kshah 452 Report post Posted July 8, 2007 Too much of discussion of not so important product, iphone or ipod or imac or windows mobile, nothing is perfect. Up gradations are inevitable, that is the reason why hetal could produce better ROM than UTSTARCOM Most gadgets gets better and better with time and it is law of business not to introduce (Does not meant they can not design or make) perfect product in first go. Else when people wants change, producer will not be in position to offer any better product. Share this post Link to post Share on other sites
coolrajiv 1 Report post Posted July 8, 2007 Too much of discussion of not so important product, iphone or ipod or imac or windows mobile, nothing is perfect. Up gradations are inevitable, that is the reason why hetal could produce better ROM than UTSTARCOM Most gadgets gets better and better with time and it is law of business not to introduce (Does not meant they can not design or make) perfect product in first go. Else when people wants change, producer will not be in position to offer any better product. Absolutely kshah totally agree with you Share this post Link to post Share on other sites
Incognito 0 Report post Posted July 8, 2007 (edited) Haha This is a discussion forum so i said what i feel & hetal said what he feels abt iphone tumne apple products kabhi use nahi kiye so i dont give much thought to your comments When people like you get rid of your negative mindset than you would realise that nothing is perfect in this world Iphone has some shortcomings agreed but dear you cant understand what i am saying wait for Iphone version 2 which apple is planning very shortly agar usme bhi shortcomings ko address nahi kiya jata tab theek hain u can turn on your crusade As far as Sunday goes i am happy to watch my Favorite Roger Federer in action tonight Hype me agar 1 million mobiles bikte hain in 1 week na toh hype hi sahi All those who do business will take that anyday anytime I never said Iphone is the best i am just supporting it thats it coz i like it tum log hi rai ka pahad bana rahe ho Anyways Enjoy your sunday dude Edited July 8, 2007 by wipl Share this post Link to post Share on other sites
coolrajiv 1 Report post Posted July 8, 2007 @ Kshah you are bang on target I agree with your views every product unleashed on the market is not perfect in the first go it takes time for it to improve same goes with iphone .. it will or can only improve as the time goes on perhaps people have already lost their patience and have given their verdict on it based on its shortcomings no one is ready to wait for iphone version 2 Share this post Link to post Share on other sites
petar 15 Report post Posted July 8, 2007 WHY ARE U DEBATING GUYS... Let people who wanna buy iPhone buy it.... after all they are not asking your money to buy it.... If u think too many people are buying apple iPhone- buy it stock....it will soar up. apple makes 220$ from single iPhone so @ 1 million phones sold - it has made a profit of 220 million $$. If you THink its not worth it... GO search google for iPhone hate forums (there are plenty of those as well) & put some comments there & read lots of them. Feel happy that u have lots of people with yr viewpoint. Share this post Link to post Share on other sites
Kunal Hemrajani 1 Report post Posted July 8, 2007 @coolrajiv.. m waitin 4 da second version of IPHONE only.. but m also da one who dun lik the features of this IPHONE..wid thos features n price its really a piece of crap.. n m lukin 4ward for big changes in the nxt version of IPHONE.. so hope 4 da best Share this post Link to post Share on other sites
prakashkadam 1 Report post Posted July 9, 2007 I Phone buster = HTC touchThis will surely compete with I phone in gsm counterpart.. has almost all advantages that iphone dose not have Link with videos http://www.htcphonestore.com/product.asp?itemMDL=HTC_TOUCH and how do u compare LG Prada ( http://digitallinks.blogspot.com/2007/01/l...ver-iphone.html ) with iPhone. LG Prada is already there before iPhone, Probably it is available in India also. Share this post Link to post Share on other sites
Sadikk 301 Report post Posted July 9, 2007 Lol @ Iphone vesion 2. So pitty of those who waiting for Iphone V2.0. ( steve still cashing in on opening of iphone version 1.0 ) Why dont u just take a break man, instead of defending ur beloved Iphone or apple. Get some shares.stakes in Apple and do all this than it will make some sense. Share this post Link to post Share on other sites
coolrajiv 1 Report post Posted July 9, 2007 WHY ARE U DEBATING GUYS...Let people who wanna buy iPhone buy it.... after all they are not asking your money to buy it.... If u think too many people are buying apple iPhone- buy it stock....it will soar up. apple makes 220$ from single iPhone so @ 1 million phones sold - it has made a profit of 220 million $$. If you THink its not worth it... GO search google for iPhone hate forums (there are plenty of those as well) & put some comments there & read lots of them. Feel happy that u have lots of people with yr viewpoint. Yes petar u r right those who like it they will buy it regardless of what is posted here in this forum & ofcourse those who hate iphone they will only criticize it quite logical .. By now everyone knows the drawbacks of Iphone which Hetal has pointed out & quite rightly what he mentioned is correct I am banking on Apple to add all the features which he mentioned lets see what happens in Iphone version 2 criticise jo kar rahe hain they r saying take a Break i think they need a ibreak seriously man yeh silsila chalta rahega Those who r fan of apple products i am sure they dont bother too much abt this criticism Yeh debate as petar rightly said will go on and on and on........ this seems like a boxing match punches & counter punches its flying everywhere... Share this post Link to post Share on other sites
petar 15 Report post Posted July 9, 2007 Heres a surpise guys...! well we saw it coming... dint we..? Last week Apple released important information about the iPhone and battery replacement. According to the Apple website, the iPhone will only last about 300 to 400 recharges, and once the battery is dead, it will need to be sent away to Apple for replacement. The entire process will cost around $85, a service fee of $79 plus $6.95 shipping. The repair will take about three business days. Another important piece of information is that all data on your iPhone will be lost once the repair takes place. Apple warns that "It is important to sync your iPhone with iTunes to back up your contacts, photos, email account settings, text messages, and more. Apple is not responsible for the loss of information while servicing your iPhone and does not offer any data transfer service." Many consumer websites have already complained that Apple withheld this information prior to the iPhone's release. Share this post Link to post Share on other sites
tanveer 59 Report post Posted July 9, 2007 I had read this thing in one of the reviews as well. The battery can not be replaced by the user. Share this post Link to post Share on other sites
Kunal Hemrajani 1 Report post Posted July 9, 2007 @sadik bhai...nor m a supporter of I-Phone neither i lov apple products.. but becuz of da launch of da I-Phone many oder companies wil also cum out wid better I-Phones... n soon apple wil also follow dem..n they wil upgrage da features becuz of da market competition.. n tht wil b bleesing 4 awl of us ... @peter..haha Steve plays nther game...its all about money mah dear frendz .... now wat da I-PHONE supporters gonna say about this move?? Share this post Link to post Share on other sites
Incognito 0 Report post Posted July 9, 2007 (edited) now wat da I-PHONE supporters gonna say about this move?? Edited July 9, 2007 by wipl Share this post Link to post Share on other sites
thomasxavier 0 Report post Posted July 10, 2007 now wat da I-PHONE supporters gonna say about this move?? Even though i am new into this forum i do agree with supporters of Apple product I do have imac notebook in which i have the mac os installed & it runs smoothly without any hiccups unlike windows which is pathetic .. those who hate iphone its because its expensive and also bcoz it does not have some features.. which in most likelyhood gonna be there in iphone version2 i also have ipod nano its awesome ..... those who r criticising apple let them do it does not bother all the supporters of apple woh kahavat haina bandar kya jane adhrak ka swad bilkul theek hain for these IPHONE haters.. Share this post Link to post Share on other sites
coolrajiv 1 Report post Posted July 10, 2007 Apple plans to launch a cheaper version of the iPhone in the fourth quarter that could be based on the ultra-slim iPod Nano music player, according to a JP Morgan report. Kevin Chang, a JP Morgan analyst based in Taiwan, cited people in the supply channel and an application with the U.S Patent and Trademark office for his report dated July 8. Apple filed a patent application document dated July 5 that refers to a multifunctional handheld device with a circular touch pad control, similar to the Nano's scroll wheel. Sales in the first weekend of the iPhone aavailability were as high as 700,000 units, according to estimations. Chang said a way to follow up the iPhone with a cheaper version would be to convert the Nano into a phone and price it at $300 or lower. The iPhone sells for $500 and $600, depending on storage space. Another analyst Gene Munster of Piper Jaffray said he expects Apple to bring out iPods that resemble iPhone, which features such as a touch-sensitive screen, later this year. Sales of the iPhone are expected to be limited to a small percentage of the market due to its high price tag, particularly in the United States where 85 percent of consumers tend to spend $100 or less on cell phones. But analysts forecast that a cheaper phone from Apple, which leads the digital music player market, could pose a much bigger threat to long-established phone makers such as Nokia , Motorola, Samsung and Sony Ericsson. Share this post Link to post Share on other sites
