Questa non è una mitigazione, ma può aiutare a risolvere il problema.
Di seguito è la denuncia presentata con la FTC. Altri dovrebbero prendere in considerazione la possibilità di presentare una denuncia, nel tentativo di risolvere il problema. Apple può evitare utenti come te e me, ma avranno tempi più duri con agenzie come la FTC.
I reclami possono essere archiviati con l'FTC utilizzando l'Assistente reclami per Servizi Internet, Shopping online o Computer .
I purchased a MacBook Pro in 2012. It was customized and cost
approximately $3,500. The MacBook runs the OS X 10.8.5 (Mountain Lion)
operating system.
Apple's OS X operating systems recently suffered a major security
defect known as a vulnerability in computer security. The security
defect CVE is CVE-2015-1130 (cf.,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1130), and its
also known as Hidden Backdoor with Root. "Root" is a term for having
full administrative control over a computer; and when a bad guy "gets
root" its like prison inmates acquiring a master key to a prison.
It appears Apple has refused to fix the security defect in OS X 10.9
and below. According to the researcher who discovered and reported the
issue "Apple indicated that this issue required a substantial amount
of changes on their side, and that they will not back port the fix to
10.9.x and older" (cf., https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/).
I feel Apple deceived me when they claimed OS X 10.8 was the "safest
and most secure" [sic] operating system. In reality, Apple's software
had this security defect dating back to at least 2011. In fact, Apple
still claims the entire OS X family is safe and secure though we know
its not (cf., https://www.apple.com/osx/what-is/security/).
I also feel Apple failed in their obligation to warrant their
defective product. I understand security bugs happen. But when they
do, they are usually promptly fixed. It is not the case with Apple and
CVE-2015-1130.
OS X 10.9, 10.8, 10.7 and 10.6 are generally considered "contemporary"
and make up approximately 55% of the OS X market share. OS X 10.9 and
10.8 have a 35% market share. (cf., http://www.intego.com/mac-security-blog/os-x-market-share-statistics-1-in-5-macs-still-unsupported/).
And a counterpoint in case it arises during debate: I don't want to
upgrade to OS X 10.9. There's too much iCloud integration. I don't
trust iCloud or putting a Keychain in the iCloud, so I don't accept
the risk. Also, I don't want to be a beta tester for new features.
If Apple claims I agreed to upgrades through [generally obscene] Terms
of Service forced upon me, then they are wrong. There was no "meeting
of the minds" and no "manifestation of assent" (cf., Zappos.com Inc.,
Customer Data Security Breach Litigation (MDL No. 2357), U.S. District
Court, District of Nevada). And at the time I purchased the MacBook,
OS X 10.9 did not exist. So its a stretch to claim I agreed to an
upgrade for a non-existent operating system.
Apple is clearly deceiving us (the consumers) when representing the
product, failing to meet its obligations to us (the consumers) by
warranting the product, and we (the consumers) need the FTC's help
here.
The remedy I demand is a patch for the defective operating system. A
patch is what every other major operating system manufacturer
provides. I'm not interested in a refund of my money because I need
the MacBook on occasion for both personal use (play the music and
movies from my iTunes library) and professional use (iPhone/iPad
development).