Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Still Has Not Patched the DNS Hole

kdawson posted more than 6 years ago | from the get-with-it-already dept.

Security 296

Steve Shockley notes an article up at TidBITS on Apple's unexplained failure to patch the DNS vulnerability that we have been discussing for a few weeks now. "Apple uses the popular Internet Systems Consortium BIND DNS server, which was one of the first tools patched, but Apple has yet to include the fixed version in Mac OS X Server, despite being notified of vulnerability details early in the process and being informed of the coordinated patch release date."

cancel ×


Sorry! There are no comments related to the filter you selected.

Typical Apple Situation (5, Funny)

Anonymous Coward | more than 6 years ago | (#24377103)

Waiting for the port.

Re:Typical Apple Situation ... No, they want to (2, Funny)

davidsyes (765062) | more than 6 years ago | (#24378197)

be CORED???



Never been truer (4, Funny)

djdavetrouble (442175) | more than 6 years ago | (#24378223)

There is always one bad Apple (tm) that spoils the whole bunch.

Is it really so hard? (0, Flamebait)

techwizrd (1164023) | more than 6 years ago | (#24377111)

They've had a while... What's keeping them? Do they WANT Mac OS C Server to suck more than it does already?

Re:Is it really so hard? (5, Insightful)

MrNaz (730548) | more than 6 years ago | (#24378295)

Personally, the brazen "stomp everywhere and expect the world to bow to their whims" attitude reminded me of Microsoft in the mid 90s.

Now, complacency with regards to security confirms it: Apple are following Microsoft's path 15 years after them.

It's just a matter of time until geeks wake up and start hating them. Oh, and don't claim you hated Microsoft prior to 1995, you know it's a lie. Everyone wanted to be Bill Gates back then, he was the noble knight/geek taking on the world and bringing down empires like IBM and DEC with his accessible to all consumer computers. It was only after Linux came on the scene that geeks turned on him like the fickle fashionistas that they claim they aren't.

Face it, Apple, like Microsoft before the, are just the flavor of the month.

A hole that needs patched (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24377121)

Stud dogs go about the whole sex thing rather differently than primates (or equines). Unlike us, male canines don't have an orgasm that involves a short, intense ejaculation. Instead, once they have become fully erect, they will have a continuous orgasm for from 10 to 45 minutes or longer. The "standard" procedure for dogs, when they are mating, is that the male "ties" with the bitch - which means that, after he has penetrated fully, his penis will develop a knot at its base that is several times wider than the rest of his shaft.

For reference, a 80 pound Golden stud dog might have, let's say, a cock that is 7 or 8 inches long when erect - but his knot will be at least as big around as a tennis ball. This knot swells inside the bitch, and so long as he remains erect the dogs are "tied." No, this isn't painful for her - canine females long ago developed an entire set of muscular supports for this process. Generally, once they are tied, most stud dogs prefer to step off and over, so he and the bitch are tail-to-tail. Theories abound on why this evolved - I have yet to see one that was truly convincing. Anyway, they'll stand like this, with the male having a continuous orgasm during the whole tie - until he starts to shrink and they pop apart. Bitches also have orgasms, and she'll likely have quite a few during the tie, as well - research has shown that her orgasms are essential to increasing the chances of pregnancy, due to muscular contractions.

Anyway. if a guy like me has a stud dog partner, one form of intimacy is for him to tie with us, anally. As young teenagers, many of us learned the hard way about the knot, and the tie - particularly back in pre-interweb days. So we'd suddenly find ourselves locked together, with this tennis-ball width cock inside us. Nowadays, I suspect most young zoos know all about this. However, some folks still have eyes bigger than their stomach, err their you-know-what.

It would not be accurate to say that I have a stream of visitors who show up at my house just for sex with my canine partners. However, it is true that I do not exercise any sort of unilateral control/ownership over the relationships my canine boys might develop with other people - they are adults, and if they desire to get frisky with another two-legger and I judge that the person is respectful and unlikely to do anything mean or stupid, I have no moral ground on which to say "oh, no, you aren't allowed - he can only have sex with me." That just makes no sense, so if there's a time when a friend is visiting and there's a spark between them and one of my partners, I'm ok with that. In truth, I think it's great to have the boys' enjoy other positive relationships and I love to see them happy, whatever the circumstances.

Many years ago, a friend was visiting - a zoo who had been active with his own stud dog for quite a few years. His boy was a breed that is not small, but is also somewhat known by old-school zoos as being, well, on average not so well-endowed relative to their body size. This friend had tied with his partner on a number of occasions - and he often talked about how intense and rewarding the experience was, for both of them. That's great, I said - while thinking that he'd probably not fare so well with a larger breed.

As it turns out, he and one of my canine friends hit it off quite clearly right from the get-go - the chemistry was there and the two of them seemed like they'd known each other for ages. After several visits, I could see that they were sort of getting closer and closer - my friend was worried that I'd feel he was somehow intruding into my relationship with this handsome stud dog - who had been in my own family for close to a decade. Of course not, I told him - if you guys hit it off and things get steamy, I'd hardly throw cold water on it just so I can be all possessive and insecure. HOWEVER, I warned him, that handsome boy with whom you're making goo-goo eyes is much bigger than your own long-time partner.

I tried to be nice about this, but some zoos get their nose out of joint if you suggest their beloved might not be the most-endowed canine (or equine, or whatever) around. He was a bit like that - and right off the bat tried to convince me his boy was "really quite large for his body size," and who was I to argue? I did warn him that the stud dog he was considering, in my family, was somewhat over-endowed for his body size - and he was in the range of 120 pounds of low-bodyfat muscle. Beh, my friend said, no problem - I know what I'm doing. . .

Later that evening, after I'd gone to bed, I woke to the sound of toenails on the hardwood floor. There was also a bit of panting, a giggle here and there - not hard to figure out what was going on. Feeling a sense of impending doom, I made my presence known and sort of lurked in the background, sitting on the sofa and enjoying the huge, nearly-full moon casting shadows on the farm. The two boys were doing some sort of foreplay - it seemed cute to me, but I did (once again) warn my friend that this particular stud dog was also rather aggressive in his breeding - he'd sired many litters of wonderful pups, in his own career, and knew quite well how to get a proper tie with even inexperienced or skittish bitches. Yeah, yeah - my friend was clearly not thinking with the had between his shoulders, but the one between his legs.

