Main Forums >> Mac Music
        Print Thread

Pages: 1
Tui
active member


Joined: 02/09/02
Posts: 3309
Loc: Chiang Mai, Thailand
Mavericks 10.9.2 and Security Update
      #1090699 - 25/02/14 08:56 PM
Anybody using Mavericks should install this asap. The update addresses serious security issues.

http://support.apple.com/downloads/

http://support.apple.com/kb/HT6150


Post Extras: Print Post   Remind Me!   Notify Moderator     Back to top
desmond



Joined: 10/01/06
Posts: 9167
Re: Mavericks 10.9.2 and Security Update new [Re: Tui]
      #1090702 - 25/02/14 09:06 PM
This was a lovely example of a critical bug...

Yes, important to get this one fixed.


Post Extras: Print Post   Remind Me!   Notify Moderator     Back to top
chris...
active member


Joined: 12/03/03
Posts: 4704
Re: Mavericks 10.9.2 and Security Update new [Re: Tui]
      #1090707 - 25/02/14 10:39 PM
Some of the media is exaggerating this abit, arguably failing to explain for folks not in the know that it can't just be exploited by any random hacker anywhere. Rather, the hacker has to already have access to your transmission path. In general, this isn't as easy as the media seems to suggest, and would generally require a determined hacker specifically deciding to target you in particular.

The fix will likely make life harder for the NSA, which is good.

But yes, definitely one to fix.


Post Extras: Print Post   Remind Me!   Notify Moderator     Back to top
desmond



Joined: 10/01/06
Posts: 9167
Re: Mavericks 10.9.2 and Security Update new [Re: chris...]
      #1090713 - 25/02/14 11:28 PM
Quote chris...:

Some of the media is exaggerating this abit, arguably failing to explain for folks not in the know that it can't just be exploited by any random hacker anywhere.




Yep, someone *already on your network* can potentially run a man-in-the-middle attack but the attacker would already have to be on your network. The biggest risk really is when connected to public networks...

The media interest is that basically anything suggesting Apple aren't perfect gets journos and wackos salivating at the prospect of naming and shaming. "Apple has a security flaw!". Yes, and MS patch multiple Windows security flaws every tuesday but you don't make headlines about those either - even the serious ones.

But yes, a pretty nasty security bug this one, probably one of Apple's more serious ones in recent history (that I can remember anyway).

10.9.2 here now...
Test at gotofail.com


Post Extras: Print Post   Remind Me!   Notify Moderator     Back to top
xFasterMikeyH



Joined: 08/10/04
Posts: 448
Re: Mavericks 10.9.2 and Security Update new [Re: desmond]
      #1090840 - 26/02/14 05:15 PM
Quote desmond:

Yep, someone *already on your network* can potentially run a man-in-the-middle attack but the attacker would already have to be on your network. The biggest risk really is when connected to public networks...



Like when you check your email in a coffee shop, or at an airport.

Quote desmond:

MS patch multiple Windows security flaws every tuesday but you don't make headlines about those either - even the serious ones.



Apple have a pretty woeful history on patching security flaws, for instance with their Java updates, none of which really makes the headlines. The reason this has people frothing quite so much is that it's relatively trivial to exploit and, given the ubiquity of iOS devices that are very likely to be connecting to public networks, has the potential to affect a lot of people.

Quote chris...:

[exploiting this flaw would] require a determined hacker specifically deciding to target you in particular.



They don't need to target individuals, they need to target people using specific ios/osx versions using specific applications. That's trivial to do on a shared network for someone with not particularly impressive hacking skills (although they will need a dodgy cert to do it, but that's a pretty low barrier).


Post Extras: Print Post   Remind Me!   Notify Moderator     Back to top
Pages: 1

Rate this thread

Jump to

Extra Information
2 registered and 22 anonymous users are browsing this forum.

Moderator:  David Etheridge, James Perrett, zenguitar, Martin Walker, Forum Admin, Hugh Robjohns, Zukan, Frank Eleveld, SOS News Editor,  
Forum Permissions
      You cannot start new topics
      You cannot reply to topics
      HTML is disabled
      UBBCode is enabled
Rating:
Thread views: 1274

November 2014
On sale now at main newsagents and bookstores (or buy direct from the
SOS Web Shop)
SOS current Print Magazine: click here for FULL Contents list
Click image for November 2014
DAW Tips from SOS

 

Home | Search | News | Current Issue | Tablet Mag | Articles | Forum | Subscribe | Shop | Readers Ads

Advertise | Information | Privacy Policy | Support | Login Help

 

Email: Contact SOS

Telephone: +44 (0)1954 789888

Fax: +44 (0)1954 789895

Registered Office: Media House, Trafalgar Way, Bar Hill, Cambridge, CB23 8SQ, United Kingdom.

Sound On Sound Ltd is registered in England and Wales.

Company number: 3015516 VAT number: GB 638 5307 26

         

All contents copyright © SOS Publications Group and/or its licensors, 1985-2014. All rights reserved.
The contents of this article are subject to worldwide copyright protection and reproduction in whole or part, whether mechanical or electronic, is expressly forbidden without the prior written consent of the Publishers. Great care has been taken to ensure accuracy in the preparation of this article but neither Sound On Sound Limited nor the publishers can be held responsible for its contents. The views expressed are those of the contributors and not necessarily those of the publishers.

Web site designed & maintained by PB Associates | SOS | Relative Media