petar 15 Report post Posted July 10, 2007 The main point about the current iPhone was its intutive design, big multi touch screen , Wi-fi & sexy looks... + it did wat a phone is suppos eto do- MAKE CALLS. Will the cheaper phone cater to the main needs ?? Share this post Link to post Share on other sites
Incognito 0 Report post Posted July 10, 2007 Even though i am new into this forum i do agree with supporters of Apple product I do have imac notebook in which i have the mac os installed & it runs smoothly without any hiccups unlike windows which is pathetic .. those who hate iphone its because its expensive and also bcoz it does not have some features.. which in most likelyhood gonna be there in iphone version2 i also have ipod nano its awesome ..... those who r criticising apple let them do it does not bother all the supporters of apple No one's criticizing IPHONE over here...its sad that this topic turned into a love & hate relationship with iphone while the topic starter started this topic with an idea to give information about shortcomings of iphone .. some people took it personally and started this love and hate war. Every kid knows about ipod and imac and to run either of them or use them doesn't makes anyone a geek or better than anyone else on this board...I myself wanted to buy iphone but may be with the reviews that are coming I would never buy it...I don't hold affinity for brands rather for functionality and always bow down to products which are superiors in terms of technology & features...not just looks alone. woh kahavat haina bandar kya jane adhrak ka swad bilkul theek hain for these IPHONE haters.. You might be right If you happen to be in Jaipur some time, give me a buzz & come over at my office .... may be your opinion would change.. Share this post Link to post Share on other sites
thomasxavier 0 Report post Posted July 11, 2007 apple products r awesome u cant ridicule them & expect people to remain mute spectator while u try to malign them i am using mac os and imac for the last 4 years and believe me its just awesome ... no problems whatsoever runs smoothly without problems unlike windows which is really pathetic secondly there's a person in this forum who says that he hates iphone but he will sell them when he launches his website now what is trying to say .. this is perfect example of hypocrisy .... how u people tolerate him? That guy has lots his senses i believe anyways i am a apple die hard supporter & will always... God knows what u people r upto Dont hate anything dear try to spread love not hatred.... If you dont like it just say u dont like it wont buy & dont use words like hate already there's enough hatred in this world Share this post Link to post Share on other sites
tanveer 59 Report post Posted July 11, 2007 I think we can close this topic if people can not discuss anything like mature adults. You people are behaving as if it is a personal attack on you. If you feel that there are wrong arguments in other persons post, point them out and give your arguments. There are so many forums the world over discussing the same topic and all have healthy conversations. And its not hypocrisy, it s business. Share this post Link to post Share on other sites
HetalDP 947 Report post Posted July 11, 2007 (edited) This much Security Updates Require for This Funny Max OS X 10 to Run and People Still Says XP required more to be Patched Just go to School and learn Arithmatic and Mathematics Name and information link Released for Release date Security Update 2007-006 Mac OS X 10.3.9, Mac OS X 10.4.9 or later 22 June 2007 Mac OS X 10.4.10 Mac OS X 10.4 or later 20 June 2007 Apple TV 1.1 Apple TV 20 June 2007 Xserve Lights-Out Management Firmware Update 1.0 Intel-based Xserve 31 May 2007 Security Update (QuickTime 7.1.6) QuickTime 7.1.6 on Mac OS X and Windows XP/2000 29 May 2007 Security Update 2007-005 Mac OS X 10.3.9, Mac OS X 10.4.9 24 May 2007 Darwin Streaming Server 5.5.5 Open source 10 May 2007 Security Update 2007-004 v1.1 Mac OS X 10.3.9, Mac OS X 10.4.9 01 May 2007 QuickTime 7.1.6 Mac OS X 10.3.9, Mac OS X 10.4.9, Windows XP/2000 01 May 2007 Security Update 2007-004 Mac OS X 10.3.9, Mac OS X 10.4.9 19 Apr 2007 Firmware Update 7.1 for AirPort Extreme Base Station with 802.11n AirPort Extreme (802.11n) Base Station 9 Apr 2007 Mac OS X 10.4.9 and Security Update 2007-003 Mac OS X 10.3.9, Mac OS X 10.4 or later 13 Mar 2007 iPhoto 6.0.6 Mac OS X 10.3.9, Mac OS X 10.4.3 or later 13 Mar 2007 AirPort Extreme Update 2007-002 Mac OS X 10.4.8 8 Mar 2007 QuickTime 7.1.5 Mac OS X 10.3.9 or later, Windows Vista/XP/2000 5 Mar 2007 Security Update 2007-002 Mac OS X 10.3.9, Mac OS X 10.4.8 13 Feb 2007 AirPort Extreme Update 2007-001 Mac OS X 10.4.8 25 Jan 2007 Security Update 2007-001 QuickTime 7.1.3 23 Jan 2007 Security Update 2006-008 Mac OS X 10.4.8 19 Dec 2006 Security Update 2006-007 Mac OS X 10.3.9, Mac OS X 10.4.8 28 Nov 2006 Apple Remote Desktop 3.1 Apple Remote Desktop 3.0 16 Nov 2006 Xcode Tools 2.4.1 Mac OS X 10.4 or later 31 Oct 2006 Mac OS X 10.4.8 and Security Update 2006-006 Mac OS X 10.3.9, Mac OS X 10.4 or later 29 Sep 2006 AirPort Update 2006-001 and Security Update 2006-005 Mac OS X 10.3.9, Mac OS X 10.4.7 21 Sep 2006 QuickTime 7.1.3 Mac OS X 10.3.9 or later, Windows XP/2000 12 Sep 2006 Xsan Filesystem 1.4 Mac OS X 10.4.7 17 Aug 2006 Security Update 2006-004 for Mac Pro Mac Pro with Mac OS X 10.4.7 09 Aug 2006 Security Update 2006-004 Mac OS X 10.3.9, Mac OS X 10.4.7 01 Aug 2006 iTunes 6.0.5 Mac OS X 10.2.8 or later, Windows XP / 2000 29 June 2006 Mac OS X 10.4.7 Update Mac OS X 10.4 through 10.4.6 27 June 2006 Xcode Tools 2.3 Mac OS X 10.4 or later 23 May 2006 Security Update 2006-003 Mac OS X 10.3.9, Mac OS X 10.4.6 11 May 2006 QuickTime 7.1 Mac OS X 10.3.9, Mac OS X 10.4 or later, Windows XP/2000 11 May 2006 J2SE 5.0 Release 4 Mac OS X 10.4.5 17 Apr 2006 Mac OS X 10.4.6 Update Mac OS X 10.4 through 10.4.5 03 Apr 2006 Security Update 2006-002 Mac OS X 10.3.9 Mac OS X 10.4.5 13 Mar 2006 Security Update 2006-001 Mac OS X 10.3.9 Mac OS X 10.4.5 01 Mar 2006 Mac OS X 10.4.5 Update Mac OS X 10.4 through 10.4.4 14 Feb 2006 QuickTime 7.0.4 Mac OS X 10.3.9 or later Windows XP/2000 10 Jan 2006 AirPort Firmware Update 5.7 AirPort Firmware Update 6.3 AirPort Express AirPort Extreme 3 Jan 2006 Security Update 2005-009 Mac OS X 10.4.3 Mac OS X 10.3.9 29 Nov 2005 J2SE 5.0 Release 3 Mac OS X 10.4.2 15 Nov 2005 iTunes 6 for Windows Microsoft Windows XP/2000 15 Nov 2005 Mac OS X 10.4.3 Update Mac OS X 10.4 through 10.4.2 31 Oct 2005 QuickTime 7.0.3 Mac OS X 10.3.9 through 10.4.2 12 Oct 2005 Security Update 2005-008 Mac OS X 10.4.2 Mac OS X 10.3.9 22 Sept 2005 Java Security Update Mac OS X 10.3.9 13 Sept 2005 Java 1.3.1 and 1.4.2 Release 2 Mac OS X 10.4.2 13 Sept 2005 Security Update 2005-007 Mac OS X 10.3.9 Mac OS X 10.4.2 15 Aug 2005 AirPort 4.2 update Mac OS X 10.3.3 through 10.3.9 Mac OS X 10.4.2 14 July 2005 Mac OS X 10.4.2 Update Mac OS X 10.4.1 Mac OS X 10.4 12 July 2005 Security Update 2005-006 Mac OS X 10.4.1 Mac OS X Server 10.4.1 Mac OS X 10.3.9 Mac OS X Server 10.3.9 08 June 2005 QuickTime 7.0.1 QuickTime 7 31 May 2005 Keynote 2.0.2 update Keynote 2.0 Keynote 2.0.1 25 May 2005 Mac OS X 10.4.1 Update Mac OS X 10.4 Mac OS X 10.4 Server 16 May 2005 (client) 19 May 2005 (server) iTunes 4.8 Mac OS X 10.2.8 or later Windows XP Windows 2000 09 May 2005 Security Update 2005-005 Mac OS X 10.3.9 Mac OS X Server 10.3.9 03 May 2005 Security Update 2005-004 iSync 1.5 19 Apr 2005 Mac OS X 10.3.9 Update Mac OS X 10.3 through 10.3.8 15 Apr 2005 Security Update 2005-003 Mac OS X 10.3.8 Mac OS X Server 10.3.8 21 Mar 2005 Security Update 2005-002 Java 1.4.2 22 Feb 2005 Mac OS X 10.3.8 Update Mac OS X 10.3 through 10.3.7 09 Feb 2005 Security Update 2005-001 Mac OS X 10.3.7 Mac OS X Server 10.3.7 Mac OS X 10.2.8 Mac OS X Server 10.2.8 25 Jan 2005 The Above Page SHow only Update Related to MAC OX X 10.3.9 They have come up with 68 (130 Cumulative) Update Against WIndows XP have added 71 Updated But in WIndows Update aa Single Update COntains a Single Patch In Apple Update All Update Marked as Security Update have more than Averrage 5 to 10 Patched. So its Clear that Max Require to be Patched, Apple Max OS 10.x Update from 2003 to 2005 Apple security updates (03-Oct-2003 to 11-Jan-2005) This document outlines security updates for Apple products released between 03-Oct-2003 and 11-Jan-2005. Important: For information about later (newer) security updates, see "Apple security updates". For information about earlier security updates, see "Apple Security Updates: August, 2003 and Earlier". For the protection of our customers, Apple does not disclose, discuss or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple, Inc. Product Security Incident Response website. Apple Product Security PGP Key For information, see "How To Use The Apple Product Security PGP Key". Security updates Security updates are listed below according to the software release in which they first appeared. Where possible, CVE IDs are used to reference the vulnerabilities for further information. iTunes 4.7.1 Available for: Mac OS X, Microsoft Windows XP, Microsoft Windows 2000 CVE ID: CAN-2005-0043 Impact: Malicious playlists can cause iTunes to crash and could execute arbitrary code Description: iTunes supports several common playlist formats. iTunes 4.7.1 fixes a buffer overflow in the parsing of m3u and pls playlist files that could allow earlier versions of iTunes to crash and execute arbitrary code. Credit to Sean de Regge (seanderegge[at]hotmail.com) for discovering this issue, and to iDEFENSE Labs for reporting it to us. Security Update 2004-12-02 Apache Available for: Mac OS X Server v10.3.6, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1082 Impact: Apache mod_digest_apple authentication is vulnerable to replay attacks. Description: The Mac OS X Server specific mod_digest_apple is based on Apache's mod_digest. Multiple corrections for a replay problem in mod_digest were made in versions 1.3.31 and 1.3.32 of Apache (CAN-2003-0987). This update corrects the replay problem in mod_digest_apple authentication using the modifications made to Apache 1.3.32. Apache Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2003-0020, CAN-2003-0987, CAN-2004-0174, CAN-2004-0488, CAN-2004-0492, CAN-2004-0885, CAN-2004-0940 Impact: Multiple vulnerabilities in Apache and mod_ssl including local privilege escalation, remote denial of service and in some modified configurations execution of arbitrary code. Description: The Apache Group fixed a number of vulnerabilities between versions 1.3.29 and 1.3.33. The Apache Group security page for Apache 1.3 is located at http://www.apacheweek.com/features/security-13. The previously installed version of Apache was 1.3.29. The default installation of Apache does not enable mod_ssl. This update fixes all of applicable issues by updating Apache to version 1.3.33 and the companion mod_ssl to version 2.8.22. Apache Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1083 Impact: Apache configurations did not fully block access to ".DS_Store" files or those starting with ".ht". Description: A default Apache configuration blocks access to files starting with ".ht" in a case sensitive way. The Apple HFS+ filesystem performs file access in a case insensitive way. The Finder may also create .DS_Store files containing the names of files in locations used to serve web pages. This update modifies the Apache configuration to restricts access to all files beginning with ".ht" or ".DS_S" regardless of capitalization. More... Apache Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1084 Impact: File data and resource fork content can be retrieved via HTTP bypassing normal Apache file handlers. Description: The Apple HFS+ filesystem permits files to have multiple data streams. These data streams can be directly accessed using special filenames. A specially crafted HTTP request can bypass an Apache file handler and directly access file data or resource fork content. This update modifies the Apache configuration to deny requests for file data or resource fork content via their special filenames. For more information, see this document. Credit to NetSec for reporting this issue. Apache 2 Available for: Mac OS X Server v10.3.6, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0747, CAN-2004-0786, CAN-2004-0751, CAN-2004-0748 Impact: Modified Apache 2 configurations could permit a privilege escalation for local users and remote denial of service. Description: A customer-modified Apache 2 configuration, where AllowOverride has been enabled, could permit a local user to execute arbitrary code as the Apache (www) user. An unmodified configuration is not vulnerable to this problem. This update also addresses bugs in Apache that could allow certain types of requests to crash the server. Apache is updated to version 2.0.52. Apache 2 ships only with Mac OS X Server, and is off by default. Appkit Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1081 Impact: Characters entered into a secure text field can be read by other applications in the same window session Description: In some circumstances a secure text input field will not correctly enable secure input. This can allow other applications in the same window session to see some input characters and keyboard events. Input to secure text fields is now enabled in a way to prevent the leakage of key press information. Appkit Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0803, CAN-2004-0804, CAN-2004-0886 Impact: Integer overflows and poor range checking in tiff handling could allow to execution of arbitrary code or denial of service. Description: Flaws in decoding tiff images could overwrite memory, cause arithmetic errors resulting in a crash, or permit the execution of arbitrary code. This update corrects the problems in the handling of tiff images. Cyrus IMAP Available for: Mac OS X Server v10.3.6 CVE-ID: CAN-2004-1089 Impact: When using Kerberos authentication with Cyrus IMAP an authenticated user could gain unauthorized access to other mailboxes on the same system. Description: When using the Kerberos authentication mechanism with the Cyrus IMAP server a user could switch mailboxes after authenticating and gain access to other mailboxes on the same system. This update binds the mailbox to the authenticated user. This server-specific issue is not present in Mac OS X Server v10.2.8. Credit to johan.gradvall@gothia.se for reporting this issue. HIToolbox Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6 CVE-ID: CAN-2004-1085 Impact: Users can quit applications in kiosk mode Description: A special key combination allowed users to bring up the force quit window even in kiosk mode. This update will block all force-quit key combinations not to work while in kiosk mode. This issue is not present in Mac OS X v10.2.8 or Mac OS X Server v10.2.8. Credit to Glenn Blauvelt of University of Colorado at Boulder for reporting this issue. Kerberos Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0642, CAN-2004-0643, CAN-2004-0644, CAN-2004-0772 Impact: Exposure to a potential denial of service when Kerberos authentication is used Description: MIT has released a new version of Kerberos that addresses a denial of service and three double free errors. Mac OS X contains protection against double free errors. This update applies the fix for the denial of service problem. As a precautionary measure the double free patches have also been applied. Credit to the MIT Kerberos Development Team for reporting this issue and providing fixes. Postfix Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6 CVE-ID: CAN-2004-1088 Impact: Postfix using CRAM-MD5 may allow a remote user to send mail without properly authenticating. Description: Postfix servers using CRAM-MD5 to authenticate senders were vulnerable to a replay attack. Under some circumstances, the credentials used to successfully authenticate a user could be re-used for a small time period. The CRAM-MD5 algorithm used to authenticate users has been updated to prevent the replay window. This issue is not present in Mac OS X v10.2.8 or Mac OS X Server v10.2.8. Credit to Victor Duchovni of Morgan Stanley for reporting this issue. PSNormalizer Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6 CVE-ID: CAN-2004-1086 Impact: A buffer overflow in PostScript to PDF conversion could allow execution of arbitrary code. Description: A buffer overflow in the handling of PostScript to PDF conversion could potentially allow the execution of arbitrary code. This updates corrects the PostScript to PDF conversion code to prevent the buffer overflow. This issue is not present in Mac OS X v10.2.8 or Mac OS X Server v10.2.8. QuickTime Streaming Server Available for: Mac OS X Server v10.3.6, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1123 Impact: Specially crafted requests could cause a denial of service. Description: QuickTime Streaming Server was vulnerable to a denial of service attack when handling DESCRIBE requests. This update corrects the handling of these requests. Credit to iDEFENSE for reporting this issue. Safari Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1121 Impact: Specially crafted HTML can display a misleading URI the Safari status bar. Description: Safari could be tricked into displaying a URI in its status bar that was not the same as the destination of a link. This update corrects Safari so that it now displays the URI that will be activated when selected. Safari Available for: Mac OS X v10.3.6, Mac OS X Server v10.3.6, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-1122 Impact: With multiple browser windows active Safari users could be mislead about which window activated a pop-up window. Description: When multiple Safari windows are open, a carefully timed pop-up could mislead a user into thinking it was activated by a different site. In this update Safari now places a window that activates a pop-up in front of all other browser windows. Credit to Secunia Research for reporting this issue. Terminal Available for: Mac OS X v10.3.6 and Mac OS X Server v10.3.6 CVE-ID: CAN-2004-1087 Impact: Terminal may indicate that 'Secure Keyboard Entry' is active when it is not. Description: The 'Secure Keyboard Entry' menu setting was not properly restored when launching Terminal.app. A check mark would be displayed next to 'Secure Keyboard Entry' even though it was not enabled. This update fixes the behavior of the 'Secure Keyboard Entry'. This issue is not present in Mac OS X v10.2.8 or Mac OS X Server v10.2.8. Credit to Jonathan 'Wolf' Rentzsch of Red Shed Software for reporting this issue. iCal 1.5.4 CVE-ID: CAN-2004-1021 Impact: New iCal calendars may add alarms without approval. Description: iCal calendars may include notification of events via alarms. These alarms may open programs and send e-mail. iCal has been updated to show an alert window when importing or opening calendars containing alarms. iCal 1.5.4 is available for Mac OS X 10.2.3 or later. Credit to aaron@vtty.com for reporting this issue. Security Update 2004-10-27 Apple Remote Desktop Available for: Apple Remote Desktop Client 1.2.4 with Mac OS X 10.3.x CVE-ID: CAN-2004-0962 Impact: An application can be started behind the loginwindow and it will run as root. Description: For a system with these following conditions Apple Remote Desktop client installed A user on the client system has been enabled with the Open and quit applications privilege The username and password of the ARD user is known Fast user switching has been enabled A user is logged in, and loginwindow is active via Fast User Switching If the Apple Remote Desktop Administrator application on another system is used to start a GUI application on the client, then the GUI application would run as root behind the loginwindow. This update prevents Apple Remote Desktop from launching applications when the loginwindow is active. This security enhancement is also present in Apple Remote Desktop v2.1. This issue does not affect systems prior to Mac OS X 10.3. Credit to Andrew Nakhla and Secunia Research for reporting this