Researcher: Apple Patch falls short

Discussion in ' News Discussion' started by MacBytes, May 13, 2006.

  1. macrumors bot

    Jul 5, 2003
  2. macrumors 65816

    Ja Di ksw

    Apr 9, 2003
    He talks about publishing the flaws. Honestly, he told Apple, they're working on it. There's no point to publishing them other than to help out hackers.

    For the life of me, no matter how common they become, I will never understand people's lax attitude about hacking.
  3. macrumors regular

    Jul 7, 2003
    Columbus, Ohio area

    My guess is he assumes that since they're not fixed, that Apple doesn't care. So in some twisted power trip, he thinks releasing them to the public will make Apple suddenly care. Well what if they are messy enough that it's going to take a while to fix them? This guy is way too full of himself.

    Maybe a hacker from the Mac community needs to take down his website :)
  4. macrumors 6502a

    Given a reasonable time, normally a couple of weeks after vendor notification, flaws should be published.

    If a benevolent researcher can find them, malevolent parties can too. If the vendor is not willing or able to provide a fix, it is only fair that end-users and system administrators are given the option of using alternative software or services, or restricting computer usage.

    Using an example from the article, imagine how you would feel if a suitably crafted JPEG was used to compromise your privacy and personal data using something Apple (or indeed any manufacturer) knew of but failed to warn about.
  5. macrumors 6502a


    Dec 29, 2005
    It's not like Apple's not doing anything about flaws.

    When they hear about flaws, they usually have a team working on it - the next day.
  6. macrumors 6502

    Apr 18, 2006
    Atlanta, GA
    So that brings the score to.... Mac: 3 Windows: a gajillion

    Really, if people made as big a deal about ONE Windows security threat as they did about ONE Mac threat. Well.... just saying.
  7. Moderator emeritus


    Jan 9, 2004
    Grand Rapids, MI, USA
    I wonder to some extent if this "researcher" is blowing smoke... because he seems to be playing a shell game, always claiming that there are "critical vulnerabilities" that he "might expose." :rolleyes:

    But giving him the benefit of the doubt, I agree. It's prudent to wait a couple of weeks, and then publish. If his findings are real, the rest of the security may learn a lot from them, about how to protect other unrelated pieces of software, in general. And concerned users / administrators can make temporary fixes. And it does put an appropriate, in my mind, level of pressure on Apple, or whomever.

    That being said, I think this article is clearly biased with the viewpoint that OS X is, under the surface, a bubbling cauldron of vulnerabilities waiting to turn unsuspecting users into newts. :rolleyes:
  8. macrumors 68000

    Feb 23, 2006
    This could be a ploy by the researcher to generate page hits. I'm sure he'll get traffic from the Mac community websites who link to his page when he releases his security holes, wether they have any merit or not.
  9. macrumors 603


    Jun 25, 2002
    LaLaLand, CA
    Dog bites man, not a story. Man bites dog, story. People expect more from Apple. And with every bit of positive news, there will have to be some negative.

    People already know Windows sucks.
  10. macrumors newbie

    Jun 17, 2004
    Extremist Framing

    Read this characters other post and you may see that he has a tendency to create interesting stories out of mundane and inconsequntial facts. A simpleton would be my judgement, but I will take my judges robe off and just exclaim how persistent this guy is in being a half-empty, souless, needing-to-make-a-buck-for-being-a- . Good luck to this character!

Share This Page