Mac Worm Author Gets Death Threats

StonyandCher write(s) to spread news about the strange story of the reported Apple OS X worm, which is growing stranger by the day. The blog of the researcher who claimed to have created the malware reportedly received death threats. The blog was then hijacked, according to the researcher, who calls him/herself InfoSec Sellout. InfoSec blamed David Maynor for hacking the blog. For his part, Maynor apparently unmasked himself as "LMH" and InfoSec as Jon Ramsey. The post to the Fuzzing mailing list has not been independently confirmed.
Update: 07/19 13:48 GMT by KD : David Maynor wrote in and denies that he is LMH.

Note to self

[Ogive17]

Don't cross a mac fanboy....

Re:Note to self

[Whiney+Mac+Fanboy]

Don't cross a mac fanboy....

Amen Brother - I would never do that ;-)

Re:Note to self

[Ngarrang]

Don't cross a mac fanboy.... And don't stand between two people having a KDE vs. GNOME argument. It is a shame to see two geeks fight. Remember kids, "Fan Boy" is not a compliment.

Re:Note to self

[vigmeister]

Amen Brother - I would never do that ;-) Yeah... Once the Church of Apple declares you an SP, there is no escape for you since it is alright for them to "keep you down" and eliminate you. Of course, in the CoA, SP stands for 'Sensible Person' :)

P.S. Oh! my god! The zipper on my flamesuit is STUCK! I'm so getting burnt.

Cheers!

Re:Note to self

[elrous0]

Does this mean I should end my genetic experiment to cross-pollinate a Mac fanboy with a Scientologist to produce the world's most pompous asshole?

Re:Note to self

[rootofevil]

if you could either add in or make sure one of them is a born-again christian, youd easily have the most annoying person imaginable.

Re:Note to self

[tak+amalak]

The irony of you AC diatribe is delicious.

Re:Note to self

[cp.tar]

How fitting, that a person glorifying beating up weaklings writes as Anonymous Coward.

Re:Note to self

[sohare]

The irony of you AC diatribe is delicious. Not everyone is a karma whore.

Re:Note to self

[Chas]

Yep. Nature beat you to it by several decades at least.

Life found a way.

Now prepare to be nibbled on by velocimactors before finally getting chomped on a toilet by Lord Xenu's Applesaurus Rex.

Re:Note to self

[jdray]

KDE vs. GNOME?! Graphical user environments?! Kids these days! Back in my day, all we had was the good ol' fashioned vi vs. emacs argument, which I would like to point out to you is still going. I tell you what, that baby has stamina. None of these high-falutin' graphics and acronyms of capitalized letters, no, our flamewars were all lower case, the way they should be. We were so busy arguing, we didn't have time for shifting cases.

And all this business about Windows versus MacOS versus Linux? What has this world come to? All we had to argue over was OS/400 versus VMS. And the computers weren't even ours. We had to steal time on them from the neighbors, in the middle of the night when they weren't looking. And we had to sneak our terminal cables through their open windows, standing on snowdrifts in our bare feet. We couldn't afford shoes, because we spent all our money on our one lone screen. And it wasn't even 132 columns...

Re:Note to self

[mulvane]

Least you had night!!! In Alaska, we had to do it in broad daylight half the year!! And our nearest neighbor was a snowdrift away!! You ever see a snowdrift in Alaska? Size of Deleware they are!

Re:Note to self

[canUbeleiveIT]

I wonder what you would get if we mixed a Linux fanboy and an atheist...oh, never mind it would be a slashdork living in his mother's basement.

Now, let's see if this gets modded "Funny" like your post or "Flamebait."

Re:Note to self

[Ilgaz]

Don't cross a mac fanboy.... Especially don't do if you are using a Mac whereever possible like me. :)

It really creates some real schizoid situation.

Re:Note to self

[dintech]

Does this mean I should end my genetic experiment to cross-pollinate a Mac fanboy with a Scientologist to produce the world's most pompous asshole?

Only if you buy your creation a Toyota Prius.

Re:Note to self

You got modded offtopic. Appears you hit a little close to home.

You know you're nearing the target when you start taking flak.

Re:Note to self

[cuzco]

You think my shirt is pink because I'm a fag?

Hah!

Its pink because I can't get the blood out!

Re:Note to self

[supun]

> Don't cross a mac fanboy....

Actually you can, just stay outside of a 1 mile radius of all Starbucks and you'll be safe.

Re:Note to self

[NeoBeans]

(don't get into a huff over this, I am just pointing out stereo-types)

Right... because no one else has pointed out these stereotypes in any other threads about Apple. :-)

Re:Note to self

[ShamrawkNRoll88]

In a major city that is impossible. The green, white and black are everywhere!

Atleast its easy for me to use my partner discount. =/

Re:Note to self

[aztec+rain+god]

And a Yankees cap.

Re:Note to self

[Lars+T.]

Shouldn't you threaten to kill yourself?

Re:Note to self

[Lars+T.]

KDE vs. GNOME?! Graphical user environments?! Kids these days! Back in my day, all we had was the good ol' fashioned vi vs. emacs argument, which I would like to point out to you is still going.

vi? The "visual" mode to a real editor? Whippersnapper.

Re:Note to self

As a Bostonian, I wholeheartedly support this sentiment.

Re:Note to self

[TheVelvetFlamebait]

I like a guy who is proud and unashamed of his opinions and his practices. This country needs more people like you, Mr. Coward!

Re:Note to self

[Divebus]

Don't cross a mac fanboy....

This is just a new vector on securing an operating system... and it probably works really well.

Re:Note to self

Mac is known for various art styles.

Like white, brushed metal, and glossy white.

Re:Note to self

Church of Apple & the Church of Scientology seem to have a lot in common.

Re:Note to self

[frdmfghtr]

Toss in a Jehovah's Witness, and you can spread the annoyance around to all!

Re:Note to self

[Like2Byte]

elrous0 (869638) * Alter Relationship on Thursday July 19, @09:29AM (#19913249)

Does this mean I should end my genetic experiment to cross-pollinate a Mac fanboy with a Scientologist to produce the world's most pompous asshole?
 

            Re:Note to self

            by canUbeleiveIT (787307) Alter Relationship on Thursday July 19, @10:50AM (#19914303)

            I wonder what you would get if we mixed a Linux fanboy and an atheist...oh, never mind it would be a slashdork living in his mother's basement.

            Now, let's see if this gets modded "Funny" like your post or "Flamebait."

Hey! Congratulations, elrous0. It worked!

Re:Note to self

[elrous0]

Last year I saw the bravest man in America. He was walking down the street in broad daylight wearing a Dallas Cowboys jacket over a Yankees t-shirt. Random people were just walking up to him and punching him.

Re:Note to self

[HAKdragon]

...it would be a slashdork living in his mother's basement.

It's called the Painkeep, thank you very much!

Re:Note to self

Yeah, just like how people complain about Microsoft only once and then completely forget about it...

Re:Note to self

[Nullav]

Doesn't karma whoring usually involve getting positive karma?

Re:Note to self

[terrymr]

huh ?

Did you get that from some kind of quote generator ?

Re:Note to self

[vic-traill]

All we had to argue over was OS/400 versus VMS.

Well, ya gotta admit that QSECOFR sounds tougher than SYSTEM.

And while we're at it, let's get the HAL/IBM ROT1 play for VMS/WNT plus Davey Cutler conspiracy/easter egg thang going again!

Re:Note to self

Certainly. Do not wanna be at rage....From the comments....

- "Nice try with the FUD [fear, uncertainty and doubt]. You are full of **** there is no such thing as an Apple Worm." -- Jeff

- "I dare you to demonstrate this at Defcon you ***** Microsoftie. We will drag you out, put a bullet in you, and bury your body so deep it will take a nuclear blast to find your body." -- Anonymous

Re:Note to self

I guess we gun geeks could put a bullet in your head :-)

Re:Note to self

[Whiney+Mac+Fanboy]

Shouldn't you threaten to kill yourself?

This, fellow slashdot readers is why you shouldn't be anti-mac on /. - I'm not surprised the worm author got death threats - look what I get for joking!

Re:Note to self

[Hucko]

Perhaps Macs don't come with irony?

Re:Note to self

[Bearhouse]

OS/400 vs. CMS? You must be new here...try OCL vs. CMS

Re:Note to self

[aichpvee]

What are you talking about? Macs aren't good for art. If they were apple would have put out a tablet PC years ago. Macs are good for making idiots feel special and not much else.

I'm sure this comment isn't enough to warrant a death threat, but you're welcome to leave threats of limp-wristed slapping below.

Re:Note to self

[Whiney+Mac+Fanboy]

Perhaps Macs don't come with irony?

Brushed Aluminiummy or titaniummy is all Mac users get - not a hint of irony.

Re:Note to self

[Lars+T.]

Shouldn't you threaten to kill yourself?

This, fellow slashdot readers is why you shouldn't be anti-mac on /. - I'm not surprised the worm author got death threats - look what I get for joking! So you didn't get the joke, and you confirmed you can't be taken seriously. But what else is new.

Re:Note to self

[Whiney+Mac+Fanboy]

HAHAHAHA!

You didn't get the joke - but it's well known how humourless Mac users are - hence the threats to kill...

