Bring it on
There is much about this to chap the average Mac user’s ass.
- The attempt to steal some thunder from Macworld by picking January.
- The fact that Apple will not be notified of the bugs before hand.
- The distinct odor of Artie MacStrawman in LMH’s assertion that “many” Mac users think OS X is bulletproof and “some” want it to look that way.
But the Macalope is willing to overlook all that because, ultimately, he believes this statement is true:
LMH said that while his upcoming project had the potential to at least temporarily make security more tenuous for the average Mac user, he believes that in the long run the project will improve OS X security.
Unlike the SecureWorks fiasco, this will happen in the open. The bugs will be published with sample code and Apple will have to respond with a fix. It’s not pretty, it’s not completely ethical, but like pulling a Band-Aid off really quickly, it’ll work.
If it happens at all. Somehow the SecureWorks “tell-all” never happened and, as Krebs alludes, Oracle likely shut down the Month of Oracle Bugs.
And the Macalope seems to remember something about someone at Oracle being friends with someone at Apple…