This thread indicates that OSx86 10.4.2 has been leaked and research into it's new TPM mechanism has begun:

http://forum.osx86project.org/index.php?sh...799&#entry18799

Please remember that as this site is under US jurisdiction that any potential circumvention of OSx86 10.4.2's new TPM mechanism can be not discussed here due to the DMCA. However, it may be discussed at the Win2OSX site instead:

http://www.win2osx.net/forum/showthread.ph...sted=1#post8751

Apparently, no OSx86 10.4.2 torrents have been seeded yet, however when that changes please respect this site's "no warez" policy.

Since we already have 10.4.1 to play with, I don't think it's a good idea to publicize any new hacks. Any such new hacks will only amount to free TPM vulnerabily analysis for Apple, and make the eventual TPM much more difficult if impossible to crack.

We need to have a long-term perspective on things.

Interesting news. Thanks.
We'll be watching the unfolding of the news of this new release with great interest.

You know, the contradiction in our no-warez policy is that essentially most of the members of the board either used Deamoo's VMWare image or the leaked Dev DVD of x86 Tiger for their x86 OSX install.

And I bet in a few weeks/months time these people shall be discussing issues in Tiger 10.4.2 which apperently they by some miraculous happening each of them all of a sutton possess...

Oh well, I understand perfectly, without such measures we risk cease-and-desist orders from Apple lawyers, which off course we certainly don't want to provoke. And I hope that the Win2OSX site will be spared such an outcome too.

For now I'm anxious what improvements this new version shall contain x86-wise (compatebility, hardware-support, performance) and if again one all to familliar patch-mage will be able to make it possible to operate again too for the likes of pour SSE2-only cpu owners like me. Go, go, Maxxuss, go!

dd_apple,

you sound like you're planning a mugging.

i don't mean to put you down or anything, i want 10.4.2 to play with too. but without the community involvement, chatting and sharing info, there is nothing left but boring piracy.

apple deserves access to the same info that the hackers have, to keep the game fair. it's also a shame the DMCA makes that more difficult.

Well, that's probably true, but it's not our legal concern how you got what you have or what you've done to it - it's totally ok to talk about that. However, talking about how to get it or how to crack is what Steve doesn't like... so that's where we have to draw the line. We're a news site, not a hacking site.

BTW - This thread title is a little misleading since we haven't confirmed that anything has leaked yet. When something does, I'll write up a full article.

Indeed, it seems kind of fishy for this guy to say that yet it not be anywhere to be found.

there is always a first person to get something. i think if he were lying, he'd be a lot more convincing.

he isn't able to upload it until monday and is at this time trying to figure things out. in the meantime, why doesn't someone knowlegable go on over there and help him out? seems like the easiest way to find out one way or the other.

http://www.win2osx.net/forum/showthread.php?t=1296&page=3

I think these are important points to be considered. In terms of a long a term perspective, I want to see millions of people running OSx86 on non-Apple hardware and otherwise pressure Apple into at least a clone program if just selling OS X86 outright for PCs like Windows.

With respect to making the TPM increasing difficult to hack, from the reports that I have read it seems that the first released version, 10.4.1, was rather light and that Apple could have done more to secure OSx86. However, it is simply impossible for Apple to ultimately prevent people from running OSx86 on non-TPM'd hardware (future TPM'd PCs might be another story).

At best Apple can continue what appears to be it's current strategy which is deterrent. At every release, Apple tweaks the TPM mechanism so a new patch is required, but ultimately produced. So, it effectively becomes a cycle or technical stalemate that will, as a by-product, produce hundreds of compentent OSx86/TPM hackers. This is good because we want lots of people working on both of this issue, whether it be to produce OSx86 graphics board drivers or fighting against Hollywood's plan to take over our computers with TPM-like technology.

Next, we have to consider the viability of keeping things private. While this certainly must occur in the greater OSx86 community for security reasons, you are proposing taking it to another level. The first problem with this is that it is too easy for Apple to infiltrate any private group and they certainly have the resources to pay people to do it. Then of course this small private group would be a very simple target for Apple to deal with, as opposed to some amorphous community numbering over ten thousand. In short, there is safety in numbers.

