MacNewsWorld has posted an interview with the discoverer of the recently publicized OS X browser flaw. According to the discoverer of the flaw, "lixlpixel," Apple was informed of the flaw back in February 2004, but has done nothing about it as of yet. After waiting for two months, he says he decided to post information about the flaw to a Swiss Web site, which was then picked up by security firm Secunia. From MacNewsWorld:
In an exclusive interview Wednesday, lixlpixel told MacNewsWorld that, after waiting on Appleis reply, he finally posted the advisory to a Swiss Macintosh Web site.
"This is how Secunia picked up on the vulnerability," lixlpixel said, adding he had not contacted Secunia directly.
"Just by the nature of the Internet, this post took off," he continued.
"I was building a site where PHP and AppleScript work together to achieve what I wanted. Thatis when I discovered that you could start applications on the Mac via [a] URL," lixlpixel said.
"Of course thatis no big deal, but then I realized that if you knew the location of the downloaded program on the useris machine, it gets more dangerous. Thatis why I notified Apple."
You can read the full article at MacNewsWorldis Web site, and we recommend it as a very interesting article.