In a flash, the big stud dog was mounted on my friend - and this time he wasn't just going through the motions, or playing. In just a few thrusts, he was inside - and with all that muscle, he held himself tight as he began to swell. It doesn't take long - maybe 20 seconds. I'm still watching, from the sofa, somewhere between shocked and bemused. For the first ten seconds or so, my friend is quiet and still as a winter night - not a sound save the deep grunting from my stud dog as he was swelling with each heartbeat.

Then, reality started to intrude (pun intended). My friend started to make this sort of whimpering sound - no words, just a low moan. Too late to turn back, I knew, so I held my tongue. Then, as my stud dog really began to take on his full size (which I knew from years of firsthand enjoyment was just under 10 inches in length with a knot just shy of softball size), my two-legged friend began to realize the error of his ways. This stud dog was, quite likely, at least double the width of his normal canine partner - and 3 or 4 inches longer. And, as reality is dawning on him, each heartbeat is causing the cock inside him to get bigger. . . and bigger. . . and bigger.

By now, he's positively crying - literally crying like a baby. No words, just sort of a quiet blubbering. He's smart enough to know there's no backing out now - and he didn't try anything stupid like pulling loose (which can, indeed, cause massive rectal tearing if done in haste - trust me, not fun). At this point my canine friend casually steps off from the usual "doggie style" position and, with years of practice, adjusts himself into the butt-to-butt position. And to add insult to (literal) injury, my canine friend has now plastered an absolutely massive grin on his face - when we say "shit-eating grin," this is it He's having the time of his life, tied with a new friend he's met, just starting into an orgasm that will go on for nearly 20 minutes. Not only does he not really know that his fuck buddy is feeling like someone's put the better part of a baseball bat up his ass. . . I'm quite sure he doesn't care.

Just for good measure, I took a photo of the gigantic smile on the stud dog's face - nothing more than that, just his face and the grin to end all grins. Click.

My two-legged friend is now officially gibbering - it's really a verb, I didn't know that before just then. He's somehow begging for it to "stop, oh please stop" - but every now and then there's an "oh god oh GOD he's amazing" thrown in, before he's back to "oh PLEASE make it stop OOOH stop stop stop." This goes on, as is par for the course, for just shy of 20 minutes, at which point my stud dog friend begins to subside, pops free (with a characteristically loud and gushing dis-connection), and lies down to clean himself up and help his cock back into its sheath.

In contrast, my two-legged friend has simply fallen over, and curled up into a fetal ball. Well, I think to myself, I don't see any blood. . . oh, wait, I do see blood, but not really that much so it's probably ok. I get him a blanket and try to offer kindness without intruding on his pain, and to be honest without sniggering. The words "I told you so" are hovering out there, but need not be spoken at that somewhat awkward time. I do ask: "are you going to be ok, or should we head to hospital?" In between ragged breaths, he responds "no hospital, not going to die" - and indeed my own judgment is that he's far from dying, though he may feel like that would be preferable to the pain he's in.

I get him a blanket, and a pillow and get him comfortable right there on the hardwood floor of the kitchen. And our canine Casanova? Well he's cleaned up, wandered over to give a big, wet, shameless kiss to his worse-for-the-wear sexual partner and he's already asleep on the sofa, snoring - with grin still present on his face. Remorse? Regret? Not a chance!

The next day, I was impressed to see that my guest was up and at the kitchen table, with his well-endowed playmate from the previous night sharing a dish of eggs and toast, when I came downstairs with the rest of the canine crew. Impressed, that is, until I noticed he wasn't in any rush to get up from the table - ever. Turns out, he had indeed suffered some serious internal bruising - in a few days, the discoloration has spread from his lower back (which still makes me laugh, sorry, because I can visualize exactly how far in that cock had gone and, sure enough, that's where the bruise mellows out - a good bit of the way up his back and towards his ribs) down his legs, and clear to his ankles. Both legs. It's spectacular. He's walking like a rehabbed accident victim for several days, and for weeks afterwards he looks as if he'd ridden a horse for too long (again, laughing as I type). It was more than a month before he'd healed up more or less ok, and even then I'd see him wince if he bent down too quickly.

Is it wrong for me to think this is funny? If it is, so be it - it's fucking funny. The transformation from swaggering "oh I can take that big boy, I know what I'm doing" to hunched-over victim of a mind-expanding lesson in what "big" means when applied to stud dogs - all in the blink of an eye. Yes, it's definitely funny.

Of course, in those early weeks, he promised me he would NEVER do something like that again - NEVER tie with a dog bigger than his own long-term partner. And, he asked me with genuine indignation, how could I keep tying with that dog who had torn him up so badly? Didn't I know the danger I was in? I responded, casually, that I appreciated his concerns but, to put perspective on things he should remember that his dog compared to that stud dog who tore him up so badly, in terms of relative size, the same way that the tearer-upper compared to my Dane partner at the time. His eyes grew wide - comprehension dawned. . . "you don't tie with that monster, do you?" I glanced over at my beloved Dane who, looking up at me, thumped his tail a few times in flagrant collusion with my own thoughts. "Who, me? Tie with that massive dog? Now what kind of crazy fool would do such a thing?"

And that, indeed, is a different story entirely. Years later, I emailed that photo of a stud dog with a huge grin on his handsome face, to my friend - no subject, no title, no comments. I believe I could hear the laughing from several thousand miles away - the smile says it all.

Re:A hole that needs patched (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24377957)

You sick fuck! Slashdot should ban all anonymous cowards. My children like to read slashdot, you perv. Please die in a fucking fire, asshole.

Re:A hole that needs patched (0, Offtopic)

Anonymous Coward | more than 6 years ago | (#24378131)

Or maybe you kids should browse at +1. Won't someone think of the children?

Apple meet real world (-1)

Anonymous Coward | more than 6 years ago | (#24377137)

Whatever happened to Apple being 'secure'...

Re:Apple meet real world (5, Interesting)

sxeraverx (962068) | more than 6 years ago | (#24377707)

apple was never secure. It was just unused. The exact same thing is going ATM with their X server. Not so much a security flaw (though it might be) as much as a major bug. If you send too many events at once (not insane amounts, just a lot) it simply crashed, bringing down all the X apps with it. Upstream was fixed over a year ago, they just refuse to roll out an update. I guess it's an attempt to make debs port to coco/carbon/whatever-it's-called, but for some of us, that's just not an option. More specifically, it's a program developed by part of a university bioinformatics lab, and we just don't have the manpower or the grant support to do it. So we're either stuck with only supporting Linux, trying to find a wrkaround, or just ignoring it and hope it doesn't happen to often. The last option is what we ended up choosing.