Clearly, the distribution mechanisms, namely bittorrents, work better with large numbers of people. Then of course, there will always be politically and social issues. Some genius may prefer to work alone but needs 10.4.2 to do anything. As we have seen already, numerous people have produced patchs, and the community can judge for itself which is best. Likewise, these authors care discuss what they have individually learned.

To summize, secrecy and security certainly are very important considerations here, but these concerns ultimately succumb to need for and benefits from mass collaboration, like open-source software. Finally, even if we decided to take the route you are proposing it likely that others would go the public way rendering it pointless.

tks guys 4 help.... as u said it hasn't been leaked yet... i'll share it tomorrow only after a check.... i found another person that has it.... if we have the same md5 i'll share that but if not maybe i'll have to invent something before share it.
i'll keep u updated

I find k1n6w4r3z to be very credible and I think it is more important that the proper precautions be taken before seeding torrent, rather than exposing oneself to the potential wrath of Apple Legal by rushing to provide the goods claimed.

This seems like an important point, and I agree with you completely Bofors. As many have suspected - and I'm sure has been the case - any Apple employee can simply join our site, and with a bit of searching, discover all the patches and other such things that have been devised by the community. This point exactly is why we may not have gotten some sort of letter from Apple Legal. The problem is, with such a large community, It would be increasingly hard for us to create a secure environment to "explore" the osx86 software in. Like Bofors pointed out, somone could decide to go public, or, we could simply just have another Deadmoo image with the new patches contained within. It begs the question, as to how we can go about making our community more secure.



I heard rumours that each copy seeded to devlopers was unique in some way. I don't know how exactly, but these are simply rumours and speculation. Hopefully k1n6w4r3z can verify this with his other contact.

anonymous torrent site: http://www.uwn.granerohosting.com/ddlxtreme/public/index.php

"onion routing" http://tor.eff.org/

I adjusted the topic of this thread, just so that no one gets confused.

"r u serious that teh dVD has leaked? OMGROFL!!!!11!!111"

When I started this thread, I had thought that this was in the hands of more than one person here, thereby justifying the need for a special "patch development" thread on Win2OSX forum.

I was wrong, so it appears that this thread was a little pre-mature and I am sorry if I mislead anyone. Nonetheless, I would expect 10.4.2 to leaked for real in the next few days, if not tomorrow.

bofors-
Hey, no problem, and I hope you don't mind that I changed it - I just wanted to clear things up, since a lot of people would be interested if that were the case.

Then also shouldn't this be moved to some other part of the forums? Like thunderdome maybe .....

I don't think so JaS, since it still falls under the category of Osx86 news. If anything, It should go to Patches and Fixes. But we'll just keep it here for now, since according to our friend k1n6w4r3z, the DVD will most likely be leaked within the coming days.

Remeber though, no direct links or warez!

While I really do not have any personal attachment to this thread, I would reccomend leaving it here until the 10.4.2 torrent is actually seeded. Then this thread should be locked and/or moved.

Until that time, it seems that we would need a "Where is 10.4.2?" discussion thread anyways, but I have no problem leaving this decision to the sound judgement of the OSx86Project administration.

Otherwise, I think that Mashugly has done the right thing and already taken care of the real issue here by simply renaming the misleading title of this thread.

Apparently each DMG has a different MD5 sum. The one that the other guy has does NOT match the one I have. His is also slightly larger (though mine matches the exact size reported by devs)~

so u did the test?
the md5 are different if i have understood right?
let me know

Even if the md5's are diffrent,once you convert it to iso does it even matter what the the dmg's original md5 was?
theoreticly it could be leaked in iso format.

We need further confirmation of this, to know for sure. If there is anyone, or anyone who knows someone with the 10.4.2 update, can you please veryify the md5 sums against DeathChills and k1n6w4r3z's?



I was thinking something similar to that as well. If you change anything within the DMG, you change the md5 sum. So, theoretically, If you changed something within the DVD then it would be different from whatever Apple may have recorded (If they are indeed making each DMG unique). If you were to convert it to a DMG though, JaS, wouldn't converting it back simply reveal the original md5 sum?

I had thought of this too about converting it back.But im not sure what happens.I will test it out by converting the original dev dmg to iso and back again,And see what I come up with.I will post back tonight about my findings.

