All Mac & iOS CPUs affected by 'Meltdown' and 'Spectre' chip flaws, some fixes already in ...

13»

Comments

  • Reply 41 of 56
    frankiefrankie Posts: 380member
    All I know is the Intel CEO apparently sold millions in stocks before the information was released.  He should probably go to prison for that.
    edited January 2018
  • Reply 42 of 56
    petripetri Posts: 108member
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    williamlondon
  • Reply 43 of 56
    macplusplusmacplusplus Posts: 2,111member
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    edited January 2018 StrangeDays
  • Reply 44 of 56
    petripetri Posts: 108member
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    williamlondon
  • Reply 45 of 56
    petri said:
    I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    That’s not going to happen.
  • Reply 46 of 56
    Mike WuertheleMike Wuerthele Posts: 6,567administrator
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    A Lion machine on the internet has far more pressing security problems than anything related to this.
    edited January 2018 bakedbananas
  • Reply 47 of 56
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    Then submit a feedback to Apple for that. Don’t expect them come to these forums and see your wishes. Be proactive.

    As seen in the technical note for December security updates, Apple patches macOS retrospectively, including El Capitan. So, there is not a matter of “policy” here, old versions are patched, period. As to the Meltdown patch for El Capitan there is no need to discover a shame here, it may be patched sooner or later or it may not need a patch at all.
    edited January 2018
  • Reply 48 of 56
    Mike WuertheleMike Wuerthele Posts: 6,567administrator
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    Then submit a feedback to Apple for that. Don’t expect them come to these forum and see your wishes. Be proactive.
    We've been asking some questions and getting some very confusing answers. More when we can pin something down on it, regarding El Cap and Sierra.
  • Reply 49 of 56
    leighrleighr Posts: 238member
    Interesting that it’s ok for Intel to purposely slow their processors down to improve user experience. If they were Apple chips, the class action suits would have already begun.
  • Reply 50 of 56
    petripetri Posts: 108member
    petri said:
    I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    That’s not going to happen.
    Then there will be many more malware-controlled bots out there, and that’s bad news for everybody who uses the internet.  Shame.

    I’ll bet MS bend their rules and patch XP for this.  
    williamlondon
  • Reply 51 of 56
    petripetri Posts: 108member
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    A Lion machine on the internet has far more pressing security problems than anything related to this.
    So where is the page on Apple’s website explaining that, or giving any kind of information on what support is or isn’t available for Lion, just out of interest?
    williamlondon
  • Reply 52 of 56
    Mike WuertheleMike Wuerthele Posts: 6,567administrator
    petri said:
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    A Lion machine on the internet has far more pressing security problems than anything related to this.
    So where is the page on Apple’s website explaining that, or giving any kind of information on what support is or isn’t available for Lion, just out of interest?
    I'm not sure there's a "what isn't covered" for Lion page, but rather, everything that the last Lion security update doesn't cover is going to be a problem. In essence, everything after Sept 29. 2014. Every security problem for the last three years, in essence.

    edited January 2018 bakedbananas
  • Reply 53 of 56
    Rayz2016Rayz2016 Posts: 6,957member
    leighr said:
    Interesting that it’s ok for Intel to purposely slow their processors down to improve user experience. If they were Apple chips, the class action suits would have already begun.
    Heh. Give it time...

    But you can't sue for system bugs unless they cause physical injury.

    You might be able to bring an action against Intel's CEO for (alleged) insider trading though.
    edited January 2018
  • Reply 54 of 56
    Rayz2016Rayz2016 Posts: 6,957member
    grangerfx said:
    "we recommend downloading software only from trusted sources such as the App Store"
    Will apple wave the 30% fee for developers to move their apps to the Mac App Store then?
    Why exactly?

    To begin with, they've always recommended downloading software from trusted sources only. That's just common sense. You'd be an idiot to download software from a source you didn't trust, wouldn't you.

    Secondly, they said such as; they didn't say exclusively. I download software from other trusted sources besides the app store, and will continue to do so. I don't download apps without that don't have a signed developer certificate.

    Third: They're not going to waive the fee because they didn't cause the problem.

    williamlondonbakedbananas
  • Reply 55 of 56
    petripetri Posts: 108member
    petri said:
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    A Lion machine on the internet has far more pressing security problems than anything related to this.
    So where is the page on Apple’s website explaining that, or giving any kind of information on what support is or isn’t available for Lion, just out of interest?
    I'm not sure there's a "what isn't covered" for Lion page, but rather, everything that the last Lion security update doesn't cover is going to be a problem. In essence, everything after Sept 29. 2014. Every security problem for the last three years, in essence.

