Apple will be among several U.S. tech giants to attend a meeting at the White House today to discuss cybersecurity and possible security threats posed by open-source software, Reutersreports.
The meeting will be held by U.S. National Security Advisor Jake Sullivan and will focus on "concerns around the security of open-source software and how it can be improved." The meeting was prompted by concerns around a security vulnerability found in open-source software Log4j.
The vulnerability, which posed a threat to organizations that use Log4j around the world, allowed hackers to control a system and remotely execute malicious code.
According to Sullivan, open-source software such as Log4j presents a "key national security concern" as it is often used and maintained by volunteers. Google, IBM, Meta, Microsoft, and Oracle are also expected to attend the meeting.
Note: Due to the political or social nature of the discussion regarding this topic, the discussion thread is located in our Political News forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.
Thursday October 31, 2024 9:42 am PDT by Tim Hardwick
Apple is set to release iOS 18.2 in December, bringing the second round of Apple Intelligence features to iPhone 15 Pro and iPhone 16 models. This update brings several major advancements to Apple's AI integration, including completely new image generation tools and a range of Visual Intelligence-based enhancements. There are a handful of new non-AI related feature controls incoming as well.
...
Thursday October 31, 2024 7:06 pm PDT by Joe Rossignol
The first Geekbench 6 benchmark results for the M4 Pro chip surfaced today. Impressively, the results that are available so far show that the highest-end M4 Pro chip is faster than the highest-end M2 Ultra chip in terms of peak multi-core CPU performance.
Here is a comparison of the results:
Mac mini with M4 Pro (14-core CPU): 22,094 multi-core score (average of 11 results)
Mac Studio...
Friday November 1, 2024 4:04 am PDT by Tim Hardwick
The iPhone SE 4 that's set to come out early next year is expected to debut Apple's first in-house 5G modem, according to Jeff Pu, an analyst who covers companies within Apple's supply chain.
In a research note this week with Hong Kong-based investment firm Haitong International Securities, Pu said Apple is expected to roll out its custom-made 5G modem starting with the next-generation...
We're officially in the month of Black Friday, which will take place on Friday, November 29 in 2024. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Friday November 1, 2024 8:04 am PDT by Joe Rossignol
Apple's new M4 Pro and M4 Max chips are impressively fast in terms of CPU performance, topping the M2 Ultra, but what about graphics performance?
The first Geekbench 6 results for GPU performance are now available for the M4 Pro and M4 Max, and the Metal scores reveal some impressive year-over-year gains. Based on the Metal scores that are available so far, the M4 Pro and M4 Max are up to...
Friday November 1, 2024 9:40 am PDT by Joe Rossignol
After a busy October in which Apple announced new Macs and Apple Intelligence launched, the calendar has now turned to November. Below, we outline what to expect from Apple this month as the slower-but-still-busy holiday season approaches.
After seeding the first betas of iOS 18.2, iPadOS 18.2, and macOS Sequoia 15.2 with additional Apple Intelligence features last month, Apple will likely...
Friday November 1, 2024 8:41 am PDT by Tim Hardwick
Apple has reached an agreement to acquire Pixelmator, the company behind popular photo and image editing apps Pixelmator Pro, Pixelmator for iOS, and Photomator. The acquisition is subject to regulatory approval, according to an announcement made by the Pixelmator team on Friday.
Based in Vilnius, Lithuania, Pixelmator has developed a suite of well-regarded creative tools that compete with...
I'm waiting for all the rabbid open-source fans to tell us open-source is much safer than closed-source.
It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look at. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.
In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.
The issue is more that there are a certain amount of core libs that everyone has in their builds. I think now its the Wild West because its no one person/ orgs job to check any of these libs or certify them. … We are leaving for too many core components to be looked after by people for free with no incentive to make sure everything is ok.
The entire Linux community is open source, and yet this is a much more secure platform than Windows has been. And Mac OS and their browsers have heavily benefited from the give and take between Unix and Linux (macOS building on a Unix rather than Linux kernel )
I am almost certain that there have been more security faults in proprietary systems than well maintained open source projects, because the drive behind open source is a more idealistic than the industries “quick to market / milk them all”
With that being said, especially when it comes to web development and the package repositories I see there, I am more doubtful and careful with using and relying on them. I feel it often moves too fast and the community has a different background than e.g. hardcore Linux developers.
I'm waiting for all the rabbit open-source fans to tell us open-source is much safer than closed-source.
It's not that simple. open-source CAN be safer, it can also be less safe. In open-source, the exact code is out there for anyone to look. This means anyone could see any flaws and fix them. It also means that anyone could see any flaws and exploit them.
In closed-source, you can't see the code. It's a much different process to exploit the code. Much harder. There are also less people who have access to the code to fix any flaws. So, flaws will stick around longer.
It's not simple.
Not a rabid open sores fan at all (except back in my teenage years when I went through a rebellious Linux phase ugh), but obscurity does not imply security.
