MemeStreams | MemeStreams Discussion

Create an Account

This page contains all of the posts and discussion on MemeStreams referencing the following web page: Apple in a bind over its DNS patch? | News - Security - CNET News.com. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Apple in a bind over its DNS patch? | News - Security - CNET News.com
by dc0de at 7:17 pm EDT, Jul 29, 2008

Three weeks after the disclosure of a serious flaw within the Domain Name System (DNS), Apple has yet to patch its MAC OS X operating system, but the company may be able to look to a third party in defense.
-snip-
In an e-mail to CNET News, Mogull said "Apple may be stuck between a rock and a hard place on this one, but they've chosen the worst possible option--remaining silent."

Say it isn't so?!!!? Apple has a problem with security? They can't figure out the patch?

Staying silent??? Wow, that's NEW!

Come on Apple, act like a thought leader, not some has-been wanna be, who can't admit that there are flaws in ALL software...

The time for arrogance is over, get with the program.

The current fix, is to forward all DNS requests to a patched system, from a DIFFERENT vendor, such as Microsoft, Linux, or Unix. How long until the corporations realize that Apple doesn't care if they're vulnerable, as long as Apple doesn't admit the vulnerabilities?

RE: Apple in a bind over its DNS patch? | News - Security - CNET News.com
by Decius at 12:22 am EDT, Jul 30, 2008

dc0de wrote:
Three weeks after the disclosure of a serious flaw within the Domain Name System (DNS), Apple has yet to patch its MAC OS X operating system, but the company may be able to look to a third party in defense.
-snip-
In an e-mail to CNET News, Mogull said "Apple may be stuck between a rock and a hard place on this one, but they've chosen the worst possible option--remaining silent."

Nameservice is a waste of a perfectly good mac, but if you insist, you could recompile bind from source. Most people should be more concerned about the state of their firewall.

RE: Apple in a bind over its DNS patch? | News - Security - CNET News.com
by Simon C. Ion at 2:40 am EDT, Jul 30, 2008

Decius wrote:
Most people should be more concerned about the state of their firewall.

'Twould seem that running bind behind a OpenWRT 7.09 based NAT is A-Okay. I'm glad that the OpenWRT folks got that stuff right.

RE: Apple in a bind over its DNS patch? | News - Security - CNET News.com
by Decius at 7:32 am EDT, Jul 30, 2008

Simon C. Ion wrote:
Decius wrote:
Most people should be more concerned about the state of their firewall.
'Twould seem that running bind behind a OpenWRT 7.09 based NAT is A-Okay. I'm glad that the OpenWRT folks got that stuff right.

Yup IPTables and PF both seem to have gotten this right, but several enterprise solutions aren't as good.

There is a redundant post from ubernoir not displayed in this view.