January 2007: Month of Apple Bugs

Filed under: OS Updates, Security, News, Windows, Macintosh, Apple, Microsoft, Commercial

January 2007: Month of Apple Bugs

by Ryan Carter Dec 22nd 2006

I hate to be the one to bring down fire and brimstone from Apple users upon my head, but I must venture under the torrid sky for a few moments. Through some carefully placed corporate propaganda in no small number of places, Apple has tried (rather successfully) to convince its users that Mac OS is impervious and invincible, while the company we love to hate (Microsoft) continues to wallow in its own filth and bug-infested software. Apple has been painting a very pretty picture of late, but their rose-colored glasses may start to turn a shade of orangish-pink come 2007. In January, two security researchers plan to reveal a bug in OS X or in an OS X application every day of the month that has previously been undocumented. Now, before you all put on the spandex suits and burn this blog down with your flame-throwers, this is honestly a good thing for Apple and Mac ~~users~~ lovers everywhere. My tiny little point here is that Macs are NOT perfect, and that Apple is over-selling the idea just a bit too much. Anyone who really knows a Mac can tell you that there are vulnerabilities in a Mac. They most likely won't tell you that, lest Mr. Steve have their head on an Apple-logo laser-etched platter. NO matter what brand of non-sense you buy, it will be interesting to see how Apple responds to these guys and their security research sanctioned fault-finding. That is if Apple doesn't throw them under a bus first. If and when these guys find the vulnerabilities they claim are there, it will make OS X better for all Macdom. It will be interesting to see how well Apple does damage control, since Microsoft is usually the one doing that. I guess you could call it "a-bug-a-day."

Tags: apple, bug, microsoft, operating systems, OperatingSystems, OS X, OsX, steve jobs, SteveJobs, windows

Reader Comments (Page 1 of 1)

Engaged said 1:10PM on 12-22-2006

"Bugs? We don't have bugs that's ummm the other guy." (Cue the dancing Macs and the crank up the disinformation machine)

Chris Brentano said 1:23PM on 12-22-2006

Mac hater! I keed, I keed.

I agree, this event can only serve to make Mac security stronger.

James Hare said 2:50PM on 12-22-2006

I wouldn't say the Mac doesn't have bugs, and I'm sure no Mac user would; however, I'm skeptical of this. A bug in this case is what, in what? Are they going to find major security flaws in the Apple operating system? Software supplied by Apple? Or just Mac software? There's a big universe that really as to be defined for it to make any any sense.

PXLated said 3:03PM on 12-22-2006

Will be interesting to see if anything they come up with is actually exploitable or even worth knowing about.

johnnyg0 said 3:36PM on 12-22-2006

I can't wait to see if Apple is going to handle this the same way they handled the big WiFi bug (they fixed it, told people it never happened all while threatening the guy who originally found the bug if he didn't shut up, that was really classy).

Tommy Peters said 11:25PM on 12-22-2006

Ryan, your piece is timely and most welcome.

In Macdom, orangy-pink only applies when we vibrate at a lower register. At a higher, it’s crystal clear that scan manufacturers themselves, who have the malware kids on their payroll, have now targeted Mac.

The inherent vulnerability of the Intel processor and Mac’s growing market share are some reasons scan manufacturers are rubbing their palms.

Neil T. said 7:58PM on 12-23-2006

As a Mac user and a Masters student in computer forensics and security, this worries me a bit. From what I can gather, these researchers are aiming to find a new, unpatched security flaw in OS X every day and then publish it publicly on the internet.

Now I have no problem whatsoever with security researchers finding flaws in software, as long as they then act responsibly. The best method is known as 'responsible disclosure' - you give full details to the security team/programmers of the affected product and give them ample time to fix the bug, before providing any detailed information about the flaw. If these researchers are going to simply dump full details about these flaws on the internet and let anyone exploit them, then potentially we're going to see a lot more malware for OS X and that's not fair. Give Apple time to fix the flaws.

You could argue that by exposing OS X's flaws that it levels the playing field with Windows, but then you have to understand that there are a lot of hackers out there on the payrolls of spammers and scam artists who will keep details of any flaws they find secret so that they can be effectively exploited - that's why we see more and more 'zero-day' vulnerabilities exploited on Windows. The first Microsoft hears about them is when someone releases a virus/warm/trojan which takes advantage of them, and that's neither fair on Microsoft nor Windows users.

Let's hope that these researchers act responsibly and not put users at risk.

Featured Time Waster

Civiballs is a beautiful, soothing physics puzzle Time Waster

I have an absolute weakness for physics games, and while Civiballs isn't the strongest physics-based game, what it lacks in the physics department it makes up for a few times over in style and fun.

In Civiballs, you are presented with a few colored balls, and your goal is to get those balls into the same-colored urn on the level. The "civi" part of Civiballs is that there are 3 sets of levels to play, each representing a different civilization. While the civilization doesn't affect gameplay, the artwork for each level is beautifully themed to it's appropriate era.

To play the game, you are given only one tool - a sword with which to cut the chains that are holding the balls. The puzzle part of the game is in figuring out what order, and with what timing to cut each chain. Do it right, and all the right balls end up in the right urns, with no stray balls entering an urn (a no-no). Do it wrong, and you get to start over again.

Civiballs is not terribly deep on gameplay; the entire game can be completed in about 15 minutes. But if you enjoy this type of game, it will be a very enjoyable 15 minutes.

View more Time Wasters