Re:Apple meet real world (0)

Anonymous Coward | more than 6 years ago | (#24378367) []

They're waiting for xorg to stop sucking.

Re:Apple meet real world (1)

catmistake (814204) | more than 6 years ago | (#24378459)

I had trouble with the Leopard X server, but being that the OS was new (10.5.2 at the time) I went around IRC asking and found that others were downgrading their x servers to a more stable previous version (of xquartz & X11). So that's what I did. Still buggy, but crashes occur far less often.

FYI When stability is critical with Mac OS, gotta stay with the 10.x.9,10,11 and wait for the 10.x.3 to grow up to those numbers before upgrading. If machines came preinstalled, gotta bite the bullet and go back and install what's stable.

Re:Apple meet real world (-1)

spir0 (319821) | more than 6 years ago | (#24378683)

apple was never secure. It was just unused.

And do you believe in God, Santa, and the Tooth Fairy too?

People will hack anything. Think about that for a little while before you hit reply. No. read it again. People will hack ANYTHING.

PSP was hacked very early. Sod all sales, definitely fewer than Macs.
iPhone was hacked very early. They have fewer users than the Macs.
GP32 (gamepark - a handheld game console) was hacked. Hasn't sold anywhere near what Macs have.
Xbox (original) was hacked very quickly, as was playstation, and even gamecube, and even sega dreamcast.

People will hack anything, just to say they did. Kids brought up on Macs at schools who don't have stupid anti-apple biases will try to hack their school computers. Or maybe even if they do have anti-apple biases.

But nobody has yet been able to hack a Mac convincingly.

Think with your head, not with your bias. Security (or lack thereof) is not directly proportional to market share.

Re:Apple meet real world (0)

Anonymous Coward | more than 6 years ago | (#24378795)

But nobody has yet been able to hack a Mac convincingly.

Think with your head, not with your bias. Security (or lack thereof) is not directly proportional to market share.

wow I can't believe there are still people out there as totally clueless as yourself. how about you do a little bit of research and you can find yourself some nice hacks for MAc's or you could download the latest explout kits that target this vulnerability and go to town on OS X servers out there.

eg here is an old article from a few years ago which came at the top of my search,130061744,139241748,00.htm []

come out from under your rock and join the real world, OS X has some very real security issues, over 200 vulnerabilities in the last 12 months combined with slow patching and poor handling of real world issues.

Re:Apple meet real world (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24377735)

Whatever happened to Slashdot being relevant?

t3h horror! (4, Funny)

TheSHAD0W (258774) | more than 6 years ago | (#24377145)

Are there any statistics on how many Macs are being utilized as DNS servers? Is it more than three? [runs away]

Re:t3h horror! (5, Funny)

Annymouse Cowherd (1037080) | more than 6 years ago | (#24377447)

I would bet it's about as many as are being used as servers, which is not many.

Re:t3h horror! (1)

xxdinkxx (560434) | more than 6 years ago | (#24377591)

it's n+3 where n = netbsd :-)

Re:t3h horror! (5, Funny)

Anonymous Coward | more than 6 years ago | (#24377679)

I'm not sure. But what I do know is that the patch is going to require a hardware upgrade; Apple would have it no other way.

[runs and hides]

Re:t3h horror! (4, Funny)

Fast Thick Pants (1081517) | more than 6 years ago | (#24377853)

Either that, or a $20 charge for "new features"...

Re:t3h horror! (5, Funny)

JanneM (7445) | more than 6 years ago | (#24377987)

Either that, or a $20 charge for "new features"...

Come now, give Apple some credit. This isn't just some run-of-the-mill bug, this is a serious security issue that could cause their customers some serious harm if not fixed.

I'd expect $100 at least; or perhaps they'll introduce the innovative "iLease", with a "lease to own" path for the fixed bug where it's patched permanently on your server after only three years of monthly bug fix rental.

Re:t3h horror! (4, Funny)

Nerdfest (867930) | more than 6 years ago | (#24378741)

Heh Heh ... Lease to pwn.

Re:t3h horror! (0)

Anonymous Coward | more than 6 years ago | (#24377743)

And there are never going to be more than three if Apple can't be taken seriously as a server vendor.

Re:t3h horror! (1, Informative)

Anonymous Coward | more than 6 years ago | (#24377761)

Clearly you haven't been in a data centre in a while. At my local co-lo, (while predominantly Dell), I'm noticing there are quite a few xServes dotting the racks. I think MediaTemple is preparing to offer OS X virtual hosting this year too.

Re:t3h horror! (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24377861)

Ah, the ever wonderful anecdotal evidence. Fail. Nobody uses Max OS X Server.

Re:t3h horror! (3, Insightful)

McGiraf (196030) | more than 6 years ago | (#24377929)

Anecdotal evidence is enough to prove that a least one OS X Server is used.

Re:t3h horror! (0)

Anonymous Coward | more than 6 years ago | (#24378645)

Clearly you haven't been in a data centre in a while. At my local co-lo, (while predominantly Dell), I'm noticing there are quite a few xServes dotting the racks. I think MediaTemple is preparing to offer OS X virtual hosting this year too.

Shouldn't brag about your incompetent System Engineers ;p

Re:t3h horror! (3, Funny)

Chris Burkhardt (613953) | more than 6 years ago | (#24378425)

Are there any statistics on how many Macs are being utilized as DNS servers?

My Mac mini is being used as a caching DNS server for my home network... but it's running djbdns.

Apple is full of holes (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#24377153)

Mostly assholes.

The patch is undocumented (5, Funny)

commodoresloat (172735) | more than 6 years ago | (#24377165)

The problem is that they didnt apply the patch to the OS; they applied a patch directly to the Reality Distortion Field, ensuring that this isn't a vulnerability in the first place.

Re:The patch is undocumented (1)

Annymouse Cowherd (1037080) | more than 6 years ago | (#24377471)

Bah, you can't get anywhere just by changing RDFs...

Right on (5, Insightful)

Anonymous Coward | more than 6 years ago | (#24377497)

Well, that's what my Mac using friend whose reality is severely distorted told me - "I don't have to worry, I use Mac.". Further arguments were futile after that.

