| Deutsch English Français Italiano |
|
<lelk6pF91g3U2@mid.individual.net> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!feeds.phibee-telecom.net!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Jolly Roger <jollyroger@pobox.com>
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.system,uk.telecom.mobile
Subject: Re: Almost every iOS & macOS app has had huge vulnerabilities for
over a decade
Date: 3 Jul 2024 18:39:21 GMT
Organization: People for the Ethical Treatment of Pirates
Lines: 24
Message-ID: <lelk6pF91g3U2@mid.individual.net>
References: <v62o4t$22b9c$1@dont-email.me> <v62opd$45rh$3@solani.org>
<v62pv9$16d01$1@matrix.hispagatos.org> <_ObhO.2$OXD2.1@fx47.iad>
<v63v8b$4tnp$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net YSbuJcS8m1yDIs3Y+3bevQrxkYf40JrYlvJUXhZemjSerVNk1s
Cancel-Lock: sha1:5UnYTY6aUGIfWtKg9bYMt4B91VU= sha256:iqCwgHbDosnU44xM7B+dGgOYctA1sbBX4L760aBqaFo=
Mail-Copies-To: nobody
X-Face: _.g>n!a$f3/H3jA]>9pN55*5<`}Tud57>1<n@LQ!aZ7vLO_nWbK~@T'XIS0,oAJcU.qLM
dk/j8Udo?O"o9B9Jyx+ez2:B<nx(k3EdHnTvB]'eoVaR495,Rv~/vPa[e^JI+^h5Zk*i`Q;ezqDW<
ZFs6kmAJWZjOH\8[$$7jm,Ogw3C_%QM'|H6nygNGhhl+@}n30Nz(^vWo@h>Y%b|b-Y~()~\t,LZ3e
up1/bO{=-)
User-Agent: slrn/1.0.3 (Darwin)
Bytes: 2236
On 2024-07-03, badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>>
>> I scanned those quickly and don't see any mention that the
>> vulnerability was actually exploited. Hope it wasn't.
>>
>> Good thing CocoaPods have fixed the issue.
>>
>> It is another indication that dependencies or services managed by a
>> third party can be a huge risk for developers and clients.
>> Convenient, easy and cheap to have these things 3rd party managed -
>> but their issues become everyone's issues.
>
> I’ve always heard open source software is better because people can
> actually find vulnerabilities or back doors in them to report.
That might be true if people didn't find and fix vulnerabilities in
closed-source software every day.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.
JR