|Home » Industry Watch
10.5.7: Taking Security Seriously
Some graphical improvements but work on security still abysmally out of date.
CUPERTINO (Rixstep) -- Mac OS X 10.5.7 is here. A more complete report may be available shortly but in the meantime there are a few dismal items to report on. Unfortunately.
First the good stuff.
10.5.7: The Good Stuff
A more extensive study will be necessary but already there is evidence of improvement to the graphical user interface. At least one. Here it is.
10.5.7: The Bad Stuff
As reported by members of the Rixstep/7 forum.
- bash seems to be about two years old.
- bzip2 is still at version 1.0.4 which is a year old.
- rsync is still at version 2.6.x which is three years old.
- Most rsync updates since 2006 were security updates.
- X11 is still 2.1.6 although X.org released 2.3.3 three weeks ago.
History and numerous hacker contests have proven the best, easiest, fastest, and most reliable way to hack Mac OS X is to compare version numbers of open source modules, find one or more that are egregiously unconscionably out of date, and read the change logs at the source. From that point the hack's child's play.
If Apple are to convince their trusting customers they really do take security seriously (and are upstanding members of the crucial open source community) then they're going to have to devote less time to light bulb icons, Automator actions only the congenitally cerebrally terminal are at all interested in, and get their act together.
Until then the message they're sending is going to continue to be a completely different one.