Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

computers / comp.sys.mac.advocacy / Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

SubjectAuthor
* Incompetent Apple Safari QA shipped the SAME exploited severe bug three times ovAndy Burnelli
+* Re: Incompetent Apple Safari QA shipped the SAME exploited severe bugJohn
|`* Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three timeAnt
| `* Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three timeJerry
|  `- Re: Incompetent Apple Safari QA shipped the SAME exploited severe bugAlan
+- Re: Incompetent Apple Safari QA shipped the SAME exploited severe bugAlan
`* Re: Incompetent Apple Safari QA shipped the SAME exploited severeFiz Jr
 `- Re: Incompetent Apple Safari QA shipped the SAME exploited severe bugAlan

1
Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<taa304$s91$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10770&group=comp.sys.mac.advocacy#10770

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!aioe.org!YJ9T4Jrl0F+pWyDRfaeX/g.user.46.165.242.75.POSTED!not-for-mail
From: spa...@nospam.com (Andy Burnelli)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years
Date: Fri, 8 Jul 2022 21:11:11 +0100
Organization: Aioe.org NNTP Server
Message-ID: <taa304$s91$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="28961"; posting-host="YJ9T4Jrl0F+pWyDRfaeX/g.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.6.1
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-GB
 by: Andy Burnelli - Fri, 8 Jul 2022 20:11 UTC

The Apple QA team is so incompetent that they don't know the first thing
about testing, which is that when you find and fix a bug, you put processes
in place so that the same bug doesn't come back to bite you again.

They shipped the bug in 2013 (Safari, iOS, iPadOS, and macOS).
And then again in 2016 (Safari, iOS, iPadOS, and macOS).
And yet again in 2022 (Safari, iOS, iPadOS, and macOS).

Holy Christ. This is clear evidence of gross incompetence of Apple QA!

Each time Apple shipped the _same_ bug, it was exploited in the wild.
*That's how grossly incompetent Apple QA truly is*

*Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited
in the Wild*

<https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html>

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<XqednS-EX4T7DVX_nZ2dnUU7-f2dnZ2d@giganews.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10771&group=comp.sys.mac.advocacy#10771

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!news.misty.com!border2.nntp.dca1.giganews.com!nntp.giganews.com!buffer2.nntp.dca1.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 08 Jul 2022 15:15:34 -0500
Date: Fri, 8 Jul 2022 13:15:34 -0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.11.0
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug
three times over the past 5 years
Content-Language: en-US
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
References: <taa304$s91$1@gioia.aioe.org>
From: nos...@nospam.com (John)
In-Reply-To: <taa304$s91$1@gioia.aioe.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Message-ID: <XqednS-EX4T7DVX_nZ2dnUU7-f2dnZ2d@giganews.com>
Lines: 23
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-OKjvkd7q6JfLIhPx9rP6JvEhlGA2zJ53lMZHCAU+Dr0DsHHxS6v9c1fYVd97Yz/aT6gMJVM4FZnFn6K!IW8hrGpKT43hn57oh+IIMhagOi0DoPt2kKpp06uwYHAL7xjCOxmb9xWJWxRIf7j975+2OzEEZyM=
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2150
 by: John - Fri, 8 Jul 2022 20:15 UTC

On 7/8/2022 1:11 PM, Andy Burnelli wrote:
> The Apple QA team is so incompetent that they don't know the first thing
> about testing, which is that when you find and fix a bug, you put processes
> in place so that the same bug doesn't come back to bite you again.
>
> They shipped the bug in 2013 (Safari, iOS, iPadOS, and macOS).
> And then again in 2016 (Safari, iOS, iPadOS, and macOS).
> And yet again in 2022 (Safari, iOS, iPadOS, and macOS).
>
> Holy Christ. This is clear evidence of gross incompetence of Apple QA!
>
> Each time Apple shipped the _same_ bug, it was exploited in the wild.
>  *That's how grossly incompetent Apple QA truly is*
>
> *Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited
> in the Wild*
>
> <https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html>
>

Apple has QA?

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<yqudnR3x-7ckPVX_nZ2dnUU7-LednZ2d@earthlink.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10772&group=comp.sys.mac.advocacy#10772

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!usenet.blueworldhosting.com!feed1.usenet.blueworldhosting.com!peer02.iad!feed-me.highwinds-media.com!news.highwinds-media.com!border1.nntp.dca1.giganews.com!nntp.giganews.com!buffer1.nntp.dca1.giganews.com!buffer2.nntp.dca1.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Fri, 08 Jul 2022 16:25:13 -0500
From: ant...@zimage.comANT (Ant)
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
References: <taa304$s91$1@gioia.aioe.org> <XqednS-EX4T7DVX_nZ2dnUU7-f2dnZ2d@giganews.com>
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.16.12-200.fc35.x86_64 (x86_64))
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Message-ID: <yqudnR3x-7ckPVX_nZ2dnUU7-LednZ2d@earthlink.com>
Date: Fri, 08 Jul 2022 16:25:13 -0500
Lines: 32
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 47.180.143.226
X-Trace: sv3-EED+yjZUhqOyhygsKTolIIPlZLAJCAawkxXfzIsf01yRnknLdnUeyh+UyXxWog796zMklIP+xCAdOUq!GWM7n9YpBQnMfzc9TSMqUaNgjvwrc47EOPnZLJdDetTLvWThuLJGShaG8yw3XvZKOqa2rpFdAfl9!fJ6ABjbntxXBqVAmrWQl2yGubj9sHT1K
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 2546
X-Received-Bytes: 2668
 by: Ant - Fri, 8 Jul 2022 21:25 UTC