Re:Right on (2, Insightful)

LostCluster (625375) | more than 6 years ago | (#24378143)

Recapping our top story for those just joining us... there's a flaw in most common DNS esolving servers.

So it doesn't matter what desktop software you're running, it's what the machine that answers to the DNS server named in your IP config.

If you're using a Mac and your ISP is fixed, you're most likely fine. If your ISP isn't fixed, well, there's your problem.

in case you didnt get the memo (1)

ionix5891 (1228718) | more than 6 years ago | (#24377171)

apple are turning evil []

microsoft are coming to the good side lately []

Re:in case you didnt get the memo (5, Insightful)

Anonymous Coward | more than 6 years ago | (#24377217)

What are you smoking? Apple has always been evil. Extremely litigious and questionable methods.

Re:in case you didnt get the memo (0)

Anonymous Coward | more than 6 years ago | (#24377719)

But they're pretty and even though they're closed people believed they were the friendly Unix for a while. It was the comfortable alternative to Windows.

Now people are realising that it's not much different and that they'll have to go (something like) Ubuntu or Fedora.

Re:in case you didnt get the memo (1, Insightful)

argent (18001) | more than 6 years ago | (#24377703)

Apple is a corporation. You don't call corporations (whether they be Google, Microsoft, Apple, or IBM) good or evil, you just look at what they're actually doing.

So, let's look at what Apple and Microsoft are actually doing:

iPod/iPhone vs Zune/XBox: iTunes has weak DRM, Windows Media Player has strong DRM with kernel support that's getting stronger in Vista (trusted media path and tilt switches). None of their consumer entertainment products are open, but it's a lot cheaper and easier to get into software development for the iPhone than the XBox.

Open source: Microsoft uses GPLed software in Interix, and used OpenBSD extensively. They haven't released their versions of any of the BSD-licensed components they used in Interix (or Windows), but they do have a copy of their GCC source in the Interix tree. They have *recently* decided to accept the LGPL, but there's no GPLed software in Windows proper. Apple uses GPLed software in Darwin, and used FreeBSD extensively. They have released the open source code in Darwin and kept releasing it with every new release of OS X. They have added their own open source components, to the point where the majority of the traditional userland in OS X, as well as many major new components like launchd, are open source. Microsoft's open source poster boys are things like Windows installers.

This is like claiming that Gandalf's "turning evil" because he's wearing a grey robe, while cheering on Sauron for having the Nazgul stop off to pick up litter on the way back from scouring the Shire.

Re:in case you didnt get the memo (0)

Anonymous Coward | more than 6 years ago | (#24378801)

"Captain, I'm reading major fluctuations in the reality distortion field! If we don't stabalize it, the field will collapse and the Apple fanboys will disappear!"

so? (0)

Anonymous Coward | more than 6 years ago | (#24377189)

use a dedicated dns box that is patched.

Apple codestandards (3, Funny)

krod4 (516423) | more than 6 years ago | (#24377193)

The genius coders at Apple probably saw this bug years ago and fixed it then. Of course there is no need for a patch now.

Hey! Look at me !! I'm COOL !! (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#24377201)

If you are going to roll out a new search engine, please try to make one that has more going for it than a silly name and cheap, misleading PR. Thus we have Cuil, the search engine rolled out this last week by some ex-Google folks who see a market opportunity. While all the people involved seem competent and have great resumes, the site itself out-and-out stinks.

It's buggy. It's slow. It seems hand-tweaked in odd ways. Worse, it requires exact spelling. Use lower case on a proper name and it can come up empty (but not always).

But it's the apparent fiddling with the results that bother me the most. Here's where it gets funny. Type in "Sergey Brin" (the founder of Google) and you get back a whopping "250 results for Sergey Brin"; yes, 250. And they are mediocre hits, many dating back to his Stanford days in the 1990s. There is an "Explore by Category" box, which won't help me find out anything about Brin, from what I can tell. It's pathetic. On Google you get 1.5 million hits. And if you think that's because of Google bias, on MSN Search you get over 3 million hits.

This is pathetic, since Cuil founder Anna Patterson has 11,381 results for herself. And the top search hit is her glowing bio on the Cuil site itself. What a coincidence! Try finding a Brin bio. Then if you search for Louis Monier, the ex-Googler and go-to man at Alta Vista who is now working at Cuil, he gets over 13,000 hits, many with flattering pics that are of other people.

So I decide to do a vanity search on myself to find out where my current bio appears. It's on the site here. Low and behold, the Cuil engine doesn't seem to find my blog at all, let alone my bio. One version of the search using my middle initial comes close, offering up at least a Wikipedia entry. But subsequent uses of my middle initial come up dead altogether. So I go with "John Dvorak." My blog gets a million page views a month, but Cuil finds a bunch of other blogs and tired old posts or people grousing. The top hit was a CSS blog commenting on a two-year-old story I wrote (although Cuil never found the story itself); the next two were "Dvorak is an idiot" posts from even more obscure blogs followed by various entries about me that you find on speakers' bureaus' Web sites. Yeah, this is endearing. No mention of PC Magazine,, Cranky Geeks, or any number of things I'm doing.

So I go to page two. After waiting for an eternity, I get pretty much the same thing on page two: people who condemned me on their blogs. Hey, I can go to Technorati for this abuse! Page 3: still no mention of my own blog or PC Magazine or or even Mevio. In fact, some of the hits are redundant. OK, so how many times do I have to pound this thing to find my base Web sites--any of them? I gave up after page six and figured that this site was useless. I mean, if your search term has their own Web site, you'd think said Web site would be in the search results. If I was doing a search engine, it would be a priority. After all, Dvorak is in the URL!!

And, yes, I do have enough presence on the Web to use myself as a benchmark.

Now you're wondering if this site has any usefulness. When the site was actually reviewed by others, I didn't see anybody jacked up about anything. Here is an example from this BBC blog:

Search term: "Nikon d50 reviews problems". Plenty of articles on the D70 camera, but none on the D50 (which might suggest it isn't doing its job in terms of prioritising meta tags and headlines above freetext). Google however got a good review from a reputable independent source as first link.

So while I'm always hoping for something better or more interesting or uniquely valuable, I still end up having to use Google. This over-hyped product is just another dead-end as far as I can tell. Oh, and the name is stupid too.

Mac OS X ...Server? (5, Funny)

sexconker (1179573) | more than 6 years ago | (#24377227)

Wait, what?

