You are really a tragic figure in the english-speaking Usenet.
A near inconceivable number of Apple iPhone & macOS apps have been exposed
to critical vulnerabilities
So glad I have him killfiled. I recommend it.
Am 03.07.24 um 07:38 schrieb Peter:
A near inconceivable number of Apple iPhone & macOS apps have been
exposed to critical vulnerabilities
Another try, Arlen?
You are really a tragic figure in the english-speaking Usenet.
On Wed, 3 Jul 2024 07:49:33 +0200, Jörg Lorenz wrote:
You are really a tragic figure in the english-speaking Usenet.
Thank the Lord you know so much about Apple to declare that all those articles published today about this ten year long exploit are all wrong.
What would we do on a technical ng without your wisdom?
On Wed, 03 Jul 2024 07:49:33 +0200, Jörg Lorenz wrote:
Am 03.07.24 um 07:38 schrieb Peter:
A near inconceivable number of Apple iPhone & macOS apps have been
exposed to critical vulnerabilities
Another try, Arlen?
You are really a tragic figure in the english-speaking Usenet.
So glad I have him killfiled. I recommend it.
On 3 Jul 2024 07:59:01 GMT, Bob Eager <news0009@eager.cx> wrote
So glad I have him killfiled. I recommend it.
I don't think Joerg is who you think he is but your recommendation to hide your head in the sand in abject fear whenever bad news comes to the fore is typical for you. As a result, you will remain stupid for the rest of time.
These bugs are real.
Millions of iOS apps were exposed to security breach found in CocoaPods https://9to5mac.com/2024/07/02/ios-apps-security-breach-cocoapods/
Critical CocoaPods Flaws Exposed Many iOS, macOS Apps to Supply Chain
Attacks https://www.securityweek.com/critical-cocoapods-flaws-exposed-many-ios-macos-apps-to-supply-chain-attacks/
'Perfect 10' Apple Supply Chain Bug - Millions of Apps at Risk of CocoaPods RCE
https://securityboulevard.com/2024/07/cocoapods-apple-vulns-richixbw/
CocoaPods flaws left iOS, macOS apps open to supply-chain attack https://www.csoonline.com/article/2512935/cocoapods-flaws-left-ios-macos-apps-open-to-supply-chain-attack.html
I scanned those quickly and don't see any mention that the vulnerability
was actually exploited. Hope it wasn't.
Alan Browne <bitbucket@blackhole.com> wrote:
I scanned those quickly and don't see any mention that the
vulnerability was actually exploited. Hope it wasn't.
Good thing CocoaPods have fixed the issue.
It is another indication that dependencies or services managed by a
third party can be a huge risk for developers and clients.
Convenient, easy and cheap to have these things 3rd party managed -
but their issues become everyone's issues.
I’ve always heard open source software is better because people can actually find vulnerabilities or back doors in them to report.
badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
Alan Browne <bitbucket@blackhole.com> wrote:
I scanned those quickly and don't see any mention that the
vulnerability was actually exploited. Hope it wasn't.
Good thing CocoaPods have fixed the issue.
It is another indication that dependencies or services managed by a
third party can be a huge risk for developers and clients.
Convenient, easy and cheap to have these things 3rd party managed -
but their issues become everyone's issues.
I’ve always heard open source software is better because people can
actually find vulnerabilities or back doors in them to report.
And for black hats to find them and exploit them.
I often ignore posts from Google.
Jolly Roger wrote:
I often ignore posts from Google.
Time for a .sig change?
On Wed, 03 Jul 2024 07:49:33 +0200, Jörg Lorenz wrote:
Am 03.07.24 um 07:38 schrieb Peter:
A near inconceivable number of Apple iPhone & macOS apps have been
exposed to critical vulnerabilities
Another try, Arlen?
You are really a tragic figure in the english-speaking Usenet.
So glad I have him killfiled. I recommend it.
On 2024-07-03 07:59:01 +0000, Bob Eager said:
On Wed, 03 Jul 2024 07:49:33 +0200, Jörg Lorenz wrote:
Am 03.07.24 um 07:38 schrieb Peter:
A near inconceivable number of Apple iPhone & macOS apps have been
exposed to critical vulnerabilities
Another try, Arlen?
You are really a tragic figure in the english-speaking Usenet.
So glad I have him killfiled. I recommend it.
Unfortunately the moron keeps chnaging his posting name and some people
keep replying to his garbage. :-(
I¢ve always heard open source software is better because people can
actually find vulnerabilities or back doors in them to report.
That might be true if people didn't find and fix vulnerabilities in closed-source software every day.
Jolly Roger wrote on 3 Jul 2024 18:39:21 GMT :
I¢ve always heard open source software is better because people can
actually find vulnerabilities or back doors in them to report.
That might be true if people didn't find and fix vulnerabilities in
closed-source software every day.
Why do you think Apple never noticed the vulnerabilities in over a
decade?
Am 03.07.24 um 08:09 schrieb Bill Powell:
On Wed, 3 Jul 2024 07:49:33 +0200, Jörg Lorenz wrote:
You are really a tragic figure in the english-speaking Usenet.
Thank the Lord you know so much about Apple to declare that all those
articles published today about this ten year long exploit are all wrong.
Where the heck did I say or write that?
You obviously do not have a clue how this sociopath Arlen contaminated
and in the end destroyed the group misc.phone.mobile.iphone.
What would we do on a technical ng without your wisdom?
Kindergarten? At least you are incredibly trollish indeed, dear! *LOL*
This situation reminds me of the Ford Explorer rollover debacle. Ford
blamed Firestone and Firestone blamed Ford. In reality they both had a
major part in the whole thing. Firestone tires were separating at the tread and Ford Explorers had weak suspensions and high center of gravity. Both of those caused the exceedingly high number of rollovers and deaths.
Take your pick as to whom to blame, but it shows neither company performed adequate testing together or merely ignored warning signs.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 483 |
Nodes: | 16 (2 / 14) |
Uptime: | 175:21:27 |
Calls: | 9,596 |
Calls today: | 2 |
Files: | 13,679 |
Messages: | 6,150,418 |