issue. QuickTime 6.5.2 CVE ID: CAN-2004-0988 Available for: Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows ME and Microsoft Windows 98 Impact: An integer overflow that may be exploitable in an HTML environment Description: A sign extension of an overflowed small integer can result in a very large number being passed to a memory move function. The fix prevents the small integer from overflowing. This issue does not exist in QuickTime for Mac OS X systems. Credit to John Heasman of Next Generation Security Software Ltd. for reporting this issue. CVE-ID: CAN-2004-0926 Available for: Mac OS X v10.3.x, Mac OS X Server v10.3.x, Mac OS X v10.2.8, Mac OS X Server v10.2.8, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows ME and Microsoft Windows 98 Impact: A heap buffer overflow could allow attackers to execute arbitrary code Description: Flaws in decoding the BMP image type could overwrite heap memory and potentially allow the execution of arbitrary code hidden in an image. This is the same security enhancement that was made available in Security Update 2004-09-30, and can be deployed on the additional system configurations covered by this QuickTime update. Security Update 2004-09-30 (released 2004-10-04) AFP Server Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0921 Impact: A denial of service permitting a guest to disconnect AFP volumesDescription: An AFP volume mounted by a guest could be used to terminate authenticated user mounts from the same server by modifying SessionDestroy packets. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. AFP Server Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0922 Impact: Write-only AFP Drop Box may be set as read-write Description: A write-only Drop Box on an AFP volume mounted by a guest could sometimes be read-write due to an incorrect setting of the guest group id. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. CUPS Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0558 Impact: A denial of service causing the printing system to hang Description: The Internet Printing Protocol (IPP) implementation in CUPS can hang when a certain UDP packet is sent to the IPP port. CUPS Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0923 Impact: Local disclosure of user passwords Description: Certain methods of authenticated remote printing could disclose user passwords in the printing system log files. Credit to Gary Smith of the IT Services department at Glasgow Caledonian University for reporting this issue. NetInfo Manager Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0924 Impact: Incorrect indication of account status Description: The NetInfo Manager utility can enable the "root" account, but after a single "root" login it is no longer possible to use NetInfo Manager to disable the account and it incorrectly appears to be disabled. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. postfix Available for: Mac OS X v10.3.5 and Mac OS X Server v10.3.5 CVE-ID: CAN-2004-0925 Impact: A denial of service when SMTPD AUTH has been enabled Description: When SMTPD AUTH has been enabled in postfix, a buffer containing the username is not correctly cleared between authentication attempts. Only users with the longest usernames will be able to authenticate. This issue does not affect systems prior to Mac OS X v10.3 or Mac OS X Server v10.3. Credit to Michael Rondinelli of EyeSee360 for reporting this issue. QuickTime Available for: Mac OS X v10.3.5, Mac OS X Server v10.3.5, Mac OS X v10.2.8, Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0926 Impact: A heap buffer overflow could allow attackers to execute arbitrary code Description: Flaws in decoding the BMP image type could overwrite heap memory and potentially allow the execution of arbitrary code hidden in an image. ServerAdmin Available for: Mac OS X Server v10.3.5 and Mac OS X Server v10.2.8 CVE-ID: CAN-2004-0927 Impact: Client - Server communication with ServerAdmin can be read by decoding captured sessions Description: Client - Server communication with ServerAdmin uses SSL. All systems come installed with the same example self signed certificate. If that certificate has not been replaced, then ServerAdmin communication may be decrypted. The fix replaces the existing self-signed certificate with one that has been locally and uniquely generated. Credit to Michael Bartosh of 4am Media, Inc. for reporting this issue. Security Update 2004-09-16 iChat CVE-ID: CAN-2004-0873 Impact: Remote iChat participants can send "links" that can start local programs if clickedDescription: A remote iChat participant can send a "link" that references a program on the local system. If the "link" is activated by clicking on it, and the "link" points to a local program, then the program will run. iChat has been modified so that "links" of this type will open a Finder window that displays the program instead of running it. Credit to aaron@vtty.com for reporting this issue. Availability: This update is available for the following iChat versions: - iChat AV v2.1 (Mac OS X 10.3.5 or later) - iChat AV v2.0 (Mac OS X 10.2.8) - iChat 1.0.1 (Mac OS X 10.2.8) Security Update 2004-09-07 This Security Update is available for the following system versions: - Mac OS X 10.3.4 - Mac OS X 10.3.5 - Mac OS X Server 10.3.4 - Mac OS X Server 10.3.5 - Mac OS X 10.2.8 - Mac OS X Server 10.2.8 Tip: For more information about CVE-IDs referenced below, see (http://www.cve.mitre.org/). Component: Apache 2 CVE-IDs: CAN-2004-0493, CAN-2004-0488 Available for: Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: Exposure to a potential Denial of Service. Description: The Apache Organization has released Apache version 2.0.50. This release fixes a number of denial of service vulnerabilities. We have updated Apache to version 2.0.50 which only ships with Mac OS X Server, and is off by default. Component: CoreFoundation CVE-ID: CAN-2004-0821 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: Privileged programs using CoreFoundation can be made to load a user supplied library. Description: Bundles using the CoreFoundation CFPlugIn facilities can include directions to automatically load plugin executables. With a specially crafted bundle this could also occur for privileged programs, permitting a local privilege escalation. CoreFoundation now prevents automatic executable loading for bundles that already have a loaded executable. Credit to Kikuchi Masashi (kik@ms.u-tokyo.ac.jp) for reporting this issue. Component: CoreFoundation CVE-ID: CAN-2004-0822 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: An environment variable can be manipulated to cause a buffer overflow which can result in a privilege escalation Description: By manipulating an environment variable a program could potentially be made to execute arbitrary code by a local attacker. This can only be exploited with access to a local account. Stricter validity checks are now performed for this environment variable. Credit to aaron@vtty.com for reporting this issue. Component: IPSec CVE-ID: CAN-2004-0607 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: When using certificates, unauthenticated hosts may be able to negotiate an IPSec connection. Description: When configured to use X.509 certificates to authenticate remote hosts, a certificate verification failure does not abort the key exchange. Mac OS X does not use certificates for IPSec by default so this issue only affects configurations that have been manually configured. IPSec now verifies and aborts a key exchange if a certificate verification failure occurs. Component: Kerberos CVE-ID: CAN-2004-0523 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier could permit remote attackers to execute arbitrary code. Description: The buffer overflow can only be exploited if "auth_to_local_names" or "auth_to_local" support is also configured in the edu.mit.Kerberos file. Apple does not enable this by default. The security fix was back ported and applied to the Mac OS X versions of Kerberos. The Mac OS X and Mac OS X Server version of Kerberos is not susceptible to the recent "double-free" issue reported in the CERT vulnerability note VU#350792 (CAN-2004-0772). Credit to the MIT Kerberos Development Team for informing us of this issue. Component: lukemftpd CVE-ID: CAN-2004-0794 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: A race condition that can permit an authenticated remote attacker to cause a denial of service or execute arbitrary code Description: If the FTP service has been enabled, and a remote attacker can correctly authenticate, then a race condition would permit them to stop the FTP service or execute arbitrary code. The fix is to replace the lukemftpd FTP service with tnftpd. lukemftp is installed but not activated in Mac OS X Server, which instead uses xftp. Credit to Luke Mewburn of the NetBSD Foundation for informing us of this issue. Component: OpenLDAP CVE-ID: CAN-2004-0823 Available for: Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: A crypt password can be used as if it were a plain text password. Description: Backwards compatibility with older LDAP implementations permits the storing of a crypt password in the userPassword attribute. Some authentication validation schemes can use this value as if it were a plain text password. The fix removes the ambiguity and always uses this type of field as a crypt password. This issue does not occur in Mac OS X 10.2.8. Credit to Steve Revilak of Kayak Software Corporation for reporting this issue. Component: OpenSSH CVE-ID: CAN-2004-0175 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: A malicious ssh/scp server can overwrite local files Description: A directory traversal vulnerability in the scp program permits a malicious remote server to overwrite local files. The security fix was backported and applied to the Mac OS X versions of OpenSSH. Component: PPPDialer CVE-ID: CAN-2004-0824 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: A malicious user can overwrite system files resulting in a local privilege escalation Description: PPP components performed insecure