Mac Developer Mulls Zero-day Security Response

1.6 Beta writes "Landon Fuller, the Mac programmer/Darwin developer behind the 'month of Apple fixes' project, plans to expand the initiative to roll out zero-day patches for issues that put Mac OS X users at risk of code execution attacks. The former engineer in Apple's BSD Technology Group has already shipped a fix for a nasty flaw in Java's GIF image decoder and hints an an auto-updating mechanism for the third-party patches. The article quotes him as saying, 'Perhaps [it could be] the Mac OS equivalent to ZERT,' referring to the Zero-day Emergency Response Team."

Re:Quite nice

[loid_void]

What I like is that along with the innovation, Apple continues to think more about the customer than M$, in more ways than one. Fanboy, yup.

Re:Unnecessary.

[Afecks]

If you think people doing this for publicity is bad, wait until OS X gets enough market share for these vulnerabilities to be bought, sold and used to compromise computers en masse. I don't know about you but I think a worm would be a lot more publicity whoring than disclosing these bugs publicly so they can be fixed. It's a nice wake up call if anything. Mac users need to start taking security seriously before it's too late. Just because you think your operating system is better than (insert other OS here) doesn't mean it's invincible. Apple takes bugs too personally and tries to cover them up quietly to protect their image. Sure the bugs get fixed but which bugs? How do I know they really are fixed? What if they made another mistake? These are reasonable concerns and it shows that Apple is worrying about the bottom line more than the customer. You have to realize that MOAB isn't an unwarranted attack against Apple. It's backlash for years of flaky technical support, deceitful practices and arrogance on the part of the Mac community in general. We really need to get passed blaming how others reveal Apple's mistakes. It's unproductive and harmful to consumers.