"ShellShock" - what are you doing?

Rick Harrison harrison at all-auctions.com
Sat Sep 27 00:34:05 EDT 2014


Hi Bruce,

I believe those special advanced Unix services Apple is referring to
involves people who have set up their machines to use Unix SSH
to remotely control their machines.  This is not set up by default by Apple.
You have to know something about using the Terminal and Unix commands
to set it up.  I think Apple wanted to be somewhat cryptic to not come out
and tell the bad guys exactly what to do step by step to take anyone’s
computer.

So, no big worries for now as long as you aren’t running any serious
web-servers with remote access set up in Unix.

I still think it is odd that Homeland Security didn’t have a news item
clearly marked on their front page about ShellShock.Our tax money
really at work there.  One shouldn’t have to dig deep for this important
information.

Apple Inc., didn’t have anything in their “Hot News” either.  Apparently
they only want to talk about positive experiences, not holes they are
trying to patch.  Good luck digging for the really important information.
I think Google organizes Apple’s website better than Apple does!  LOL

Ok, that’s my 2 cents for the day.  Let’s hope the patching geniuses
get the job done soon!

Cheers,

Rick




On Sep 26, 2014, at 5:33 PM, Bruce Pokras <bruceap at comcast.net> wrote:

> Can anyone explain exactly what this means? What are those "special, advanced Unix services?
> 
> "But Apple said in an emailed statement that most of its users aren't affected, as OS X's "systems are safe by default and not exposed to remote exploits of Bash" -- unless users have actively turned on special, advanced Unix services."
> 
> Bruce Pokras
> Blazing Dawn Software
> www.blazingdawn.com





More information about the use-livecode mailing list