Re:Note to self

[fractoid]

Whooooosh!

OH MY GOD what was that?! *looks skyward*

Re:Note to self

[tiny-e]

LOL.. but what would Scientology be without you?

Re:Note to self

seeing wmf got two +5 funnies and you got nothing I think your the one who "didn't get the joke"

Re:Note to self

[Swift2001]

Oh, come on. A death threat? You mean, some bad boy said, "I could kill you?" And this freak decides to turn it into more publicity for his lame ass? "Oh, Mac fans are Mafia types." Bull.

Does it make me angry to see the credibility that is invested in these jerks? You bet. This is some punk, and I don't think that people who act like this about any OS should be tolerated. If you find a vulnerability, you send what you know to the company. If they don't act on it, well, that's too bad from them. But selling off vulnerabiltiies without telling the company about it? Then constructing malware that uses the vulnerability to do harm? This is criminal activity, or something that is edging up towards it. Why is that tolerated? It doesn't matter to me if you hate the Mac, I tell you what: if there's a bullcrap "Robin Hood" story about some virus writer for Windows, I'll call him a criminal too.

Because, face it, that's what's going on here. The FBI just had a big sting of a number of prominent bot owners -- Operation Bot Roast -- and I hope they get big fines and prison time. Because that's where those people belong. Show me where someone who puts a rootkit on your machine is any different from a burglar and a thief. You can't, because that's what he is.

You know, way back, computer viruses were kind of funny. They'd pop up "Hello World" messages on Michelangelo's birthday, but they wouldn't really do much harm. But now they're running criminal enterprises. And some of these figures come from very rough environments, and they might be able to deliver on a death threat, because that's where a lot of the financing is coming from.

Re:Note to self

[Swift2001]

Why does Apple hate DRM on audio, but not on Software or Video?
-wmf

As Jobs said, if you can follow this, 90% of music is sold without copy protection, because of the CD. So it didn't take TOO much persuasion to get EMI to drop DRM, since they already sell most of their library without protecion. But movies have never been unprotected -- Oh, I guess you could count the early home tapes, before they started making home copying difficult with Macrovision, and after they lost their appeal to the Supreme Court to have the Betamax machine banned. They entered the home market in a big way only with DRM. So they're convinced that, although anybody who wants to can crack a DVD, that they will have bigger profits if they keep DRM going, no matter what the more technically inclined part of the market does. Most people won't crack a DVD, copy it to their computer, and then burn it unprotected, or store it as a video file.

So it's not Apple. I'm sure, from their point of view, they'd love to stop all copy protection on everything. And lower the price, too. Make it up on volume, volume, volume, and make the price low enough so that it's not worth the time to burn a DVD or later, a Blu-Ray or HD DVD.

But if Apple, or anybody else, started that now, they'd rapidly find no movies on their virtual shelves.

Re:Note to self

[fan+of+lem]

I guess the guy who wrote this article is now under the witness protection program.

Re:Note to self

[Lars+T.]

HAHAHAHA!

You didn't get the joke - but it's well known how humourless Mac users are - hence the threats to kill... So you admit you didn't get the joke - which proves you can't be a Mac user.

Re:Note to self

[mrdogi]

Actually you can, just stay outside of a 1 mile radius of all Starbucks and you'll be safe. So, basically, move to the moon.

Re:Note to self

re-read the comment & thread you're replying to & you'll see there's no admission of any sort?

Feeling stupid now?

(oh - feel free to reply - noone's going to read your inane rambling, and you can't make any more of a fool of your self in this thread).

Re:Note to self

[Lars+T.]

Well, if you don't see the admission, that must be because you are not quite that intelligent.

Re:Note to self

yawn

Re:Note to self

[konohitowa]

vi? The "visual" mode to a real editor? Whippersnapper.

Oh yeah. KRONOS, SCOPE, XEDIT.... that was real computing. Want it back? Signup at cray-cyber.org. I've got an account. That's the good stuff.

Re:Note to self

[jaylene_slide]

Thankfully, that can be changed to Graphite via the Appearance preference pane. I'm just sayin'...

Woohoo!!

[Rob+T+Firefly]

It's been far too long since we had a nice bit of hacker drama! Now, where did I put my popcorn and my MOD vs LOD t-shirt...

That'll teach you

Artsy types get violent when they get mad.

Re:That'll teach you

Yes. See any drama on furaffinity.net.

Should have picked a softer target

[DrXym]

He would have been better off picking a weaker target such Islam. You don't want to mess with those Mac zealots.

Re:Should have picked a softer target

[iknownuttin]

He would have been better off picking a weaker target such Islam. You don't want to mess with those Mac zealots.

Oh oh! I have these cartoons showing MACs blowing up and Steve Jobs carrying them.

Re:Should have picked a softer target

[elrous0]

Of course they're blowing up. They contracted their battery design out to Sony.

Re:Should have picked a softer target

[jdray]

showing MACs blowing up and Steve Jobs carrying them

It's early yet, and the coffee hasn't kicked in, so I'm feeling a bit snippy. Please grant pardon for this:
When posting among confirmed geeks, you should understand the difference between "Mac" as a shortened colloquialism for "Macintosh," a brand of computer system, and "MAC," an acronym for "Media Access Controller," a component of a network controller, as in "my MAC address is 0F:BA:29:C6:D5:18." If you want to refer to a Macintosh as MAC, go post over at PCWeek.

Re:Should have picked a softer target

[superbus1929]

Who the fuck modded this down as a troll? Is this the week the Apple fanboys got all the mod points or something?

Re:Should have picked a softer target

[Simulacrus]

"MAC," an acronym for "Media Access Controller," . . . or Multiply-Accumulate, where I come from.

Re:Should have picked a softer target

[jdray]

Well, yeah, or "Military Airlift Command" in a previous life I had [C-130 Loadmaster]. I was doing my best to stay contextual. :)

Re:Should have picked a softer target

While SHOUTING, you'd have to say MAC even on Slashdot. Or, be capitalizing it as an easy substitute for italics because you can't be BOTHERED to learn to format your posts.

Re:Should have picked a softer target

[iluvcapra]

When reading the CS literature, one always must be careful they aren't talking about Project MAC. If you're using a program with"Mac" in its name, and you're using a TTY to do it, it's quite unlikely Apple was involved.

Re:Should have picked a softer target

[OriginalArlen]

Heh, well it had to happen one day I guess... finally I meet someone who can answer a question that's been keeping me awake at night since 1985! This was my last year at secondary school, and as part of a futile attempt to prepare us for the real world we had a computerised careers guidance service. As I recall there was a multiple choice questionnaire about your interests, personality and whatnot which we all did one week. A week later the chap from the council came back with a lot of brown envelopes containing the unique, computer-selected career that was the best fit for our scientifically assessed personality profile. You guessed it, my top recommendation was Loadmaster in the RAF. (AFAIK, C-130s are the only aircraft the RAF fly that require a dedicated loadmaster, or were in those days anyway.)

Naturally I didn't do so, neither did I take the second recommendation (forestry work, though as luck would have it I did end up doing that for three months on summer a few years later, and in retrospect it was brilliant - after a week being supervised, at the age of 18 the bloke employing me left me the keys for his (then, purely functional) Toyota 4x4, I got up at 4am each morning to go chop the branches off the trees he'd felled the previous evening; and the Wye Valley at dawn is just astonishingly beautiful, and utterly devoid of anyone else... but I digress!) Anyway I went to college, left without the bit of paper but a lot more life skills (esp. regarding sex & drugs & rock'n'roll), worked in a music company for a few years, did shadow IT and then predictably fell into a career as a developer and now security stuff.

My question, therefore, is: So... being a loadmaster... what's it like? is it any good?

What are the hours like? </spinal_tap>

Re:Should have picked a softer target

Only on Slashdot will someone call you out for faking your own MAC address: 0F:BA:29 lookup

Re:Should have picked a softer target

[jdray]

Life as a Loadmaster was a mixed blessing. On good days, it's the best job in the world. On bad days, it really, really sucks. Luckily, though, good days far outnumbered bad days.

A Loadmaster is responsible for the weight and balance of an aircraft. He (or she) is part of the crew, and flies with the aircraft. On standard cargo runs, in-flight duties consist mostly of checking hydraulic fluid levels every hour or so (it takes ten seconds, and I never saw a level be wrong), keeping the pilot in coffee, and trying to keep one's self occupied without pissing off the rest of the crew. Napping is a favorite past time, but then you're subject to the whims of the rest of the crew.

The exciting in-flight business is airdrops. Cargo is rigged on the ground for airdrop, but it's the Loadmaster that's responsible to see that a) it gets rigged right, and b) the drop gets executed. When you're standing at the front of a full cargo compartment, and you open a 10x10 foot (3m x 3m for you non-Imperial unit people) hole in the back of your aircraft at 1500 feet altitude and 225 knots, push a button and watch your entire load of cargo exit the aircraft, well, that's exciting. Unfortunately, it's really hard to describe in text.

On the ground, you and the crew chiefs (mechanics) are the first ones to arrive at the aircraft before a mission and the last ones to leave afterward. You learn to take an aircraft from bare cargo hauler to fully rigged for 92 passengers in about 90 minutes (that's an hour and a half for you non-Imperial unit people). You spend a lot of time crawling around dirty cargo, dealing with sick passengers (Herky's are notoriously noisy, bumpy rides), and filling out customs forms if you're going between countries (we did a lot of that in Europe).

