« Hackers Substitute Bogus Stories for Real Ones on USA Today Web Site | Main | Dave Winer Remembers a Conversation with Gene Kan »

Apple Closes Security Hole in OS X Updater

Martin O'Donnell pointed out a CNET News.com report from several days ago that said Russell Harding had posted details on how to fool Apple's OS X SoftwareUpdate feature into downloading an operating system patch that contains a backdoor. Earlier today, Slashdot reported that Apple had closed that hole with an updated SoftwareUpdate program. The article on Slashdot characterizes Apple's response as quick, and says that the SoftwareUpdate program now checks for valid cryptographic signatures.

RedHat's Red Hat Network, which performs a similar OS management and update functions for Linux, has verified cryptographic signatures for a long time.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


CTDATA Venutures (CTDATA) develops Internet and Intranet applications for corporations and non profit organizations. Our services include:

  • Consulting services for Movable Type and TypePad-based publishing systems (visit our Weblog Improvement website for more information),
  • Financial services business process consulting,
  • Content management system and knowledge management system consulting,
  • Apache web server engineering and hosting,
  • MySQL, Sybase, and Microsoft SQL Server architecture and development,
  • SOAP, REST, and XML-RPC system architecture and programming, including Amazon Web Services and
  • Weblog publishing.
For more information, contact Dave Aiello by email at dave [at] daveaiello.com or call him at +1-267-352-4420.
Copyright © 1995-2010, CTDATA Ventures. All Rights Reserved.
Powered by
Movable Type 4.25