Looks like KF and LMH plan on dropping some Mac Bugs at the beginning of the year. It should be interesting to say the least.
You will remember LMH from the Month of Kernel Bugs (MoKB) and you might remember KF from the OSX Inqtana PoC worm and numerous Bluetooth vulnerabilities.
LMH has stated that he "isn't a fan of full-disclosure" and KF has been pretty good at releasing important information in a way that causes little to no damage. For example, the OSX Inqtana worm took advantage of patched bluetooth vulnerability and it ended up going nowhere fast.
With that in mind, I don't think people should freak out too much about what might be released.
In the end, it will serve to prove a point if anything. All operating systems are vulnerable and people should take measures to protect their computers at all times. At the same time, vendors should be open about possible security issues and work to solve those issues in a timely fashion, while keeping the public in the loop (looks at you Apple).
However vendors also have a huge responsible to deal with issues in a timely fashion...if that doesn't happen....the game changes normally.
Month of Apple Bugs (
Check out the SecurityFix blog for more details.
No comments:
Post a Comment