Oh yeah I know, I wasn't trying to say it was. It was just a random aside based on the parents comment.
On that point though, If you can change the password of an admin account on any Mac (that doesn't have filevault on), then you can use that to obtain root privileges on any Mac.
Sure, but that requires you to either already have an admin password, or be able to reboot the machine into recovery mode and retain control of it (which typically implies actual physical access).
The privilege escalation exploit mentioned in the OP, while technically not remotely exploitable, can be used by malware with lower privileges (i.e. malware running as an unprivileged user, which got onto the machine either through a remote exploit or some sort of drive-by download) to silently elevate itself to root. That's something that shouldn't be possible.
I always get bummed out over @i0n1c's tweets, so many security issues that are just ignored by apple.
Anyone have stats on # of exploits per type of OS X. I would want to see how many known security updates were pushed during 10.6 era vs now. At least in the 10.6 era, the OS you were using ( if it was a previous generation) was still getting security updates.
It's really upsetting and ousting Forstall did nothing to revive or unify the iOS/OSX teams...
And it's easy to gloss over these issues when they're crafted into such a carefully and intentionally designed piece of modern art -- except many of the core libraries sitting atop that hardware are where such quality has been overlooked. I think that's the antithesis of the philosophy of 'detail' that arguably brought apple back from the brink last time...
Usability and simplifying processes is great and all, but if enough of these issues seep in it could destroy the core assumption of quality which is what the company truly subsists on... Surely Cook must realize this by now? Desktop isn't the future, we know, but neglect advanced users and you only stand to lose relevance.
[edit] A slightly more crude analogy: it's a bit like dressing up a Ford Pinto in the body kit of a Ferrari -- you'll cross the line in style, but eventually you're going to get burned.
Maybe its an issue with scope, and targeting specific issues that people have. Couple of advance users have issues with security not a big issue, Taylor Swift has issues with payment of artists, next day issue is addressed.
I guess its the illusion of caring.
You would think that the core would need to be solid, while the outsides would be constantly polished.
I don't believe the company has been on the path of quality since the release of 10.7-10.9 and the all the hardware issues that came through during that era, till now.
While i agree that desktops are not the future, and mobile is increasingly picking up momentum, mobile to me is like the horse with a blinding mask on, this is what you get, and ONLY this. Even more so with the case of Apple.
I guess I came around full circle to bite myself. I want new things with mobile, and I want there to be options. But at the same time I want something that is quality. Should I have to sacrifice one for the other? Or worse, wait forever to be able to do something, at which when i get it i don't even care anymore because I need to do something else now.
Yep. The 2G and 3G ones are particularly bad because there's a public toolchain that gets you from web browser to root, for the 4 and later you normally need USB access to some degree.
Apple has gotten absolutely terrible at fixing bugs, they're obviously not interested. Changing the background colour in iTunes generates more revenue than fixing “invisible” security holes.
> Get the full value from curated content you share on social media
Automatically add your presence and promote your content with every external link you share
