LMH’s “Month of Apple Bugs” has begun:
“‘LMH’ has discovered a vulnerability in Apple Quicktime, which can be exploited by malicious people to compromise a user’s system,” Secunia reports.
“The vulnerability is caused due to a boundary error when handling RTSP URLs. This can be exploited to cause a stack-based buffer overflow via a specially crafted QTL file with an overly long (more than 256 bytes) ‘src’ parameter (e.g. ‘rtsp://[any character]:[>256 bytes]’),” Secunia reports. “Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 7.1.3.100 (Windows version) and reportedly affects both Microsoft Windows and Mac OS X versions.”
Secunia reports, “Solution: Do not open untrusted QTL files.”
More info here.
“This issue has been successfully exploited in QuickTime™ Version 7.1.3, Player Version 7.1.3. Previous versions should be vulnerable as well. Both Microsoft Windows and Mac OS X versions are affected,” LMH reports.
Full article here.
Wrong again,
But there are 31 days in January.
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
“Don’t get me wrong I own a MacBook. But I still find that multitasking is smother on my G5 Single Chip iMac.”
That is misleading. Which tasks are you multitasking? Are you running universal binaries on the MacBook? Do you have the same amount of memory in each computer? Are you running tasks that depend on hard drive performance? Remember, the iMac has a 3.5″ 7200rpm desktop hard drive, the MacBook has a 2.5″ 5400rpm laptop hard drive. In terms of CPU performance, the Core 2 Duo blows away a single-core G5. http://barefeats.com/imcd3.html
Now, how do I get the names and addresses of the people inventing these malcious tests to check for vulnerabilities? And, how do they keep these little “tests” that they’re creating out of the general public’s hands?
The first real virus, worm or spyware I get on my Mac is going to make me very suspicious of these very people, and in case I need to sue somebody I want to know how my attorney can get in touch with their attorney. Of course I’m assuming anybody stupid enough to be doing something like this without being hired by Apple to do it would still be smart enough to retain a small battalion of legal advisors. Right?
Hey bug.squisher
Your little “joke” had absolutely zero effect on my system. Better luck next time, schmuck!
=:~)
Nick>
Same Ram 1 gig. No Rosetta apps installed. It’s just a feel thing. When running 5 or 6 apps at once, the lag when switching is smother on the G5 than the MacBook. Horsepower wise like video encoding, the Core kills the single G5. PS. I boot the MacBook Firewire to a 250 gig SATA drivewhen at home, so it’s not a disk issue.
I do think Leopard will/should kill that feeling once and for all.
I agree – I have 1st Intel iMac, & my friend has last G5 iMac. Both are 2 ghz-ish. I’ve found his running faster than mine under a lot of circumstances. Some rosetta related, but not all. Switch & iSquint are Universal, and they’re not as fast on my computer unless I’m opening everything else up just for the helluvit. The times where it isn’t slower are only with Apple’s own apps (iphoto, itunes, etc…). Wierd. I thought it was just me.
off topic, yeah, but this is the first time I ever actually saw someone mention this.
PS. I worked for Apple Canada in the late 90’s. I do understand the diff’s from G5 to Intel Core.
Another slashdot link on this topic
MonthOfAppleFixes
My PowerBook 1.67Ghz G4 is much more reliable tham my friends new MacBook Core2Duo, the thing crashed so much I’m beginning to regret recommending she switched.
Not just her machine either, a couple of my friends have had performance problems with the new Intel Macs.
I still want one though
” width=”19″ height=”19″ alt=”grin” style=”border:0;” /> Handbrake SCREAMS on a MacBook, getting 60-70fps while my PowerBook manages 25fps at best.
MW: times, as in Time New Roman, my least favourtie font in the world (Comic Sans a close second).
Not here.
This here Core 2 Duo MacBook Pro is way more snappy than a G5 desktop. Maybe the first round of Intel Macs are the issue.
macsaplenty,
But I wants 31 bugs dagnabbit!! I won’t take this lolligagging so I expect 2 bugs on the last day!
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
…… and now we can proudly announce the second Apple bug.
Err … well, it’s not actually an Apple bug, but it affects VLC and VLC will run on a Mac, so it can be categorised as an Apple problem if you don’t worry about the details or facts.
They’re kind of stretching it a little so far, but perhaps tomorrow will bring the Big One.
It should be no surprise that Brian Krebs is involved in this. After the reaming he got from the fake Airport exploit a few months back you can bet that little c**ksucker has already sucked, swallowed and asking for seconds from ‘LMH’.
MDN Magic word: gives
mugwump says: “This here Core 2 Duo MacBook Pro is way more snappy than a G5 desktop. Maybe the first round of Intel Macs are the issue.”
Waaay off topic of the story eh fellas? Hahaha – that’s ok. In this case the topic is another FUD story anyway.
No doubt you’re right Mug; ‘early adopter syndrome’ plays a big part here, as the heat and discoloration and mediocre battery performance of the first Macintel laptops all indicate. However, once you had a chance to use them, it was pretty clear to anyone with a level head that the real world advantages of 32bit Yonah (the first Macintel CPU in all lines) over either the G4 or the G5 were never as ‘there’ as a lot of Macolytes wanted to believe, especially compared to the latter. Having more than one core in the laptop line was a legitimate advantage over what came before it, however a dual core G4 was available to Apple even a little before Yonah debuted (at lower power usage & equal clockspeeds to boot), so there too it was in reality a lot of sturm & drang for nothing.
