Generalissimo Francisco Franco: Still Dead; Kieren McCarthy: Still a Jackass

这篇关于Kieren McCarthy博客的帖子显然,他是对他批评他的回应获奖Techworld关于上周来自Apple的AirPort安全更新的文章。

再来一次Security experts warn that there is a hole in one of Apple’s products; Apple says there isn’t a problem; and a month later it releases a fix for itI write a story pointing this out and am faced with mindless abuse from the Apple faithful.

已经错了,three times在开头段落中:

  1. Please point out exactly where any “security expert” issued an unequivocal warning a month ago that there are holes in Apple’s AirPort products真Show me where any self-proclaimed expert has stated this.

  2. Apple从未声明没有问题They stated that SecureWorks showed them no evidence of a problem.

  3. Apple clearly stated when they released last week’s security update that the fixes werefor any issues reported by SecureWorks.

    Exactly the same thing has happened several times in the past and it’s not just me, it’s anyone that points out the startingly obvious: that OS X, Safari, MacBooks, whatever, do not exist within some holy forcefield of invulnerability — they are just electronic products.

有人请翻页Artie MacStrawman

无论是时间还是字节都不值得逐段浏览他的博客宣言,但他的一些指控值得评论他写:

Apple’s new Intel-based Mac laptops face random-shutdowns and a website, macbookrandomshutdown.com, is createdApple refuses to discuss or acknowledge issue.

这是真的 - 如果你假装这篇知识库文章,标题为“MacBook:间歇性地关闭“,不存在。

If a security company, frustrated at delays, goes public with the hole, Apple immediately criticises the company, and then claims the hole is not significant and it knows of no actual exploitsIt does the same every time and this damage limitation is subsequently and consistently shown not to be true.

When exactly has this happened before? When? I’m not arguing that Apple’s response to security issues is perfect; I’ve personally抱怨他们倾向于把它们当作营销问题而不是技术问题(在一篇同样批评Kieren McCarthy的“报道”的文章中并非完全巧合)但是,在此SecureWorks Wi-Fi传奇之前,Apple是否曾批评某家安全公司或研究人员在Mac OS X上公开上市?

你是什​​么能够关于苹果公司对安全问题的回应是,他们倾向于延迟修复它们,只要它们不公开参看William Carrel关于DHCP漏洞的时间表他在Mac OS X中于2003年发现。

然而麦卡锡说苹果公司“每次都这样做”That’s not mere inaccuracy; it’s flat-out making shit up.

What’s crazy is that these exact same criticisms used to made of Microsoft, to the extent that the company’s security image has never recoveredBut rather than go Microsoft’s more open and honest route, Apple has decided to go the ostrich route and rely on its own customers’ fierce loyalty to protect itI really don’t see how this approach is sustainable.

不,有点疯狂的是麦卡锡显然不明白微软的安全形象是如此可怕的原因数以百万计的客户受到实际安全问题的困扰真正的Windows用户每天都受到真实病毒,间谍软件和广告软件的攻击[更新:微软的“开放和诚实的路线”是有争议的也是。]

然而,到目前为止,在2006年,任何人都可以找到遭受Mac特定恶意软件攻击的唯一Mac用户一个单一的双击特洛伊木马的dipshit伪装成Mac OS X 10.5秘密截图的存档- 甚至在那种情况下,特洛伊木马对他的系统或数据没有造成任何伤害,而且写得太差,以至于它无法自我传播。

许多Mac用户关于安全问题的自鸣得意,但并不是因为他们认为Mac OS X对恶意软件无懈可击 - 这是因为似乎没有任何Mac用户存在实际的恶意软件问题只是因为你很高兴你一直健康,你的一生并不意味着你不理智地相信你将来可能不会生病。

那是为什么微软的安全声誉很糟糕,为什么苹果公司是好的Is it good that Microsoft has become more open about its security process, and has started issuing patches to reported issues more quickly? YesIs it a problem that Apple has a tendency of sitting on non-public vulnerabilities? Yes.

但声誉是由结果造成的。