accesses of a file stored in a world-writeable location. The fix moves the log files to a non-world-writeable location. Component: QuickTime Streaming Server Available for: Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 CVE-ID: CAN-2004-0825 Impact: A denial of service requiring a restart of the QuickTime Streaming Server Description: A particular sequence of client operations can cause a deadlock on the QuickTime Streaming Server. The fix updates the code to eliminate this deadlock condition. Component: rsync CVE-ID: CAN-2004-0426 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: When rsync is run in daemon mode a remote attacker can write outside of the module path unless the chroot option has been set. Description: rsync before version 2.6.1 does not properly sanitize paths when running a read/write daemon with the chroot option turned off. The fix updates rsync to version 2.6.2. Component: Safari CVE-ID: CAN-2004-0361 Available for: Mac OS X 10.2.8, Mac OS X Server 10.2.8 Impact: A JavaScript array of negative size can cause Safari to access out of bounds memory resulting in an application crash. Description: Storing objects into a JavaScript array allocated with negative size can overwrite memory. Safari now stops processing JavaScript programs if an array allocation fails. This security enhancement was previously made available in Safari 1.0.3, and is being applied inside the Mac OS X 10.2.8 operating system as an extra layer of protection for customers who have not installed that version of Safari. This is a specific fix for Mac OS X 10.2.8 and the issue does not exist in Mac OS X 10.3 or later systems. Component: Safari CVE-ID: CAN-2004-0720 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: An untrusted web site can inject content into a frame intended to be used by another domain. Description: A web site that uses multiple frames can have some of its frames replaced with content from a malicious site if the malicious site is visited first. The fix imposes a set of parent/child rules preventing the attack. Component: SquirrelMail CVE-ID: CAN-2004-0521 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements Description: SquirrelMail before 1.4.3 RC1 is vulnerable to SQL injection which permits unauthorized SQL statements to be run. The fix updates SquirrelMail to version 1.4.3a Component: tcpdump CVE-IDs: CAN-2004-0183, CAN-2004-0184 Available for: Mac OS X 10.2.8, Mac OS X 10.3.4, Mac OS X 10.3.5, Mac OS X Server 10.2.8, Mac OS X Server 10.3.4, Mac OS X Server 10.3.5 Impact: Maliciously crafted packets can cause a crash of a running tcpdump Description: The detailed printing functions for ISAKMP packets do not perform correct bounds checking and cause an out-of-bounds read which results in a crash. The fix updates tcpdump to version 3.8.3. Mac OS X 10.3.5 Tip: For more information about CVE-IDs referenced below, see (http://www.cve.mitre.org/). libpng (Portable Network Graphics) CVE-IDs: CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599 Impact: Malicious PNG images can cause application crashes and could execute arbitrary codeDescription: A number of buffer overflows, null pointer dereferences and integer overflows have been discovered in the reference library for reading and writing PNG images. These vulnerabilities have been corrected in libpng which is used by the CoreGraphics and AppKit frameworks in Mac OS X. After installing this update, applications that use the PNG image format via these frameworks will be protected against these flaws. Safari: CVE-IDs: CAN-2004-0743 Impact: In a special situation, navigation using the forward/backward buttons can re-send form data to a GET url.Description: This is for a situation where a web form is sent to a server using a POST method which issues an HTTP redirect to a GET method url. Using the forward/backward buttons will cause Safari to re-POST the form data to the GET url. Safari has been modified so that in this situation forward/backward navigation will result in only a GET method. Credit to Rick Osterberg of Harvard University FAS Computer Services for reporting this issue. TCP/IP Networking: CVE-IDs: CAN-2004-0744 Impact: Maliciously crafted IP fragments can use too many system resources preventing normal network operation.Description: The "Rose Attack" describes a specially constructed sequence of IP fragments designed to consume system resources. The TCP/IP implementation has been modified to limit the resources consumed and prevents this denial of service attack. Credit to Ken Hollis (gandalf@digital.net) and Chuck McAuley (chuck-at-lemure-dot-net), from a discussion about the "Rose Attack." Security Update 2004-08-09 (Mac OS X 10.3.4 and 10.2.8) Tip: For more information about CVE-IDs referenced below, see (http://www.cve.mitre.org/). libpng (Portable Network Graphics) CVE-IDs: CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599 Impact: Malicious PNG images can cause application crashes and could execute arbitrary codeDescription: A number of buffer overflows, null pointer dereferences and integer overflows have been discovered in the reference library for reading and writing PNG images. These vulnerabilities have been corrected in libpng which is used by the CoreGraphics and AppKit frameworks in Mac OS X. After installing this update, applications that use the PNG image format via these frameworks will be protected against these flaws. Security Update 2004-06-07 (Mac OS X 10.3.4 and 10.2.8) Security Update 2004-06-07 delivers a number of security enhancements and is recommended for all Macintosh users. The purpose of this update is to increase security by alerting you when opening an application for the first time via document mappings or a web address (URL). Please see this article for more details, including a description of the new alert dialog box. Security Update 2004-06-07 is available for the following system versions: - Mac OS X 10.3.4 "Panther" - Mac OS X Server 10.3.4 "Panther" - Mac OS X 10.2.8 "Jaguar" - Mac OS X Server 10.2.8 "Jaguar" LaunchServicesCVE-ID: CAN-2004-0538 Impact: LaunchServices automatically registers applications, which could be used to cause the system to run unexpected applications. Discussion: LaunchServices is a system component that discovers and opens applications. This system component has been modified to only open applications that have previously been explicitly run on the system. Attempts to run an application that has not previously been explicitly run will result in a user alert. Further information is available in this article. Component: DiskImageMounter CVE-ID: No CVE ID has been reserved as this is only an additional preventive measure. Impact: The disk:// URL type mounts an anonymous remote file system using the http protocol. Discussion: The registration of the disk:// URL type is removed from the system as a preventive measure against attempts to automatically mount remote disk image file systems. SafariCVE-ID: CAN-2004-0539 Impact: The "Show in Finder" button would open certain downloaded files, in some cases executing downloaded applications. Discussion: The "Show in Finder" button will now reveal files in a Finder window and will no longer attempt to open them. This modification is only available for Mac OS X 10.3.4 "Panther" and Mac OS X Server 10.3.4 "Panther" systems as the issue does not apply to Mac OS X 10.2.8 "Jaguar" or Mac OS X Server 10.2.8 "Jaguar". Terminal CVE-ID: Not applicable Impact: Attempts to use a telnet:// URL with an alternate port number fail. Discussion: A modification has been made to allow the specification of an alternate port number in a telnet:// URL. This restores functionality that was removed with the recent fix for CAN-2004-0485. Mac OS X 10.3.4 NFS: Fixes CAN-2004-0513 to improve logging when tracing system calls. Credit to David Brown (dave@spoonguard.org) for reporting this issue. LoginWindow: Fixes CAN-2004-0514 to improve the handling of directory services lookups. LoginWindow: Fixes CAN-2004-0515 to improve the handling of console log files. Credit to aaron@vtty.com for reporting this issue. Packaging: Fixes CAN-2004-0516 to improve package installation scripts. Credit to aaron@vtty.com for reporting this issue. Packaging: Fixes CAN-2004-0517 to improve the handling of process IDs during package installation. Credit to aaron@vtty.com for reporting this issue. TCP/IP: Fixes CAN-2004-0171 to improve the handling of out-of-sequence TCP packets. AppleFileServer: Fixes CAN-2004-0518 to improve the use of SSH and reporting errors. Terminal: Fixes CAN-2004-0485 to improve the handling of URLs. Credit to Ren̩ Puls (rpuls@gmx.net) for reporting this issue. Note: Mac OS X 10.3.4 includes Security Update 2004-04-05 and Security Update 2004-05-03. Security Update 2004-05-24 for Mac OS X 10.3.3 "Panther" and Mac OS X 10.3.3 Server HelpViewer: Fixes CAN-2004-0486 to ensure that HelpViewer will only process scripts that it initiated. Credit to lixlpixel <me@lixlpixel.com> for reporting this issue.Note: This update can also be installed on Mac OS X 10.3.4 and Mac OS X 10.3.4 Server Security Update 2004-05-24 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server HelpViewer: Fixes CAN-2004-0486 to ensure that HelpViewer will only process scripts that it initiated. Credit to lixlpixel <me@lixlpixel.com for reporting this issue. Terminal: Fixes CAN-2004-0485 to improve URL processing within Terminal. Credit to Ren̩ Puls <rpuls@gmx.net> for reporting this issue. Security Update 2004-05-03 for Mac OS X 10.3.3 "Panther" and Mac OS X 10.3.3 Server AppleFileServer: Fixes CAN-2004-0430 to improve the handling of long passwords. Credit to Dave G. from @stake for reporting this issue. Apache 2: Fixes CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174 by updating to Apache 2 to version 2.0.49. CoreFoundation: Fixes CAN-2004-0428 to improve the handling of an environment variable. Credit to aaron@vtty.com for reporting this issue. IPSec: Fixes CAN-2004-0155 and CAN-2004-0403 to improve the security of VPN tunnels. IPSec in Mac OS X is not vulnerable to CAN-2004-0392. Security