Now, the recent Woodcrest and Merom CPUs are different – here you have parts that finally make the switch even arguably necessary. Technologically, I love ’em both. Yet, between Intel’s tired FSB slowing them down, and the inevitable march of progress, it seems possible – even probable – they’re going to be effectively challenged in terms of performance and efficicency within months. When you look at the 1st quarter-to-half ’07 offerings from AMD (all the goodness of Core, none of the FSB issues), PA Semiconductor (a multicore, low power monster), and even – believe it or not – IBM with their Power6 (anywhere btwn 4-6Ghz at the same-or-less power levels as the current Power5 and 970FX), all either ‘close the gap’ with Intel, or in the case of clockspeed and power efficiency (performance per watt) should even beat them. The Power6 is especially worth watching; IBM seems to have learned all the right lessons from the shortcomings of the Powers 4 (in terms of better integer performance) and 5 (adding Altivec and making it speedy). They can even throttle the Pwr6’s voltage from typical low single digits to something like .8v, which is pretty unusual for any CPU. Basically it means that Pwr6 probably could have been put in any thin little thing Apple could have imagined, and still rocked in a workstation or 1U server.
Hey, when you see even the historically plodding Freescale scheduled to offer a 64bit G4 at 65nm in a year (without Apple for a customer anymore), you realize how tenuous Intel’s hold on any performance measure actually is. Not that I expect to see a switch back to PPC by Apple – not in my lifetime at least – but with all that’s coming on that front, I’d love to see some aftermarket outfits offer an upgrade path for the last PowerMac/Book, XServe, or even G5 iMac models with a PASemi or Power6 or even just a better G4. I’d pay for it (even when I get my MacBook, I don’t plan on dumping my PPC Macs for a while), if only to see a classic ‘what if’ scenario played out in real life.
The fanbois and stock cheerleaders probably won’t ‘get’ that though. The love of technology for it’s own sake is lost on most Mac people today. Oh well, let the flaming commence!
” width=”19″ height=”19″ alt=”cool smile” style=”border:0;” />
@ Odyssey67
Now, That’s how someone with skills on the keyboard says it. Nice work.
PS. Trusted computing…..We need a new thread…
Oddy, you know I’m always here for you. **F*L*A*M*E**
hehe
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Seriously, I think I actually agree with you 100% about the iMac G5 upgrade – I have one of the last iMac G5 20-inchers made on my desk, and I love it to pieces. But boy, I sure wish I could get an updgrade chip in it that would allow it to blaze away faster! Not that it’s slow, mind you. Just.. you know, it could be faster, and I love having my Classic OS 9 available and all that.
“PS Doesn’t this kind of crap come from the new x86 chips.
I still like my G5’s”
Yeah, the powerpc chips are heaps better. They are miles ahead of the x86 in their design. These new intel chips aren’t anything new, they are just and old modified 1970s designs and are inefficient at best. If apple wanted macs to run windows at native speeds they should have combined a powerpc chip with and intel chip, kinda like this:
No this is not harmful code like the link that bug.squsher put up, but it is the playstation 3’s board. Down the left-bottom corner you can see the playstation 2 processor, and somewhere in the middle is the playstation 3s powerpc processor. (This is for backward compatibility) I guess you could do the same with a powerpc and an intel chip. But if for some reason intel chips sell more macs we will have to stick to that for now.
P.S the newest powerpc (‘cell’) runs at 3.2 Ghz.
The next one is up…
http://projects.info-pull.com/moab/MOAB-02-01-2007.html
ummm, so are any of these going to be mac only bugs? Expect them to fill a lot of the days with Microsoft Office bugs
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
So here’s a quote froom the LMH docs:
“The risk is having your system compromised by a remote attacker, who can perform any operation under privileges of your user account. It can be triggered via JavaScript, Flash, common links, QTL files and any other method that starts QuickTime.”
As I thought, LMH are just grandstanding. Nothing to see here, folks. Move along…
Ownup to it: A bug has been found, despite everyone saying it wouldn’t happen when the project was first announced.
This is a good thing: Apple willl fix them. There’s no need for us to try and discredit the project just because we don’t like what they are saying.
I, too, would like to upgrade my old G4. I have a 533 (Digital Audio) but the faster G4 processors are just too expensive for what I get. My memory is still PC133 (and only 1.5GB at that) and my video is Radeon 9800 Pro. I’m using up my PCI slots adding USB 2, SATA. I added an external DVD burner a few years back but it does not show up as a SuperDrive.
Compared with what an iMac has and what I could pay to upgrade my G4 (and what would result from the upgrades) it is cheaper to buy the iMac. If I could get a dual 1.6 G4 for around $200 I might do it. But I don’t have any plans to spend the current prices ($450 and up). It would be great to get a dual 7448 for about $300 (that’s the dual-core chip).
Make your own life more simple get the loan and everything you need.
You are obviously, a professional but when you are willing to select the online essays, I would suggest you to determine the greates item.
Thanks for the news about this good post! That’s obviously that the paper writing service will present the a href=”http://www.exclusivepapers.com”>essay writing</a>. So, it is a perfect possibility to purchase essays and a href=”http://www.exclusivepapers.com”>custom writing</a> about this good topic.
Present time people buy custom term paper more often and custom academic papers writing services have to alter their standards because of that. So, that’s great!