Due to the requirements for crews to get day and night airdrop experience, hours vary widely. You often find yourself going to work when everyone else is going out to party, or dragging in, dog tired, about the time everyone else is getting out of bed. On the upside, we spend most summers only working three days a week because of scheduling. Normally we'd fly Tues-Thurs days one week, then Tues-Thurs nights the next. If the scheduler liked you, you got days for a month, then nights for a month. If he hated you, you got days and nights both in one week.

I wouldn't trade my experience as a Loadmaster for much of anything. For better or worse, it shaped a lot of who I am. If you want to see some nifty videos on the subject, look to these: http://www.digitalfog.com/gallery/airdrop.htm http://video.google.com/videoplay?docid=-466411340 3926414433

Re:Should have picked a softer target

You don't have to be a geek to know that definition of MAC...every wireless router out there has a part of the configuration UI dedicated to allowing conditional access to only certain MAC addresses.

Besides, any true geek would have mentioned that MAC also stands for Message Authentication Code.

Re:Should have picked a softer target

[Doctor+O]

The exciting in-flight business is airdrops. Cargo is rigged on the ground for airdrop, but it's the Loadmaster that's responsible to see that a) it gets rigged right, and b) the drop gets executed. When you're standing at the front of a full cargo compartment, and you open a 10x10 foot (3m x 3m for you non-Imperial unit people) hole in the back of your aircraft at 1500 feet altitude and 225 knots, push a button and watch your entire load of cargo exit the aircraft, well, that's exciting. Unfortunately, it's really hard to describe in text.

Yeah, I know exactly what you mean. I was driving that CLK 430 Kompressor of the PHB at 280 km/h (174 mph for you merkins) on the Autobahn when my coworker wondered whether the button to automatically open the trunk would work at that speed. "If they are good designers", he mused, "they have turned the button off when driving."

Long story short, they're not so good designers.

Unfortunately, it's really hard to describe in text. But it sure was as exciting as your experience, as *my* stuff was on the back seats, as opposed to the coworkers' and PHB's stuff.

Re:Should have picked a softer target

[camperslo]

Death to malware authors and spammers affecting any platform sounds great, but let's not waste the bodies.

Announcing today our new melamine-free pet food: Soylent Bluescreen

Now we know

[blueg3]

Now we know the real reason there is less malware for the Macintosh.

Re:Now we know

[Sponge+Bath]

I wish they would apply this technique to spammers.

Re:Now we know

[Mutagenic]

just because you are so unpopular you cant get laid doesn't mean you cant catch a STD.

Re:Now we know

[cp.tar]

Security by malware author assassination?

Hey, if it works... I'm buying a Mac.

Re:Now we know

[RealGrouchy]

Security by malware author assassination?

Hey, if it works... I'm buying a Mac.

There's MS's problem right there. They need to develop a chair that is fatal when thrown.

- RG>

Re:Now we know

[MouseR]

Just don't spread the word. We work in the shadows ;-)

*) standard disclaimers apply; for entertainment purposes only; your results may vary.

Re:Now we know

[_Sprocket_]

Now we know the real reason there is less malware for the Macintosh. Huh. Microsoft offers cash bounties on malware writers. The Mac squad kills them. Seems you don't get anywhere writing a lot of checks.

Well That's one way ...

[mshmgi]

Well, that's one way to keep an OS safe, I guess. Just think how secure Windows would be if Bill Gates focused his vast resources on killing every malware author. Ballmer would probably do the dirty work cheap ... just for the thrill of it all.

Why, Bill might even have a few million bucks left over at the end of the day.

Re:Well That's one way ...

[XxtraLarGe]

Ballmer would probably do the dirty work cheap ... just for the thrill of it all. No doubt by throwing chairs at them, even!

Re:Well That's one way ...

[Sparks23]

Ballmer would probably do the dirty work cheap ... just for the thrill of it all.

It's all about the assassins, assassins, assassins, assassins, assassins, assassins, assassins... assassins, assassins, assassins...

Sounds familiar....

[MarcoG42]

Wasn't there some stories about religious zealots threating professors who taught evolution recently? It all begins to make sense now...

So it seems like..

[vigmeister]

There WERE in fact Mac viruses written... but Jobs had death threats sent to the authors and they backed off on deploying them... Well, better MO than anti-viruses and firewalls :)) Good to know you have a mafia behind you if you have a Mac... but question is if they ever require you to do 'favors' for them?

Cheers!

Re:So it seems like..

Steve Jobs already did. Remember? He said that you need to buy an iPod ONCE A YEAR.

If your iPod is more than 12 months old, don't get too used to your kneecaps.

Re:So it seems like..

[mwvdlee]

The high pricetag of a Mac is enough protection money to last a lifetime.

Re:So it seems like..

[kestasjk]

Macs are equally or less expensive than an equivalent Dell. Why not give me your address and we'll talk this over? Can I have a picture of your children?

Re:So it seems like..

"Good to know you have a mafia behind you if you have a Mac ..."

I know it's funny, but you have no idea how close to the truth you are.

Anonymous Coward

Re:So it seems like..

[Holmwood]

Macs have sometimes indeed been lower in price than Dells in recent months, however, (and this has remained true for some weeks), configuring identically (or nearly so) configured machines -- Inspiron 1720 and Macbook Pro 17" (2 GB 667MHz RAM, 160GB 5400 RPM HDD, 17" glossy high res display, 8600 GT mobile graphics, OSX/Vista Home Premium, Bluetooth 2 EDR, IEEE 802.11n, wired ethernet (1GB/s on mac, 100MB/s on PC), webcam, 8x DVD Rewriter, 3 year warranty) I got these prices:
Apple: $3,148; Dell: $2,127.

The mac has faster wired ethernet, the PC has a built-in modem and card reader. A 1000 Mb/s ethernet ExpressCard runs $67; a modem and card reader run about the same.

No question, the mac is a thinner, lighter form factor, and more elegant in a number of ways. (The power cord and backlit keyboard; possibly the software as well).

The Dell, last I looked, had a better battery. (I could be out of date on this though).

But that's quite a big price difference, and (barring my notes above) it seems to be an apples-to-apples comparison as far as I can tell, with nearly identical hardware in both machines.

Apple's come a long way in reducing (and sometimes eliminating) the price gap, but it still seems to exist in many cases.

My own view? I used Macs from about 1986 to the mid 1990's. Good machines, and for quite a while the OS was light years ahead of Windows. Now, in 2007, if I'm going to be buying a computer with an OS that has compatibility problems with Windows XP, I think I'd prefer that it be OS X as opposed to Vista. After all, a great deal of effort is going into things like Parallels.

But the price difference is real, and still exists.

More likely it is another publicity stunt

[vivaoporto]

More likely it is another publicity stunt, to make their work to look more "legitimate", to get more people to side with them (the "I may not agree with what you say, but would defend to death your right to say it" crowd), to generalize even more the feeling that Mac users are dangerous fanboys disconnected with the reality, etc.

The only thing easier than to make threats to people on the Internet is to fake threats to oneself on the Internet. We got plenty of these drama queens in the nineties, hopefully this is not a trend that will come back.

Re:More likely it is another publicity stunt

[jcr]

I agree, it smells like BS to me. None of the claims have been substantiated, neither the alleged worm itself, nor the alleged threats.

-jcr

Re:More likely it is another publicity stunt

[CopaceticOpus]

The problem here is that the death threats need to be translated from blog-speak to their real world equivalents.

Blog-speak: thats dumb
Translation: I respectfully disagree on that point.

Blog-speak: ur a fuckin loser noob go eat shit
Translation: I strongly disagree, and hold you in low esteem.

Blog-speak: im gonna come find ur house and chainsaw you into pieces and feed u 2 my dawg
Translation: I find your opinions reprehensible and I see no value in continuing this discussion.

I don't know if it is even possible to express a legitimate death threat in blog-speak. Perhaps with punctuation it could be done.

Re:More likely it is another publicity stunt

"None of the claims have been substantiated, neither the alleged worm itself, nor the alleged threats."

You mean like all of Maynor's other allegations?

I've posted to his blog a few times, especially the ones where he is claiming that he is being censored (??? I can't say what I'm saying on my own blog because they won't allow me to say what I'm now saying, but I'm saying it, but I'm really not because of a world conspiracy) -- but surprisingly, my comments never show. Only the comments where others are obviously blowing him get through. Of course, I'm not going to claim censorship -- thats bullshit -- only a government can censor, where as you have every right to disallow contrary thought in your own living room.

But everything about this man smacks of sensationalism. For instance:

"It was a great experiment to see how the industry could handle some honesty, which they can't. They are quick to attack the credibility of others in order to hide their own flaws."

What? Someone announces a flaw, but says they won't talk about it, hints that they will sell it to the highest bidder, and the company doesn't want to deal with you??? And then when they don't bite, claim that you were actually pre-compensated for writing this virus from someone else (now who would gain from this? Spammers? Scam Artists? Mafia? Microsoft? The only ones that would gain are the scum of the earth and he has no problem claiming to take money from them).

