Re: the exploit that wasn't

Tom Reestman wrote:
Steve de Mena (steven@xxxxxxxxxxxxxxx) got drunk after typing this
drivel in news:462a664c$0$19452$4c368faf@xxxxxxxxxxxxxxxxx

DanielEran wrote:
And what about the others? Recall that this was a FULLY patched
system.
What about the other what?

The other Mac Book Pro? It was not compromised. There were two, and
only one was given away.

http://www.roughlydrafted.com/RD/RDM.Tech.Q2.07/616874CC-35CE-49D3-B85
9-C2719B6FF352.html

Instead of discussing what happened at CanSecWest we just get yet another anti-Microsoft rant, rehashing the same old tired myths again and again.

Yawn.

Steve


Another knee-jerk dismissal of a RoughlyDrafted artice, I see.

How is the following not "discusssing what happened at CanSecWest"?

"...Gohring’s article clearly described a local exploit. There’s a big difference between the remote exploits that made Windows infamous for its insecurity and a local exploit of an application."

One sentence of news, followed by twice as much text bashing Microsoft.


"Opening an email URL that exposes a security flaw in Safari is both news to report and a problem for Apple to tackle, but reporting it as a remote exploit is inaccurate, irresponsible, and sloppy journalism, particularly for IDG's InfoWorld, which purports to be an authority on computing."

I'd say that sums it up nicely, and his taking InfoWorld to task for its misleading headline is perfectly valid.

Yes, and thats where he should have stopped. But no....

As for the rest of the article, it goes on to bash Dragos Ruiu's ridiculous statement (quoted in the IW article) regarding OS X security, and does so well. It certainly does not change the accuracy of the above.

Ruiu, as the principle organizer of the conference, specifically brought Microsoft into a security discussion about Mac OS X. That was about as dumb as it gets, and left the door open for RoughlyDrafted to call it for the ridiculous statement that it is.

We hear again and again how "..Unix security has been exhaustively researched by experts for decades." Today I installed Sun Solaris 10 in a virtual machine (Parallels) just to play with it. I installed the 11/2006 u3 build. After it was done it looked for updates and there were about 83 updates, the vast majority (75?) for security issues.

Steve


.

Relevant Pages

  • Re: the exploit that wasnt
    ... On Sun, 22 Apr 2007 19:19:59 GMT, Tom Reestman ... The other Mac Book Pro? ... brought Microsoft into a security discussion about Mac OS X. ... updates, the vast majority for security issues. ...
    (comp.sys.mac.advocacy)
  • Re: the exploit that wasnt
    ... The other Mac Book Pro? ... "Opening an email URL that exposes a security flaw in Safari is both news ... I'd say that sums it up nicely, and his taking InfoWorld to task for its ... ridiculous statement regarding OS X security, ...
    (comp.sys.mac.advocacy)
  • Re: Microsoft Office 2004
    ... Somehow during updates in the past, portions of MS Office was deleted on our Mac Book Pro as well as the Mac. ...
    (microsoft.public.mac.office)
  • Re: Sending wireless
    ... Peggy Grall wrote: ... I have a Mac Book Pro ... Leopard, all the updates. ...
    (microsoft.public.mac.office.entourage)