In comp.mobile.ipad John <nospam@nospam.com> wrote:
> On 7/8/2022 1:11 PM, Andy Burnelli wrote:
> > The Apple QA team is so incompetent that they don't know the first thing
> > about testing, which is that when you find and fix a bug, you put processes
> > in place so that the same bug doesn't come back to bite you again.
> >
> > They shipped the bug in 2013 (Safari, iOS, iPadOS, and macOS).
> > And then again in 2016 (Safari, iOS, iPadOS, and macOS).
> > And yet again in 2022 (Safari, iOS, iPadOS, and macOS).
> >
> > Holy Christ. This is clear evidence of gross incompetence of Apple QA!
> >
> > Each time Apple shipped the _same_ bug, it was exploited in the wild.
> >  *That's how grossly incompetent Apple QA truly is*
> >
> > *Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited
> > in the Wild*
> >
> > <https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html>
> >

> Apple has QA?

Does anyone have QA? :P
--
Somewhat slammy Thursday. So many killings this week. :(
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://aqfl.net & http://antfarm.home.dhs.org.
/ /\ /\ \ Please nuke ANT if replying by e-mail.
| |o o| |
\ _ /
( )

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<taa7ll$qi26$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10773&group=comp.sys.mac.advocacy#10773

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: nuh...@nope.com (Alan)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug
three times over the past 5 years
Date: Fri, 8 Jul 2022 14:30:28 -0700
Organization: A noiseless patient Spider
Lines: 32
Message-ID: <taa7ll$qi26$1@dont-email.me>
References: <taa304$s91$1@gioia.aioe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 8 Jul 2022 21:30:29 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="d15616179789fcdc07483540381c3bff";
logging-data="870470"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+Skohef+CGinKmB8GoFpkQTzGif4KH+tE="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.11.0
Cancel-Lock: sha1:nvIZfylo4uowh7vpGcSZEmEJ590=
Content-Language: en-CA
In-Reply-To: <taa304$s91$1@gioia.aioe.org>
 by: Alan - Fri, 8 Jul 2022 21:30 UTC

On 2022-07-08 13:11, Andy Burnelli wrote:
> The Apple QA team is so incompetent that they don't know the first thing
> about testing, which is that when you find and fix a bug, you put processes
> in place so that the same bug doesn't come back to bite you again.
>
> They shipped the bug in 2013 (Safari, iOS, iPadOS, and macOS).
> And then again in 2016 (Safari, iOS, iPadOS, and macOS).
> And yet again in 2022 (Safari, iOS, iPadOS, and macOS).
>
> Holy Christ. This is clear evidence of gross incompetence of Apple QA!
>
> Each time Apple shipped the _same_ bug, it was exploited in the wild.
>  *That's how grossly incompetent Apple QA truly is*
>
> *Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited
> in the Wild*
>
> <https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html>
>

Wow. You don't even know how to read:

'"In this case, the variant was completely patched when the
vulnerability was initially reported in 2013," Maddie Stone of Google
Project Zero said. "However, the variant was reintroduced three years
later during large refactoring efforts. The vulnerability then continued
to exist for 5 years until it was fixed as an in-the-wild zero-day in
January 2022."'

So 2013, 2016...

....and no "again in 2022".

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<tactha$13s$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10774&group=comp.sys.mac.advocacy#10774

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!aioe.org!REtAK2mXiPXg9gCemUmZDw.user.46.165.242.75.POSTED!not-for-mail
From: Jer...@JerryThinks.com (Jerry)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years
Date: Sat, 9 Jul 2022 14:56:23 -0700
Organization: Aioe.org NNTP Server
Message-ID: <tactha$13s$1@gioia.aioe.org>
References: <taa304$s91$1@gioia.aioe.org> <XqednS-EX4T7DVX_nZ2dnUU7-f2dnZ2d@giganews.com> <yqudnR3x-7ckPVX_nZ2dnUU7-LednZ2d@earthlink.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="1148"; posting-host="REtAK2mXiPXg9gCemUmZDw.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0 SeaMonkey/2.49.5
X-Notice: Filtered by postfilter v. 0.9.2
 by: Jerry - Sat, 9 Jul 2022 21:56 UTC

On Fri, 08 Jul 2022 16:25:13 -0500, Ant wrote:

> Does anyone have QA?

Not Apple.

Even worse is the bug existed, was fixed, & then it was reintroduced and
then the bug was exploited in the wild undetected by Apple for five years.

Apple never found the bug even though they knew exactly what to look for.
Apple never looked until someone else tapped them on the shoulder about it.

