The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Security Researcher Slams OS X For 'Ancient Flaws'

Security Researcher Slams OS X For 'Ancient Flaws'

by , 4:40 PM EST, January 26th, 2006

Mac OS X has many security problems that have remained unfixed despite the fact that they were repaired in other operating systems over a decade ago, security researcher Neil Archibald told ZDNet Australia. Reporter Munir Kotadia wrote that Mr. Archibald "speculates that should Apple's market share continue to increase, users of the platform could actually end up less secure than users of other platforms such as Microsoft Windows or Linux."

Mr. Archibald added that Apple has left its code "relatively under-audited, which leaves a lot of low-hanging bugs." As an example, he cited the now-patched "dsidentity" bug, which affected Mac OS X v10.4. It "could have easily been exploited to grant a non-privileged user with admin rights and allow that user to create and remove root user accounts," Mr. Kotadia wrote.

Another flaw that remains unpatched "could allow memory corruption and hand control of a process over to an attacker," according to Mr. Kotadia. Mr. Archibald said that Apple is aware of that flaw's existence but has been slow to respond to it. "It expects security researchers to wait indefinitely to release the vulnerabilities and offers no incentive for them to do so," the security researcher said.

In the long-term, he added, "Apple's impressive security record is likely to be tarnished if the company continues to grow its market share while undervaluing security researchers and not properly auditing its code." The security problems exist in both the Intel and PowerPC versions of Mac OS X, Mr. Archibald noted.

An Apple spokesperson told Mr. Kotadia that the company won't "comment on what other people say about Mac OS X."

Thanks to The Inquirer for the link.

Recent TMO Headlines - Updated May 22nd

Mon, 5:27 PM
The Good That Has Come Out of Apple's Mac Lapses
Mon, 5:14 PM
Apple's New Switcher Campaign — for iPhone
Mon, 4:00 PM
Time-Lapse Video of Living Zen Sand Art Coffee Table
Mon, 3:46 PM
TMO Background Mode Interview with Computer Historian and Author David Greelish
Mon, 3:34 PM
Leaked Pics Compare iPhone 8 Size to iPhone 7s and 7s Plus
Mon, 2:03 PM
Apple's Driverless Test Car Caught in the Wild
Mon, 1:50 PM
Ford's Interest in Autonomous Cars, iOS 11 Wish List - TMO Daily Observations 2017-05-22
Mon, 1:35 PM
114 Year Old Car Company Puts Self Driving Car Exec In Charge
Mon, 11:52 AM
Drive Genius 5 Standard License: $39
Mon, 11:48 AM
Nike Unveils VaporMax Flyknit Apple Watch Bands
Mon, 10:30 AM
RSA Sues Apple Claiming Apple Pay Patent Infringement
Sun, 12:03 PM
Fixing Album Art, Cracked iPads, and UPnP Dangers – Mac Geek Gab 658
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!