When is a Disk Image Not a Disk Image?


When it's a gaping security hole! If you haven't yet heard, last week saw confirmation of the most serious security hole in Mac OS X to date. Details were sketchy, and there was a lot of debate about the exact nature and scope of the threat, but one thing is now clear: the process by which OS X downloads and handles remote files is at the heart of the matter.

When the problem was first discovered, many people claimed that Help Viewer was the weak link and was what needed to be fixed. I wasn't so sure about that, and so I steered clear of writing anything about this until the mud settled a bit. It has indeed started to settle somewhat this week, and it's clear now that the problem goes deeper than just Help Viewer. Unfortunately, Apple's 5/24 Security Update only addresses the Help Viwer part of the problem, which is not to say that you shouldn't install the update. If you haven't yet downloaded and installed Security Update 5/24, you should definitely do so as soon as possible. But you should also know that this is not the end of the problem. It's a lot more complex than just Help Viewer, and it's going to take Apple a bit more head scratching and hard work to fix this one because it goes to the core of OS X's file system.

Rather than launch into my own explanation of the problem here, Adam Engst and his crew at TidBITS have done an excellent job of documenting the problem, and you should surf on over there and take a few minutes to read Adam's and Matt's articles. Adam also recommends a utility called Paranoid Android by Unsanity which sounds like it would also be a worthwhile download. I've used some of Unsanity's other products and they do good work. Check it out, and as they used to say on Hill Street Blues, "let's be careful out there."

Posted: Tue - May 25, 2004 at 09:29 PM          

©