The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
Editorial - A Month of Continuous Foolishness

Editorial - A Month of Continuous Foolishness

by , 12:35 PM EST, December 20th, 2006

Sooner or later you are going to hear about a project by two fellows to bypass the normal channels of security bug reporting and openly publish previously "undocumented" security bugs in Mac OS X every day for a month. The justification for this appears to be a craze started by H.D. Moore's Month of Browser Bugs and some kind of desire for notoriety.

There are some problems with this approach.

First, not all security bugs can be turned into effective exploits. As we've seen over the last year, many security flaws are proclaimed in Mac OS X, but few see effective exploitation for technical reasons. Second, the idea that using forceful methods combined with a convenient bit of publicity as a justification is unwarranted, even if the security researcher remains anonymous for now. Third, there are appropriate channels to handle these discoveries that are professional and protect everyone. Finally, the supposition that there are some people who take the security of Mac OS X more seriously than the BSD professionals and Apple engineers is stupendously arrogant and self-serving.

There are many technical professionals working behind the scenes to secure Mac OS X. As we've seen with Windows, the reputation of a company can stand or fall on this issue. If a security researcher bangs on Apple about a flaw and doesn't seem to get invited to dinner with Phil Schiller, that's just too bad. In this case the needs of the one are outweighed by the needs of the many.

So when you read about this, the best thing to do is feel sorry for these wannabes and move on to the next story.

Digg!

Recent TMO Headlines - Updated April 20th

Thu, 5:38 PM
Users Don't Want iOS to Merge With macOS
Thu, 5:26 PM
Cybersecurity Tech Accord, Cyberwar Is Now, Social Network Inertia - ACM 458
Thu, 3:58 PM
Starting Today, Apple is Making Earth Day Donations and Built a New Robot
Thu, 3:35 PM
Review: MeWe is a Private Social Network Taking on Facebook
Thu, 2:23 PM
PSA: Live Photos Include Sound, as This Person Discovered
Thu, 1:34 PM
The Broken iMac Pro Controversy, Amazon's Fire TV Edition - TMO Daily Observations 2018-04-19
Thu, 1:03 PM
Nix Pro Color Sensor: $249
Thu, 11:51 AM
Amazon's 100M Prime Subscribers are Big for Streaming Content
Thu, 10:01 AM
RememBear: TunnelBear Intros New Password Manager
Wed, 7:10 PM
Facebook 'Forming Team' to Design Its Own Processors
Wed, 6:11 PM
Watch Intelligence Squared Net Neutrality Debate: Tom Wheeler, Mitchell Baker vs. Michael Katz, Nick Gillespie
Wed, 4:29 PM
Safari Technology Preview 54 Has Changes to Clipboard API, Beacon API, More
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!