Please support our Tech Talk advertiser:
Featured Entry 
Jan 2nd, 2007, 8:02 pm
While Apple has displayed a new banner on its website declaring Happy New Years, "The first 30 years were just the beginning. Welcome to 2007," the Month of Apple Bugs has been launched, as if to scorn Apple's website banner.
The Month of Apple bugs aims to reveal a new bug everyday related to Mac software. So far, 2 vulnerabilities have been revealed, a serious QuickTime flaw that is present in both Mac and Windows computers equipped with QuickTime, and could potentially allow arbitrary code execution when a user visits a booby-trapped URL using the rtsp protocol. The other vulnerability discovered was a similar flaw in VLC, allowing aribtrary code execution when using the UDP protocol.
Previously in November, the Month of Kernel Bugs revealed a new bug everyday in the Linux kernel. It turned out to be quite a success, with 30 whole bugs revealed at the end.
Is this project a good idea? Absolutely. First of all, it's a blow to the smug Apple fanboys who believe that their Macs will never be compromised by a hacker. It takes away the false reputation that Macs are invulnerable to the problems that Windows is prone to.
Next, it will improve the security of OS X. No doubt Apple will fix the flaws (just as the Linux developers got busy fixing the bugs revealed by the Month of Kernel Bugs), provided that the bug is at their end and not connected to third-party software.
Many people are now getting worried that these bugs exposed by this project will be used by hackers to exploit the Macs that everyone thought were safe. However, here's what I have to say about that: the bugs were there before, and hiding them doesn't make you any safer, it simply gives you a false sense of security. Being aware of the bugs (even if the hacker is also aware of them) makes you a little bit safer. Secondly, the "vulnerability" you feel should only be for a brief while. Apple will likely release patches for the bugs, and you'll be even better off than before this project was launched.
And if they don't? Then you can forget Apple as that company you always thought wrote bug-free software.
The Month of Apple bugs aims to reveal a new bug everyday related to Mac software. So far, 2 vulnerabilities have been revealed, a serious QuickTime flaw that is present in both Mac and Windows computers equipped with QuickTime, and could potentially allow arbitrary code execution when a user visits a booby-trapped URL using the rtsp protocol. The other vulnerability discovered was a similar flaw in VLC, allowing aribtrary code execution when using the UDP protocol.
Previously in November, the Month of Kernel Bugs revealed a new bug everyday in the Linux kernel. It turned out to be quite a success, with 30 whole bugs revealed at the end.
Is this project a good idea? Absolutely. First of all, it's a blow to the smug Apple fanboys who believe that their Macs will never be compromised by a hacker. It takes away the false reputation that Macs are invulnerable to the problems that Windows is prone to.
Next, it will improve the security of OS X. No doubt Apple will fix the flaws (just as the Linux developers got busy fixing the bugs revealed by the Month of Kernel Bugs), provided that the bug is at their end and not connected to third-party software.
Many people are now getting worried that these bugs exposed by this project will be used by hackers to exploit the Macs that everyone thought were safe. However, here's what I have to say about that: the bugs were there before, and hiding them doesn't make you any safer, it simply gives you a false sense of security. Being aware of the bugs (even if the hacker is also aware of them) makes you a little bit safer. Secondly, the "vulnerability" you feel should only be for a brief while. Apple will likely release patches for the bugs, and you'll be even better off than before this project was launched.
And if they don't? Then you can forget Apple as that company you always thought wrote bug-free software.
This blog entry was written by John Altenmueller, staff writer aka John A. It has received 2,067 views, 0 comments, and 46 linkbacks. 1 voter has rated this entry 5 out of 5 stars. It was promoted to featured status Jan 3rd, 2007.
•
•
•
•
3g adobe apple at&t battery blog bugs cell cell phones cisco cloud computing copyright dell digital drm flash google hardware iphone ipod itunes jbennet legal leopard linux mac macbook macbook pro macworld microsoft mobile mobileme mp3 music news os os x osx phone rimm safari samsung security serunson smartphone store touch screen tv vista windows
All Recent Tags Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Tech Talk Marketplace
Related Blog Entries
- Viacom defends itself over YouTube data log disclosure (23 Hours Ago)
- Apple slow to patch iPhone security holes (1 Day Ago)
- Microsoft 'Equipt' to Battle Free Software (1 Day Ago)
- 12,000 laptops lost in US airports EVERY WEEK (2 Days Ago)
- Ballmer Again Chomping At The Bit for Yahoo (3 Days Ago)
- Apple iPhone 3G creates shortage of flash memory chips (3 Days Ago)
- Seeing double, twice, with Matrox M-Series QuadHead GPU (4 Days Ago)
- Good-bye Windows XP, Hello Open Source? (4 Days Ago)
- Tux, Please Pass The Packets. (5 Days Ago)
- The ipodmechanic is sued by Apple (8 Days Ago)
Related Forum Threads
- "Apple" Linux..... (Mac tips 'n' tweaks)
- Windows on a mac?! (Mac Rumors and Reports)
- OLD Mac fans? (pre OS X) (Apple Hardware)
- Is windows the best OperatingSystem ?? (Windows NT / 2000 / XP / 2003)
- Power Mac G5 not booting! please help! (OS X)
- PC Guy that wants a Mac (Mac Rumors and Reports)
- Mac cpu? (Motherboards, CPUs and RAM)
- OSX - .DS_Store (OS X)
- D-Link DWL-122 Does NOT Work (Apple Hardware)
- usb to parallel ieee1284 bridge driver (OS X)
