a little late but better than never :erm: :D

a multitude of fixes for the following mac operating systems are available to download:

for Mac OS X 10.2.8 client and server, and Mac OS X 10.3.6 client and server.

combined and individual updates can be found in the link below:

http://www.apple.com/support/downloads/

It patches 17 security holes apparently and is released only a month after the last batch of security updates. I wonder if any OSX users want to pass comment? ;)

It patches 17 security holes apparently and is released only a month after the last batch of security updates. I wonder if any OSX users want to pass comment? ;)meh, no viruses, no spyware, no driver conflicts, its a fair trade.

meh, no viruses, no spyware, no driver conflicts, its a fair trade.

I've never had ANY driver conflicts with XP, no virus's you say? What's "Switchback" & "Opener" then? As for spyware, you are obviously mistaken about that too as it does exist on OSX, unless of course they released "Little Snitch" just for a laugh.

I've never had ANY driver conflicts with XP, no virus's you say? What's "Switchback" & "Opener" then? As for spyware, you are obviously mistaken about that too as it does exist on OSX, unless of course they released "Little Snitch" just for a laugh.
although they do exist, they are too rare to bother the average user.

although they do exist, they are too rare to bother the average user.

At the moment, my point is that they do exist, OSX isn't invulnerable and i personally think Mac users need to stop harping on about how much better than XP it is because the only reason you don't have as many virus's or spyware programs is down to OSX being nowhere near as popular. If you were going to concentrate on writing spyware you'd write it for the most popular OS's, the programs make them money, there's no point developing it for an OS that next to nobody uses.

At the moment, my point is that they do exist, OSX isn't invulnerable and i personally think Mac users need to stop harping on about how much better than XP it is because the only reason you don't have as many virus's or spyware programs is down to OSX being nowhere near as popular. If you were going to concentrate on writing spyware you'd write it for the most popular OS's, the programs make them money, there's no point developing it for an OS that next to nobody uses.
I know, I know. But thats the point, people don't want to go to the most popular holiday destination because too many tourists and commercialism spoil it. If you base your definition of quality on popularity, big brother must be one of the best tv shows this year :rolleyes:, the sun the best paper and football the best pastime.

I know, I know. But thats the point, people don't want to go to the most popular holiday destination because too many tourists and commercialism spoil it. If you base your definition of quality on popularity, big brother must be one of the best tv shows this year :rolleyes:, the sun the best paper and football the best pastime.

I also don't base quality on the fact that it's overlooked, it appears to be just as vulnerable as XP and the worrying thing is that any future virus's or malware programs will be overlooked because the users are so complacent, no wait, what do I mean worrying? I'm not worried, I use XP ;)

I also don't base quality on the fact that it's overlooked, it appears to be just as vulnerable as XP and the worrying thing is that any future virus's or malware programs will be overlooked because the users are so complacent, no wait, what do I mean worrying? I'm not worried, I use XP ;)
Have you used OSX? I have quite extensively..


While I agree Mac users should NOT get complacent about security (after all, no OS is totally secure, not even the much praised Unix or Linux).

It is, however, in my experience, inherantly more secure than XP. For three main reasons.


Root access is disabled by default.
Even if you are a System Administrator (but not if logged in as root), if any program needs to perform certain Administrative functions, you need to confirm they have permission with your password.
XP ships with most things enabled by default (for instance, the Windows Messenger service) thus providing an attacker with a far larger variety of potential attack points. Mac OSX ships with most network functions (such as sharing, web server etc), disabled. It requires the user to enable those services they need. The idea being if you need these services, you should know how to enable them. If you don't know how to enable them, you don't need them.
A lot of spyware is installed through the auto-install function of IE. AFAIK, there is no such function in any browser on the Mac (even IE).
I do realise that a lot of security problems have been fixed in Service Pack 2, and that IE has improved massively, but a lot of people are still refusing to install Service Pack 2 for various reasons, so a lot of machines are still vulnerable.


It patches 17 security holes apparently and is released only a month after the last batch of security updates. I wonder if any OSX users want to pass comment? ;)
Good. That's 17 fewer potential attack paths for hackers. It shows that Apple is being pro-active in looking for holes. Something which Microsoft haven't always been. Although the same claim can be made about Apple in the past.

