MacNewsWorld Interviews Discoverer of OS X Browser Flaw
MacNewsWorld Interviews Discoverer of OS X Browser Flaw
by , 8:00 AM EDT, May 20th, 2004
MacNewsWorld has posted an interview with the discoverer of the recently publicized OS X browser flaw. According to the discoverer of the flaw, "lixlpixel," Apple was informed of the flaw back in February 2004, but has done nothing about it as of yet. After waiting for two months, he says he decided to post information about the flaw to a Swiss Web site, which was then picked up by security firm Secunia. From MacNewsWorld:
In an exclusive interview Wednesday, lixlpixel told MacNewsWorld that, after waiting on Apple's reply, he finally posted the advisory to a Swiss Macintosh Web site.
"This is how Secunia picked up on the vulnerability," lixlpixel said, adding he had not contacted Secunia directly.
"Just by the nature of the Internet, this post took off," he continued.
"I was building a site where PHP and AppleScript work together to achieve what I wanted. That's when I discovered that you could start applications on the Mac via [a] URL," lixlpixel said.
"Of course that's no big deal, but then I realized that if you knew the location of the downloaded program on the user's machine, it gets more dangerous. That's why I notified Apple."
You can read the full article at MacNewsWorld's Web site, and we recommend it as a very interesting article.
The Mac Observer Spin:
A number of Observers had questions about how and why this flaw was made public, and this interview answers most of those questions.More importantly, we are concerned about Apple's alleged lack of response to lixlpixel, though we obviously don't know Apple's side of things. If true, however, it brings up ugly comparisons to Microsoft, a company long known for ignoring similar security notifications until public pressure and the massive Windows virus/worm problem forced the company to pay attention.
Certainly Apple's record is far, far better than Microsoft's, but it may take a bit of public pressure from the Mac installed-base to keep it that way.
Warning: include(/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/extension.inc) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 108
Warning: include() [function.include]: Failed opening '/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/extension.inc' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 108
Warning: include(/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/common.) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 110
Warning: include() [function.include]: Failed opening '/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/common.' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 110
Warning: include(/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/includes/bbcode.) [function.include]: failed to open stream: No such file or directory in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 112
Warning: include() [function.include]: Failed opening '/usr/local/etc/httpd/sites/macobserver.com/htdocs/forums/includes/bbcode.' for inclusion (include_path='.:/usr/share/php5:/usr/share/php') in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 112
Fatal error: Call to a member function sql_query() on a non-object in /var/www/bbm/macobserver.com/ee2/www/htdocs/comments/comments.php on line 532
Recent Headlines - Updated June 20th
- Wed, 10:30 PM
- Apple Context Machine Podcast - ACM 209: Apple’s Ebook Trial with Philip Elmer-Dewitt
- 4:52 PM
- Product News - AltaMail 5.0 Brings Attachments, Templates, More from the Desktop to iOS
- 3:45 PM
- Analysis - Apple Lands Important Deal for 30,000 iPads in LA Schools
- 2:35 PM
- Analysis - B&N Drops Bombshell in DOJ’s Price Fixing Case Against Apple
- 2:04 PM
- TMO Interview - Dave Teare at WWDC: How One Month for 1Password Became 8 Years
- 10:17 AM
- News - HBO GO, WatchESPN & More Come to Apple TV
- 9:29 AM
- Solar iPhone Chargers Coming to NYC
- 8:20 AM
- TMO Quick Tip - iOS: Prevent Unauthorized Siri Use
- Tue, 8:38 PM
- Editorial - Apple Offers Retail Employees Early Access to OS X Mavericks
- 6:41 PM
- Steve Wozniak Presides Over 3 Working Apple I Computers
- 4:35 PM
- TMO Interview - Alf Watt at WWDC: The Journey from iStumbler to Apple and Beyond
- 3:47 PM
- Product News - Apple Updates Java for Snow Leopard, Lion, Mountain Lion
The Mac Observer Reader Specials
Support TMO, Buy from Amazon, MacMall and The Apple Store