And finally:

"I made up the LMH identity for bashing Apple and appearing on the media while I was preparing for launching Errata Security with Robert. Since my credibility was severely damaged after the wireless driver exploit, I needed a sock puppet."

Admitting that he was manipulating the media, and has an ulterior motive to bash Apple, solely for bashing Apple. The guy lied in the first apple hack, he manipulated the media, worse yet -- academic dishonesty through his publication of the 'hack' at a conference with a setup that was guaranteed to work, even when they later claimed even if it did work, it would take a few hundred attempts to even crash a machine, and far more than that to weaponize it (i.e., nearly impossible).

AND HE ACTS SHOCKED THAT HIS CREDIBILITY IS DAMAGED AND BLAMES 'FANBOYS' WHO HE PREVIOUSLY STATED HE WANTED TO STICK CIGARETTES IN THE EYES OF AS THE REASON FOR HIS LACKING CRED.

What an idiot. I hate to give the man any more air time, but I hope this is the final straw. From what I understand, he use to be a pretty good security analyst...now its just all about the publicity and not actually doing any real work. I wish there was some real and credible persons working to find holes in OS X. I use it as my daily computer. I know one member of my team found one hole a few years ago and reported it to one of the developers and it was fixed quickly (and they were properly credited for it). I know there are holes in the system, like any system, and they need to be found. And unfortunately, the only ones working on finding anything are more interested in the sensationalism than anything else.

Re:More likely it is another publicity stunt

[blowdart]

However if it is true it's not the first time people poking fun at the Mac have had death threats; Overclockers had them when they pretended to put an Intel/Windows motherboard/system inside a G5 case and Maynor reported death threats after his Wifi debacle.

Re:More likely it is another publicity stunt

Blog-speak: im gonna come find ur house and chainsaw you into pieces and feed u 2 my dawg
Translation: I find your opinions reprehensible and I see no value in continuing this discussion.

I don't know if it is even possible to express a legitimate death threat in blog-speak. Perhaps with punctuation it could be done.

The law takes a dim view of death threats. Even on blogs.

Could be a great way to shut up a mac fanboy though!

Re:More likely it is another publicity stunt

[tlhIngan]

More likely it is another publicity stunt, to make their work to look more "legitimate", to get more people to side with them (the "I may not agree with what you say, but would defend to death your right to say it" crowd), to generalize even more the feeling that Mac users are dangerous fanboys disconnected with the reality, etc.

The only thing easier than to make threats to people on the Internet is to fake threats to oneself on the Internet. We got plenty of these drama queens in the nineties, hopefully this is not a trend that will come back.

Or heck, how about some malware writers eager to get their hands on some valuable zero day vulnerability? I suppose some of these people set themselves up for it - by not disclosing to the vendor, etc., making it really valuable on the malware market (without vendor notification, it means the exploit will most likely work, and thus something can spread in the wild before it's caught - valuable for that next spam campaign).

And the bug-a-day crap would just as easily anger these malware writers who could use these in their next campaign, but now it's public knowledge. As they already use it for criminal activity, what's another death threat or two to someone who can impact your money making scheme? And now, there's an undisclosed vulnerability that supposedly works - why not try to get the guy scared enough so he'll release it to you so you can make the next big spam botnet?

Re:More likely it is another publicity stunt

[Ilgaz]

However if it is true it's not the first time people poking fun at the Mac have had death threats; Overclockers had them when they pretended to put an Intel/Windows motherboard/system inside a G5 case and Maynor reported death threats after his Wifi debacle. So Maynor got death threats when he blurbed about Wifi exploit (!) but not when they tried to harm Apple USERS (not company, not lusers, real average users) in every possible way for entire month? One of their first evil (!) security issue findings was VLC, yes the open source media player with millions of users including Mac. They announced it publicly instead of fixing the damn source code sitting there and didn't get a "death threat" from one user?

I am speaking about MOAB and their lame attacks even including a jp2 DOS attack to OS X default browser Safari. That is the lowest level you can get, attack a tabbed browser which may include unsaved data and do it to average user who tricked (by stupid media) to visit your site to "pay" for using Apple software.

BTW- as a guy who uses Mac exclusively , I had to follow MOAB project. No, LMH is not Maynor of course. Everyone who he attacked (read: Popular software vendors) must have a good clue who he is and where he is from. Maynor must be enjoying the publicity though.

Re:More likely it is another publicity stunt

[ipjohnson]

I think you include pictures taken from inside there house .... or something along those lines .....

Re:More likely it is another publicity stunt

[orclevegam]

I think you include pictures taken from inside there house .... or something along those lines .....

Just check to see if the Google van has gone by their house recently, no need to even leave your desk.

Re:More likely it is another publicity stunt

[allgood2]

I agree. Personally, I'm not certain if the "Mac Worm Author" produced a working worm. Not that I don't believe it could be done, with time and energy, I just find it suspect that anyone would first pre-announce that they will have a working Mac Worm in a few days. Then when they are suppose to offer up the proof of such a thing, they disappear and claim they fear for their 'anonymous' life.

So far, there has been no proof that the worm exists or even works. The "guy?" has been criticized, not just by Mac fans, but security professionals and even newspaper reports for being irresponsible. Then supposedly, as a security expert and researcher, the "guy?" has his website hacked, the decides to pack his bag and go hide. But not before spreading a ton of misinformation and accusations. All just enough to keep people in a tizzy, and legitimate his claim as a Mac OS X author, when he still hasn't provided proof.

I say the title should read, "Author of the Alleged Mac OS X Worm, Claims Death Threats" It's far more accurate.

Re:More likely it is another publicity stunt

[Durandal64]

Indeed. When I read that David Maynor was involved, my bullshit-o-meter started ringing.

Re:More likely it is another publicity stunt

[Divebus]

So Maynor got death threats when he blurbed about Wifi exploit (!) but not...

You do realize that putting (!) in something means you're mooning them, yes?

Re:More likely it is another publicity stunt

[mgabrys_sf]

I can confirm the drama queen thing. I ran a blog (before they called them that) back in the 90s called "the apple doomsday clock". It was basically a writing exercise and thought experiment to needle the fanboys and see how deep that hole went. Pretty damn deep! I even had crank calls coming in.

I particularly liked doing it because I felt that if you really wanted to critque apple you had to be a user of their stuff - and from using it in the design field to working at Quark I felt I had that card covered. I didn't become a fanboy of their stuff again until Jobs folded NeXT into the product. This wasn't a minor deal for me since I owned a NeXTstation and thought it was the best platform I'd used (and I'd used ALL of them short of any mainframe material). The design quality getting better was also a bonus. Some of the turdboxes Apple produced in the early 90s were an utter blight on the desktop. Like the LC580 - my GOD that was ugly...

Re:More likely it is another publicity stunt

[bjohnson]

Jesus, you have a tough bullshit meter! Where did you get it? When I heard of Maynor's connection, my bullshit meter just exploded in a bright flash, very loud BANG! and puff of acrid smoke...

Re:More likely it is another publicity stunt

[CamD]

Ooh, live-blog it.

7:46 - I'm in your house.
7:47 - I fed my^W your cat, today...its ass.
7:49 - I'm hiding behind your couch, watching you.
...

Unacceptable

[Ngarrang]

It is as if the fanatics actually believed their OS was so secure it had no security holes.

Re:Unacceptable

[Selfbain]

The strategy is to have faith the Mac OS is completely secure without evidence and viciously attack anyone who says otherwise no matter what proof stands in our way. Hey, its worked before...

Re:Unacceptable

[Ilgaz]

It is as if the fanatics actually believed their OS was so secure it had no security holes. About this specific issue (if worm really written), it is NON issue since OS X 10.4.10 update was released back in 21-06-2007 and available free at Apple downloads without any kind of nagging. In fact, internal software update can download/install it with one click. If they (users) don't click couple of things and download at most a 30mb (movie trailer size) package, it is not Apple's fault or platform isn't insecure because of this issue.

Someone reads Apple CVE/update notes, write a trivial junk which can only allegedly work on local network (big difference from internet on OS X) and talks about it on a blog probably sending his friends to "digg" or something to talk about it.

The fanatic idiots who are finding this junk credible enough to make "death threats" are a despise to OS X/Mac users like me. You can use pure Mac setup on every occasion, buy lots of software but there is no way escaping them. I agree on that.

On the other hand, there are companies such as Intego who doesn't give a heck to those fanboys and announce every issue they find. To this time, there is no Intego Antivirus/Firewall update shipped, nothing on "press releases" so they really don't find this credible. These are the guys who didn't care about Apple security updates and kept on removing SETUID of Apple default software for months for additional safety. They also uncovered a major security issue on OS X Finder but their PR department raped the issue by claiming mp3 viruses and so on.

Re:Unacceptable

[JonXP]

Ahh, well then. Good to know that we can finally blame the users for not installing the updates as needed for security holes. For the longest time people kept saying that the worms that hit windows were Microsoft's fault, despite the fact that none of them took advantage of an unpatched vulnerability.

Re:Unacceptable

[Ilgaz]

Ahh, well then. Good to know that we can finally blame the users for not installing the updates as needed for security holes. For the longest time people kept saying that the worms that hit windows were Microsoft's fault, despite the fact that none of them took advantage of an unpatched vulnerability. First thing I do on friends Windows machinse is enabling updates and even including the option "install automatically". Some may say its evil but I know those people will rather download couple of mp3s than security updates. I think they licensed that "idle bandwidth" framework too.

