Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Comment there are ways (Score 1) 169

There is tech to inspect compiled code and try to find malicious bits, even in an automated fashion, that won't be fooled by an idle loop. It's far from perfect or being a silver bullet, but it is there and getting better by the day.

Look at what the security firms are now calling "sandboxing". Look here:

This is most probably what Apple does already, and clearly needs to get better at.

The bad news is that _it's bound_ to happen again.

This is why I agree with BronsCon, Apple should open doors to the sec community, but I don't think it will happen anytime soon.

BronsCon mentions sideloading as a possible way to do analysis, I don't know if this is the case (can sideloaded apps break the sandbox model?) but jailbreaking would obviously do.

Comment What about security (Score 1) 145

I don't subscribe to this rose-tinted point of view, especially if you look at all this beautiful tech from the security standpoint.
Most of the tech we deal with today was originally designed without security concerns. In most cases, security is an afterthought.
So much for sitting back and taking a break.


Intego's "Year In Mac Security" Report 132

david.emery notes the release of Intego's "Year In Mac Security" report (PDF), adding: "Mac OS X and iPhones that haven't been jailbroken fare pretty well (although vulnerabilities exist, there's not been a lot of exploitation). Apple does come in for criticism for 'time to fix' known vulnerabilities. Jailbroken iPhones are a mess. The biggest risk to Macs are Trojan horses, often from pirated software."

The secret of success is sincerity. Once you can fake that, you've got it made. -- Jean Giraudoux