Explaining s/w toolchains to mental midgets is not a good use of time.
Why must you be so rude and insulting? I didn¢t say anything personal about anyone and already admitted I may be mistaken. Have you ever been wrong?
See?
You don't even understand the vulnerability.
Yet you're happy to freely blame Apple.
Apple haven't used anything here.
It is third party developers who used a
utility that made life easier for them to support *their* apps.
These apps then are deployed into the Apple ecosystem.
Apple haven't used it, cannot check and have no responsibility for what
tools developers use in creating their apps.
It perpetuated itself deeper and has caused
security problems now. That¢s on Apple.
That's like blaming Ford for a flaw in Continental tyres.
Every accusation is a confession with these morons.
You Apple nutcases always claim that I love Google & Microsoft.
You're fantasising again. No-one has said that.
Let me tell you something, Chris - which you should already know by now.
I tell the truth (with cites) about every consumer operating system, Chris.
You have no concept of the truth or facts.
And when you get caught out, you snip and run.
Since the flaw is so fantastically pervasive, and since it allows
zero-click exploits on only Apple products, don't you think Apple should
have cared about testing this since it affects billions of users?
What libraries developers use is their responsibility, not Apple's. It's
the same with all OSes.
If Apple became even more prescriptive regarding how apps should be
developed you'd be the first to claim foul play and complain even more
about the "walled garden".
Chris wrote on Sat, 6 Jul 2024 07:39:51 -0000 (UTC) :
See?
What I see is Apple touts safety & security that doesn't exist.
You don't even understand the vulnerability.
What you're saying, Chris, is that Apple lied because you're saying that Apple has no control over the safety and security of the apps people use.
Yet you're happy to freely blame Apple.
Answer this question without resorting to lies, please, Chris:
Q: Does Apple tout the safety & security of iOS and macOS or not?
A: Yes or No
Apple haven't used anything here.
Xcode is Apple software, Chris.
It is third party developers who used a
utility that made life easier for them to support *their* apps.
They used Apple's recommended methods of development, Chris.
These apps then are deployed into the Apple ecosystem.
Answer this simple yet logically sensible question please:
Q: Did vulnerability researchers find this pervasive flaw, or not?
A: Yes or No
Apple haven't used it, cannot check and have no responsibility for what
tools developers use in creating their apps.
Simply answer this sensibly logical question then, please, Chris:
Q: If researchers could find this flaw, could Apple have found it?
A: Yes or No
It perpetuated itself deeper and has caused
security problems now. That�s on Apple.
That's like blaming Ford for a flaw in Continental tyres.
Apple advertises safety & security.
Zealots are claiming that safety & security is impossible on Apple products because of the way millions of those Apple products are developed using
Apple software (Xcode).
Witness your own post here, Chris, saying exactly that.
<https://www.novabbs.com/computers/article-flat.php?id=15606&group=misc.phone.mobile.iphone#15606>
You must have some form of comprehension disability. Any english speaking person can understand that what you claim is at odds with what I wrote.
The fact is that I'm beginning to think you didn't lie, Chris.
Not a fact. You lose.]
Chris wrote on Sat, 6 Jul 2024 23:30:21 -0000 (UTC) :
Witness your own post here, Chris, saying exactly that.
<https://www.novabbs.com/computers/article-flat.php?id=15606&group=misc.phone.mobile.iphone#15606>
You must have some form of comprehension disability. Any english speaking
person can understand that what you claim is at odds with what I wrote.
Jolly Roger wrote on 7 Jul 2024 02:06:58 GMT :
The fact is that I'm beginning to think you didn't lie, Chris.
Not a fact. You lose.]
Holy shit! You didn't lie!
Indeed. Here are FACTS you want us to ignore:
Open source vulnerabilities remain unpatched for decades <https://www.itweb.co.za/article/open-source-vulnerabilities-remain-unpatched-for-decades/wbrpO7gPwGdMDLZn>
---
A new report reveals an enormous number of identified open source vulnerabilities remain unpatched for 10 years and longer, often because organisations have no idea what open source code they are using.
.
.
.
With software developers routinely taking code from open source
repositories to embed in their company's products to speed up the
development process, saving time and money, manually tracking
components, their versions and their vulnerabilities is way beyond the capabilities of most organisations.
The report recommends all organisations invest in an automated solution
for identifying and patching known vulnerabilities. "You can't patch
software if you don't know you are using it," the authors point out.
Jolly Roger wrote on 7 Jul 2024 03:22:42 GMT :
Indeed. Here are FACTS you want us to ignore:
Open source vulnerabilities remain unpatched for decades
<https://www.itweb.co.za/article/open-source-vulnerabilities-remain-unpatched-for-decades/wbrpO7gPwGdMDLZn>
---
A new report reveals an enormous number of identified open source
vulnerabilities remain unpatched for 10 years and longer, often because
organisations have no idea what open source code they are using.
.
.
.
With software developers routinely taking code from open source
repositories to embed in their company's products to speed up the
development process, saving time and money, manually tracking
components, their versions and their vulnerabilities is way beyond the
capabilities of most organisations.
The report recommends all organisations invest in an automated solution
for identifying and patching known vulnerabilities. "You can't patch
software if you don't know you are using it," the authors point out.
The only facts we need to know are two undeniably salient facts, JR.
1. Apple touts that their ecosystem provides safety & security.
2. Yet Apple apparently has never even tested whether that claim is true.
This situation reminds me of the Ford Explorer rollover debacle. Ford
blamed Firestone and Firestone blamed Ford. In reality they both had a
major part in the whole thing. Firestone tires were separating at the tread and Ford Explorers had weak suspensions and high center of gravity. Both of those caused the exceedingly high number of rollovers and deaths.
Take your pick as to whom to blame, but it shows neither company performed adequate testing together or merely ignored warning signs.
badgolferman wrote on Sun, 7 Jul 2024 12:02:22 -0000 (UTC) :
This situation reminds me of the Ford Explorer rollover debacle. Ford
blamed Firestone and Firestone blamed Ford. In reality they both had a
major part in the whole thing. Firestone tires were separating at the tread >> and Ford Explorers had weak suspensions and high center of gravity. Both of >> those caused the exceedingly high number of rollovers and deaths.
Whom did the customer purchase the vehicle from, Ford or Firestone?
The answer is Ford. So this is purely a Ford ecosystem problem.
To wit, this huge security hole is purely an Apple ecosystem problem. https://www.darkreading.com/cloud-security/apple-cocoapods-bugs-expose-apps-code-injectionI wonder if you realize how many unsupported assumptions you've made in
What kind of ecosystem is so primitive that ANYONE ON THE PLANET could
modify any of three million iOS/macOS apps at will - whenever they want?
For ten years!
Take your pick as to whom to blame, but it shows neither company performed >> adequate testing together or merely ignored warning signs.
If Apple did NOT tout that their ecosystem provided safety and security, we could let Apple off the hook for never bothering to test that claim.
As it is, it's clear that the one thing the primitive Apple ecosystem does NOT provide, is safety & security.
I wonder if these zealots realize ANYONE ON THE PLANET FOR TEN YEARS could inject ANY CODE THEY WANTED TO INJECT into over three million iOS/mac apps.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 489 |
Nodes: | 16 (2 / 14) |
Uptime: | 41:38:52 |
Calls: | 9,670 |
Calls today: | 1 |
Files: | 13,716 |
Messages: | 6,169,736 |