The "Month of Apple Bugs" Commences...
January 03, 2007
It seems the planned Month of Apple Bugs project has commenced and we have the first 2 bugs (one of which isn’t even related to Apple, it’s a VLC bug (which has already been fixed I might add)).
I like to know I’m secure when using my computer and this month long project certainly seems like it will bring many bugs and fixes to the table. But the manner in which they’ve opted to do this still makes it feel like a publicity stunt and the publishing of zero day exploit code is downright irresponsible! Now, rather than contacting Apple with information and fixes for these bugs, they’ve given just about anyone with half a brain the opportunity to exploit the mac user community.
There’s hope however in the forum of Landon Fuller, a former engineer in Apple’s BSD Technology Group. He’s launched an effort to produce runtime fixes for each exploit posted (needless to say I’ve already added the site to my bookmarks!).
Despite the questionable approach, if this month brings about a security patch from Apple that addresses all of the bugs posted, then we can only really call this a success. I just hope they do it quickly, otherwise a months-worth of exploit code could potentially be quite damaging…
Update
Robert commented on this and left a link to a very nice commentary here which has a bit more insight into this topic. Thanks Robert.
Feedback?
If you’ve found errors or have some feedback please . Comments aren’t currently enabled due to spam but I’m sure they’ll return in the future.