Woe is Jon Ellch!
Perhaps the most laughable element of the SecureWorks saga is the idea that Apple has orchestrated a “smear campaign” against David Maynor and Jon Ellch.
George Ou-the-Humanity! has pimped this idea for over two weeks, but now Jon Ellch has broken his silence (antler tip to Daring Fireball). Silence, that is, if you don’t count the frequent conversations with George Ou.
Ellch refuses to take Gruber’s bait and mostly focuses on the technical details of the exploit SecureWorks demonstrated, implying it’s all very complicated and it’s really only the kind of thing experts understand.
While the Macalope is sure the technical intricacies of the exploit are beyond his reckoning, he’s fully qualified to discuss the PR elements of this story. And Ellch and Maynor still have a number of steps to complete in their 12-step journey to PR recovery.
Am I doing a very good job of winning this PR smear campaign lynn fox ignited? No.
Sorry, Jon, but don’t look any further than the mirror when you’re looking to place blame for this PR debacle.
You and David Maynor shot your mouths off about a vulnerability in the MacBook and then backpedalled when angry Mac users demanded you prove the vulnerability exists. Now you claim you don’t want to confirm it because it wouldn’t be responsible.
Some have taken Lynn Fox’s statement as a refutation of the existence of an exploit. It’s not. It’s a refutation of Maynor and Ellch’s professionalism. If the argument was soley about the science of whether or not Apple’s Airport is vulnerable to SecureWorks’ exploit, Maynor and Ellch would simply sit back and wait for their vindication via an Apple update.
But Apple took a shot across the bow of SecureWorks’ professionalism. They botched their delivery and then – according to the Macalope’s Apple sources – provided only vague information to Apple about how the exploit can be executed.
Maybe they felt they should be paid for their time to help reveal a problem with Apple’s drivers. And maybe they should. But the Macalope would suggest that getting the attention of a prospective client by publicly dissing them isn’t such a great business model.