Update 2004-04-05 has been incorporated into this security update. Security Update 2004-05-03 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server AppleFileServer: Fixes CAN-2004-0430 to improve the handling of long passwords. Credit to Dave G. from @stake for reporting this issue. Apache 2: Fixes CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174 by updating to Apache 2 to version 2.0.49. CoreFoundation: Fixes CAN-2004-0428 to improve the handling of an environment variable. Credit to aaron@vtty.com for reporting this issue. IPSec: Fixes CAN-2004-0155 and CAN-2004-0403 to improve the security of VPN tunnels. IPSec in Mac OS X is not vulnerable to CAN-2004-0392. Server Settings daemon: Fixes CAN-2004-0429 to improve the handling of large requests Security Update 2004-04-05 has been incorporated into this security update. QuickTime 6.5.1 Fixes CAN-2004-0431 where playing a malformed .mov (movie) file could cause QuickTime to terminate. Security Update 2004-04-05 for Mac OS X 10.3.3 "Panther" and Mac OS X 10.3.3 Server CUPS Printing: Fixes CAN-2004-0382 to improve the security of the printing system. This is a configuration file change that does not affect the underlying Printing system. Credit to aaron@vtty.com for reporting this issue. libxml2: Fixes CAN-2004-0110 to improve the handling of uniform resource locators. Mail: Fixes CAN-2004-0383 to improve the handling of HTML-formatted email. Credit to aaron@vtty.com for reporting this issue. OpenSSL: Fixes CAN-2004-0079 and CAN-2004-0112 to improve the handling of encryption choices. Security Update 2004-04-05 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server CUPS Printing: Fixes CAN-2004-0382 to improve the security of the printing system. Credit to aaron@vtty.com for reporting this issue. Security Update 2004-01-26 has been incorporated into this security update. The additional security enhancements provided for Panther in Security Update 2004-04-05 do not affect the 10.2 platform. Security Update 2004-02-23 for Mac OS X 10.3.2 "Panther" and Mac OS X 10.3.2 Server CoreFoundation: Fixes CAN-2004-0168 to improve notification logging. Credit to aaron@vtty.com for reporting this issue. DiskArbitration: Fixes CAN-2004-0167 to more securely handle the initialization of writeable removable media. Credit to aaron@vtty.com for reporting this issue. IPSec: Fixes CAN-2004-0164 to improve checking in key exchange Point-to-Point-Protocol: Fixes CAN-2004-0165 to improve the handling of error messages. Credit to Dave G. of @stake and Justin Tibbs of Secure Network Operations (SRT) for reporting this issue. tcpdump: Fixes CAN-2003-0989, CAN-2004-0055, and CAN-2004-0057 by updating tcpdump to version 3.8.1 and libpcap to version 0.8.1 QuickTime Streaming Server: Fixes CAN-2004-0169 to improve checking of request data. Credit to iDEFENSE Labs for reporting this issue. Streaming Server updates for other platforms are available from http://developer.apple.com/darwin/ Security Update 2004-02-23 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server DiskArbitration: Fixes CAN-2004-0167 to more securely handle the initialization of writeable removable media. Credit to aaron@vtty.com for reporting this issue. IPSec: Fixes CAN-2004-0164 to improve checking in key exchange Point-to-Point-Protocol: Fixes CAN-2004-0165 to improve the handling of error messages. Credit to Dave G. of @stake and Justin Tibbs of Secure Network Operations (SRT) for reporting this issue. Safari: Fixes CAN-2004-0166 to improve the display of URLs in the status bar QuickTime Streaming Server: Fixes CAN-2004-0169 to improve checking of request data. Credit to iDEFENSE Labs for reporting this issue. Streaming Server updates for other platforms are available from http://developer.apple.com/darwin/ Security Update 2004-01-26 for Mac OS X 10.2.8 Server has been incorporated into this security update. Security Update 2004-01-26 for Mac OS X 10.1.5 "Puma" and Mac OS X 10.1.5 Server Mail: Fixes CAN-2004-0085 to deliver security enhancements to Apple's mail application. Security Update 2004-01-26 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server AFP Server: Improves AFP over the 2003-12-19 security update. Apache 1.3: Fixes CAN-2003-0542, a buffer overflow in the mod_alias and mod_rewrite modules of the Apache webserver. Apache 2: (Installed only on Server) Fixes CAN-2003-0542 and CAN-2003-0789 by updating Apache 2.0.47 to 2.0.48. For details on the update see: http://www.apache.org/dist/httpd/Announcement2.html Classic: Fixes CAN-2004-0089 to improve the handling of environment variables. Credit to Dave G. of @stake for reporting this issue. Mail: Fixes CAN-2004-0085 to deliver security enhancements to Apple's mail application. Safari: Fixes CAN-2004-0092 by delivering security enhancements to the Safari web browser. System Configuration: Fixes CAN-2004-0087 and CAN-2004-0088 where the SystemConfiguration subsystem allowed remote non-admin users to change network setting and make configuration changes to configd. Credit to Dave G. from @stake for reporting these issues. Security Update 2003-12-19 has been incorporated into this security update. Additional security improvements contained in Security Update 2004-01-26 for Mac OS X 10.3.2 "Panther" are not contained in this update for Jaguar since Jaguar is unaffected by these issues. Security Update 2004-01-26 for Mac OS X 10.3.2 "Panther" and Mac OS X Server 10.3.2 Apache 1.3: Fixes CAN-2003-0542, a buffer overflow in the mod_alias and mod_rewrite modules of the Apache webserver. Apache 2: (Installed only on Server) Fixes CAN-2003-0542 and CAN-2003-0789 by updating Apache 2.0.47 to 2.0.48. For details on the update see http://www.apache.org/dist/httpd/Announcement2.html Classic: Fixes CAN-2004-0089 to improve the handling of environment variables. Credit to Dave G. of @stake for reporting this issue. Mail: Fixes CAN-2004-0086 to deliver security enhancements to Apple's mail application. Credit to Jim Roepcke for reporting this issue. Safari: Fixes CAN-2004-0092 by delivering security enhancements to the Safari web browser. System Configuration: Fixes CAN-2004-0087 where the System Configuration subsystem allowed remote non-admin users to change network settings. Credit to Dave G. from @stake for reporting these issues. Windows File Sharing: Fixes CAN-2004-0090 where Windows file sharing did not shutdown properly. Security Update 2003-12-19 has been incorporated into this security update. Additional security improvements contained in Security Update 2004-01-26 for Mac OS X 10.2.8 "Jaguar" are not contained in this update for Panther since Panther is unaffected by these issues. Security Update 2003-12-19 for Mac OS X 10.2.8 "Jaguar" and Mac OS X 10.2.8 Server AppleFileServer: Fixes CAN-2003-1007 to improve the handling of malformed requests. cd9660.util: Fixes CAN-2003-1006, a buffer overflow vulnerability in the filesystem utility cd9660.util. Credit to KF of Secure Network Operations for reporting this issue. Directory Services: Fixes CAN-2003-1009. The default settings are changed to prevent an inadvertent connection in the event of a malicious DHCP server on the computer's local subnet. Further information is provided in Apple's Knowledge Base article:http://docs.info.apple.com/article.html?artnum=32478 Credit to William A. Carrel for reporting this issue. Fetchmail: Fixes CAN-2003-0792. Updates are provided to fetchmail that improve its stability under certain conditions. fs_usage: Fixes CAN-2003-1010. The fs_usage tool has been improved to prevent a local privilege escalation vulnerability. This tool is used to collect system performance information and requires admin privileges to run. Credit to Dave G. of @stake for reporting this issue. rsync: Addresses CAN-2003-0962 by improving the security of the rsync server. System initialization: Fixes CAN-2003-1011. The system initialization process has been improved to restrict root access on a system that uses a USB keyboard. Note: The following fixes which appear in "Security Update 2003-12-19 for Panther" are not included in "Security Update 2003-12-19 for Jaguar" since the Jaguar versions of Mac OS X and Mac OS X Server are not vulnerable to these issues: - CAN-2003-1005: ASN.1 Decoding for PKI - CAN-2003-1008: Screen Saver text clippings Security Update 2003-12-19 for Mac OS X 10.3.2 "Panther" and Mac OS X 10.3.2 Server ASN.1 Decoding for PKI: Fixes CAN-2003-1005 which could cause a potential denial of service when receiving malformed ASN.1 sequences. This is related but separate from CAN-2003-0851. AppleFileServer: Fixes CAN-2003-1007 to improve the handling of malformed requests. cd9660.util: Fixes CAN-2003-1006, a buffer overflow vulnerability in the filesystem utility cd9660.util. Credit to KF of Secure Network Operations for reporting this issue. Directory Services: Fixes CAN-2003-1009. The default settings are changed to prevent an inadvertent connection in the event of a malicious DHCP server on the computer's local subnet. Further information is provided in Apple's Knowledge Base article:http://docs.info.apple.com/article.html?artnum=32478 Credit to William A. Carrel for reporting this issue. Fetchmail: Fixes CAN-2003-0792. Updates are provided to fetchmail that improve its stability under certain conditions. fs_usage: Fixes CAN-2003-1010. The fs_usage tool has been improved to prevent a local privilege escalation vulnerability. This tool is used to collect system performance information and requires admin privileges to run. Credit to Dave G. of @stake for reporting this issue. rsync: Addresses CAN-2003-0962 by improving the security of the rsync server. Screen Saver: Fixes CAN-2003-1008. When the Screen Saver login window is present, it is no longer possible to write a text clipping to the desktop or an application. Credit to Benjamin Kelly for reporting this issue. System initialization: Fixes CAN-2003-1011. The system initialization process has been improved to restrict root access on a system that uses a USB keyboard. Security Update 2003-12-05 Safari: Fixes CAN-2003-0975 to ensure