Researcher: Apple Patch falls short

Discussion in 'MacBytes.com News Discussion' started by MacBytes, May 13, 2006.

  1. macrumors bot

    #1
  2. macrumors 65816

    Ja Di ksw

    #2
    He talks about publishing the flaws. Honestly, he told Apple, they're working on it. There's no point to publishing them other than to help out hackers.

    For the life of me, no matter how common they become, I will never understand people's lax attitude about hacking.
     
  3. macrumors regular

    #3
    sheesh

    My guess is he assumes that since they're not fixed, that Apple doesn't care. So in some twisted power trip, he thinks releasing them to the public will make Apple suddenly care. Well what if they are messy enough that it's going to take a while to fix them? This guy is way too full of himself.

    Maybe a hacker from the Mac community needs to take down his website :)
     
  4. macrumors 6502a

    #4
    Given a reasonable time, normally a couple of weeks after vendor notification, flaws should be published.

    If a benevolent researcher can find them, malevolent parties can too. If the vendor is not willing or able to provide a fix, it is only fair that end-users and system administrators are given the option of using alternative software or services, or restricting computer usage.

    Using an example from the article, imagine how you would feel if a suitably crafted JPEG was used to compromise your privacy and personal data using something Apple (or indeed any manufacturer) knew of but failed to warn about.
     
  5. macrumors 6502a

    thegreatluke

    #5
    It's not like Apple's not doing anything about flaws.

    When they hear about flaws, they usually have a team working on it - the next day.
     
  6. macrumors 6502

    #6
    So that brings the score to.... Mac: 3 Windows: a gajillion

    Really, if people made as big a deal about ONE Windows security threat as they did about ONE Mac threat. Well.... just saying.
     
  7. Moderator emeritus

    mkrishnan

    #7
    I wonder to some extent if this "researcher" is blowing smoke... because he seems to be playing a shell game, always claiming that there are "critical vulnerabilities" that he "might expose." :rolleyes:

    But giving him the benefit of the doubt, I agree. It's prudent to wait a couple of weeks, and then publish. If his findings are real, the rest of the security may learn a lot from them, about how to protect other unrelated pieces of software, in general. And concerned users / administrators can make temporary fixes. And it does put an appropriate, in my mind, level of pressure on Apple, or whomever.

    That being said, I think this article is clearly biased with the viewpoint that OS X is, under the surface, a bubbling cauldron of vulnerabilities waiting to turn unsuspecting users into newts. :rolleyes:
     
  8. macrumors 68000

    #8
    This could be a ploy by the researcher to generate page hits. I'm sure he'll get traffic from the Mac community websites who link to his page when he releases his security holes, wether they have any merit or not.
     
  9. macrumors 603

    solvs

    #9
    Dog bites man, not a story. Man bites dog, story. People expect more from Apple. And with every bit of positive news, there will have to be some negative.

    People already know Windows sucks.
     
  10. macrumors newbie

    #10
    Extremist Framing

    Read this characters other post and you may see that he has a tendency to create interesting stories out of mundane and inconsequntial facts. A simpleton would be my judgement, but I will take my judges robe off and just exclaim how persistent this guy is in being a half-empty, souless, needing-to-make-a-buck-for-being-a- . Good luck to this character!
     

Share This Page