Researchers schedule January as 'month of Apple bugs'

 

Gallery

Posted on 20 Dec 2006 at 15:41

Two security researchers intend to kick off the new year by detailing a range of Mac exploits.

Kevin Finisterre, an independent security researcher, and a hacker known only as LMH, will begin publishing information on vulnerabilities in Apple products on 1 January 2007. Each day they plan to disclose one flaw involving Apple's operating system Mac OS X or applications that run on the OS. Neither individual plans to notify Apple before publishing the exploits.

The hacker said in media reports that Apple should speed up the process of fixing vulnerabilities 'as it takes a long time for an issue to get fixed, and more for getting the patch released to the users.'

LMH also ran the month of kernel bugs project last November which featured vulnerabilities in OS X. The two say they will reveal previously unpublished security holes.

Security research H.D. Moore started the latest craze for 'a bug a day for a month' with a month of browser bugs which revealed flaws not only in Microsoft's Internet Explorer, but also in Mozilla Firefox, Apple's Safari and Opera.

LMH told the Washington Post that in the long term this project would only strengthen security in OS X.

'Right now, many OS X users still think their system is bulletproof, and some people are interested on making it look that way,' LMH told the newspaper.

Author: Rene Millman