~pcwiz Posted September 27, 2007 Share Posted September 27, 2007 I just had an idea about the Apple Software Update program and Hackint0sh. When you are using a Hackint0sh, Apple Software Update is sometimes useless because the updates from Apple (mostly) are for genuine Apple computers and some updates screw your Hackint0sh. What if someone made a server containing Hackint0sh compatible updates and modified Apple Software Update so that it downloaded and checked for updates on the Hackint0sh server instead. Then, OSx86 users wouldn't have the hassle of downloading and installing Hackint0sh packages. Just an idea...all we need is someone to implement it. Link to comment Share on other sites More sharing options...
blacknight Posted September 27, 2007 Share Posted September 27, 2007 it is a fantastic idea, but here is the question do you know apple update server works?!!!! Link to comment Share on other sites More sharing options...
josh256 Posted September 27, 2007 Share Posted September 27, 2007 for AMD users - and assuming they still have constant problems with security updates - If that's a reality then I agree... (AMD users aside) In my case a "safe list" would consist of everything except the 10.4.X system update/upgrade and I don't think that warrants an Apple Software Updates exploit. Aren't Apple updates generally compatible for most of us (eg. ~98% of updates, *everything but the system update/upgrade*)? The only updates that require patching [AFAIK] for Intel Systems are the system/combo updates - they are far and few between and easy to recognize (and avoid if necessary). My suggestion: Simply select "ignore update" and wait the 24-48 hours for a combo update to show-up in the usual places. Other than that I don't see what the danger is to just running all other/regular updates as they become available.. As per update incompatibilities: I've run all updates since 10.4.8 across three HTPCs (925, 945, 975 chipsets) all w/ most aftermarket Apple software/titles installed (iLife, iWork, Logic, Final Cut, etc). All began w/ JaS 10.4.8 and all were upgraded to 10.4.10 w/o JaS/PascalW updates (used manual method) and the only issue I've encountered [ever] was the azalia update (a few weeks ago coincidentally) which was trivially resolved by reinstalling Azalia (via the same/original installer) and adding the apple update to the ignore list to prevent it from getting wiped a second time. I should also not that only effected the system using Azalia (1 of 3).. Link to comment Share on other sites More sharing options...
~pcwiz Posted September 27, 2007 Author Share Posted September 27, 2007 I have no clue how the program works but I think we might be able to find out by cracking the binaries. Link to comment Share on other sites More sharing options...
aprodigy Posted September 27, 2007 Share Posted September 27, 2007 crack?! i'd probably start with listening to the network traffc before disassembling apple-update but i dunno if this whole thing makes big sense anyway... Link to comment Share on other sites More sharing options...
~pcwiz Posted September 27, 2007 Author Share Posted September 27, 2007 Yeah, as in disassemble the binaries. And yes, you could listen to the network traffic to see how it connects to the severs. Once you think about it, modifying the Apple Software Update program itself is pretty simple. All you have to do is change the server address. Building a server that is compatible with software update is the hard part. You have to find out more about the inner workings of the app to figure that out... Link to comment Share on other sites More sharing options...
atzero. Posted September 27, 2007 Share Posted September 27, 2007 I've seen online games reroute ip addresses (i think by modifying dns) to connect to other servers. That was a game though. If a virus could simply modify your dns (called dns highjack) you'd be so screwed that I'm sure apple has made some large preventative measures on altering webconnections. Its a good idea though, someone should look into this! Link to comment Share on other sites More sharing options...
~pcwiz Posted September 28, 2007 Author Share Posted September 28, 2007 Yeah, well Apple had large preventive measures on OS X but that didn't stop hackers from hacking it. Can a guru or someone look into this... Link to comment Share on other sites More sharing options...
nano2nd Posted September 28, 2007 Share Posted September 28, 2007 A manual entry in the hosts file where you replace the IP address of the server that Software Update uses with a bogus address will at least get you pointed at a non-Apple location. You should be able to identify the hostname used by inspecting network traffic. Apple would never do something as lame as hard code a specific IP address. (would they??). The packet sniff should also be able to tell you: a) the protocol used e.g. HTTP message string formatting for inputs to and outputs from the server Chances are it is an HTTPD based server and all you'd have to do is replicate the inputs and outputs. I'd imagine one of the real challenges would be if the updates themselves are packaged differently on the Update server. Has anyone ever inspected the stuff as it is served up via Software Update as opposed to the combo downloads? But if you can do the above, you wouldn't need to touch the binaries in OS X at all in order to replace the Software Update functionality with a hackintosh-friendly version. You could even run your own update server locally (point your hostfile at localhost even). Handy if you run multiple boxes. Link to comment Share on other sites More sharing options...
Swami the Jerk Posted September 28, 2007 Share Posted September 28, 2007 so u guys sayins i can use the apple software update by deselecting the OS related upgrades? it wont screw my system? and another doubt.. if at all i upgrade the OS, can it be restored back to what it was in my case 10.4.9 ? Link to comment Share on other sites More sharing options...
