1. Forum
  2. Usenet
  3. COMP.SYS.MAC.SYSTEM

  • Re: Why Apple should provide standalone updates for native iOS apps

    From Andy Burnelli@21:1/5 to Jolly Roger on Thu Jan 27 18:31:24 2022
    XPost: misc.phone.mobile.iphone

    This post made just now to the newsgroups shows factual reasons
    _why_ Apple should provide standalone updates for native iOS apps

    If Chrome had the serious bug, it would be fixed wholly outside the OS.
    But in this case, it's Safari that had the bug - which is shipped in the OS.

    What happened was Apple had the fix, but Apple couldn't _ship_ that fix.
    If this were _any_ other operating system, the fix would already be there.

    The point is that Apple's primitive monolithic OS-release mechanism actually makes users far more vulnerable than if Apple used a modern release method.

    ... ... ... ... ... ... ... ... ... ... ... ... ... ... ...
    On 27 Jan 2022 16:24:53 GMT, Jolly Roger wrote:

    these vulnerabilities
    have already been patched

    Why are the iKooks so _desperate_ to minimize clearly very serious problems?
    *Safari isn't protecting the web, it's killing it*
    <https://httptoolkit.tech/blog/safari-is-killing-the-web/>

    Fact 1: Apple QA (as usual) completely failed to find these flaws
    Fact 2: Apple was told long ago about these flaws (as usual)
    Fact 3: Experts all seem to say these are very _serious_ flaws indeed
    Fact 4: Yet, apparently, Apple _still_ had no plans to fix the flaws
    Fact 5: Exasperated, the researchers finally _published_ the flaws
    Fact 6: As a direct result of that move, the flaws were actively exploited
    Fact 7: Apple finally decided to fix the flaws when the shit hit the fan
    Fact 8: But... *Apple couldn't _ship_ the Safari fix for days*
    Fact 9: Because Apple had to wait for the rest of iOS 15.3 to catch up

    ASSESSMENT:
    Not only did Apple _not_ find the bugs, but the bugs were _serious_ indeed!
    *Safari 15 may have a serious security flaw & there's _no patch in sight_*

    <https://www.techradar.com/news/safari-15-may-have-a-serious-security-flaw-no-patch-in-sight>

    ASSESSMENT:
    Worse, Apple had no plans to _fix_ this serious flaw, which is _why_ the researchers were forced to publish the flaw (to "prod" Apple into action).
    *Disclosure of WebKit flaw _prodded_ Apple to undertake repairs*
    <https://www.theregister.com/2022/01/21/apple_safari_webkit_indexeddb/>

    ASSESSMENT:
    The funny thing is that Apple actually had a fix; but they couldn't release that fix because of Apple's primitive monolithic os-release clusterfuck.
    *It's time to make Safari update schedule like Chrome and Firefox*

    <https://www.reddit.com/r/apple/comments/rmrm51/apple_safari_engineers_of_reddit_its_time_to_make/>
    --
    Nobody in high tech has higher MARKETING nor lower R&D costs than Apple.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)