15 January 2007 @ 13:12Month of Apple Bugs
MoAB
Just a few thoughts on the Month of Apple Bugs (MoAB).
Although I don’t agree with the method MoAB is using to get the bugs out to the public, I can also see the reason behind doing it this way. If these flaws weren’t publicized, they would be more likely to just be swept under the rug. If the general Mac populace doesn’t know about these possible exploits, the community remains quiet and unalarmed while those with malicious intent do their deeds with very little resistance.
LMH, the coordinator or MoAB, could easily have given the found bugs to Apple, and waited a month to release them to the public. This would at least give Apple time to respond with fixes. However, LMH would receive less attention by going public with exploits that have already been patched by Apple. After all, what fun is releasing a proof-of-concept exploit that doesn’t even work.
Then there’s also the issue of Landon Fuller turning down an offer of cooperation with LMH and MoAB. I agree with Landon’s decision, and think that this might look
“dancing with the devil” to some users. But, now we find out that some developers attempted to gain early access to bugs/poc and instead got more than they bargained for. Listen up people, two wrongs don’t make a right, in any circumstance.
So, I will continue to watch how things develop with MoAB, and I would hope to see Apple respond quickly with fixes.
by Jon | Add a comment | Posted in apple, bugs, canary trap, moab | Link to this