    That’s not what that page says.  There is no statement from Apple on whether Lion is supported, or considered to be secure right now, or insecure.  The fact that it hasn’t been updated recently doesn’t necessarily mean it’s not reasonably secure; not all the bugs patched for later macOS versions will have affected Lion in the first place (take High Sierra’s recent password snafu for example).  

    The fact is, in the absence of any confirmation from Apple that Lion won’t receive any required security patches, or is already insecure in its current state, there’s no obvious reason for users with older, working machines to stop using it, especially if they have no upgrade path from Apple.
    williamlondon
  • Reply 56 of 56
    Mike WuertheleMike Wuerthele Posts: 6,567administrator
    petri said:
    petri said:
    petri said:
    petri said:
    petri said:

    nouser said:
    This flaw has been in the chips since the mid 90's.  These recent Apple patches are only applicable to fairly recent devices.  What about those of us who still have lots of older hardware in daily use?  I have a lot of very usable hardware that is unable to run the latest Mac OS / IOS.  I'm confident I'm not the only one.  Not pleased with this solution since I cannot use it on all my hardware. 
    Have your old devices been exploited since the mid 90’s?
    That’s missing the point, the exploit existed since the nineties but hasn’t been known about till now.  Now that it’s documented and “out there”, there will be people trying to exploit it (some of them just for the hell of it).  Exploit code will become a common and tradeable
    commodity and unpatched older machines will be at risk.
    Here are older Macs that can install MacOS High Sierra. If you still refuse to install the latest operating system on these machines then this is your call:


    macOS High Sierra can be installed on:

    • macOS Sierra
    • OS X El Capitan
    • OS X Yosemite
    • OS X Mavericks
    • OS X Mountain Lion

    If the machines are in the obsolete category Apple legally is not obligated to support them, officially vintage and obsolete products are listed in https://support.apple.com/en-us/HT201624. Those machines can install a system version that includes Gatekeeper. Gatekeeper is available since OS X Mountain Lion. With Gatekeeper one can block applications from unidentified developers and the machines remain not exploited.
    Well done for needlessly posting a list.  Unfortunately it excludes a huge number of machines that are still perfectly useable and in use.  I actually fully expect Apple to patch many of them, not because they’re legally obliged but because it’s the right thing to do, for every customer.
    El Capitan can be installed on machines back to 2007. And El Capitan is patched in December. Apple computers back to 10 years old are patched. So...?

    Withdrawn until further update.
    Wise to withdraw.  Apple aren’t being very clear about the status of pre-Sierra macOS right now, which is a shame.

    A proper update for El Capitan is a must, a lot of very serviceable machines were left behind by Sierra.  But going further - my mother in law has a 2007 iMac which to this day runs perfectly and does everything she needs it to do; for her purposes there’s not a thing wrong with it.  It’s stuck on Snow Leopard, since it’s a first gen core duo processor.  It now turns out there was a serious manufacturing defect in that processor - it’s effectively been broken since the day she bought it.  Are Apple really going to leave that machine to be either binned or (more likely) left in service but wide open to hackers?

    Thinking more widely than the interests of my particular mother in law, is it good news for anyone else to leave numerous older machines like hers as unpatched conduits for botnets, or exploitable weaknesses in other networks etc?  The wider community have a stake in this too.
    A Lion machine on the internet has far more pressing security problems than anything related to this.
    So where is the page on Apple’s website explaining that, or giving any kind of information on what support is or isn’t available for Lion, just out of interest?
    I'm not sure there's a "what isn't covered" for Lion page, but rather, everything that the last Lion security update doesn't cover is going to be a problem. In essence, everything after Sept 29. 2014. Every security problem for the last three years, in essence.

    That’s not what that page says.  There is no statement from Apple on whether Lion is supported, or considered to be secure right now, or insecure.  The fact that it hasn’t been updated recently doesn’t necessarily mean it’s not reasonably secure; not all the bugs patched for later macOS versions will have affected Lion in the first place (take High Sierra’s recent password snafu for example).  

    The fact is, in the absence of any confirmation from Apple that Lion won’t receive any required security patches, or is already insecure in its current state, there’s no obvious reason for users with older, working machines to stop using it, especially if they have no upgrade path from Apple.
    There have been no security patches for Lion for over three years. It is unsupported, totally and utterly. The link above is pretty dramatic confirmation that it won't "receive any required security patches" and hasn't for some time.

    Also important to note that machines that are stuck on Lion are also unsupported by Apple service.

    I get it, keeping older, functional machines around has benefits. I've got a Lion Mac mini doing music playback duty in the house. But, the reality of the situation is that Apple left these machines behind. Use them on the internet at your own peril.

    Your point about the Root password is legitimate. But, saying that "Apple doesn't say Lion is unsafe, so it must be safe" is not the same as "Lion is safe."


    edited January 2018 bakedbananas
Sign In or Register to comment.