Good. That's 17 fewer potential attack paths for hackers. It shows that Apple is being pro-active in looking for holes. Something which Microsoft haven't always been. Although the same claim can be made about Apple in the past.

Yet if Microsoft were come out with a patch to fix 17 vulnerabilities we'd have to listen to tiresome slating of Microsoft (which is getting REALLY boring now), the plain fact is, your OS isn't as popular, that is the only reason you have less spyware and less virii.

Yet if Microsoft were come out with a patch to fix 17 vulnerabilities we'd have to listen to tiresome slating of Microsoft (which is getting REALLY boring now), the plain fact is, your OS isn't as popular, that is the only reason you have less spyware and less virii.
I personally don't slate Microsoft for that sort of thing. Although IIRC, somewhere around 50 to 60 thousand bugs in Windows 2000 were known about before the release, and were corrected in Service Pack 1. But, I will stress that Service Pack 1 was already in beta testing when Windows 2000 was released.

If I do slate Microsoft for anything, it's the fact that until now their OSes have shipped with everything enabled, and have relied on those services being enabled.

For instance, why would your average home user with one PC need Windows Messenger (not the version of MSN messenger built in to the OS but the service), Lan Manager or Remote Procedure Call enabled? These are all services designed to work over networks. RPC is difficult to disable as a lot of Windows programs rely on it, even if they don't have any need of networking..

Even at the server level, Windows used to do this. Probably 90% of windows server users probably don't need IIS installed, yet it's installed automatically unless you opt not to (and there are hacks that work on IIS if it is installed, but disabled). Even where they do need IIS, they probably don't need SMTP installed. A company may use many IIS servers (we do at work), but they will only need to install a few SMTP servers. Yet with Windows 2000 you have to explicitly tell it you don't want these services. At least they have got it right with Server 2003..

Just in case anyone is unaware Apple have just released another 10 security updates for "critical" flaws in OSX.
Link (http://news.com.com/Apple+plugs+critical+holes+in+OS+X/2100-1002_3-5879187.html?tag=nefd.top)

Apple Computer released 10 security fixes to address Mac OS X flaws that security experts described as "critical."
Apple issued the patches, available through its Web site, Thursday. The flaws affect versions 10.3.9 and 10.4.2 of the Mac OS X operating system, as well as related server software.
Symantec and the French Security Incident Response Team both said the vulnerabilities are serious and that the need to patch them is urgent. However, no exploits for them have been reported, Symantec noted in an alert sent to members of its DeepSight service Friday.
The flaws expose affected machines to remote attack using arbitrary commands and e-mail interception, according to Apple's bulletin. Certain vulnerabilities could also be exploited for a denial-of-service attack, FrSirt said in an online advisory.
Apple declined to comment on the security patches Friday.
Apple Security Updates (http://docs.info.apple.com/article.html?artnum=302413)

Poxy Apple.

I am on their mailing list, so they constantly bombard me with emails telling me about their overpriced tat they are selling and new stores opening. They never tell me about something like this. Something I might want to know Argh!!!

Poxy Apple.

I am on their mailing list, so they constantly bombard me with emails telling me about their overpriced tat they are selling and new stores opening. They never tell me about something like this. Something I might want to know Argh!!!
Now why would they highlight a few security issues to you?? Not as though it would be handy to be warned that you need to run updates is it lol.
Are you patched now then??

I will be next time I start my laptop.

The updates are in the System Update app, so you wouldn't thought it would be beyond the wit of Apple programmers to inform you of updates on startup? No, that might be helpful... Not once have I ever been informed of an update, I always have to check manually. I have never seen an option for informing the user of updates either...

punky, Mac OSX does check for updates once a week. When it finds updates, the software update icon bounces up up and down in the dock..

To enable this (it is enabled by default, but it sounds like it isn't on your mac), run Software update as normal, then click "Update Software" and tick "Check for updates: Weekly" (or Daily etc).

Cheers for that. I wouldn't have disabled it, so lord knows why I have never seen the update thing come up... Maybe something in my startup is squelching it... :shrug: