Filed under: OS Updates, Security, News, Windows, Macintosh, Apple, Microsoft, Commercial
January 2007: Month of Apple Bugs
by Ryan Carter Dec 22nd 2006 at 1:00PM
I hate to be the one to bring down fire and brimstone from Apple users upon my head, but I must venture under the torrid sky for a few moments. Through some carefully placed corporate propaganda in no small number of places, Apple has tried (rather successfully) to convince its users that Mac OS is impervious and invincible, while the company we love to hate (Microsoft) continues to wallow in its own filth and bug-infested software. Apple has been painting a very pretty picture of late, but their rose-colored glasses may start to turn a shade of orangish-pink come 2007. In January, two security researchers plan to reveal a bug in OS X or in an OS X application every day of the month that has previously been undocumented. Now, before you all put on the spandex suits and burn this blog down with your flame-throwers, this is honestly a good thing for Apple and Mac 
So, just how good at time waster games are you? Think you've got the stuff? Well, The World's Hardest Game 2.0 doesn't think you do.
Yes, amazingly, it's possible to have a sequel to a game called "The World's Hardest Game". It doesn't seem logically possible, since if the first one was actually the world's hardest, how could another one come along and share the moniker? It made me doubt the name in the first place. That is, until I tried the game.
The mechanics of the game are very simple. You are a small red square, ...
Reader Comments (Page 1 of 1)
Engaged said 1:10PM on 12-22-2006
"Bugs? We don't have bugs that's ummm the other guy." (Cue the dancing Macs and the crank up the disinformation machine)
Reply
Chris Brentano said 1:23PM on 12-22-2006
Mac hater! I keed, I keed.
I agree, this event can only serve to make Mac security stronger.
Reply
James Hare said 2:50PM on 12-22-2006
I wouldn't say the Mac doesn't have bugs, and I'm sure no Mac user would; however, I'm skeptical of this. A bug in this case is what, in what? Are they going to find major security flaws in the Apple operating system? Software supplied by Apple? Or just Mac software? There's a big universe that really as to be defined for it to make any any sense.
Reply
PXLated said 3:03PM on 12-22-2006
Will be interesting to see if anything they come up with is actually exploitable or even worth knowing about.
Reply
johnnyg0 said 3:36PM on 12-22-2006
I can't wait to see if Apple is going to handle this the same way they handled the big WiFi bug (they fixed it, told people it never happened all while threatening the guy who originally found the bug if he didn't shut up, that was really classy).
Reply
Tommy Peters said 11:25PM on 12-22-2006
Ryan, your piece is timely and most welcome.
In Macdom, orangy-pink only applies when we vibrate at a lower register. At a higher, it’s crystal clear that scan manufacturers themselves, who have the malware kids on their payroll, have now targeted Mac.
The inherent vulnerability of the Intel processor and Mac’s growing market share are some reasons scan manufacturers are rubbing their palms.
Reply
Neil T. said 7:58PM on 12-23-2006
As a Mac user and a Masters student in computer forensics and security, this worries me a bit. From what I can gather, these researchers are aiming to find a new, unpatched security flaw in OS X every day and then publish it publicly on the internet.
Now I have no problem whatsoever with security researchers finding flaws in software, as long as they then act responsibly. The best method is known as 'responsible disclosure' - you give full details to the security team/programmers of the affected product and give them ample time to fix the bug, before providing any detailed information about the flaw. If these researchers are going to simply dump full details about these flaws on the internet and let anyone exploit them, then potentially we're going to see a lot more malware for OS X and that's not fair. Give Apple time to fix the flaws.
You could argue that by exposing OS X's flaws that it levels the playing field with Windows, but then you have to understand that there are a lot of hackers out there on the payrolls of spammers and scam artists who will keep details of any flaws they find secret so that they can be effectively exploited - that's why we see more and more 'zero-day' vulnerabilities exploited on Windows. The first Microsoft hears about them is when someone releases a virus/warm/trojan which takes advantage of them, and that's neither fair on Microsoft nor Windows users.
Let's hope that these researchers act responsibly and not put users at risk.
Reply