Michael Gracie

A taped demo at Blackhat (taped because the demonstrators were fearful someone would interfere) was supposed to show a MacBook wireless vulnerability. As it turns out, the drivers that SecureWorks researchers used were from a third party.

So much for taped demos.

***UPDATE***

You have to love this line:

“As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available.”

Responsible disclosure my ass. Can anyone say “banned from Blackhat demos, for life?”

***UPDATE 2***

Maybe that should be journalists banned from Blackhat instead.

Like my memory of their once superb support.

I am not going to debate Dell’s now inherent negatives - Jeff Matthews has a lock on that - instead, I’ll speak to the experience I last remember, and it was a good one.

The Dell C840 I purchased (and subsequently hacked up) was a refurbished device. When it arrived, the screen had a ding in it, and the LCD was blurred as a result. Bad. I called Dell support, and they immediately scheduled an onsite repair. Two days pass, and no tech arrived. I called Dell again.

I remember not one, but two fine humans taking the case. Once I was transferred from entry level to “priority,” the tech wasted no time telling me they’d help, and help bigtime. Solution - pull a brand new machine off the line and send it my way. No replacement refurb, mind you, a brand new machine. I received it four days later.

That is what I remember about Dell, and the pundits can’t take that away from me. Unfortunately, Apple Computer can make that memory less significant, as my time on the phone with them (due mainly to my early unfamiliarity with the OS), was met with cordiality, patience and rigor as well.

I wish them all luck, as that is where value is headed in the computer age - towards kindness, consideration, and a take-action attitude with the customer.

If only the rest of the world followed that path.

This little battle going on between Microsoft and Apple is getting a bit silly, and the media is certainly playing it to its fullest. Let’s break it down, shall we?

- Microsoft’s latest operating system is delayed, and now Bill Gates is laying long odds on another delay.

- Apple stock is getting beat up because iPod sales are slowing.

- Microsoft announces they are creating an iPod killer just in time for Christmas, and a pretty simple analysis of that possibility creates a lot of doubt.

- Apple is going to release a new operating system, purportedly just ahead of Vista.

So, we have the old guard hampered by delays to its core product chasing a market created by the new guard, just as that market seems to be stagnating. And, we have the new guard pounding away on the old guard’s turf, just as the old guard is getting caught with its shorts around its knees.

Someone get someone else a stiff drink, please, before they go insane.

Hot on the heels of revelations that Windows Genuine Advantage is doing a little more than its EULA says, someone may have found a similar occurence with the latest OS X update.

Apple’s new Dashboard Advisory, which attempts to authenticate widgets, seems relatively harmless (meaning it isn’t passing information back to Apple). Unfortunately, that isn’t the point. The issue is whether Apple is pushing the option without notifying the user and/or allowing them to turn it off.

This 10.4.7 user can’t validate any of this, as he hasn’t seen said feature “pop up” yet. But Ethereal may be running for the rest of the day.

Sophos just released their latest Security Threat Management Report, and the news is not good for all. Viruses are waning, but malicious malware designed to steal you blind (say financially-oriented trojans) is up dramatically. The Sobers and Netskys of the world still lead the charge, but the face of deliver is simply changing.

Then, in the wake of this news, Sophos (who I feel generally maintains an unbiased reporting approach in order to preserve their credibility), adds the following footnotes to their distribution charts:

For malware…

All of the above malware works on Windows; none is capable of infecting Mac OS X.

and their families…

Again, all of the above malware works on Microsoft Windows; none is capable of infecting the Apple Macintosh operating system.

They go on to say…

“It’s more vital than ever that all organisations use an integrated security solution to protect against intrusion, as well as blocking known and unknown malware. On top of this, hackers seem happy to primarily target Windows users and not spread their wings to other platforms. It seems likely that Macs will continue to be the safer place for computer users for some time to come - something that home users may wish to consider if they’re deliberating about the next computer they should purchase.”