~pcwiz Posted September 28, 2007 Author Share Posted September 28, 2007 Swami, post your own topic but the answer to your question is yes you can safely install updates that are not os related. You could make a backup image before updating if needed to restore from. nano2d, Thanx for the info. I'm not good at that kind of server stuff so maybe someone could test this out...If this works, someone should make a universal server that all OSx86 users can access and then make a prepatched DVD with the patched server files. Link to comment Share on other sites More sharing options...
nano2nd Posted September 29, 2007 Share Posted September 29, 2007 Swami, post your own topic but the answer to your question is yes you can safely install updates that are not os related. You could make a backup image before updating if needed to restore from. nano2d, Thanx for the info. I'm not good at that kind of server stuff so maybe someone could test this out...If this works, someone should make a universal server that all OSx86 users can access and then make a prepatched DVD with the patched server files. If I get a chance I will have a look at the network traffic - wouldn't mind a crack at solving this. Link to comment Share on other sites More sharing options...
mifki Posted September 29, 2007 Share Posted September 29, 2007 lol, just shows how much you all know xD Get OS X Server, it already includes Software Update Server in it Link to comment Share on other sites More sharing options...
~pcwiz Posted September 29, 2007 Author Share Posted September 29, 2007 Thanks for the tip Kiko, If someone has OS X Server, they could try this out and make a server and then we could port the files to normal OS X. Link to comment Share on other sites More sharing options...
~pcwiz Posted October 15, 2007 Author Share Posted October 15, 2007 Well I've checked out Software Update Server: http://www.apple.com/server/macosx/softwareupdateserver.html And it seems that all it does is let you control when the updates are installed onto networks. It doesn't let you modify or add updates of your own to install. Doesn't seem promising to me. Anyone have a different idea P.S. I know this topic is a few weeks old but just wanted to post an update Link to comment Share on other sites More sharing options...
rollcage Posted October 15, 2007 Share Posted October 15, 2007 Well I've checked out Software Update Server: http://www.apple.com/server/macosx/softwareupdateserver.html And it seems that all it does is let you control when the updates are installed onto networks. It doesn't let you modify or add updates of your own to install. Doesn't seem promising to me. Anyone have a different idea P.S. I know this topic is a few weeks old but just wanted to post an update Would that work for the server end? Whoever has the server downloads the updates from apple, and then picks which ones are safe for hackintoshes and makes them available to everyone else. Might have to crack the Software Update Server app too, but once we get one, the other shouldn't be hard to do. This might make it a bit easier, you just have to crack software update to connect to the hacked server's address, and possibly (maybe not, I don't know exactly how it works) crack the server to allow people to connect from over the internet. Link to comment Share on other sites More sharing options...
mifki Posted October 15, 2007 Share Posted October 15, 2007 It lets you choose what uopdates to install to networks, just make a repository in your local pc (the server) and then people add the ip of your machine into hosts.conf and software update will update from your repo just fine Link to comment Share on other sites More sharing options...
Embio Posted October 15, 2007 Share Posted October 15, 2007 I seem to remember proposing this a while ago.... wouldnt it be easier to just remove the software update app and have 'software update' in the apple menu point to something else with the same icon and such? then you can put whatever server backend you like in Link to comment Share on other sites More sharing options...
~pcwiz Posted October 15, 2007 Author Share Posted October 15, 2007 OK, now can someone test this? Link to comment Share on other sites More sharing options...
mifki Posted October 15, 2007 Share Posted October 15, 2007 You could also do that Embio, But i do not think it would intergrate very well (you could evn use it to tap into open source repo's Link to comment Share on other sites More sharing options...
~pcwiz Posted October 15, 2007 Author Share Posted October 15, 2007 Thats what I was thinking as well. Using a home made app wouldn't integrate with OS X well. Link to comment Share on other sites More sharing options...
accountname Posted October 15, 2007 Share Posted October 15, 2007 This is a rehash of the previous comments, but fwiw, listen to Kiko. OS X Server allows you to - specify which updates are available for your clients - cache the updates for your clients On the client side, you do not need to hack OS X to specify a new Update Server, you can add the address in System Prefs. Btw, someone mentioned that most updates should not cause problems, can you clarify how to avoid the dangerous updates? Link to comment Share on other sites More sharing options...
vbetts Posted October 15, 2007 Share Posted October 15, 2007 It is a good idea, but do you know anyone who would take the effort of using their network, their machine, their bandwidth, and most likely have to buy more bandwidth to keep up? I think if we somehow did donations then we could do it. Link to comment Share on other sites More sharing options...
~pcwiz Posted October 15, 2007 Author Share Posted October 15, 2007 Couldn't somone set up a server and host the files there and run it as an update server? I don't think you'd have to worry about bandwith then. Link to comment Share on other sites More sharing options...
accountname Posted October 15, 2007 Share Posted October 15, 2007 > On the client side, you do not need to hack OS X to specify a new Update Server, you can add the address in System Prefs. My bad. Actually, you need to install something like the following app on the client-side (either that or you'd need to either bind to a directory server which is hardly practical in the case). Software Update Client Configuration Link to comment Share on other sites More sharing options...
Recommended Posts