Linked by Eugenia Loli on Thu 26th Jan 2006 02:52 UTC
Mac OS X OS X contains unpatched security flaws of a type that were fixed on alternative operating systems more than a decade ago, according to a security researcher credited with finding numerous bugs in Apple's increasingly popular platform.
Permalink for comment 89798
To read all comments associated with this story, please click here.
wtf?
by mikehearn on Thu 26th Jan 2006 19:58 UTC
mikehearn
Member since:
2005-12-31

So here we have an interesting thing

1) A security expert, who works on finding exploits, finds and reports many exploits in a short space of time. From this he concludes that Apples security is poor. I fail to see how this deduction can be logically challenged.

Immediately people who wouldn't know logic if it smacked them in the face decide to launch ad hominem attacks. The article must be crap, because he also writes tools to help companies write more secure code. The thinking seems to be: we shall not let minor details like "facts" bother us, we have shown that the author is not a 100% disinterested observer, therefore his argument must be wrong.

Other people choose to attack his assertion that Apple don't use code analysis tools unlike Microsoft who do. Microsofts use of static code analysis programs developed by MS Research is well documented, these can locate potential bugs in programs quite nicely. Apple clearly cannot use them, because if they did they'd already know about many of the vulnerabilities reported and would (you'd hope!) have fixed them given their seriousness.

Nonetheless, apparently making more logical deductions from the evidence available and some simple axioms (like "Apple fix security bugs they know about"), is frowned upon here.

2) Rayiner, who has actually read the code and knows what the hell he is talking about, tells it like it is, and people who clearly know crap all about operating systems (since when do syscalls run in userspace? isn't that impossible by definition?) throw random bits of marketing fluff around as a "rebuttal".

Ye gods.

Reply Score: 5