Maybe I'm being stupid here, but what if apple doesn't track the MD5 itself, but rather some unique file within each 10.4.2 image? you could convert the image and mess with the MD5 all you want, but the unique file would still identify you. Or is that unlikely?

That could be true ... but I have to take it one step at a time
Maybe theres no magic at all.The dmg might get a different md5 from the download proccess,as a side effect and they have no meaning at all.We could be getting hung up on nothing with the md5'5.To be honest I doubt apple would digitaly sig each dev download .. .there would have been thousands of them.I just dont see it.But I will work thru the theory.Better safe then sorry

Edit : Its 10:22 pm here now and I will finish getting the original dev DMG at 1 am.Then I will get the md5 from it.I have the original dev dvd but it's in iso format.Trying to re-dmg it was no good,it was almost 4 gigs so I know that wouldnt have been a true test.I have to take the original unconverted DMG and get the md5 for it.Then convert it to iso and then back to DMG again and re-md5 it.If that conversion puts the DMG at higher then 2.44 GiB (2618677269 Bytes).then I guess it proves that you couldn't just convert the iso back to DMG to get the original md5.
Wow that almost sounds like double talk I need a coffee be back soon

Oh and Hello colby,Welcome to the forums

I am having some relevant files from 10.4.2 right now. I would like to make sure that they are not contain any hidden ID.

Edit: Removed content violating DMCA

Edit: Removed content violating DMCA

The original DVD's had different MD5s as well didn't they? I remember vaguely when they were first leaked reading this on the pearpc or concretesurf forums - it was later found to just be a side effect of some other normal process.

Just suggesting...

Yes i remeber that too ... and i agree

The original DVD all had the exact same MD5 sum.

Yes, something like this did come up before. I suspect the details can still be found in some forum thread from about July. The original disks were identical but, _I think and I am not sure_, the installations had different check sums due to the incorporation of individual TPM chip's unique public keys into certain files.

then was it the ###EDIT### that kept changing or was it the ###EDIT###.because i remember something about the md5's kept changing

Here is an old thread that covers the subject: http://forum.osx86project.org/index.php?sh...hl=md5+checksum

After reading it, it appear that this is basically what I stated above, however it still was not clear then exactly which files were implicated. Furthermore, and I know it is a pain, any such files probably should not be specifically mentioned here as per the DMCA policy. Any detailed public analysis had better proceed at the Win2OSX forum:

http://www.win2osx.net/forum/showthread.ph...sted=1#post8751

Since I am responsible for escalating this leak "rumor" in to a "news" event, I guess I should post some kind of an update.

As of now, there still appears to be no publicly availible 10.4.2 torrent. Nonetheless, this new version of OSx86 is certainly around and otherwise in the hands of more than one person interested in making it work for everyone.

Apparently, the issue preventing the release of a public torrent appears to be the question of whether or not Apple has "watermarked" (embedded serial numbers in) DVDs to trace back the source of any leak. At this point, the truth of this issue certainly is not clear to me because I have read not any statement to convince me that Apple has in fact done this.

However, I suspect that there are people around who may actually know the answer to the "watermarking" question and if this is indeed the case perhaps they would be gracious enough to make some kind of a statement to verify that fact here.

............................................

Sense and Ego don't go hand-in-hand

How stupid. If this is true and all is about getting "praise", I'd like to see people get their fame, and in this case even more fame than they initially hoped for... They want fame... Well, with the next releases Apple really should consider to trace them down and sue them, this will get those ego-driven leakers the media attention of their lives, if that's really what they're after.

Naw, there's a difference between wanting a little recognition for doing something and wanting all the glory. Of course someone will get annoyed when they do something huge and then are left in the dust the second they no longer have anything to offer.

I know this is just a rumor, but "praise" doesn't sound to me like "a little recognition". I think that everyone who is running an illegal copy of Mac OS X for Intel is thankful to the leakers in the first place. So they have their recognition. Or what do they want? Do they want their names to spread in the world? Ok, then prepare to get sued.

What's "huge" about leaking a public copy that has been given to thousands of people, and just after it's been verified not to be watermarked? It is quite charitable to those who want to have it, but it's not a huge thing. Leaking earlier, internal versions of Marklar (for instance those old ones that have been compiled for SSE only), or perhaps even builds from Project Star Trek, would be "huge".

Takuro, thank you for responding.

Just to clarify, my understanding is that no one here is claiming that Apple has in fact watermarked 10.4.2 and that the issue was just being raised to protect the security of potential 10.4.2 sources.

While I am sure that I am more sensitive to credit issues do to my background, I do not think that anyone should trivialize the importance of proper credit being acknowledged nor the difficulty in doing it right in any collaboration.

Here, I think what we need to do is set some standards and/or rules for credit. To start with I would like to consider how Maxxuss has handled this issue. On his patch page, he has specific "Credits" section:

[quote="Maxxusss"]Credits

Thanks for all members and admins of osx86project for testing, feedback, and file mirrors!
Thanks to adilson for the first working patch of oah750d.
Thanks to omni for a refinement of adilson's patch.[/quoteEDIT: Removed content violating DMCA
Now, this is obviously a great step in the right direction. I am particularly pleased to see adilson's name prominently mentioned here, because I felt that when blex0r demonstarted the this project's first working GUI that adilson's contribution was not well known by the community. However, of course, we see no credit for the source of OSx86 itself.

What I propose is that every distribution, whether it be a patch or a complete installation kit, include some kind of a list of credits with it, like a "README" file. However, we also have to deal with the case that people do not want credit for security or other reasons. So, I would also suggest that before adding someone's name (nic) to a credit list that they first be contacted if possible to ask if they want the credit.

Next, I think that we as a commnunity should go back to origination of this project and acknowledge all the people who we think made significant contributions, specifically including providing OSx86 in the first place. Hopefully, that will help everyone feel they are getting what they deserve from the community.

Here is the lastest update on the status of the 10.4.2 leak.

Despite the credit issues being raised above, it appears that the real problem is that checksums, in particular MD5's, have failed to match between different OSx86 10.4.2 copies indicating that they may have been marked by Apple to pinpoint the source of any leak. However, I have yet to be convinced that these checksums were properly done and seen several signs indicating that they were not. Although for a variety of reasons, I still doubt that 10.4.2 is actually marked, but it certainly could be true and as time progresses it is becoming more likely to be the truth.

Now to give credit should it be wanted, DeathChill is taking the lead in trying to verify that 10.4.2 is indeed marked by checksumming each individual file on two different copies and comparing the results. This analysis should also reveal which specifc files need to be "cleaned", if necessary.

The bottom line is that we should be seeing 10.4.2 torrented in the near future, but perhaps not this week if DeathChill's analysis positively identifies signs of marking.

Thanks for summing it up for us. Keep us updated.

Thanks for the update. Whether it takes a week to months, I don't think it should really matter to the general population. I say give the leak to people that actually contribute to making it run properly on "most" systems.

Can't you md5sum /dev/disk1 instead of the .dmg generated from it? Might be a more reliable method.

is their any news if this has been leaked yet

Here is the "news":

Some one of high credibility and technical skill seems to be independently indicating that Apple has indeed marked individual 10.4.2 DVDs seeded to developers. We are trying to get this confirmed.

If it is true then there will likely be no torrent until this problem has been solved. That might take a few days and of course it is hindered by the fact that only a few people can work on it, those with some kind of access to 10.4.2 already.

I have been pondering on whether or not Apple will change the supported hardware on every leaked version. For example, 10.4.1 works on dev boxes with a 915 chipset. Apple can just as easily change the chipset/mobo requirements right?

This would mean that those who baught a 300$ wanna be Dev. Box are out of luck?

No, not without replacing every Dev. Kit they have sold.

In other news, I can no confirm that Apple is marking 10.4.2 downloads that are availble to developers. The report that I have just received, that 9 different developers have confirmed that their 10.4.2 builds have distinct MD5 checksums.

A cleaning effort is underway, but we should expect that it should take some time.

I was under the impression that the dev kits weren't yours to keep and that devs had to reutrn them. And the costs of the dev kits are mere pennies to a Corp. like Apple.

Thanks once again for the update!

i'd be glad to help cheksums or with anything but i don't have any 10.4.2