This couldn’t be much more timely. I was recently accused of being a well-crafted shill (for OS X, despite the fact I generally promote Linux side-by-side), and a “clueless machead.” Well, let’s just set the story straight.

I was a Windows user since the days of 3.1, moving to 95, then migrating carefully along the NT-based set. I never got an infection (I spent a hoard of money on protective mechanisms), but since I put my machines through their paces, I saw the “blue screen of death” on numerous occasions. Then I stuffed Linux on my Dell laptop, and I was hooked. My “in-the-know” friends lent a helping hand, while my less inclined colleagues continued to struggle with Windows. I found freedom to do what I wanted with my desktop - but it took time. The ensuing months found me spending more and more of my work day on the Linux side of that tricky little dual-boot, dual-drive Dell, even though that work day was primarily financial in nature.

Then one day, I get handed a Powerbook - told to toy with it on a rainy weekend. I did, and what I found was the best of both worlds, so I bought one myself. I’ve stuff a fresh database server on it, used it to test web apps, compiled Gimp and Ethereal for it, and hoards of other half-fun, half-needed things. And I’ve even protected it with anti-virus software (mostly to prevent passing something on to others). It has never crashed to memory dump or been infected, and I can (surprise) still use it to send email, build financial projections, and write letters. And, Linux is still the platform of choice when bringing a server up.

I can’t help but be biased now, but I’ve put in the hours. I promote OS X because the shit works, and I hate seeing my friends struggle (and I hate reformatting their Windows machines, and reinstalling XP, too, although I do it anyway). I’ve gotten numerous people to switch to Linux (and if it had training wheels, they would have probably stayed). Only one migration to OS X as a result of my preaching (due mostly to cost), but it has stuck. Put in the time, or fork up the dough - both are fine by me.

I don’t own Microsoft or Apple or Red Hat stock either.

***UPDATE***

Regardless of what’s really the case, a battle ensued over at Slashdot, and the arguments were top notch.

But it isn’t the weather, which is a balmy 21F right now. The fact that Windows drivers are near completion for what is being touted as the fastest XP laptop around, I can feel that burning sensation in my pocket once again.

The fact that Microsoft doesn’t have a Virtual PC solution for the new Intel-based MacBooks, likely won’t have one (considering the news, it seems a bit futile, eh), and that I have one major service provider that refuses to move off ActiveX windowing for something purely web-based, burns me as well.

What must PC manufacturers are thinking right now is beyond me, but if I was a betting man I’d say they are feeling the heat too.

Apple users best watch out. The OS X platform is gaining popularity in droves, and particularly with hackers security experts. The reasons are clear. It is a UNIX base, user friendly, and virtually every open source tool that one needs is available for a Mac unit, via Fink, DarwinPorts, or otherwise.

While I use a Powerbook, and feel pretty secure, I doubt I am going to thwart a pro. Apple may have the same problem - they aren’t used to all this attention.

Neil Archibald says OS X is full of ancient security flaws, and that the time is nigh for Apple users to get hammered over it.

“The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems, regarding security vulnerabilities,” said Archibald
Read more »

And niether did Jeff Matthews. Matthews is finally tiring of Dell’s plummenting technical support quality. I am wondering why it took a smart guy so long to figure this out.
Read more »

A warning has gone out to PC and Mac users regarding a potentially dangerous buffer overload problem in iTunes and Quicktime movies that could cause system crashes. Apple has refused to comment on the issue, pending investigation - I don’t know what the Windows side of the world is doing about it.

All I can say is that I wouldn’t be particularly worried about downloading an NBC sitcom and having it destroy my machine. In addition, most people using iTunes are doing one of two things with it - either ripping CDs to add to their library, or buying music from the store for the same reasons. Neither, in my opinion, exposes one to much risk.

However, if you frequently download music or your “favorite” video clips (whatever they may be) from questionable sharing networks or websites, I’d be a lot more cautious until the potential problem is patched. Or you can do the right thing and avoid those places altogether (even though that wouldn’t be as fun).