Wednesday, January 03, 2007

The Unofficial Word on "The Month Of Apple Bugs"

I think Dave Chartier at The Unofficial Apple Weblog has the best summary of a very questionable project to expose Apple software bugs to the tune of 1 a day for the entire month of January.

Being the movie buff I am ... I particularly like the horror movie reference.

From TUAW's Dave Chartier:

Kevin Finisterre and someone we only know as "LMH" have launched the Month of Apple Bugs, a site they dub a 'project' with the supposed goal of publishing bugs, hacks and exploits they have found in any and all Apple-related software. Already they have published a QuickTime exploit they've found which could allow remote code execution [and] yesterday they posted a VLC [an open source media player] exploit ... which supposedly offers the same vulnerability.

[Chartier continues] ... I spent almost all of last night sketching and brainstorming ideas, but I honestly can't think of anything more pathetically ego-massaging or FUD-drudging one could do with this information outside of writing, directing, and starring in a horror movie about code exploits. Thankfully, I wager such a movie wouldn't do so well at the box office.

Let me be clear: if these guys have actually found enough problems with software (be it Apple's or otherwise) to fill a whole month of releases, I honestly and sincerely thank them - they can help whoever makes that software to make it better. What is so horrendously wrong with this 'project' is that they're stirring up hype and making news headlines with these exploits, instead of sticking with the traditional and ethical practices of reporting and discussing these bugs with the relevant parties.

Who knows, maybe they already filled out the form (though after reading FAQ #4, I doubt it), but publishing this information and landing themselves all over digg and Yahoo! News isn't going to accomplish anything productive. They complain about slow processes and being annoyed at auto-responders to bug reports, but they fail to offer any legitimate reason or positive justification for publishing code like this. Patience and civility are virtues, and while I can completely understand being annoyed at faceless bureaucratic processes that fail to tingle the 'hooray I did something good!' bone, publishing this code in this manner has absolutely no positive merit for anyone, and causes nothing but undue harm to the Mac community they so smugly feign an interest in. [FixYourThinking note: smugly is a key word ...maybe disdainfully is better]

... I'll promise to stomp my feet about this 'project' as little as possible, as we at TUAW would rather focus on the positive. Over the month, we'll offer context and solutions for the bugs Mr. Finisterre and "LMH" publish, in an effort to help the Mac web create something positive out of this questionable month-long bug report. Stay tuned.


Link for full TUAW story

Apple Community instantly responds with a fix to Apple Bug A Day expose'

My suspicion is that this is being spearheaded (or at least partially organized) by Maynor and Ellch - infamous for the Wireless Hack from 2006.

No comments: