PureBasic Forums - English

Hi - If your MAC OS is the recent "High Sierra" then you need to read this report as a matter of urgency:

http://www.zdnet.com/article/stupid-stu ... CAD2e14604

I will not go into a long rant about new operating systems being supposedly more secure than the previous OS but...

An office was hit with a virus and all the Windows 10 computers were effected. None of the XP machines were effected. All on the same network. I witnessed it myself and I really wasn't surprised. In theory, a new OS should be more secure than the previous for various reasons but a new OS also has new bugs. So new operating systems do not really mean, a more secure OS.

I just wish we could come to a point in operating systems where the focus is bugs, security, and optimizations. Yes, a change in code for optimizations could cause a bug and therefor a security risk but I'm sure it's less likely than new features being added. Most of the new features added today are pretty pointless as far as I can see anyway.

A war for the most secure, bug free, and fastest OS would be nice. The look/style and features are already there.

ZDNet wrote:Fortunately, it appears that you can't hijack a system using this trivial trick remotely.

I have MacOS HighSierra installed and there's one thing that worries me, while installing there were two unrecognizable programs (agents?) trying to have system privilege which I denied, it seems that the installer was compromised.

Fortunately, it appears that you can't hijack a system using this trivial trick remotely.

Actually I think they have established that it is possible, hence Apple had to announce they are working on it as a priority.

Most obvious thing to do is give the Root User a good password.

@J. Baker
well, if you are writing malware, then you want to target as many systems as possible. you wont exploit an os that only 1% of people use.

@topic
apple isolated themselves and their users from the outside world, with the bullshit pretence of "security". they limit the access to your very own system, to "protect" you. you basically cant do anything anymore, without apples consent. so things like this can never hapen, yet they keep happening. its not the first time, and it wont be the last time either.

i really dont feel any pity for people who throw their money at a company like this. total control over their users, monitoring its every moves, and limiting access to their systems. not to mention that they always create their own standards, instead of adopting an independent, widely used industry standard.

TL;DR if you give a company total control over your life, dont be surprised when it comes back to bite you in the ass.



c ya,
nco2k

Windows and Linux both had/have similar vulnerabilities also.

Sent from my LGLS991 using Tapatalk

Mohawk70 wrote:Windows and Linux both had/have similar vulnerabilities also.

thats not the point. vulnarbilities like this will always occur, wether its apple, microsoft, google, or amazon. the point is, that apple created their own little world, and treat everyone outside of it as an intruder. i remember the times, when you couldnt send a simple video over bluetooth, to your non-iphone colleague, because its a potential risk. you couldnt plug your iphone to your aunts pc and copy the latest family photos, without bloating up her pc with itunes first, because otherwise its a potential risk. they made the simplest tasks insanly difficult, if not impossible, and always justified it with the pretence of security and protection. and now what?

i had to jailbreak my iphone, to unlock basic functionalities, that non-iphones offered out of the box. later when i switched to android, everything just worked. i could throw any media at my tvs wifi, with just a tap, even though both deviced are from 2 different manufacturers, with 2 different operating systems. i will choose freedom over pseudo-security any day.

c ya,
nco2k

Most obvious thing to do is give the Root User a good password.

My thoughts exactly .. this is just as much the blame of lazy/stupid/uninformed/irresponsible ( whichever you prefer ) users and / or admins not setting up the system securely from the start. Feel free to disagree, but that's how I see it.

Actually less dangerous than remote code execution which are everywhere and more stealth..

A lot of people have vulnerable SSH configurations on their web-servers and clients too that are just as dangerous.