I don't like the fake feeling of security on Linux/FBSD too. Which machines are on phishtank.com hacked phisher URLs? All those "but linux is secure, no need to update php" guys :)

If you are up to date and you still get hacked (with sane passwords,etc), it is vendors fault but that of course raises the issue that there is a BSD based firewall right there with one click on OS X.

fuzzing] The Truth

[djupedal]

[fuzzing] The truth Lance M. Havok:
>br> "Since the cover is becoming more difficult to maintain, I've decided to stop this. It simply can't stand anymore and I can't let this harm my company and its customers.
I am David Maynor. I made up the LMH identity for bashing Apple and appearing on the media while I was preparing for launching Errata Security with Robert. Since my credibility was severely damaged after the wireless driver exploit, I needed a sock puppet. The idea of LMH and the Month of Apple Bugs came a while after I resigned from SecureWorks."

Re:fuzzing] The Truth

[shawnce]

[blockquote]bca2fee517ff50ddd01bb7d6ed9c3043
The above MD5 hash of a text file should serve as a proof in case
someone attempts to deny the statements of this message.[/blockquote]

Anyone care to tell me how expects the above to prove the email message you quoted is legit? If it is only a text file that David Maynor has how are we supposed to know what it is? If it is a text file that we can get at then how is the MD5 hash of it useful?

Re:fuzzing] The Truth

[djupedal]

If you have the hash, how many people can supply the text file that matches? Only the author of the message...thus closing the loop.

Re:fuzzing] The Truth

Or, anyone who re-types the statement into a text file and generates the same hash.

Re:fuzzing] The Truth

[djupedal]

huh..?

The hash isn't of the statement, Mr. Wizard...

Re:fuzzing] The Truth

[Qzukk]

Oh Yeah? Well, dbb3def560c4e620d61db69ea4c154d2 proves he's wrong! After all, it's a hash of a text file too!

Re:fuzzing] The Truth

[shawnce]

So I have to go hunt him down and ask for the file so I can verify the hash? ...sure seems like signing the message with his own certificate might have been a better way to prove who authored it. I mean he is a security researcher and owner of company. He should be able to get a trusted cert for when signing, etc..

don't write viruses/worms and brag about it

[acomj]

Hi

I'm ____, I wrote that worm that messed up your computer costing you tons of time an agravation. Here's my email if you want to thank me.
--------------
although in this case it more like "I may have written a worm the exploits a now patched problem".

Threats are inappropriate but seriously, what did he think would happen?

So this "security researcher" cannot even keep his

[antifoidulus]

own blog from being hacked? Remind me to talk a couple of large grains of salt with whatever he says in the future. I'm not saying he is totally discredited, but it seems to me that doing something as simple as securing a blog shouldn't be that hard for an expert security researcher.....

Allow me to say: WTF?

[mattgreen]

I really hate people sometimes. How can anyone be so stuck on themselves that they issue death threats because someone creates a virus for the operating system they use? In doing so, they are saying, "I'd rather you be dead than deal with the possibility that what you created would endanger my computing platform."

If you don't think that is sick, I'm not sure what is. This sort of fanaticism is extremely dangerous, and essentially a curse upon the Apple community.

Re:Allow me to say: WTF?

[daeg]

How do we even know the threats are legitimate? I'm not saying death threats are something to be fooled around with, but for someone already pulling stunts, it isn't a leap of logic to assume they will pull further shenanigans to get even more publicity.

I would take everything this man says with a large grain of salt.

Re:Allow me to say: WTF?

[ivan256]

It's more likely the guy is a troll and you took the bait.

Re:Allow me to say: WTF?

Yeah, that's almost as sick as faking death threats to yourself to try and scare up some sympathy and/or credibility.

Re:Well,

The Spanish Inquisition?

Re:don't write viruses/worms and brag about it

1. Do something stupid
2. *
3. Profit!

He thought he had found the magic step, or possibly he was looking for hot grits!

Gives new meaning...

[sircastor]

to the old Apple blog "As the Apple Turns"

Re:don't write viruses/worms and brag about it

[obergfellja]

he probably thought it would be like windows, where the company doesn't give a flying ----, until they can send a patch out on the first tuesday. or like Linux and people fix it themselves.

Re:So this "security researcher" cannot even keep

[stubear]

You're assuming he hosts his own blog and you know what they say about assuming. Beyond that, why is his message less credible? if he can prove the worm works, the message is still the same, even if his blog is hacked. Perhaps the person responsible for hacking his blog is simply a much better hacker? There are so many variables to consider that your comment seems ridiculous when you even begin to look at even a tiny fraction of them.

no death threat

[4play]

They just implied not to release the worm or he would be dealt with using their iphones like they did at duke

Wait...

[whisper_jeff]

Wait, so someone who claims, without providing proof, that they found/created a vulnerability in an operating system is now claiming to have received death threats and claiming that their blog was hacked? Again, without providing any real proof?

Uh, yeah. Count me skeptical.

Can anyone say "attention whore."

Re:Wait...

[shentzu]

yet you will notice that all the slashdoters assume he really has a virus and assume he really had threats made against him.

hating Apple is like believing in god, apparently. no amount of proof for it needed, no amount of proof against is enough....

Re:Wait...

Yeah, I can say whisper_jeff...attention whore, sorry. It's so easy to get the two mixed up.

Re:Wait...

[phoenixwade]

Wait, so someone who claims, without providing proof, that they found/created a vulnerability in an operating system is now claiming to have received death threats and claiming that their blog was hacked? Again, without providing any real proof?

Uh, yeah. Count me skeptical.

Can anyone say "attention whore." "Cynical" is more like it..... But you are not the only one...

Re:Wait...

You really find it so hard to believe that someone's found a security hole in a piece of software as large as an operating system? It's been done thousands of times before, it's not like there's no precedent to make this difficult to believe.

And you find it hard to believe that a Mac fanboy would issue death threats to someone who is attacking their operating system/Way of Life?

You're just being sarcastic, right?

Re:Wait...

[_Sprocket_]

yet you will notice that all the slashdoters assume he really has a virus and assume he really had threats made against him. Back in 1999 Slashdot, Userfriendly, and several other sites were complicit in an April Fools joke. If I remember right, they claimed that some large entity had threatened Userfriendly and friends with legal action to shut them down for some unclear reason. The whole thing lacked any real information - but it had lots of emotional slight-of-hand. Various parts of the community were outraged - to include many Slashdot posters. These same people were even more outraged when it was announced that they had all been had.

We'd all like to think we're beyond being so easily fooled. There are always examples that should prove as object lessons to the contrary.

Re:Wait...

[Sparks23]

Why on earth do so many Slashdot posters seem to think it's about Mac fandom?

It is far from impossible that there's a vulnerability in OS X; there have been vulnerabilities before, after all, and there will be again. Just because OS X is more secure in its out-of-box configuration than Windows is in its own out-of-box does not mean that OS X is completely invulnerable to all future threats. Heck, /Linux/ isn't immune to all threats past and present, after all... why should OS X somehow mystically be, /especially/ when some vulnerabilities can come from software (OpenSSH, Apache, etc.) which both operating systems share? Heck, if the vulnerability is in mDNSResponder, it may be in the UNIX implementations of zeroconf. (It's not as if the guy has given any information for someone to determine whether it is or not!)

Anyone who thinks OS X is somehow immune to all threats is a fool, or deliberately blinding themselves. But the issue people criticizing the guy generally seem to be pointing out is that regardless of the OS involved, this researcher has handled the vulnerability disclosure in an extremely unprofessional manner.

This 'researcher' makes a claim providing no proof. No details. He expects to be lauded for it, however, without providing any proof. Instead he finds himself criticized for not acting as an actual security researcher and handling the exploit disclosure in a professional manner; after all, he gave no details, he allowed no peer review, and he also said he wasn't releasing details or an exploit to Apple to look into fixing until he finished 'testing' it (which, at best, means he didn't even have the exploit confirmed for himself before he trumpeted it everywhere). So when he finds his claim challenged and he's told to send the info to Apple to fix it, or to at least reveal a little further info? Suddenly he claims he was getting death threats... equally unsubstantiated... and takes his ball to go home.

I'm not saying some devoted Mac fans might not have mailed nasty stuff to the guy; there are some crazy Mac fans. Though they're far from the only fanatics in the tech world. (The GPL diehards who attack other open-source licenses like rabid pit bulls, for instance, are definitely their spiritual kindred as far as fanaticism goes.)

But imagine this was with some other system:

Some guy posts, "I found an exploit in Ubuntu. It affects all current versions of Ubuntu, and can allow me to do some bad things. There's no current defense against it. Bow down before me!" Followed by a later post of, "No, I am not going report the exploit to the Ubuntu team. Or anyone else. Because I haven't finished testing it. Just shut up and marvel at my awesomeness for finding a difficult exploit." People would be up in arms, howling for the guy's blood about why he announced it if it's not confirmed, how it's probably a violation of some source license for him to not actually report the exploit to Ubuntu to be fixed if it's real, or whatever. If then a few days later he posted, "Oh, now I'm getting death threats, so this isn't worth it. I'm just not going to tell ANYONE what it is." people would be convinced he'd been faking it and was 'running away' to avoid having to actually produce something. (And no doubt some people would also still be posting 'Oh, you Ubuntu fanboys, why can't you believe there might be a vulnerability? Why do you have to send him death threats?')