that Safari will provide access to a user's cookie information only to authorized websites. The update is available for both Mac OS X 10.3.1 and Mac OS X 10.2.8. Security update 2003-11-19 for 10.2.8 It is Apple's policy to quickly address significant vulnerabilities in past releases of Mac OS X wherever feasible. Security Update 2003-11-19 includes updates to several components of Mac OS X 10.2 that meet this criteria. gm4: Fixes CAN-2001-1411 a format string vulnerability in the gm4 utility. No setuid root programs relied on gm4 and this fix is a preventive measure against a possible future exploit. groff: Fixes CVE-2001-1022 where the groff component pic contained a format-string vulnerability. Mail: Fixes CAN-2003-0881 the Mac OS X Mail application will no longer fall back to plain text login when an account is configured to use MD5 Challenge Response. OpenSSL: Fixes CAN-2003-0851 parsing particular malformed ASN.1 sequences are now handled in a more secure manner. Personal File Sharing: Fixes CAN-2003-0878 when Personal File Sharing is enabled, the slpd daemon can no longer create a root-owned file in the /tmp directory to gain elevated privileges. QuickTime for Java: Fixes CAN-2003-0871 a potential vulnerability that could allow unauthorized access to a system. zlib: Addresses CAN-2003-0107. While there were no functions in Mac OS X that used the vulnerable gzprintf() function, the underlying issue in zlib has been fixed to protect any third-party applications that may potentially use this library. Security Update 2003-11-19 for Panther 10.3.1 OpenSSL: Fixes CAN-2003-0851 parsing particular malformed ASN.1 sequences are now handled in a more secure manner. zlib: Addresses CAN-2003-0107. While there were no functions in Mac OS X that used the vulnerable gzprintf() function, the underlying issue in zlib has been fixed to protect any third-party applications that may potentially use this library. Security Update 2003-11-04 Terminal: Addresses CAN-2003-0913 a potential vulnerability with the Terminal application in Mac OS X 10.3 and Mac OS X Server 10.3 that could allow unauthorized access to a system. Mac OS X versions earlier than 10.3 are not affected. Security Update 2003-10-28 Fixes CAN-2003-0871 a potential vulnerability in the implementation of QuickTime Java in Mac OS X 10.3 and Mac OS X Server 10.3 that could allow unauthorized access to a system. Mac OS X 10.3 Panther Finder: Fixes CAN-2003-0876 where folder permissions may not be preserved when copying a folder from a mounted volume such as a disk image. Credit to Dave G. from @stake, Inc. for finding this issue. Kernel: Fixes CAN-2003-0877 where if a system is running with core files enabled, a user with interactive shell access can overwrite arbitrary files, and read core files created by root-owned processes. This may result in sensitive information such as authentication credentials being compromised. Core file creation is disabled by default on Mac OS X. Credit to Dave G. from @stake, Inc. for finding this issue. slpd: Fixes CAN-2003-0878 when Personal File Sharing is enabled, the slpd daemon may create a root-owned file in the /tmp directory. This could overwrite an existing file and allow a user to gain elevated privileges. Personal File Sharing is off by default in Mac OS X. Credit to Dave G. from @stake, Inc. for finding this issue. Kernel: Fixes CAN-2003-0895 where it may be possible for a local user to cause the Mac OS X kernel to crash by specifying a long command line argument. The machine will reboot on its own after several minutes. Credit to Dave G. from @stake, Inc. for finding this issue. ktrace: Fixes CVE-2002-0701 a theoretical exploit when ktrace is enabled through the KTRACE kernel option, a local user might be able to obtain sensitive information. No specific utility is currently known to be vulnerable to this particular problem. nfs: Fixes CVE-2002-0830 for the Network File System where a remote user may be able to send RPC messages that cause the system to lock up. zlib: Addresses CAN-2003-0107. While there were no functions in Mac OS X that used the vulnerable gzprintf() function, the underlying issue in zlib has been fixed. gm4: Fixes CAN-2001-1411 a format string vulnerability in the gm4 utility. No setuid root programs relied on gm4 and this fix is a preventive measure against a possible future exploit. OpenSSH: Fixes CAN-2003-0386 where "from=" and "user@hosts" restrictions are potentially spoofable via reverse DNS for numerically specified IP addresses. Mac OS X 10.3 also incorporates prior fixes released for OpenSSH, and the version of OpenSSH as obtained via the "ssh -V" command is: OpenSSH_3.6.1p1+CAN-2003-0693, SSH protocols 1.5/2.0, OpenSSL 0x0090702f nidump: Fixes CAN-2001-1412 where the nidump utility provides access to the crypted passwords used to authenticate logins. System Preferences: Fixes CAN-2003-0883 where after authenticating with an administrator password, the system will continue to allow access to secure Preference Panes for a short period of time. This could allow a local user to access Preference Panes that they would not normally be able to use. In Mac OS X 10.3 Security preferences, there is now a choice to "Require password to unlock each secure system preference". Credit to Anthony Holder for reporting this issue. TCP timestamp: Fixes CAN-2003-0882 where the TCP timestamp is initialized with a constant number. This could allow a person to discover how long the system has been up based upon the ID in TCP packets. In Mac OS X 10.3, the TCP timestamp is now initialized with a random number. Credit to Aaron Linville for reporting this issue and submitting a fix via the Darwin open source program. Mail: Fixes CAN-2003-0881 in the Mac OS X Mail application, if an account is configured to use MD5 Challenge Response, it will attempt to login using CRAM-MD5 but will silently fall back to plain-text if the hashed login fails. Credit to Chris Adams for reporting this issue. Dock: Fixes CAN-2003-0880 when Full Keyboard Access is turned on via the Keyboard pane in System Preferences, Dock functions can be accessed blindly from behind Screen Effects. Mac OS X 10.2.8 OpenSSL: Fixes CAN-2003-0543, CAN-2003-0544, CAN-2003-0545 to address potential issues in certain ASN.1 structures and in certificate verification code. To deliver the update in a rapid and reliable manner, only the patches for the CVE IDs listed above were applied, and not the entire latest OpenSSL library. Thus, the OpenSSL version in Mac OS X 10.2.8, as obtained via the "openssl version" command, is: OpenSSL 0.9.6i Feb 19 2003 OpenSSH: Addresses CAN-2003-0693, CAN-2003-0695, and CAN-2003-0682 to fix buffer management errors in OpenSSH's sshd versions prior to 3.7.1. To deliver the update in a rapid and reliable manner, only the patches for CVE IDs listed above were applied, and not the entire set of patches for OpenSSH 3.7.1. Thus, the OpenSSH version in Mac OS X 10.2.8, as obtained via the "ssh -V" command, is: OpenSSH_3.4p1+CAN-2003-0693, SSH protocols 1.5/2.0, OpenSSL 0x0090609f sendmail: Addresses CAN-2003-0694 and CAN-2003-0681 to fix a buffer overflow in address parsing, as well as a potential buffer overflow in ruleset parsing. fb_realpath(): Fixes CAN-2003-0466 which is an off-by-one error in the fb_realpath() function that may allow attackers to execute arbitrary code. arplookup(): Fixes CAN-2003-0804. The arplookup() function caches ARP requests for routes on a local link. On a local subnet only, it is possible for an attacker to send a sufficient number of spoofed ARP requests which will exhaust kernel memory, leading to a denial of service. Edited July 11, 2007 by hetaldp Share this post Link to post Share on other sites
Sadikk 301 Report post Posted July 11, 2007 apple products r awesome u cant ridicule them & expect people to remain mute spectator while u try to malign them i am using mac os and imac for the last 4 years and believe me its just awesome ... no problems whatsoever runs smoothly without problems unlike windows which is really pathetic secondly there's a person in this forum who says that he hates iphone but he will sell them when he launches his website now what is trying to say .. this is perfect example of hypocrisy .... how u people tolerate him? That guy has lots his senses i believe anyways i am a apple die hard supporter & will always... God knows what u people r upto Dont hate anything dear try to spread love not hatred.... If you dont like it just say u dont like it wont buy & dont use words like hate already there's enough hatred in this world Well its me who gonna sell it on my website, yes i love nokia that doesn't mean i cant sell classic handsets. And some fan like u told me people in USA giving out 3k usd for iphone, was just hoping to get die-hard fan like u guys pay me 1.5kusd instead of 3k. Man, supporting any company/product is very easy, it matters when u really spend ur earned money on it. I had atleast 200 sure buyer for XV6700, but when i import them only 30 out of 200 turn up to buy it. I am surprised u using mac os from last 4 years, i changed for windows Me to XP and now VISTA in 5 years. get some change for urself man. Well let me clear this that all the hype iphone got is just because success of Ipods, and most attractive feature in Ipod is scroll wheel which still belongs to SYNAPTICS sister of LOGITECH ( Its NEWS for ya?? ) google it. without the scroll wheel there's load of music players launching every year, but Ipod success remain in scroll wheel. anyways i dont hate APPLE but Iphone. i dont want every TOM, DIKC & HARRY to make handsets, and u know we are tech lovers not ramp walker, so give us features not only looks. This damn phone cant even compete with nokia's out-dated 6600 i can bet anything on it. and i like ur idea to love gadgets and hate human and spread love LOLOL This is general section of discussion, and anyone can discuss his/her point of view -VE or +VE. Share this post Link to post Share on other sites
