The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Editorial - A Month of Continuous Foolishness

Editorial - A Month of Continuous Foolishness

by , 12:35 PM EST, December 20th, 2006

Sooner or later you are going to hear about a project by two fellows to bypass the normal channels of security bug reporting and openly publish previously "undocumented" security bugs in Mac OS X every day for a month. The justification for this appears to be a craze started by H.D. Moore's Month of Browser Bugs and some kind of desire for notoriety.

There are some problems with this approach.

First, not all security bugs can be turned into effective exploits. As we've seen over the last year, many security flaws are proclaimed in Mac OS X, but few see effective exploitation for technical reasons. Second, the idea that using forceful methods combined with a convenient bit of publicity as a justification is unwarranted, even if the security researcher remains anonymous for now. Third, there are appropriate channels to handle these discoveries that are professional and protect everyone. Finally, the supposition that there are some people who take the security of Mac OS X more seriously than the BSD professionals and Apple engineers is stupendously arrogant and self-serving.

There are many technical professionals working behind the scenes to secure Mac OS X. As we've seen with Windows, the reputation of a company can stand or fall on this issue. If a security researcher bangs on Apple about a flaw and doesn't seem to get invited to dinner with Phil Schiller, that's just too bad. In this case the needs of the one are outweighed by the needs of the many.

So when you read about this, the best thing to do is feel sorry for these wannabes and move on to the next story.

Digg!

Recent TMO Headlines - Updated December 3rd

Thu, 2:51 PM
Apple AR/VR Headset SDK Coming Soon, Says Insider
Thu, 2:11 PM
Thursdays with Bob: Troubleshooting and You – TMO Daily Observations 2021-12-02
Thu, 1:21 PM
AWS is Bringing M1 Mac Instances to EC2 Cloud
Thu, 12:48 PM
Planned Parenthood Hack Leaked Data for 400,000 Patients
Thu, 12:33 PM
Facebook Requires More At-Risk Accounts to Use Two-Factor Authentication
Thu, 12:26 PM
Apple Warns Suppliers of Slowing iPhone 13 Demand
Thu, 12:20 PM
Members of Hacking Group 'The Community' Sentenced for Stealing Cryptocurrency
Thu, 12:12 PM
Apple Loses Another Senior Member of Apple Car Program
Thu, 12:04 PM
Apple Music Releases Bedtime Story Read by Nile Rodgers
Thu, 11:50 AM
Apple Opens New Retail Store in Berlin
Thu, 11:40 AM
iFixit Partners With Library Futures to Donate 100 Toolkits to Libraries
Thu, 11:19 AM
Debt Collectors Can Now Email, Text, and Message You on Social Media
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Daily Observations
  • TMO on Twitter!