It would be equally irresponsible to handle an exploit report in, say, Vista the same way. Though admittedly, there'd probably be less outcry, as we've become sort of inured to those reports. ("Huh. A vulnerability in Windows. Okay, whatever. Right, let's go for coffee.")

All most sensible folks are saying in this discussion is that if he's legit, this guy handled his situation Poorly. And given that there have been several poorly-handled exploit reports lately which turned out to either be hugely inaccurate ("Okay, this is only actually v

Re:Wait...

[nomadic]

If I remember right, they claimed that some large entity had threatened Userfriendly and friends with legal action to shut them down for some unclear reason.

I would have assumed the entity just really hated lousy artwork...

Re:Wait...

[javaman235]

I don't thinks its necessarily mac fans. I've had my macbook hacked, (it has adware on it now) and when you really get into the total lack of security culture around macs, and learn the terrifying reality of an unremovable camera and microphone embedded in your hacked computer, you see that any hacker with the secret of how to get in wants to guard it. Because with macs, its about a lot more than your files, its about being able to surveil somebody, audio and video, whenever their computer is has juice. And that's a precious thing to any hacker who has that power, you can do a lot with that beyond "pwning" their documents folder or whatever.

Re:Wait...

I hope these audio/video hackers didn't see you without your tinfoil hat!

Probably already being used ...

So it might not have been the Mac Fanboys issuing the death threats ...

Most likely hackers were already using that hole, and who don't want it patched are quite irritated that they will have to find something else to attack, which takes time and effort.

Local network only

[KiloByte]

Yeah... and, considering that the worm in question can spread only on the local network, we know it's a person close to the virus writer.

Good chances for actually carrying out the threat, a small number of people to investigate... can be interesting. Grab some popcorn for me too?

Mac "Security" forces

Wow, those Apple zealots sure get surly when you take away their illusions of having a secure OS.

Good thing that guy never saw SecurityTracker.com... if he sent a death threat for every bug and exploit in OSX, he would be busy for the rest of his life and still never finish.

Re:Mac "Security" forces

[tiny-e]

OK.. just looked at securitytracker.com.. Vendor specific topics..

Apple - 5 pages
Microsoft - 16 pages

Last time I've encountered a Mac virus/worm in the wild was in the 90's (late 90's I think) on a MacAddict Magazine CD-ROM.... On the PC side.. a little more frequently.

Cognitive dissonance

[manekineko2]

Cognitive dissonance is truly a funny thing. It's fascinating the lengths the human brain will go to in order to protect its version of reality.

Re:Cognitive dissonance

Not only is this a wonderful commentary on every "side" of this farce and even the idea of "sides", but it really points out the importance of the scientific method and the free flow of information. At least that is what my cognitive dissonance is telling me.

Re:Cognitive dissonance

[lucas+teh+geek]

you have to admit, it's entirely plausible the guy has no vulnerability exploit and is just trying to get hits for his blog. "not enough hits this week, I'll post that I'm getting death threats... that oughta work!"

sure, maybe he does really have the exploit but his failure to disclose it to anyone makes him un-credible to many. there's no proof to lend weight to either argument right now

Re:So this "security researcher" cannot even keep

What you just said is the equivalent to "Their web site sucks, so I'll dismiss their work because it must suck too!"

He may not give a flying fuck about the security of his blog. He may be busy researching other, more important security issues!

Only on /. could such an ad hominem attack get a +5 insightful.

The New Ad

[Dystopian+Rebel]

PC: Hi, I'm a PC.

Mac: And I'm a Mac. PC, who are all those people smacking you in the head and rifling your pockets?

PC: [Sigh] Those are viruses and worms. Even though I scream "DENY! DENY!" as loudly as I can, they keep smacking me in the head and rifling my pockets. You know how it is.

Mac: Actually, I don't. You see, with a Mac...

[One of the worms moves sinisterly toward the Mac. A man in a black suit appears suddenly from the right and collars the worm, shaking it roughly.]

Man In Black Suit: Listen, woim. If you takes one more step taword da Mac kid, I'm gonna whack you and yer whole family, see?

Worm: Uh... uh... I'm just a proof of concept.

MIBS: Concept shmoncept. Not only will I whack you and yer family, I'm going to hack yer blog so bad it'll look like AintItCool.com.

Worm: [panics, runs away, screaming]

MIBS: [Claps hands as though rubbing dirt off. As he leaves to the right, Mac slips him a small paper sack.] Tanks, kid.

Mac: As I was saying, with a Mac, there are no viruses.

Re:The New Ad

[WhiteRider]

I hope someone from Mac is reading this...it would make a great commercial!

Re:The New Ad

[newbish]

Murder its part of the "Mac Experience" and its now part of your support contract.

Re:The New Ad

[dema]

Subtle.

Re:The New Ad

Who is this "Mac" you speak of? A "Mac" is a type of personal computer. Apple, Inc. is a company. See the difference?

Re:The New Ad

[El_Oscuro]

I wish I still had mod points. Oh well, I'm sure it will be +5 funny in a few minutes anyway...

Re:So this "security researcher" cannot even keep

His blog was on blogspot so it's not exactly like he had much control of it's security.

Unverified claims to support unverified claims

[argent]

Sheesh.

Now we have unverified claims of death threats to add credibility to unverified claims of worms attacking a deep flaw in mDNSresponder... a flaw so subtle that Apple wouldn't be able to fix it without the help of said anonymous researcher who's allegedly received death threats over it.

Now this could all be true, but then SCO could really have thousands of lines of Linux code copied from UNIX they're still hiding so they can bring it out in a dramatic eleventh-hour release and snatch victory from the jaws of defeat.

I don't doubt that there's flaws in mDNSresponder. I don't doubt that you could write a worm to exploit them. I don't doubt that Apple is capable of fixing one symptom of a flaw rather than the cause... they've done it before. But there's nothing new here... schemes like Rendozvous/Bonjour/Zeroconf and the superficially similar "Universal Plug and Play" in Windows are a compelling target for potential attacks and have been criticized in the past. They're not needed for the normal operation of the system, and should be disabled unless you actually know you need them and are on a known secure LAN ... and recipes and utilities for disabling both have been around for years.

But there is no way that any legitimate security professional would proceed in the manner that the people alleged to be involved in have been behaving over the past several months. The whole presentation of this affair seems almost designed to discredit the security community in the public eye.

Notify Apple, then release the details. There's no other ethical course of action.

Re:Unverified claims to support unverified claims

[Nixoloco]

There was a flaw in mDNSresponder, but Apple fixed it last month. The fix was included in the 10.4.10 update. I suspect that this is where this "security researcher" got the idea to develop the exploit. http://docs.info.apple.com/article.html?artnum=305 530

Re:Unverified claims to support unverified claims

[Apotsy]

Yeah, and they even gave credit to the 3rd-party researcher who reported the issue. If this dude really has found an previously unknown flaw, and really wanted to make a name for himself as a legit security researcher, he could have just submitted the info to Apple and let them fix it. Then he'd have his name on one of those release notes, too.

Re:Unverified claims to support unverified claims

[Ohreally_factor]

A very likely possibility is that he is a stock trader or working for a stock trader that stands to make money by moving the stock up and down by a point or two. Or it could be that he took some stupid advice and shorted Apple, and is desperately trying to push the price down.

Regarding Mac worms . . . Mac OS X isn't a very good disease vector. This isn't the security thru obscurity argument. It's the platform as transmission medium/host. For a virus to spread rapidly, you need a certain percentage of the population to be vulnerable. If a platform makes up 5% of the overall market, it's not a very viable target for a worm. The Mac marketshare is small enough that I'm not going to sweat it if the claim ever pans out.

This is also why heterogeneous computing environments are inherently safer, whether in your business, your school's computer lab, or on the internet at large. If the market were divided up fairly evenly by three, four, or more OSes, worms would be much less of a threat. Heterogeneity makes for robustness. Just ask a geneticist.

Re:So this "security researcher" cannot even keep

[db32]

In your world do all CCIEs know how to manage web servers because a cisco device can have a web interface? Who hosts it, who owns the server, who wrote the code, and please tell me you aren't part of the crowd that believes anyone in the field of security somehow should be expected to know everything about all possible aspects of it? There is simply too much to know, and typically researcher types are going to be even more specialized than the generic "Hi, I R here to sekure ure network!" Security Analyst or whatever.

sad

[tvon]

This whole thing is getting a lot of coverage for what basically amounts to "random dude claims OSX vulnerability, produces no evidence to substantiate claim".

The responses are entertaining to read though. Hoards of morons attacking the Mac platform and users without any evidence that there is anything actually wrong. Lots of straw man arguments (nobody with half a brain ever said OSX was impervious to security issues), lots of hate... so much hate.

Like a bunch of catty middle school girls...

Re:sad

I love how his "references" are the story on slashdot, Apple's website, and his own blog. Real scientific that is.

