Linked by Amjith Ramanujam on Sun 3rd Aug 2008 15:56 UTC, submitted by netpython
"Apple Inc. has pulled its security engineering team out of a planned public discussion on the company's security practices, which had been set for next week's Black Hat security conference in Las Vegas."
Permalink for comment 325489
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-07-08
Apple uses BIND for its DNS server, and a patch for BIND was indeed available but it was buggy. A performance issue was discovered on high-traffic recursive servers, defined as those seeing a query volume of greater than 10,000/queries per second.
Sometimes you got to weigh whether the previous version, which had a serious bug, outweighs the bug in the new version, which has a less serious bug. If you wait to get rid of bugs by waiting for bug-free software, you may wait for a long time...
Also, when Apple did patch it, and they did, with the aforementioned buggy patch, they didn't even patch it properly on the client OS, which is less likely to encounter such a scenario. That in spite of documenting that they *had* patched it, like they had, belatedly, for OS X Server.
Edited 2008-08-04 06:21 UTC