Re:Mac OS X ...Server? (1)

argent (18001) | more than 6 years ago | (#24377273)

Mac OS X isn't my first choice for a server OS, I'd rather run FreeBSD straight without spiking it with Mach. But it's probably a better choice for small sites without much technical expertise.

I think a bigger issue may be Internet Sharing.

Re:Mac OS X ...Server? (5, Informative)

jc42 (318812) | more than 6 years ago | (#24378111)

Hmm ... I don't think I'd recommend a Mac OSX machine for a server, especially to a small site without technical expertise. When I tried this a couple of years ago, it took me the longest time to figure out why not only that machine, but also a lot of machines in the neighborhood, were so flakey.

One of the issues was the "Internet Sharing" buzz phrase. If you google that now, you'll find lots of warnings that if you enable this in OSX, it silently starts up a DHCP server. If there's already a DNCP server anywhere on the local network, you now have two of them battling it out, and the symptoms aren't something I'd wish on anyone but a networking expert. Apple's CS people were supremely unhelpful, too. They just made it clear that my problem was that we were running non-Apple equipment on the network, and we would have to shut them off before they could diagnose the problem. Yeah, right. I shut the OSX box off instead, and then started learning what it took to explain why that fixed the other machines' problems. If you're a novice, you really don't need a rogue DHCP server on your network. When the other users figure out that it's on your machine, they will not be very friendly.

I've also experimented with an OSX web server. The main problem here is that OSX does funky things with file names, starting with their "caseless" feature. This works if everything was developed on OSX. But if you're running a web server, you're probably going to be including things from other machines in the vicinity. If they're not OSX, you'll go crazy trying to figure out what's going on with the file names. And you probably won't be able to fix it.

The conventional answer you get from the OSX folks is to run the HFS+ file system, which supports case. Well, I tried that. It turns out you have to reformat the disk for HFS+; you can't just flip a bit to turn HFS into HFS+. I did that, and reloaded from backup. Then a couple months later, we had some problems with the disk. I sent it off to Apple for diagnosis, and it came back apparently fixed. Actually, they had replaced it with a new disk, and they copied all our files over. It was formatted as HFS. Oooops! This happened a couple of times with other Macs, so it seems to be a systemic problem. Pointing out to them that you're using HFS+ has no effect.

And even with HFS+, there are some funky file naming problems that I don't understand. I saw a lot of cases where an rsync would produce strange file names on just the OSX system. Linux, Solaris, *BSD systems, and usually even Windows could rsync back and forth, and they'd end up with the same file names (though Windows would proceed to ignore case and get the wrong files at times). But on OSX, we'd see non-ASCII chars simply garbaged with no obvious pattern.

So unless you know that you'll never want to copy directories full of files from a non-OSX machine, I'd advise against using OSX as a serious server. It won't work, and Apple's people won't cooperate with diagnosing the problems. (And you'll just get insults if you mention it here on /. ;-). Save yourself the headaches and wasted weekends, and build a server with a real unix-type file system that accepts any bit patterns except '/' and NUL in file names without damaging them.

(And I have occasionally wished that I could use '/' and NUL in file names. I wonder if there's a system that allows all 256 8-bit bytes in a file name... ;-)

(And I wonder if there are linux systems that do "intelligent" things with file names. If so, should we also be warning people to avoid them as servers?)

Re:Mac OS X ...Server? (0)

Anonymous Coward | more than 6 years ago | (#24378489)

(And I have occasionally wished that I could use '/' and NUL in file names. I wonder if there's a system that allows all 256 8-bit bytes in a file name... ;-) it was called VMS!

Re:Mac OS X ...Server? (2, Informative)

LostCluster (625375) | more than 6 years ago | (#24377465)

Mac OS X Server is a high-priced add-on to MacOS that mostly bundles Unix/Linux/OSS solutions for common server tasks, and adds a Mac-pretty-style GUI for everything. It comes with XServe products, but can be added to as low as a Mac Mini. Anybody reading /. would rather run a Linux box, but for those who are used to dealing with Apple products, it can be part of a one-vendor solution.

Re:Mac OS X ...Server? (4, Informative)

Anonymous Coward | more than 6 years ago | (#24377873)

Mac OS X Server is way more than that. It remotely manages and provides services to potentially thousands of concurrent Macs OS X clients and/or effectively manages Apple's XRAID/XSAN storage subsystems. Apple can't walk into an organization and sell them five hundred Macs and very well expect them to use Windows 2008 or Sun servers now can they? Remote software updates, asset tracking, screen-control, web-mail, anti-spam, everything...

Re:Mac OS X ...Server? (5, Funny)

Anonymous Coward | more than 6 years ago | (#24377905)

Wow, sounds great, tell me more about the security, i want to use their super-slick interface for my DNS servers.

Re:Mac OS X ...Server? (3, Funny)

tim_of_war (1256120) | more than 6 years ago | (#24378491)

Apple can't walk into an organization and sell them five hundred Macs ...

We'll cross that bridge when we come to it.

Re:Mac OS X ...Server? (1, Interesting)

falcon5768 (629591) | more than 6 years ago | (#24378105)

High priced my ass.. its 500 dollars for a unlimited license, and does a hell of a lot more than throw a few OSS solutions into the box. If your going to comment it helps if you have half a clue what your talking about.

Re:Mac OS X ...Server? (2, Informative)

Anonymous Coward | more than 6 years ago | (#24378557)

Here here, I was administrator of a small network running on OS X server and it was pretty robust. Far easier to set up than the yellow dog Linux they started with and I never got calls on weekends to fix things. Every Linux server I've tried to set up including Red Hat Enterprise Linux 5 required special bits of certain parts of what the heck was that library name again, and then it still didn't work, switch to another distro, same problem different piece. Got tired of switching distros threw out the PC got out the old G4 and set up OS X server in thirty minutes. Threw on Webmin and it was easy to admin too.

Re:Mac OS X ...Server? (1)

Bill, Shooter of Bul (629286) | more than 6 years ago | (#24378847)

I see your comment is interesting, but not really informative. What is the killer feature of OS X server? What one service or feature makes it worth wile?

Re:Mac OS X ...Server? (1)

SoupIsGoodFood_42 (521389) | more than 6 years ago | (#24378531)

I rather have a Mac OS X Server than Linux for many things. I have better things to do that learn how to setup a server.

