os x security

Apple releases Security Update 2011-005 for OS X

by Patrick Lutz at September 10, 2011 12:17 pm

A small security update for OS X Snow Leopard and Lion users is now available from Apple, addressing an issue regarding fraudulent certificates from DigiNotar, a Dutch certificate authority organization. The security issue arose when DigiNotar’s servers became compromised by hackers a few weeks ago, who managed to obtain access to 531 of the company’s certificates without their knowledge until weeks after the intrusion took place. Although Apple has taken a while to respond to this issue, they’ve finally revoked DigiNotar’s status as a trusted source with Security Update 2011-005.

OS X’s huge out-of-the-box security hole, and a fix

by Adam Fisher-Cox at June 19, 2008 10:07 pm

An enormous Mac OS X selling point has been it’s rock solid security, so one would be pretty enraged to find there is a gaping hole sitting in the operating system that has been reported many times and marked as “behaving normally,” while enabling anyone with GUI access to run as root and do basically anything they want to your computer. Apple has obviously been made aware of this issue, and the worst part is, it has been around at least since Panther—over five years ago.

What exactly is this issue? Well, the issue in and of itself may not seem incredibly malicious. The problem lies in AppleScript, and the fact that Applications running as “root” (which basically gives complete access) can accept AppleScript commands from applications which are not running as root. Developer and MacNN forum member Charles Srstka notes that he has sent this in as a bug to Apple many times, and yet it has been labeled as “Behaves Correctly” and dismissed. Furthering the issue is the fact that all Cocoa applications automatically have basic AppleScript support, so any Cocoa application running as root can recieve these malicious AppleScript commands.

More after the break.

OS 10.6 code named “Snow Leopard”

by Stephen Embleton at June 5, 2008 6:53 am

The blogsphere is alive with speculation about Apple’s next operating system, Mac OS v10.6. It just got a little more interesting. Following upon rumors that Apple was prepping a 10.6 release for January 2009 comes even more information, this time by Ars Technica, that Apple has code named the operating system “Snow Leopard.” As well more »

Macworld | iWorld 2012

Macworld Expo is now Macworld | iWorld, and Appletell will once again be on hand to bring you the latest Macintosh, iPhone, iPad and iPod product news and announcements. From the show floor to the special events, our team will be reporting and tweeting around the clock. Check with us often to see how you’ll be spending your money in 2012.

Continue Reading »

iPhone App Reviews

iPhone Apps. They were great when the App Store was first announced and we could all pick and chose what we wanted, but the number is now overwhelming. Here at Appletell, we’ll detail the great iPhone apps we find, and steer you clear from those that aren’t worth it even if they’re free.

Continue Reading »

iPhone Game Reviews

As Apple turns the iPhone into one of the most popular gaming devices, the staff of Appletell–gamers and Apple fans alike–are here to help you get the most entertainment value out of your app store purchases.

Continue Reading »

os x security

Apple releases Security Update 2011-005 for OS X

OS X’s huge out-of-the-box security hole, and a fix

OS 10.6 code named “Snow Leopard”

Editor

Associate Editors