The reaction of the Apple faithful to the disclosure of a security hole in the design of Apple OSX was amazing. A couple of guys figured out that you could trick OSX into executing some foreign code with root privilege by sending a malformed packet to a third-party wireless LAN card. The guys – David Maynor and Johnny Ellch – have been viciously attacked by the Kool-Aid drinking Apple faithful:
I was absolutely shocked when I ran across these stories on Digg. I had personally video interviewed Maynor and his partner Jon “Johnny Cache” Ellch and these two gentlemen were very honest and straightforward. But as soon as I read the stories, the stench began to rise. Maynor and SecureWorks had been telling the truth the entire time and they had falsified nothing. The only falsification going on was the stories themselves! Not only did Dalrymple and Chartier and others like them not follow the most basic of journalism principles to at least check with the source, they apparently didn’t even bother looking at the original video of David Manor released by SecureWorks.
The Faithful claim Maynor and Ellch alleged something they didn’t allege, and are therefore out to get Apple.
The saga continues on George Ou’s ZDNet blog today. It seems to me that the flaw the dudes found depends on bad behavior from both the driver and the OS, and if it exists on one vendor’s product, it certainly can exist on others as well. So Apple and its faithful should simply fix the problem and stop smearing people.
Is that too much to ask?