Re:Mac OS X ...Server? (0)

Anonymous Coward | more than 6 years ago | (#24378639)

It is also the only edition of Mac OS X that can be virtualized (using Parallels Server).

OS X Server not for critical infrastructure (4, Insightful)

Anonymous Coward | more than 6 years ago | (#24377239)

This sort of thing is why nobody should be using OS X Server for critical infrastructure. OS X Server is for schools and such that use Macs for everything else, so an Apple server is a natural fit.

It seems like Apple is always dragging their feet on security updates, and that alone should cause a major aversion on the part of anybody thinking of deploying their server software into production.

Re:OS X Server not for critical infrastructure (5, Funny)

cream wobbly (1102689) | more than 6 years ago | (#24377399)

OS X Server is for schools

...because it's a learning experience?

Re:OS X Server not for critical infrastructure (3, Interesting)

bluefoxlucid (723572) | more than 6 years ago | (#24377501)

OS X Server is for schools and such that use Macs for everything else, so an Apple server is a natural fit.

As a hacker, I welcome the concept of hooking up one giant monoculture. Chances are if you misconfigure X or fail to patch Y on my entry point, I've got the same back door all over your whole network.

As a security consultant... who am I kidding, I rape the network and give you a stack of paper saying you should have relied on Unix-like/Windows/Apple boxes by purpose, citing specific software supported on each (i.e. Apache vs. IIS, php, MySQL vs MS SQL Server); and point out that making one big singly-deployed network only makes my job easier, especially when your administrators are more used to purpose X on platform Y.

Re:OS X Server not for critical infrastructure (1)

Annymouse Cowherd (1037080) | more than 6 years ago | (#24377519)

My old school used Macs exclusively, and a Mac server. The server had to be rebooted every hour or so when a class was using it.

I guess Microsoft have found the focus of their.. (2, Funny)

Channard (693317) | more than 6 years ago | (#24377247)

.. $500 million 'Why Vista is better than Apple because we say so' campaign.

Re:I guess Microsoft have found the focus of their (1, Funny)

Anonymous Coward | more than 6 years ago | (#24377285)

whats this Vista you all speak of?

Hey, I just wrote about this (1, Informative)

Pfhor (40220) | more than 6 years ago | (#24377283)

At the Angrydome [] (which I started out of frustration of this and other things Apple related)

The only statements we have been able to get out of apple has been from the bug reporting tool. They have stated that they are working on a fix, but it is causing problems in some instances of their deployments, but don't see it as an emergency because there isn't a targeted exploit against their user base.

They do not need to understand that this is a protocol specific issue, not a code specific issue.

They do not SEEM to understand even. (1)

Pfhor (40220) | more than 6 years ago | (#24377317)

need to lay off the coffee right now.

Re:Hey, I just wrote about this (1)

snowgirl (978879) | more than 6 years ago | (#24377561)

They do not need to understand that this is a protocol specific issue, not a code specific issue.

How long did it take Microsoft to patch the WMF hole? Again, same sort of situation... the protocol/format itself is working as intended... it just can easily be abused.

I can see a fair amount of lack of concern from Apple... this affects DNS caches... rarely are these running on a Mac OSX machine...

Re:Hey, I just wrote about this (5, Insightful)

Pfhor (40220) | more than 6 years ago | (#24377629)

this is related to Apple's OS X Server product, which runs DNS (bind in fact), and many mac businesses do in fact use it, if even as a local DNS cache (which a simple fix now would be to configure their boxes to us opendns).

The bigger issue is this is a pretty big deal on the security front, all of the businesses that apple has to compete with in the server space (especially in the eyes of enterprise IT), have had a fix and a public statement about it out the door. Apple is the big unix vendor missing off the list, and has not even made a public statement as such to inform it's users about the issue. Not exactly the best way to talk about how secure their products are (client and server).

Of course, they still haven't gotten around to fixing the vulnerability from a few weeks back either.

Re:Hey, I just wrote about this (0)

snowgirl (978879) | more than 6 years ago | (#24377711)

But recall... this vulnerability is only available to someone who has access to the caching server in the first place...

Intra-business, do you really fear your employees that much that they might cache poison someone else?

At some point, you have to trust those who are in your network... a tight knit business platform doesn't really need to worry about this (as long as their DNS is protected from outside requests)

This primarily impacts open DNS servers with unrestricted access, or unknown arbitrary access, say ISPs...

Re:Hey, I just wrote about this (1)

Pfhor (40220) | more than 6 years ago | (#24377795)

10.4 server made it really easy to provide recursion to the entire internet.

Also, to get your cache poisoned, all you need is an employee to visit a nice page full of LOLCats on a malicious server that will keep feeding them dns requests in the background.

Re:Hey, I just wrote about this (0)

Anonymous Coward | more than 6 years ago | (#24378011)

Of course, read Enemy at the water cooler.

Re:Hey, I just wrote about this (4, Insightful)

Burdell (228580) | more than 6 years ago | (#24378517)

There are many ways to get to a "protected" caching resolver. Users on the trusted network browse the web, send email, IM, etc.; all of those require DNS lookups, and many can be subverted to cause lookups of arbitrary names.

In any case, trying to excuse Apple by saying "not too many are affected" is crap. They shipped software that is now known to have security issues and it should be addressed. They've known there is a problem for almost 3 months and still have not done anything to protect their customers. If this was Microsoft, Sun, Red Hat, etc., people would be ranting about it, but since it is Apple, it must be okay.

Re:Hey, I just wrote about this (3, Insightful)

Ifni (545998) | more than 6 years ago | (#24377623)

I wonder if they use OSX server for their public DNS and how much egg they would have on their face when some script kiddie used Metasploit ( to "test" their servers for them.

No targeted exploit indeed. Of course I suspect they pay some actual professionals to manage their DNS, and that these professionals use a proper server OS and have patched the DNS hole. But still, a script in the wild that affectes the security of their servers certainly exists, on a very popular vulnerability assessment tool no less, and should be cause for concern on their part. The fact that it apparently isn't just shows how seriously they take their server business.

Re:Hey, I just wrote about this (1)

Pfhor (40220) | more than 6 years ago | (#24377717)

The fact that it apparently isn't just shows how seriously they take their server business.

Which is a shame, because they do tend to make some good stuff, and when you want to build something to help manage and work with a group of macs, a mac server can make things a lot easier.

