatever is stored in your home directory, like documents, music, etc. And to make matters worse, it seems to be totally random and hard to reproduce, which make it practically impossible to debug. Oh, and another thing: the previous version (Leopard 10.5.1) exhibited the same problem. So that means that Apple was aware of this problem before they trotted out Snow Leopard and not only did they NOT fix it in Leopard, they let a whole new release go out with the same bug. There is a rumor that the bug is corrected in release 10.6.2, but that remains to be seen.

Problem #2: Apple bundled Snow Leopard with an older version of Adobe Flash, which overlays new versions (plus all of the patches) users may have installed. And apparently this older version of Flash is vulnerable to hackers targeting its soft spots, something Adobe addressed with the patches—the ones that Snow Leopard obliterates. This is not great news for those in the creative web design industry like us

Problem #3 with Apple in general is a continuation of an old issue: Apple’s delay in correcting security bugs well after its competitors have addressed them. Their advertising campaigns tout their unrivaled security at same time their developers are warning that they have serious concerns about the vulnerability of the system. In technical terms, a function known as ASLR, or address space layout randomization, loads system components in a different memory location each time the operating system is started. Microsoft implemented it with Windows Vista, but the corresponding security in Snow Leopard suffers from a crucial deficiency: it does not randomize core parts of the operating system, such as the heap, stack, and dynamic linker.

What this means is that attackers who spot buffer overflows and similar bugs in OS X components find it much easier to enable the vulnerability to execute code that can compromise the machine. Security researchers have complained about Apple’s feeble attempt at implementing ASLR since Leopard. Many were hoping it would be more robust in Snow Leopard.

These issues serve as a handy reminder as to why I am not a Jobsian cultist, aka a Mac user. Not that Windows is anywhere NEAR perfect, but at least none of their operating systems has eaten my data or leaves my system wide-open to attack.

[caption id="attachment_2311" align="alignleft" width="113" caption="web design | apple logo"][/caption]