Slashdot Mirror
Apple to Fix Security Holes in Jaguar
Simon Cozens writes "Yesterday's unsubstantiated report that Apple is refusing to supply security upgrades to Jaguar turns out to be untrue; Apple told MacCentral they will be fixing the bugs turned up by @stake. Next conspiracy, please!"
Of course Apple is going to fix them, they still support the 10.2 Server, so they have to...
Damn Windows zealota making shit up...
e to the pi i plus one equals zero
Conspiracy! And slashdotters believed it? Un-be-lievable!
Now the real question is whether they told @stake they weren't going to fix them and changed their mind after the because of all the talk about it. It is as wrong to assume they were always going to fix it as it is to assume they weren;t going to fix it. I would tend to believe they told @stake that, and then when word got out and everyone screamed, they changed their minds right quick.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
I don't think that Apple deserves more or less credit than any other company. The same goes for the benefit of the doubt. The only thing that they deserve is us to wait for verification before villianizing the company.
Apple has not signed up as a Templar knight any more than Microsoft has sold its collective soul to the devil.
Mac fans can't win on these stories. First an alarmist article claiming that they are "forcing" paid upgrades by not fixing security holes in existing systems. Hundreds of Apple-bashing posts later, it comes out that they are indeed patching the existing systems. You come on here to point this out and say "see? They ARE fixing it!" and someone comes behind you and says "big fucking deal! this is what everyone else would do!"
Following Apple-related discussions on Slashdot is like riding on a bus with no steering: it careens onto the right shoulder, heads back toward the middle, only to screetch onto the left shoulder, back toward the middle...
You like your Macintosh better than me, don't you Dave? Dave? Can you hear me Dave?
I doubt they told @stake they weren't going to fix them. I doubt they told @stake they were going to fix them. In fact, I doubt they even told @stake that the flaws didn't affect Panther... @stake probably found that out and told Apple.
Apple doesn't talk details in unreleased products.
There's a couple reasons we're seeing this press release:
Ethical reporting of security flaws involves going to the company and giving them time to get a patch out. Then, one or both companies announces the flaw... and includes details of the patch. @stake jumped the gun and did not use white hat practices.
ZDNet decided that @stake's announcement meant Apple wasn't going to fix the problem, and decided to give it a spin. As they actually indicated in their story, they did not wait for a comment from Apple before rushing the thing to press.
Hopefully, @stake will do better next time. But I doubt their role in this will be examined very carefully.
I know ZDNet will do the same thing next time. They smell any blood around Apple, they're the first to paint a picture of mass destruction, mayhem and cats and dogs sleeping together.
If @stake hadn't jumped the gun, we'd have seen a press release some time next week on Apple's site about the security flaws, with a fix, and with credit to @stake for finding them. How do I know this? Because it's what they've done every other time, including with 10.1 after 10.2 was released!
I'm paranoid, I'll freely admit, but this is the same l0pht^H^H^H^H^H @stake that canned someone who was critical of Microsoft? Hmmp.
$credibility{'@stake'}--;
-30-