Re:sad

[tvon]

Just to clarify:

A straw man argument is an informal fallacy based on misrepresentation of an opponent's position. To "set up a straw man" or "set up a straw-man argument" is to create a position that is easy to refute, then attribute that position to the opponent.

For example, when you say "He can post whatever he wants on his own blog" it implies that I claimed that he can't post whatever he wants on his blog, which of course I did not because that would be an absurd thing for me to do.

In short all I said was that there was a lot of ruckus for the unverified claim of an OSX worm. Really, argent said it better right before me (just above my initial post: http://apple.slashdot.org/comments.pl?sid=252457&c id=19913487 )

Re:sad

[Lars+T.]

He can post whatever he wants on his own blog. Which of the "he"s on which of the blogs?

Whats worse?

[xhydra]

Whats worse.
biting an Apple and finding a worm in it
OR
biting an Apple and finding a half a worm in it?

I would kill the SOB myself.

Yours Truly

Mac FanBoy #1

David Maynor != LMH

[OriginalArlen]

David Maynor just posted this to Full Disclosure; the post claiming to be from him and asserting that he's LMH was spoofed. Who'd a-thunk it, mail spoofing on a security list... DUH!

Re:David Maynor != LMH

No I am LMH!!! Bwhahaha.

unmasking

I think its a pretty good idea to idenify virus and spyware makers. Hell post their pictures and addresses too so that we can all show them how much we love their kind :)

Jobs has a Blade Runner squad on hand ...

... to terminate the processes of worm, virus and malware authors as well as any other pestilent replicant that attacks the safety and security of OS X.

Jesus

[suv4x4]

Check this out: the first like 10 posts in this article are +5 Funny.

Slashdot: the place where death threats are funny!

Re:Jesus

[Rob+T+Firefly]

Slashdot: the place where death threats are funny! Correction: the place where death threats against malware authors are funny.

Re:Jesus

I will fucking kill you. I've done it before and I'll do it again.

Re:Jesus

[Lars+T.]

Slashdot: the place where death threats are funny! Correction: the place where death threats against malware authors are funny. Correction: the place where death threats from Mac users are funny.

Correction: alleged death threats from alleged Mac users.

Re:Jesus

[Farmer+Tim]

I will fucking kill you. I've done it before and I'll do it again.

If you killed suv4x4 and he's still posting, you didn't do a very good job of it.

You might be a Mac zealot when...

You love your computer so much you will kill for it. Of course I'm the same way with hot dogs. Don't mess with my Hebrew Nationals!

Mac doesn't have enough of an audience..

[i8myh8]

..on the computer side to make anyone want to write a worm/virus. You wouldn't try and make a name for yourself in the snow shoe business in Miami, why would you write malicious code for a Mac?

As far as death threats go, that's believable, though the guy making the claims is probably just some attention whoring drama queen. You know the type, new illness every week, back trouble, relationship trouble, no one likes me, nobody wants to play with me, Timmy stole my fire engine, Bobby is teasing me.

Mac, we shoot people in the face!

[FictionPimp]

This is the perfect antivirus strategy. You write a virus, we go to your house and shoot you in the face. No need for security patches any longer.

Re:So this "security researcher" cannot even keep

you know what they say about assuming

You make an ass out of "u" and "ming"?

Where do i sign up?

[nurb432]

I would like to be there to help out during the lynching.

Let me see if I have this straight...

[catdevnull]

Let me see if I have this straight:

-A guy anonymously says he found an exploitable hole in mDNSResponder (isn't this open source?) under MacOS X.
-He says he's still working on it and refuses to disclose himself or his findings
-A few idiot trolls post about busting a cap in his head or some such and now he's in hiding.

Jeez. You'd think he posted a pro-Microsoft or anti-Linux article on Slashdot or something.

I think it would be funny if he had the exloit on his website and all the Apple fanbois who posted from Safari were infected. I think he would have the last laugh.

Uh....I'd better check my box...

Re:Let me see if I have this straight...

[DaggertipX]

This is highly offtopic, and I apologize in advance, but can we all make an agreement here and now?
I want everyone to agree to never again say : fanboi, micro$oft, m$, i(anything), crApple, etc?
It's not funny, and it makes you look like a moron. Not to mention diluting any point you were going for...

Re:Let me see if I have this straight...

[catdevnull]

Yes, those terms are stupid and annoying--but fanboy/fanboi is much easier and shorter to type than "myopic automatous sycophantic rabid weasel."

Good luck in your endeavor to stamp out those unfortunate strings from the Slashdot lexicon. I'll try to use them sparingly--unless I really mean "myopic automatous sycophantic rabid weasel."

Re:Let me see if I have this straight...

[DaggertipX]

Clarification - I'm not against the term fanboy. I'm against the mispelling of an already stupid word.

Re:Let me see if I have this straight...

[catdevnull]

You mean misspelling, right?

(that was evil--sorry)

Re:Let me see if I have this straight...

[DaggertipX]

I swear that happens every damn time. Serves me right, though...

Re:Let me see if I have this straight...

[catdevnull]

I'm glad that you seem amused by it. You're a gentleman and a scholar (or, at least, half that). :D

Re:So this "security researcher" cannot even keep

So this "security researcher" cannot even keep his own blog from being hacked?

Are you kidding? These are Mac users we're talking about. Haven't you seen Independence Day?

Dispatch Tuesday

[Frankie70]

Apple betters Microsoft once more.

Dispatch Tuesday is so much cooler than Patch Tuesday.

From the dictionary
Dispatch == To put to death summarily.

So... author of a fake worm receives fake threats?

[rbanzai]

I find it hard to get concerned about a person who makes unsupported claims of authoring a Mac worm followed up by unsupported claims of death threats that I expect are meant to support his unsupported claims of authoring a Mac worm.

See where I'm going with this?

Scared of Apple fanbois?

Please. I'd curb stomp any Apple fanboi who'd even dare to look at to me. I'd beat their boyfriend Steve Jobs right in front of them just to make them cry.

Re:Scared of Apple fanbois?

[mgabrys_sf]

re:"Please. I'd curb stomp any Apple fanboi who'd even dare to look at to me"

Clever. Making death threats on a death-threat thread (say it fast while drunk! s'fun!). Only in America I guess. Which is doubly confusing considering that we're heavily armed as societies go.

Re:So this "security researcher" cannot even keep

[Lars+T.]

You're assuming he hosts his own blog and you know what they say about assuming. He may just be assuming that a security researcher would know not to pick a hosted blog that can be easily hijacked. But hey, "security researchers" come a dime a dozen.

Re:So this "security researcher" cannot even keep

Everyone assumes the vast majority of their ostensible knowledge. First, we assume a lot when we take our inductive observations and make rules out of them, and we assume those rules apply when we use them as preconditions when reasoning, not to mention the original assumption that our observations were accurate to begin with.

Silly, lunatics

[Enrique1218]

I don't know where you rabid fanboys originated. As a mac user, I tend to think of myself and fellow Apple aficionados as pretty lay back and easy going. We haven't given up our chances of having sex just to install and use Linux nor are we as well used as the Microsofties are after being bent over again and again. We are happy bunch, but, I suppose a few lunatics got a little defensive when it appear that someone was actively looking to rain on our sunny world. Lunatics. You have nothing to fear. The worm is for a vulnerability that has probably been patched. Second, it is a local worm and not internet worm. Third, test worms like this give both Apple and us greater insight on how vulernabilities can be exploited. It gets us thinking about security which in my case is something that I have been laxed on lately. Please stop all this nonsense and take your meds.

Re:Silly, lunatics

[HardWoodWorker]

Hmm, I run Ubuntu. I'm happily married (for 4 years today), get laid a few times a week...I also am hygienic, well-employed, in good shape, and have a good social life for a software engineer (interpret that however you like). While your crude characterization of guys like me is humorous, I'd like to point out it's inaccurate.

It's a Matter of Scale

[Hercules+Peanut]

Don't blame apple fans. Look, if Windows had 95% of the market share you'd be reading about this kind of thing all the ti...

oh damn.

Re:It's a Matter of Scale

[Farmer+Tim]

If you search for "windows+malware+death+threat" you'll find thousands of them. In the Macintosh world*, however, this is actually news.

*Sounds like a theme park where everything is white plastic and the attendants never admit when a ride is broken. Still cheaper than Disneyland, though.

Re:It's a Matter of Scale

[bky1701]

Yeah, so that's why "windows+malware+death+threat" turns up references to this incident....

Oh well, on Linux, when there's a bug, it get fixed. The whole "killing people who point out the problem" isn't very effective at bug fixing when that's as easy as it is. Maybe if Apple was open source...

Re:So this "security researcher" cannot even keep

[Lars+T.]

His blog was on blogspot so it's not exactly like he had much control of it's security. He had no control over where he runs his blog?

Re:So this "security researcher" cannot even keep

[Lars+T.]

In your world do all CCIEs know how to manage web servers because a cisco device can have a web interface? In my world, security researchers know to disable the web interface.

I can just imagine the news...

[mrchaotica]

Police find suspected malware author Fucking Killed(TM) in his apartment

Dateline: Redmond, WA

Police today are baffled by the scene discovered in the home of Grigori Kuznetsov, a young programmer from the former Soviet Union. The unfortunate fellow had not only been apparently murdered via blunt trauma to the head, but his chest had been ripped open and the heart removed. The only clues left at the scene were the broken remains of a chair and an "impossibly large" pool of sweat.

