Apple slips security fixes into rollout

Apple has added several security fixes into the latest versions of iTunes and QuickTime. The company has issued a pair of postings outlining nine security fixes in QuickTime 7.5.5 and two in the new iTunes 8.0. The iTunes update contains a patch for what Apple has termed a "misleading" dialogue in the OS X version of the player.

The message occurred when users running OS X 10.4 or earlier were presented with a dialogue box which said that enabling iTunes Music Sharing would have no effect on the Mac's firewall protections. "Allowing iTunes Music Sharing or any other service through the firewall inherently affects security by exposing the service to remote entities," the company explained in the posting.

View: The full story @ vnunet

Report a problem with article
Previous Story

Nvidia Hit With Securities Lawsuit Over Bad Graphics Chips

Next Story

HTC Touch HD device revealed

18 Comments

Commenting is disabled on this article.

I'm so sick of listening to people whine about this. There are several ways to trim the "bloat" away, many of which have been reposted half a dozen times. For those of you that have a slight case of Alzheimer's, let me break it down for you:

1. Install a program like 7-zip and manually extract the files you want from the iTunes installer.
2. Use an alternative (Winamp, MediaMonkey, etc.).
3. Use a different MP3 player.

I'm also sick of people throwing Linux around too. The goddamned Linux OS has nothing to do with the "bloatness" of iTunes. We all know Linux is modular, but so is Windows (not sure about Mac OS). There are various methods to slim down these aforementioned OS's as well, but this has nothing to do with iTunes, nor does it solve anyone's problems. So please, STFU.

(Bri- said @ #6)
... I'm also sick of people throwing Linux around too. The goddamned Linux OS has nothing to do with the "bloatness" of iTunes. We all know Linux is modular, but so is Windows (not sure about Mac OS). There are various methods to slim down these aforementioned OS's as well, but this has nothing to do with iTunes, nor does it solve anyone's problems. So please, STFU.
I'll pass on your command to "STFU". I don't take orders from you.

(Bri- said @ #6)
I'm so sick of listening to people whine about this. There are several ways to trim the "bloat" away, many of which have been reposted half a dozen times. For those of you that have a slight case of Alzheimer's, let me break it down for you:

1. Install a program like 7-zip and manually extract the files you want from the iTunes installer.
2. Use an alternative (Winamp, MediaMonkey, etc.).
3. Use a different MP3 player.

I'm also sick of people throwing Linux around too. The goddamned Linux OS has nothing to do with the "bloatness" of iTunes. We all know Linux is modular, but so is Windows (not sure about Mac OS). There are various methods to slim down these aforementioned OS's as well, but this has nothing to do with iTunes, nor does it solve anyone's problems. So please, STFU.

STFU? I don't think so. You shouldn't have to manually extract files from the installer and run separate applications to install it without the crap you don't want. There are MANY Windows installers that let you choose exactly what parts of the distribution you want to install.

(Bri- said @ #6)
I'm so sick of listening to people whine about this. There are several ways to trim the "bloat" away, many of which have been reposted half a dozen times. For those of you that have a slight case of Alzheimer's, let me break it down for you:

1. Install a program like 7-zip and manually extract the files you want from the iTunes installer.
2. Use an alternative (Winamp, MediaMonkey, etc.).
3. Use a different MP3 player.

I'm also sick of people throwing Linux around too. The goddamned Linux OS has nothing to do with the "bloatness" of iTunes. We all know Linux is modular, but so is Windows (not sure about Mac OS). There are various methods to slim down these aforementioned OS's as well, but this has nothing to do with iTunes, nor does it solve anyone's problems. So please, STFU.

You miss the point. You should be able to install ANY software and choose what you do and do not want to install. Instead, companies think they know what is good for us and the install everything. Yea, I could spend a few extra minutes extracting the crap I dont want in iTunes. Or I can spend those extra minutes, download winamp, and be up in going in another minute. iTunes is a 50-60mb download and even if you dont install all the crap, its still a slow piece of **** software.

As for shutting the F up...make me

Bloat is a bit of an opinionated term. Probably too much so, if Iam starting to think Adobe Reader is "bloated" with its own special updating software, its process in the background supposedly to make it launch faster, and the fact it is a 33MB download, compared to XPDF (which is no longer maintained), which is about 600KB (although Linux programs have this strange habit of being tiny downloads, even as source code :blink:), not to mention trying to install google toolbar (its a tickbox which is ticked by default)... Or maybe its just me.

