Slashdot Mirror
How Apple Orchestrated Attack On Researchers
An anonymous reader sends us to George Ou's blog on ZDNet for a tale of how Apple's PR director reportedly orchestrated a smear campaign against security researchers David Maynor and Jon Ellch last summer. Ou has been sitting on this story ever since and is only now at liberty to tell it. He posits that the Month of Apple Bugs was a direct result of Apple's bad behavior in the Maynor-Ellch affair. From the blog: "Apple continued to claim that there were no vulnerabilities in Mac OS X but came a month later and patched their Wireless Drivers (presumably for vulnerabilities that didn't actually exist). Apple patched these 'non-existent vulnerabilities' but then refused to give any credit to David Maynor and Jon Ellch. Since Apple was going to take research, not give proper attribution, and smear security researchers, the security research community responded to Apple's behavior with the MoAB (Month of Apple Bugs) and released a flood of zero-day exploits without giving Apple any notification. The end result is that Apple was forced to patch 62 vulnerabilities in just the first three months of 2007 including last week's megapatch of 45 vulnerabilities."
An anonymous reader sends us to George Ou's blog on ZDNet for a tale of how Apple's PR director reportedly orchestrated a smear campaign against security researchers David Maynor and Jon Ellch last summer.
Karl Rove is Apple's PR director?
The theory of relativity doesn't work right in Arkansas.
I take it you don't know anyone from Apple's legal department?
No, I only hang out with the smart people - the engineers.
Everyone else gets to name a month. Dammit I want one too.
Exactly. The "Month of Apple Bugs" was, for the most part, the "Month of Bugs that are Mostly Indirectly Related to Apple Because They Just Happen to Involve Software Running on the Mac Which Didn't Come From Apple".
As I recall there were a few bugs (a very significant minority) in there that Apple had some responsibility for, but they were obscure and there were no known in-the-wild attacks.
MoAB was nothing but a smear campaign. I'm happy to see Apple smearing them back.
Comment removed based on user account deletion
I dunno about him being a liar. I think he's just a little on the... Uh.. dim side for a self-proclaimed IT professional. I checked his blog. It appears he's one of those rarest of creatures; a Raving Windows Fainboi, which- as many know- is diametrically opposed to the more common Rabid Mac Fanboi.
He doesn't appear too observant, either. One of his blogs sang the vitues of Vista's ACL, and tried to compare it to OS X's authentication, saying how nice and friendly the ACL was, as all you had to do was click "allow" instead of being forced to go through the trouble of entering an administratior's name and password for authentication before a system software update, and how it wasn't annoying at all- who could possibly think that users would turn such a charming bit of incredible security protection off? His peanut gallery made me giggle, too.
Personally, I think we now know upon which head Mr. Balmer's chair landed.
I know this doesn't help, but... it works for me.
I thought that Apple's advantage is that it "Just Works". I guess that's out the window now. The world's going to hell in a handbasket...
A house divided against itself cannot stand.