Of course, this is a company that didn't test their AD binding under 10.5 in anything larger than a single AD server installation (because why would apple have a multiple window servers to configure as a real AD deployment when their company doesn't actually use them)

Re:Hey, I just wrote about this (0)

Anonymous Coward | more than 6 years ago | (#24377793)

"This isn't a targeted exploit aganist their user base."

The only way this is fair game is if they know that nobody is running DNS. This would be consistent with the Apple MO, "You will do things the way we feel you should do it."

I'm still bitter that I have to download a 3rd party app (which I can't do on our OSX server since its not approved) just to adjust the mouse acceleration. And how about the "we dont need no stinkin SDK" attempt with the iPhone? Customized BIOS so you can only run macs in the shape they intend?

3rd pty app for mouse accel adjust? (1)

reiisi (1211052) | more than 6 years ago | (#24378109)

Is the keyboard and mouse preferences panel in the system preferences not enough?

In related news.. (0)

Anonymous Coward | more than 6 years ago | (#24377293)

Steve Jobs was heard murmering something about telekinesis, and how he should be able to patch every individual machine within a week from his iChamber.

After failing the task, a fresh clone was sent in.

Goes with the MobileMess... (0)

Anonymous Coward | more than 6 years ago | (#24377311)

Not surprised. Since 11/Jul, diligence, good customer relationships and even common sense seem to have left the company. Guess it's true that cellphones cause cancer: too much iPhone use has fried Jobs' brain...

Steve Jobs? (5, Insightful)

st33med (1318589) | more than 6 years ago | (#24377377)

Maybe because he is sick/out of work is why they can't patch it (They fear their boss might yell at them for patching it without his consent...)

OR They are so stubborn that they believe there is and never will be anything wrong with a Mac.

OR They are still testing the patch (highly unlikely since it has little interference with how the server functions...)

Sure, they can get away with a whole lot of stuff since they aren't a monopoly like MS, but, this is just wrong.

Slashdot and Apple Schizophrenia (-1, Offtopic)

syousef (465911) | more than 6 years ago | (#24377505)

Remind me again, this week are we suppose to love Apple or hate them. I'm not a fan and any time I've posted comments that are less than adoring regarding me personal experiences with Apple, I've seen the moderation work like a yoyo. +5 no +2 no +4 no -1:Troll.

I mean moderation is broken and I say what I think without paying much attention, but it's annoying that it's so broken that you're not allowed to hold a consistent opinion without being punished for it.

Re:Slashdot and Apple Schizophrenia (1, Funny)

LostCluster (625375) | more than 6 years ago | (#24377573)

I think this article we hate Apple because they missed a release date on a patch that /. considers critical, even if the rest of the world doesn't.

Re:Slashdot and Apple Schizophrenia (3, Interesting)

Shados (741919) | more than 6 years ago | (#24377603)

If all you had to do was keep a constant opinion, what would be the freagin point of posting at all? Bunch of zombies that all say the same thing, oh yeah, very constructive (though its ALMOST what it is anyhow).

Whats important is how constructive what you say is and if it adds value to the discussion (and yes, being funny does add value).

The system is broken, but not as much as one would think... Most the moderations I get on pro-Windows post get modded up (and those that get modded down, half of the time its because I was not constructive and only ranting), on such an anti-MS web site... so its not completly hopeless.

Re:Slashdot and Apple Schizophrenia (-1, Offtopic)

Tim C (15259) | more than 6 years ago | (#24377639)

It's "supposed", not "suppose". Yes I am a grammar nazi, yes I have lost, etc.

Oh and moderation isn't so much broken as pointless. I hit the karma cap years ago - seriously, who cares?

Re:Slashdot and Apple Schizophrenia (-1, Troll)

mrsteveman1 (1010381) | more than 6 years ago | (#24377731)

You got all the karma you can get, now it's time to just start being a whore.

Re:Slashdot and Apple Schizophrenia (0)

Anonymous Coward | more than 6 years ago | (#24378249)

I hit the karma cap years ago - seriously, who cares?

What is the karma cap?

(Posted anon because I modded GP "+1 Insightful." Just doing my bit to add to the schitzophrenia.)

Re:Slashdot and Apple Schizophrenia (0)

Anonymous Coward | more than 6 years ago | (#24378747)

Never mind. My question was answered in the FAQ. I'll just content myself with adding to the mis-spellinks.

worried about moderation? (0, Offtopic)

reiisi (1211052) | more than 6 years ago | (#24378163)

If you're more worried about how you get moderated and what the results are than about saying what you really think, you're worried about the wrong thing.

Moderation is a gimmick to get people to come talk here. I sometimes succumb to the temptation to check how I've been moderated, too. But the only way I (think I) am letting moderation affect my posts is to motivate me to write clear, succinct, logical posts. And you can see that I don't let moderation motivate me very much. :|-

Re:worried about moderation? (1)

networkzombie (921324) | more than 6 years ago | (#24378463)

I wish I had mod points so I could... Nevermind.

really? (0, Flamebait)

pak9rabid (1011935) | more than 6 years ago | (#24377787)

when asked by the Apple community why Apple still has not issued a patch for the well known recently discovered DNS exploit, Jobs replied "we actually have OS X Server users?"

Automated Email Reply (4, Funny)

Stickerboy (61554) | more than 6 years ago | (#24377829)

Dear valued Apple customer:

We received your message regarding "unpatched Mac OS X Server security hole". We appreciate your business, and we will do everything to address your concerns as soon as possible. Unfortunately, Steve is away from his desk on leave due to health concerns related to his non-lethal pancreatic cancer. He will be happy to fix the problem with "unpatched Mac OS X Server security hole" as soon as he returns to work.


Apple Customer Service

Apple + patches == ohnoes (5, Interesting)

HEMI426 (715714) | more than 6 years ago | (#24377863)

As someone that's cursed to administer an OS X Server machine, I have nothing good to say about Apple in general and OS X Server in particular. Apple's history of patching---or, in this case, not patching---stuff has been lukewarm at best and downright abysmal at worst. The Server 10.5.3 update introduced something that causes ClamAV to crash/reboot a Server machine when mail is turned on (since ClamAV is on by default. Nice one. They've had other stellar examples of their extreme lack of QA for their Server software, such as updating their included PHP to a version that was known to break Squirrelmail (the default webmail that comes with OS X Server), even though a fix had been available for months from the PHP maintainers.

