18 July 2007 @ 11:11Got worms?

“Security researcher”, Infosec Sellout, has supposedly developed a worm (broken link — see below) that targets Mac OS X by way of an mDNSResponder vulnerability. Is this real, or is it rumormongering?

I’m not going to say that Mac OS X, or any OS for that matter, is invulnerable to exploits, but it seems that everyone wants to be the first to write a worm for a particular OS and become infamous.

It will definitely be interesting to see where this goes. If this threat is genuine, will Apple swiftly plug the hole? They have no choice but to do so.

The cool thing about publicizing vulnerabilities under a pseudonym, is that if the claim is found to be false, one simply has to change their pseudonym before making their next big claim. If the claim is true, only then might one reveal their true identity. Does anyone else sense a bit of cowardice in this approach?

Update: July 20

broken link: it turns out that someone deleted the post that I linked to. If you read the new post, it also explains a some of the drama surrounding the worm. There has been a lot of name calling and people trying to reveal the identity of Infosec Sellout. Apparently, Infosec Sellout(s) is a group, not one individual.

Update: July 25

“This blog is under review due to possible Blogger Terms of Service violations and is open to authors only”