When questioned, neighbors reported hearing some strange noises the night before. "It sounded almost like someone yelling 'developers! developers! developers! developers!'," Bob, who lives directly below Grigori, said. "My wife [Ms. Bob] also says she heard a weird scream, like "Yeeearrrgghhhh!" Another resident of the complex, a barber who identified himself by his nickname, "Clippy," reported seeing a bald, ape-like creature running away from the scene. "I think it was Sasquatch," Clippy said. "By the way, it looks like you're trying to investigate a murder. Can I help you with that?"

So far, police say there are no real leads. "From the evidence and testimony given by the witnesses," the detective in charge, Paul Allen, says, "it seems like some kind of supernatural vicious beast attacked the poor guy, beat him to death with a chair, and then ripped his heart out and ate it. But of course, that's impossible."

Readers with any information or leads should contact the Redmond police department.

Re:I can just imagine the news...

[toadlife]

Hey! That's the perfect modern-day remake of The Murders in the Rue Morgue.

"...this hair is most unusual --this is no human hair."

death threats to ms

[Kildjean]

hmmm if that works maybe we should start death threatening MS so they deliver a true OS experience...

Re:So this "security researcher" cannot even keep

[Mister+Whirly]

Or he may simply be assuming that his hosting company would maintain the security on their own servers. I know, big assumption.

No experiment necessary

Look in the mirror, religion-bashing lemming.

Scientologists are the Jews of the 21st century.

Re:No experiment necessary

[mgabrys_sf]

Just because scientologists aren't liked in Germany doesn't mean you get to use Godwin's law.

Personally I think anyone responsible for the movie Battlefield Earth is deserving of a Numberg trial hot-seat.

Re:No experiment necessary

No, we still have real Jews, and they're worse than ever.

Re:No experiment necessary

>a Numberg trial hot-seat.
Um, that's "Nuremburg"...

Re:No experiment necessary

[fractoid]

I'd prefer a Nürburgring trial hot-lap, personally.

VI vs EMACS - FEH!

Vi vs Emacs? Feh.
ROSCOE - Remote On SCreen Online Editor on IBM mainframes.
Now that's an editor.

Hum... capcha = atheism

Childish...

[l0rd.47hl0n]

It amazes me how childish "some" Mac users are, and how many of you still cling to the illusion that your OS is incapable of being hacked or infected in some way. Time to grow up.

You ask for it

[Enrique1218]

This guy looks like he couldn't reproduce unless test tubes were involved. Then there is this guy. Wolf!!! Then, look at these studmuffins here. Which one do you want has your wingman? I am not saying sex is impossible with any of these chaps (except maybe the second one) but it will take a lot of work. They have to put down the Linux sometime. In your case, Ubuntu is basically giving up on the whole hardcore linux crap for a social life. Just ask this playa.

The faces of Microsoft aren't much to look at. But hey, they are rich and can buy all the tail they need!

If this guy can sell these. He shouldn't have any trouble smooth talking a lady. This guy doesn't seem to have a problem. I say Mac users are a happy bunch.

I would be remiss if I didn't mention the BSD folks. Their OS is "infirmed" but they got heart. Just look at their mascot. These guys are classy.

Re:You ask for it

If you keep playing with that thing, you'll go blind.

Death Threats? Hijacking?

If Microsoft employed these tactics, there wouldn't be nearly as many Windows viruses :)

You are crossing a maniacal Mac Fanboy..

[Plutonite]

Cancel or Allow?

Yikes, this is news?

[CleverBoy]

I report that iPhone.com gets acquired by Apple... not news, but virus writer gets death threats, and random rumors and hackery... that's news. Interesting. Don't submit to Slashdot. Got it.

Oh for God's sake

[mstone]

Leave Artie MacStrawman alone. He's an idiot, and we all know it.

And as a side note: if you can only make your point by referring to Artie's behavior, please do the world a favor and just shut up. You won't be saying anything worth hearing.

hii

[sussane]

that's really weird, for his good work he is getting worse. I m with yo my fren...

Re:So this "security researcher" cannot even keep

[db32]

So a security researcher specializing in various deep windows stuff should know the ins and outs of every product on the market that has a web interface and whether or not it is secure? There are plenty of products that have reasonably secure web interfaces, Cisco unfortunately has not had the greatest track record. A generic "he should know to disable the web interface" would also translate into shutting down every interactive website, so it would be a matter of knowing which devices have safe interfaces, and once again you are demanding a bit much. I wouldn't trust a cardiologist to work on my joints just because they have both been to medical school. Maybe my problem is that I associate researcher with deep specialization and skills, not "I R knowing sekurity" of the security hobbyist or analyst).

Re:So this "security researcher" cannot even keep

[Lars+T.]

So what does one qualify as being a security expert? Being a dick?

*~*~*MODERATOOOOORS*~*~*

What the heck is this atrocity of a post doing on /.??? The only reason why I have to post as AC is because I don't want to undo my moderations - I had to skip bumping you down, Sir, in favour of modding someone else up -

[...]concentrate on promoting more than demoting[...]

Exactly whose devnull did you crawl out of? Do you think you are making a point by insulting known overachievers and geekland icons? What are you looking for a whooping or just ranting under the stealthy cover of Mac userdom?
I could counterpost you by dissing Steve Jobs, but really, would that be a mature argument to have? I think not. Arguing by insulting a third party's phenotype is just...despicable and lowly.


Someone PLEASE have mercy and mod this guy (-1, Flamebait). Noone should have to read such rubbish. Thank you.

Serpentegena

===
Edit: Enrique links the photo of Justin Long("-I am a Mac") as a demonstration of the Mac userbase's phenotypic superiority -...he's a frackin' actor, you frackin' imbecile. (Pardon my language)

Sorry

[Enrique1218]

Were you pictured in one of the first 3? I am not the type of guy to put a man down and not help him back up. Here is some advice to bring balance back to your life. First, switch to this. It is a compromise (and not my first choice) but it will give you time to implement my other advice. Second, buy and start using this and these. Third, stop eating these and talk to these people. It is not everything but it is a start. Just imagine yourself as cool as this guy. Read the DISCLAIMER

Re:Sorry

He can use Google images. Guys (Linux people), we've been beat. Someone figured out that little button, we're all done for. Close up shop and head over to the nearest Temple of Jobs to buy your Tool of the Faithful and Holy Icon of the White One.

Posted AC for obvious reasons.

Re: Death Threats are for Kids!

[Jeremy_Bee]

Let's focus on the fact that there are only two black-hat hackers for Mac that have (claimed) to have received death threats for their troubles. David Maynor and the "creator" of the rapeOSX worm. Since death threats are fairly juvenile (and often only exist in the paranoid minds of those that receive them), who does this worm creator remind you of?

IMO, the "voice" behind the worm threat sounds exactly the same as that behind the infamous WiFi exploit/hoax to me. The same juvenile phrasing, the same outrageous claims, poor logic and blindness to the facts. The same sense of humor and the same death-threats.

There is also a psychological truism about hoaxes that's often the cause of their downfall. The hoaxer usually finds it almost irresistible not to associate their name or their identity with the hoax in some way, even if it's obscure or disguised in some way.

What is the very last statement from the "creator" of rapeosx before he signed off for good?
"I am not David Maynor."

Add to this, the fact that this slashdot thread is unusually full of "humorous" one-line anti-Apple jokes made by innumerable slash-dotters that never seem to post on other threads and are primarily new accounts, and I think you have a picture of an egomaniac stirring his own pot and trying to grab at yet another 15 minutes of fame.

Gee... who is it that fits this profile of a juvenile, paranoid, dishonest, black-hat hacker with a certain amount of skill, but not very smart, hates Apple with an unreasoning passion, has a history of outrageous claims that turn out to be untrue, and often tries to manipulate the media and online communities to their ends?

Hmmm....

That's a puzzler for sure. :-)

How can you assume any of this is on the level?

[argent]

Look, this bloke admits to being a crook: he claims he's expecting to be *paid* for finding vulnerabilities, whether by Apple or by some unknown sponsor. He's made exceptional claims about he nature of the flaw he's unearthed, implying that there's a deep flaw in mDNSresponder that Apple will not fix, but he refuses to notify Apple until some payment he's expecting is completed.

Either he's a crook *and* he's undermining his sponsor, or it's a hoax. Even if the alleged death threats aren't part of the hoax, there's no reason to assume they're not from the the guy he claims paid for the research and farm of 1500 Macs to test it on.

MOD PARENT UP

[sam_paris]

Because it was the highly amusing end to a heated thread..

Threatening death is silly

[bandmassa]

For anybody writing viruses, the punishment should be just enough torture each day to keep them in a life of constant and excruciating pain for the rest of their natural life :-/ Especially if they're trying to bring the whole, bullshit, windows-rampant virus/antivirus economy to my beloved platform :-( That just totally sucks.

Cant get a hint

[asm2750]

I guess people cant get it through their head that there is no software or OS that is 100% secure and bug free.

Hahaha!

[alisson]

This is worth at least 57 "lols."