And back ON topic, Apple releasing security fixes can only be a good thing!

iTunes is a piece of crap. Its slow as hell, has like 2 services/programs running in the background...its worthless software unless you plan on buying more crap from their music store. I have been using Winamp to sync my iPod and it works great...fast easy and reliable.

Or, get an MP3 player that allows you to drag & Drop files. Creative and Cowon's players have this and I keep wondering why companies like Apple and Sony make it such a hassle (aside from their need to lock the consumer in).

I'd love to see how the iPod would have done if it hadn't been made by Apple. Take off the trendy logo and I think it would have done miserably against other brands of mp3 players as far as features, price, and the way it's locked down. I'm not an Apple hater but seriously, a lot of their customers baffle me. If the Zune had been made by Apple would it have gotten so much hate, or would it have been the most popular player right now instead?

A friend of mine got an iPod a few years back and brought it to me wondering how to get their music off of it. Apparently iTunes wouldn't let you copy your own music off your own player. We had to use a third party program to copy it. I don't know if that's changed now but if nothing else that forever turned me off from ever owning one of those things; it's absurd.

(C_Guy said @ #3.1)
Or, get an MP3 player that allows you to drag & Drop files. Creative and Cowon's players have this and I keep wondering why companies like Apple and Sony make it such a hassle (aside from their need to lock the consumer in).

I used to have a creative and I loved it more than the iPod. The problem is that there are hardly any accessories/docks for other MP3 players. This is why I got a iPod. I do miss the FM tuner in the creative players tho.

One thing that annoys me is when people play the "bloat" card. Sometimes I guess a feature can be objectively called bloat. Say, for example, a virus scanner with a media player feature added in. It is not within the scope of the app, so could be fairly called "bloat".

However, most of the time, it is purely subjective. Is the Windows "copy file" animation also "bloat"?

Or, going back to antivirus, here is Avast on Windows:
http://www.softmaximum.com/images/avast-antivirus-980.jpg
On Linux, it is less GUI-obnoxious. Simple and direct:
http://unix-cd.com/unixcd12/eWebEditor/Upl...47225130714.jpg
Yet some might call that bloat, because the main Avast app for Linux is merely a command line:
(screenshot not necessary, right, since it is just a shell prompt)

Which is bloat? To you, it may be none. Or it may be the sugary Windows interface. Or any sort of unnecessary GUI at all.

Instead of saying "bloat", you really ought to itemize specific features you claim to be "bloat". If it falls in with the scope of iTunes, and makes things easier for someone less experienced, chances are it would be more correctly termed an "ease of use feature" that you (personally) just don't want, but others may need.

(markjensen said @ #2.1)
One thing that annoys me is when people play the "bloat" card. Sometimes I guess a feature can be objectively called bloat. Say, for example, a virus scanner with a media player feature added in. It is not within the scope of the app, so could be fairly called "bloat".

However, most of the time, it is purely subjective. Is the Windows "copy file" animation also "bloat"?

Or, going back to antivirus, here is Avast on Windows:
http://www.softmaximum.com/images/avast-antivirus-980.jpg
On Linux, it is less GUI-obnoxious. Simple and direct:
http://unix-cd.com/unixcd12/eWebEditor/Upl...47225130714.jpg
Yet some might call that bloat, because the main Avast app for Linux is merely a command line:
(screenshot not necessary, right, since it is just a shell prompt)

Which is bloat? To you, it may be none. Or it may be the sugary Windows interface. Or any sort of unnecessary GUI at all.

Instead of saying "bloat", you really ought to itemize specific features you claim to be "bloat". If it falls in with the scope of iTunes, and makes things easier for someone less experienced, chances are it would be more correctly termed an "ease of use feature" that you (personally) just don't want, but others may need.

In my book, "bloat" would be classified as numerous services and options, related to products I don't own, nor plan on ever owning, that are installed by default with no option of not selecting them during the install.

(39 Thieves said @ #2.2)
In my book, "bloat" would be classified as numerous services and options, related to products I don't own, nor plan on ever owning, that are installed by default with no option of not selecting them during the install.
Agreed, then. Subjective. Your definition would not include the same apps/features/criteria as would mine or hapbt, who used the term in his earlier post.

In that case, Microsoft Windows would rightfully be called "bloat" by some. As would Apple's OSX. Not sure about Ubuntu and other Linux flavor. Those can all have items completely removed, right down to the kernel and GNU OS.

Security fixes: good.
"Outlining the nine security fixes": surprising!

It is nice to see Apple doing better at being upfront about what they are patching. They used to be much worse. I hope that this is an indicator of better security communication from Cupertino.