I'm a huge fan of FreeBSD. I have been doing this OS X Server thing for more than two years now. I went in to it with an open mind, hoping that Apple wouldn't screw things up too badly. I was disappointed. The only things I've learned is that their Server QA is awful, they don't actually use their own Server software internally, their customer service is horrible when it comes to their Server stuff and their Server documentation is awful. I could rant about that for several pages. All of this leads me to believe that Apple really doesn't want to do well in the "server" segment of the market...Which is really too bad, cause they've finally got the hardware side of it to the point where there's not much separating them from most other low-end server vendors.

Now, that I've got that all that off my chest, Apple's dropped the ball on the BIND update. This is not surprising. Anyone that's administered OS X Server for any length of time probably feels the same way. It's so bad that I will suppress my OS X experience next time I am in the job market again; I hope to never work with OS X (particularly as a server) again and will do everything in my power to avoid doing so. I'm batting a thousand on persuading people interested in using OS X Server to use anything else...Apple really has to get things together or get out of the "server" market.

Re:Apple + patches == ohnoes (2, Insightful)

Pfhor (40220) | more than 6 years ago | (#24378209)

I understand your pain. On the plus side, if you are a python / ruby developer, you have some things to look forward too, as a lot of apple's own components are being written in them, so those installs actually work most of the time. The perl one, not so much.

Of course, the biggest limitation to their serious server implementation is that there is not apple provided forum for users to be able to discuss their issues with beta release software. Let alone a publicly searchable bug tracker (right now we search by submitting bugs and waiting to see how long until the ticket is closed as either "by design" "we will get on it" or "duplicate"). So why should I bother to actually install a beta build of apples stuff to test, I can't really give any feedback, and there isn't any documentation out there floating around on how AD binding works in 10.5 vs 10.4. Which is a great example, apple's implementation of 10.5's ad plugin did not take into account that there could be multiple servers available, and that the first record returned for the ldap service may not be the same server as what was returned for the KDC. Why? probably because they only tested this with a single windows server in their test lab. So their engineers never even thought this was a problem. Of course, if we could test such things in beta, and they could see a group of folks bitching on the forums (all under NDA) about it, then they could probably even post a hot patch to the people with the issues and get faster feedback as a communication between the engineers and the people who are actually USING their code.

Re:Apple + patches == ohnoes (1)

Neanderthal Ninny (1153369) | more than 6 years ago | (#24378245)

Ditto. Apple has been extremely slow to patch anything and I personally have to resort to using 3rd party and forums to patch Mac OS X Server to some secure level. I think they are concentration too much on the "eye candy" (ie iPhone, iPod, etc) and not putting any effort on the high end system like servers we have.
However, I haven't used the my XServer as a primary system (DNS or Mail) but as an file server for Apple, Windows and Linux files.
I don't know what is in the mind of the people Infinite Loop but I wish they could keep security which they tout so much in the forefront for all systems.

Re:Apple + patches == ohnoes (1)

catmistake (814204) | more than 6 years ago | (#24378551)

Its really not all that hard to understand what their Server market is... "Servers for the rest of us." OS X Server is to the server market what their desktop is to the desktop market: a kinder, gentler server for those that don't really know everything they're doing. Someone who does know, perhaps like yourself, that is happy without a pretty GUI and easy to use tools shouldn't bother. Stick with CLI and FreeBSD or Linux or AIX or Solaris. Apple is targeting someone else and apparently you are just collateral damage.

Apple != Software || Hardware (-1, Troll)

Anonymous Coward | more than 6 years ago | (#24377913)

Apple has never been good at software or hardware.

They gave up even maintaining their core operating system, switched to someone elses hardware and still cling to that stupid one button mouse.

I doubt most people working for Apple even know what bind is. Someone is fixing their operating system for free and they still don't get it.

Even microsoft had an offical patch out asap.

Where is the Slashdot Suxors guy? (0)

Anonymous Coward | more than 6 years ago | (#24377967)

Perfect headline-skewing opportunity..."Apple still has not patched the Goatse hole."

Apple not alone in leaving DNS hole unpatched (4, Interesting)

ericferris (1087061) | more than 6 years ago | (#24378021)

I have a DSL broadband subscription with AT&T (it used to be a small local company and they got bought by whatever is now called AT&T).

I noticed that their DNS was unpatched and I used their support forms to report the problem.

The reply came only a few hours later. To quote: "We regret we cannot help you with your WorldNet dialup problem".


So their networking department is not patching critical protocol flaws, and they programmed their answerbots to laugh at us users if we attempt to point out said flaws. Since when does Simon the BOFH work for AT&T DSL support?

AT&T network admin? It's a great job if you can get it.

Re:Apple not alone in leaving DNS hole unpatched (2, Informative)

duplicate-nickname (87112) | more than 6 years ago | (#24378805)

Same here...I am on AT&T DSL service and the DNS servers are unpatched, and they haven't released patches for their 2wire DSL modems which do DNS proxying (hopefully not caching). I've switch my machines to OpenDNS, but I don't know how an ISP the size of AT&T is not taking this seriously.

Given the issues this caused with vista... (4, Informative)

plasmacutter (901737) | more than 6 years ago | (#24378515)

Given the issues [] this patch caused with vista, i'm not at all surprised they're putting more thorough testing through on this.

Apple does not want to lose it's "just works" reputation my slaughtering internet connections on its platforms.

Re:Given the issues this caused with vista... (1)

TheVoice900 (467327) | more than 6 years ago | (#24378615)

Apple? Doing thorough testing? You must live in some kind of alternate universe where Apple products don't break with every update...

- Frustrated user of Apple server products.

Re:Given the issues this caused with vista... (2, Informative)

Pfhor (40220) | more than 6 years ago | (#24378743)

The problem really hasn't been that we are chiding Apple for(we being the OS X Server admins who support these boxes)most of us have gone and compiled our own versions of bind without issue, or being forwarding all recursion to opendns's servers, etc. (And custom installed BIND versions appear to be working fine in the server so far for most people).

It has been the total lack of response or public acknowledgement of the problem, no timeline for a fix, no patch and or updated knowledge base article on how to resolve the issue.

Apple just doesn't see it as a big enough issue to state it.

They still haven't responded to the privilege escalation exploit either.

Re:Given the issues this caused with vista... (0)

Anonymous Coward | more than 6 years ago | (#24378911)

Vista did not need a patch.

Apple without Jobs (0)

Anonymous Coward | more than 6 years ago | (#24378905)

You see? It starts...

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>