That says a lot about how bad Apple is in their lack of adequate testing.

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<tad69u$15vte$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10775&group=comp.sys.mac.advocacy#10775

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!news.neodome.net!news.mixmin.net!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: nuh...@nope.com (Alan)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug
three times over the past 5 years
Date: Sat, 9 Jul 2022 17:25:33 -0700
Organization: A noiseless patient Spider
Lines: 21
Message-ID: <tad69u$15vte$1@dont-email.me>
References: <taa304$s91$1@gioia.aioe.org>
<XqednS-EX4T7DVX_nZ2dnUU7-f2dnZ2d@giganews.com>
<yqudnR3x-7ckPVX_nZ2dnUU7-LednZ2d@earthlink.com>
<tactha$13s$1@gioia.aioe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 10 Jul 2022 00:25:34 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="4abb3b7839d25f2f796ba8e8e9c6c8a7";
logging-data="1245102"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/iSOxpNRPY7GuBXv1s2U5Ii7YBKhOklME="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.11.0
Cancel-Lock: sha1:GoBS4kWkOj5e4HtolFK1uLE01cs=
In-Reply-To: <tactha$13s$1@gioia.aioe.org>
Content-Language: en-CA
 by: Alan - Sun, 10 Jul 2022 00:25 UTC

On 2022-07-09 14:56, Jerry wrote:
> On Fri, 08 Jul 2022 16:25:13 -0500, Ant wrote:
>
>> Does anyone have QA?
>
> Not Apple.
>
> Even worse is the bug existed, was fixed, & then it was reintroduced and
> then the bug was exploited in the wild undetected by Apple for five years.

You have proof of that, do you?

>
> Apple never found the bug even though they knew exactly what to look for.

Ah... ...you're another Arlen-nym.

> Apple never looked until someone else tapped them on the shoulder about it.
>
> That says a lot about how bad Apple is in their lack of adequate testing.

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<5227a8d2-a64a-1deb-9f5f-9350cb17b628@yahoo.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10844&group=comp.sys.mac.advocacy#10844

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: fiz...@yahoo.com (Fiz Jr)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe
bug three times over the past 5 years
Date: Sun, 31 Jul 2022 11:33:57 +0300
Organization: A noiseless patient Spider
Lines: 10
Message-ID: <5227a8d2-a64a-1deb-9f5f-9350cb17b628@yahoo.com>
References: <taa304$s91$1@gioia.aioe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII; format=flowed
Injection-Info: reader01.eternal-september.org; posting-host="74f8223715ea47a0483d11a2b09a8a81";
logging-data="246868"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18WflH8J6H3dJvEqWVOEoEw7Gdv5lPWIVY="
Cancel-Lock: sha1:xUIn0HAN6rzmaQgRUmBKf/RMtRo=
In-Reply-To: <taa304$s91$1@gioia.aioe.org>
 by: Fiz Jr - Sun, 31 Jul 2022 08:33 UTC

On Fri, 8 Jul 2022, Andy Burnelli wrote:

> The Apple QA team is so incompetent that they don't know the first thing
> about testing, which is that when you find and fix a bug, you put processes
> in place so that the same bug doesn't come back to bite you again.

Unbelievable!

Fiz Jr
fiz_jr@yahoo.com

Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug three times over the past 5 years

<tc65jr$cu59$2@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=10847&group=comp.sys.mac.advocacy#10847

  copy link   Newsgroups: comp.mobile.ipad comp.sys.mac.apps comp.sys.mac.advocacy
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: nuh...@nope.com (Alan)
Newsgroups: comp.mobile.ipad,comp.sys.mac.apps,comp.sys.mac.advocacy
Subject: Re: Incompetent Apple Safari QA shipped the SAME exploited severe bug
three times over the past 5 years
Date: Sun, 31 Jul 2022 08:03:23 -0700
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <tc65jr$cu59$2@dont-email.me>
References: <taa304$s91$1@gioia.aioe.org>
<5227a8d2-a64a-1deb-9f5f-9350cb17b628@yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 31 Jul 2022 15:03:23 -0000 (UTC)
Injection-Info: reader01.eternal-september.org; posting-host="e6fae8ea465779d0f7ad07ec9c19bf81";
logging-data="424105"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+LUU6Lz1SGuU0WsFkpVz13KwvzE+fa5hE="
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:91.0)
Gecko/20100101 Thunderbird/91.11.0
Cancel-Lock: sha1:NWsxUjCXxMndmXOBZhYiujXgW94=
In-Reply-To: <5227a8d2-a64a-1deb-9f5f-9350cb17b628@yahoo.com>
Content-Language: en-CA
 by: Alan - Sun, 31 Jul 2022 15:03 UTC

On 2022-07-31 01:33, Fiz Jr wrote:
> On Fri, 8 Jul 2022, Andy Burnelli wrote:
>
>> The Apple QA team is so incompetent that they don't know the first thing
>> about testing, which is that when you find and fix a bug, you put
>> processes
>> in place so that the same bug doesn't come back to bite you again.
>
> Unbelievable!

Literally.

As in, "you can't believe a word Arlen writes".

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor