Thursday, January 11, 2007

MOAB-11-01-2007: Apple DMG UFS byte_swap_sbin() Integer Overflow Vulnerability

The byte_swap_sbin() function, one of the UFS byte swapping routines (this code isn't present in FreeBSD and it's Mac OS X XNU-specific; used for compatibility of filesystem streams between little and big-endian systems) is affected by a integer overflow vulnerability, leading to an exploitable denial of service condition.

For further information:
You may have noticed some changes. As KF would say, "we are more respectable now". The issues will still feature hilarious artwork by talented fellow GC. Enjoy.


Dag Ă…gren said...

You're more respectable now? Does that mean you'll start letting through comments by anybody other than your groupies now?

I kid, I kid.

BR said...

Finally someone who recognises the misleading marketing of the Apple Inc. and sees through the "myth" that the company created about stability, speed, innovation and "friendly" GUI.
- non-existent - crashes the same as any other OS - usually one doesn't even get the notification of a crash (with the exception of the kernel panic, which is so visually appealing) but just notices that the application one was working on is simply gone...albeit the process is nicely animated !!!
- OSX is a memory hog, unless one does not have at least 1GB or RAM the computer won't be much more than a internet box and that only if one is patient enough to wait for a slow GUI - and this is after the company finally caught-up with the industry by switching to a proper speed Intel CPUs - Power PC versions are a lot slower than any PC from the same era - no question about it (compared on a basis 'bang for the buck' ie. what is the best (Brand Name) PC one could get for the cost of a G5, G4 and so on...)
- what in the God's name did Apple company ever invent, I ask you!?
MP3? - Nope!
MP3 player? - Absolutely not!
GUI? - Try Xerox! for the OS 8 and Open Source Community for the OSX
Great Product? - if you know absolutely nothing about the product and decide to lay down your mortgage down payment in order to equip your home/studio/office with Apple products!!!
FRIENDLY GUI? - try doing the little experiment with somebody who has never used a computer - parents, grandparents, somebody - there is obviously a lot of them out there since the Apple sales went up!!! -
sit them in front of a Mac and an ordinary PC running, say any version of Windows, and ask them to for example go on the internet (since that is what majority of the users do nowadays), assuming both computers have already active connection - and then just observe...
- on Windows there is a perfectly logical 'START' button, where one might 'start' as the name itself suggests, and after that the again logical 'Internet Explorer' name of the program and that is it!
- now let's take a look at OS X - there is a perfectly illogical 'apple' at the top, which does not offer an Internet gateway, along with 'Finder' which finds not-too-much for a novice user -
- at the bottom there is a 'Finder' again, 'Dashboard', and 'Safari', to name a few poorly named applications - now, unless our subject is a 'mind reader' there is no way that he or she will associate internet with Safari...
- and this is just one of the very many shortcomings of a OSX...just for fun, try attaching a photo from your iPhoto library to an Web based (YahooMail, Hotmail, GMail) e-mail message! Good luck finding that photo on your hard drive, since all the applications build their own folders and rename all the files that you import through them...the same goes for notorious iTunes, iPod, iMovie...
I, personally, like to be in control of my own property. If you own an Apple product, that is just impossible. Let me illustrate - try upgrading for example a video card in a Mac...virtually impossible since the drivers are made by Apple Inc. and not the manufacturer of the video card...the same goes for a sound card - CPU, Web Cams and alot of other little things that PC users just take for granted...
That alone means that you are spending a lot of money for a piece of disposable technology, since in today's world a computer's life cycle is something like 3-6 months.
The same goes for iPod's and anything else Apple Inc. makes...or should I say, puts together since all the components inside their computers are the exact same as in any ordinary PC computer, yet they cost a substantial amount more.
Now, by itself, that wouldn't be a problem...where the problem arises is when Apple Inc. comes up with a brilliant marketing scheme that explicitly states that their computers are faster, rock-solid, and better in every way than any of their opponents. Now, them being in North America, one would think that they would get sued for misleading marketing, and sued for monopolising with their rights protection of music purchased on iTunes...and I guess they will, in a little while.
All I can say is, stay away from Apple products, since they are a sinking ship.
In today's world of freedom, they impose themselves on every aspect of usage of their products...
That is just unacceptable!!!!

Anonymous said...


Not to be a jerk or anything but I don't find it that hard to associate Safari with the internet.

The inertnet is a place of research and exploration. Safari means..a journey or expedition, for hunting, exploration, or investigation.
To be honest I find it harder to associate Outlook with email.

BR said...

One is not supposed to associate if one wants a user friendly OS which is a selling point of the Apple evil snakes, as lmh nicely put it!
Anyway, a computer is a tool and it should be taken as one, not as a source of "creativity"...and the fan base that defends Apple comment...they get ripped of, lied to, and still remain oblivious to those facts...when I come to think of it, I take my hat off to the guys at marketing department at Apple Inc...they do their job's the morons that believe the BS (the fastest, the most advanced, the one of a kind, mac specific hardware, innovative technology...bla, bla, bla) that I'm allergic to!!!
I use G5 duo core Mac at work (unfortunately) - running Pro Tools (averages to 5 kernel panics a day, depending on the load!!!) and have one at home that I use as an internet box (because that's all it's good for!) and I can tell you that WindowsXP is a light year ahead of OS X - stability, friendly GUI, tweak toys, compatibility - every single thing...If I do any serious work, it has to be on a PC otherwise I lose my nerves...autosave is the most often used 'feature' on software running on Mac...but imagine working with 75 tracks in Pro Tools (mixing a TV show) and in order not to lose the data from the couple of minutes of Mac's obedience you set autosave to takes more than that to save the whole session!!!!!
Unfortunately, my boss is a MacHead, one of those hard core lunatics...hates Windows (the last one he ever used was 98 - no wonder!) yet uses MS Office - talk about irony -
The G5 duo core(PPC) with measly 80GB 1GB RAM and lousy ASUS - mini factor board (only 2 pci expansion slots!!!!!!!!!!!!!! a bloody internet box!) cost him close to $5000 at the time when for that money one could have bought a superb computer for about half as much and then go and get Andy Warhol to build him/her an artistic case if one really needed the "experience" and "design"!!!!
To me, that is extremely dumb, moreover it borders on insanity.
You judge for yourselves.
Stay informed and educate yourself before making any decision in life. It doesn't take a lot these can even 'google' it!!!!!

Anonymous said...

That was fun reading the two comments that pretty much complain about how OS X basically SUCKS.(NOTE the exclamation point on almost every damn apple problem and the (...) ) Everything from associating programs with functions to how its heavy on system resources to the problems he has encountered.

Look these are mostly your OPINIONS and what has happened to you, some people don't have these problems or opinions so.. I'm not sure if you here to bash apple or what.

Now I do agree with Apple's marketing and that their evil snakes.

I also agree that MAC OS X is NOT secure as advertised.

Thankfully I have common sense and know that HUMANS MAKE MISTAKES and ALL SOFTWARE HAS BUGS.