Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <lelkjrF91g3U4@mid.individual.net>
Deutsch   English   Français   Italiano  
<lelkjrF91g3U4@mid.individual.net>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: Jolly Roger <jollyroger@pobox.com>
Newsgroups: uk.telecom.mobile,misc.phone.mobile.iphone,comp.sys.mac.system
Subject: Re: Almost every iOS & macOS app has had huge vulnerabilities for
 over a decade
Date: 3 Jul 2024 18:46:19 GMT
Organization: People for the Ethical Treatment of Pirates
Lines: 33
Message-ID: <lelkjrF91g3U4@mid.individual.net>
References: <v62o4t$22b9c$1@dont-email.me> <v62opd$45rh$3@solani.org>
 <v62pv9$16d01$1@matrix.hispagatos.org> <_ObhO.2$OXD2.1@fx47.iad>
 <v63v8b$4tnp$1@solani.org> <v645p3$2aclh$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Trace: individual.net GTpaPCrYMhMpV/YuNWyiWw71RX/4WJqgbKR7niPsePsXDRMHOR
Cancel-Lock: sha1:kXqRv87gUSkeIa9r73yejFpGwrY= sha256:r80PDzY13hmPTBIRg5R63S9rKBTerbT9MOyHxOTNwLM=
Mail-Copies-To: nobody
X-Face: _.g>n!a$f3/H3jA]>9pN55*5<`}Tud57>1<n@LQ!aZ7vLO_nWbK~@T'XIS0,oAJcU.qLM
 dk/j8Udo?O"o9B9Jyx+ez2:B<nx(k3EdHnTvB]'eoVaR495,Rv~/vPa[e^JI+^h5Zk*i`Q;ezqDW<
 ZFs6kmAJWZjOH\8[$$7jm,Ogw3C_%QM'|H6nygNGhhl+@}n30Nz(^vWo@h>Y%b|b-Y~()~\t,LZ3e
 up1/bO{=-)
User-Agent: slrn/1.0.3 (Darwin)
Bytes: 2619

On 2024-07-03, Chris <ithinkiam@gmail.com> wrote:
> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>
>>> I scanned those quickly and don't see any mention that the
>>> vulnerability was actually exploited.  Hope it wasn't.
>>> 
>>> Good thing CocoaPods have fixed the issue.
>>> 
>>> It is another indication that dependencies or services managed by a
>>> third party can be a huge risk for developers and clients.
>>> Convenient, easy and cheap to have these things 3rd party managed -
>>> but their issues become everyone's issues.
>> 
>> I’ve always heard open source software is better because people can
>> actually find vulnerabilities or back doors in them to report. 
>
> And for black hats to find them and exploit them. 

Not to mention malicious actors insert back doors into open source
software undetected all of the time - some recent examples:

<https://www.infosecurity-magazine.com/news/backdoor-xz-utils-linux-open-source/>

<https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/>

<https://cyberscoop.com/bootstrap-sass-infected-snyk-rubygems/>

-- 
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR