1. Forum
  2. Usenet
  3. COMP.SYS.MAC.SYSTEM

  • Apple only fixes known security bugs when the shit hits the fan

    From Andy Burnelli@21:1/5 to All on Thu Jan 13 05:55:42 2022
    XPost: misc.phone.mobile.iphone

    Apple's sophomoric iOS QA team missed this bug since as far back as iOS 14 <https://www.engadget.com/ios-15-2-1-homekit-vulerability-fix-201158978.html>

    "Spiniolas found that the vulnerability is present within Apple's mobile operating system as far back as iOS 14.7, but said he believes it exists in
    all versions of iOS 14."

    Worse, Apple took forever to fix it after Apple was told about it.

    "Security researcher Trevor Spiniolas discovered the vulnerability and
    publicly disclosed it on January 1st. According to Spiniolas, he informed
    Apple of the bug way back in August of last year!"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From nospam@21:1/5 to spam@nospam.com on Thu Jan 13 09:59:43 2022
    XPost: misc.phone.mobile.iphone

    In article <sroest$10aq$1@gioia.aioe.org>, Andy Burnelli
    <spam@nospam.com> wrote:

    Apple's sophomoric iOS QA team missed this bug since as far back as iOS 14

    right, because having homekit device names longer than 500,000
    characters is so incredibly common.

    how could that have possibly slipped through??

    it should have been the first thing to test.

    for reference, 500,000 characters is roughly 1000 *pages* of
    single-spaced text, which would take nearly 17 continuous hours to
    type, assuming a sustained 100 wpm for the entire time, without any
    breaks for food, bathroom or anything else.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Jolly Roger@21:1/5 to nospam on Thu Jan 13 15:31:11 2022
    XPost: misc.phone.mobile.iphone

    On 2022-01-13, nospam <nospam@nospam.invalid> wrote:
    In article <sroest$10aq$1@gioia.aioe.org>, Andy Burnelli
    <spam@nospam.com> wrote:

    Apple's sophomoric iOS QA team missed this bug since as far back as
    iOS 14

    right, because having homekit device names longer than 500,000
    characters is so incredibly common.

    how could that have possibly slipped through??

    it should have been the first thing to test.

    for reference, 500,000 characters is roughly 1000 *pages* of
    single-spaced text, which would take nearly 17 continuous hours to
    type, assuming a sustained 100 wpm for the entire time, without any
    breaks for food, bathroom or anything else.

    A reflection of himself, Arlen's trolls are just plain dumb. He doesn't
    bother researching the things he trolls about, nor would he truly
    comprehend them if he did. Due to his perpetual little Apple hate boner,
    he's perfectly happy to turn even the most ridiculous trivial things
    into a troll against Apple because it makes him FEEL better. He's a
    pathetic waste of a human being who spends all day every day trolling.

    --
    E-mail sent to this address may be devoured by my ravenous SPAM filter.
    I often ignore posts from Google. Use a real news client instead.

    JR

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Andy Burnelli@21:1/5 to Jolly Roger on Thu Jan 13 15:50:06 2022
    XPost: misc.phone.mobile.iphone, alt.privacy

    On 13 Jan 2022 15:31:11 GMT, Jolly Roger wrote:

    A reflection of himself, Arlen's trolls are just plain dumb. He doesn't bother researching the things he trolls about, nor would he truly
    comprehend them if he did. Due to his perpetual little Apple hate boner,
    he's perfectly happy to turn even the most ridiculous trivial things
    into a troll against Apple because it makes him FEEL better. He's a
    pathetic waste of a human being who spends all day every day trolling.

    FACTS (which are incontrovertible):
    1. The bug was _not_ found by Apple QA
    2. The bug is a _classic_ (which means there is _no_ Apple QA to speak of!)
    3. The bug was reported to Apple in the middle of last year
    4. Apple refused to fix it in a timely manner (by _all_ accounts!)
    5. Exasperated, researches made the bub public (after waiting half a year!)
    6. Only then did Apple even _bother_ to fix this rather serious flaw.

    ASSESSMENT (by intelligent people):
    *Apple only fixed a known security bug well _after_ the shit hit the fan!*

    ASSESSMENT by Jolly Roger:
    Apple can do no wrong, but worse - anyone who points out any facts must be a troll because Jolly Roger himself wishes to remain completely oblivious of facts that tell the truth about how sordid Apples almost total lack of QA
    truly is (Apple QA can't even predict a buffer overflow for God's sake!).

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From *Hemidactylus*@21:1/5 to nospam on Thu Jan 13 09:52:51 2022
    XPost: misc.phone.mobile.iphone

    nospam <nospam@nospam.invalid> wrote:
    In article <sroest$10aq$1@gioia.aioe.org>, Andy Burnelli
    <spam@nospam.com> wrote:

    Apple's sophomoric iOS QA team missed this bug since as far back as iOS 14

    right, because having homekit device names longer than 500,000
    characters is so incredibly common.

    how could that have possibly slipped through??

    it should have been the first thing to test.

    for reference, 500,000 characters is roughly 1000 *pages* of
    single-spaced text, which would take nearly 17 continuous hours to
    type, assuming a sustained 100 wpm for the entire time, without any
    breaks for food, bathroom or anything else.

    Given his obsessive typing here I doubt Arlen would have any problem giving
    his devices names longer than 500000 characters, hence his concern. If only
    he spent more time naming his favorite devices and less time spamming the group.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)