HetalDP 947 Report post Posted July 11, 2007 (edited) Apple Max OS X 10.x Require double of Security Update then WIndows XP Require. XP taken 250 odd Update Since in Inception from 2000 to 2007, Mac have Require double of in Just 4 Year. and Still Mr. Rajiv says it require less to Update and XP is more Vulnerable. Mac only Support less than 10 % of World Hardware with Inbuilt Driver or by way of Driver Availability. Mac have the Core which can not Run into Server Platform like Opteron, Xeon, AS400, HP-UX Compatible Processor. They may come if that stop PowerPC Architecure or Build Server Architecure Last year Apple Announce to ship OS for on x86, x64 Platform of Intel and AMD becuase it can not further develop the PowerPC CPU beyond ad IBM is not more Interested in Manufacturing and Devloping PowerPC suddenlty Apple have to Rethink the Strategy and look into the Startdard Intel AMD Arcitechture. Now Apple Fan will not say again that G4 Processor is Better Cause the Hardware Architecher of Apple will Die in 2009 to 2010 and It must have to Fully port intdo x86, x64 or IA64 from Intel and AMD. Windows have Matrix of Graphics Card and Addon Hardware Support with Drivers. But MAC wait for another century which may come with that Drivers Update In India only 1% Laptop is Sold is from Apple 89 % for WIndows 9% For Linux (If no Windows Licence), How Popular Mac Book is? Everybody says Apple is more Powerfull in Graphics but all Graphic Designer buys Sun Workstation or Windows Workstation for Graphics Animations as This have Become much more powerfull then Apples any Processor. Apple is Far Behind the Multicore CPU Architecture Intel and AMD have Developed, AMD runs XBox 360 and Sony PS3 runs nVidia Core. Go to any Gaming Comparision and see apple have lost the war for Vertex Shadder and Pixel per Second Handling Power years ago. Apple stands no where in Super Power full Workstation Architecture. Apples Computer, iMac, and OS Division is in Total loss from 1997 to recent days. Only iPod have Rescued them and Remeber this Microsoft have given Rs. 1.1 Billion in Mid 2003 to 2004 for Rescuing Apple from Prospective Defaulting Company. Apple was Worst hit Company in Investors point of view in 2000 Tech Burst. Microsoft, Intel, Oracle were not. You need to take into account the fact that Vista is required to support a bazillion different hardware/software configurations. The Mac. only supports their software, a few 3rd party apps that they sign off on and ONLY THEIR HARDWARE. This makes a huge difference when it comes to how the OS runs and what is required to support. Now only so, the Mac. OS does not have anything remotely close to the .NET framework or application support or low-level development support or addin programming support. Edited July 11, 2007 by hetaldp Share this post Link to post Share on other sites
coolrajiv 1 Report post Posted July 11, 2007 Hi Hetal, Dude take a look at this hyper link http://laptopmag.com/Features/Mac-OS-X-Tig...ndows-Vista.htm Tell me now buddy what r your thoughts now abt mac os Share this post Link to post Share on other sites
HetalDP 947 Report post Posted July 11, 2007 Hey what about your say that Claim Xp require more Patches U are just a Fan and only like College Guy Loves Something on look We are like more matured Professional evaluate first then Claim, Rajiv come with Hardcore Data buddy. Share this post Link to post Share on other sites
HetalDP 947 Report post Posted July 11, 2007 REVIEW: G5 Power Macs versus Windows PCs (PAGE TWO - Intense 3D Graphics) Originally posted January 31st, 2005, by rob-ART morgan, mad scientistUpdated February 28th with AMD Athlon FX55 (2.6GHz) and AMD Dual Opteron 252 (2.6GHz) results. Updated March 8th with Doom 3 results for G5 Power Mac. On PAGE ONE, we isolated CPU speed. On this page, we want to show the effect of 3D GRAPHICS intensive operations. The Intel Dual Xeon, AMD Athlon 64, and AMD Dual Opteron systems were configured with PCI-Express graphics card interface while the Power Macs had 8X AGP.The nVidia GeForce 6800 Ultra graphics card was used as the common denominator between the PCs and Power Macs. Since we had an ATI Radeon X850 XT (PC Edition) and Radeon X800 XT (Mac Edition) available, we threw in those numbers. The Intel Dual Xeon and AMD Athlon FX55 supported SLI mode so we ran some tests with two GeForce 6800 Ultras on those systems. Though we had tested workstation cards like the Quadro FX 3400 and FireGL V7100 on the Intel Dual Xeon, we decided to pull those results since nothing similar is available on the Mac. Besides, they got smoked by the consumer graphics cards when running 3D Games (or any application that involved heavy use of pixel textures and shading). Both Mac graphics cards tested support Dual-Link DVI and are able to run the awesome 30" Apple Cinema LCD Display. Halo is a great test since it uses advanced shading technologies. LEGEND of GRAPHS Athon FX55 = AMD Athlon FX55 (2.6GHz; PCI-Express; SLI support) Opteron 252 = AMD Dual Opteron 252 (2.6GHz; PCI-Express) Xeon = Dual 3.4GHz Xeon (PCI-Express; SLI support) G5 PMac = Apple Dual G5/2.5GHz Power Mac (8X AGP) GeFU = nVidia GeForce 6800 Ultra (PCI-Express PC edition and 8X AGP Mac Edition) X850 =ATI Radeon X850 XT (PCI-Express PC Edition) X800 = ATI Radeon X800 XT (8X AGP Mac Edition) SLI = nVidia's Scalable Link Interface (SLI) multi-gpu technology; two PCI-Express cards are linked together using a special connector with SLI mode enabled in the display driver. Doom 3 is now available for the Mac, so we're adding it to our cross-platform suite of tests. We used the default "Demo1" timedemo test with Video Quality set to High and first four Advanced Options set to "YES." Then we turned on Full-Scene Anti-Aliasing (FSAA) to 4X. Next we ran the "Inferno" map in the Unreal Tournament 2004 test, using the SantaDuck Toolpak for both Mac and PC. Note how SLI mode speeds up the Flyby but does very little for the Botmatch as you can see below. The Inferno Botmatch simulates game play more closely than the Flyby. Therefore the framerates are closer to what you'll see when you are actually playing the game. INSIGHTS and COMMENTS 1. Though the G5 Power Macs held their own in the CPU tests, they brought up the rear on the 3D GRAPHICS tests graphed above. One reason may be the fact that all 3D games on the Mac run under OpenGL. The same game running on the PC using DirectX is almost always a lot faster. The performance gap also has to do with how much effort developers put into optimizing (or re-writing) the game code to take advantage of the unique features of the G5 and Mac OS X. Quake 3 Arena, though considered obsolete by hard core 3D gamers, is a good example of the potential of the G5 Power Macs to do well in 3D gaming: One of the lead programmers at Id Software (Graeme Devine) took a personal interest in optimizing the Mac version to take advantage of the Power Mac's Velocity Engine and Dual Processors. Some of you pointed me to the new Matrox Dual-Link graphics card but it is plain old 66MHz PCI -- which is a far slower interface than 8X AGP and PCI-Express. I don't think you want to go there. 4. We had two of the GeForce 6800 Ultra cards in the Intel Dual Xeon and AMD Athlon FX55, so we were able to try out nVidia's SLI multi-gpu technology where you bridge two cards in adjoining PCI-Express slots. Once you enable the mode in the display driver, your graphics processing sub-system now has dual processors. Though nVidia says performance will be "up to 2x," keep in mind that the bandwidth is shared and the memory of each card mirrors the other. In other words, there is no gain in bandwidth or memory capacity by linking the cards. The gain is in adding a second graphics processor. That's still a good thing. We saw an impressive 73% jump on the AMD Athlon FX55 in Doom 3 and 54% in UT2004 Flyby when SLI was enabled. According to MacOSrumors, Apple is developing two new ATI graphics cards that may be PCI-Express and might support SLI mode. That, along with OpenGL optimizations could help the G5 catch up to the PCs. 5. PCI-Express has a theoretical bus speed four times that of 8X AGP, but I postulate that the bandwidth advantage is under utilized. The current generation of graphics cards and motherboard designs don't even saturate a 4X AGP bus. We're hoping to set up a sub-test with two Windows PCs of identical specs and identical graphics cards except one will have PCI-Express and the other 8X AGP. That comparison should support or refute our hypothesis. The results will be academic, since the transition to PCI-Express is a foregone conclusion. 6. I often get asked to do price/performance comparisons on the Mac vs PC. It's hard to do since the price of the Windows PCs vary widely depending on the motherboard used and from whom you buy. I did go to @XiComputer for a quote on the AMD Opteron 252 (Dual 2.6GHz) with 4GB of memory, DVD burner, 10K Raptor boot drive, and 160GB data drive, a configuration that matched the Dual G5/2.5GHz Power Mac we tested. I also ran the numbers on the Intel Dual Xeon 3.4GHz system (same config): The Dual Opteron 252 quote came in at $5593 (before tax and shipping). The Dual Xeon 3.4GHz came in at $4197. The Apple Online Store quote for the G5/2.5GHz Power Mac was $4870 + $179 for the 10K Raptor (ZipZoomFly) for a total of $5079. (Apple typically overcharges for memory. Buying the four 1GB PC3200 modules from a "sane" source drops the overall price to $4351.) 2. Dual-Link DVI, as you know, is required for "9 megapixel" displays (up to 3840x2400 resolution). The Apple 30" Cinema display runs at 2560x1600 and requires Dual-Link. The high-end Dual-Link Mac compatible graphics cards may seem expensive to Mac users at $499 for the Radeon X800 XT and $599 for the GeForce 6800 Ultra. But in the Windows PC world, you usually have to go to a costly workstation card to get Dual-Link DVI support. I'm thinking of the $850 FireGL V7100 and the $1200 Quadro FX 3400. However, according to one discussion group, there are a two consumer PC compatible cards that support the 30" Display: Asus V9999GE and Dell 6800GTO. Share this post Link to post Share on other sites
