You’ve heard the hype…everyday in January…everyday for a FULL MONTH the team at “the Month of Apple Bugs” Project were going to expose a new Apple bug…they started out with a bang…
A Quicktime vulnerability.
Admittedly, that’s a decent start. Then came day two…that’s right 48 hours into the FULL MONTH of Apple Bugs we get the second Apple Bug…
A VLC Media Player vulnerability. Wait…what?
The VLC Media Player? The Open Source Media Player that is available on Windows, Mac OS X, BeOS, Debian GNU/Linux, Ubuntu Linux, Mandriva Linux, Fedora Core, Familiar Linux, YOPY/Linupy, Zaurus, SUSE Linux, Red Hat Linux, WinCE / PocketPC, Slackware Linux, and ALT Linux…THAT VLC Media Player?
You’ve got to be kidding me, right?
Well…apparently not. Now, I’m not saying that OS X is perfect. I’m not saying that Apple is perfect, and I’m not saying that if you tried really hard and were really, really smart that you couldn’t find a month’s worth of exploits in Apple Software…but I am saying this:
If you’re calling your project “A Month of Apple Bugs” then have A Month of Apple Bugs. Don’t come out swinging, and then fall on your ass on day 2. VLC is probably the absolute WORST POSSIBLE APP that you could have “exposed” on day 2. Do you know the ONLY app I can think of that would have been WORSE than this? IE for Mac. That’s it. You are literally that close to the bottom of the barrel.
Now, in their defense on their site it CLEARLY states:
Are Apple products the only one target of this initiative?
Not at all, but they are the main focus. We’ll be looking over popular OS X applications as well.
Now, for me, this is the exact point where it became a publicity stunt. The thing is called A Month of Apple Bugs because the team behind it knows that is a high profile, attention getting claim. Hey, I’m with you guys on Apple being High Profile on the web…but if you can’t follow through with actually having a Month of Apple Bugs…then you are going to get SLAMMED for it. On Digg, on blogs, on forums, in comments, and anywhere else where words can be typed. That’s just the way it is.
Now, the team here has a nice dose of sarcasm on their site, which I both like and appreciate…and I agree that somebody digging in, looking for flaws in Apple products and pointing those flaws out is a good thing. It makes them even more secure than they already is…but there is one bit on the site that makes the hair on the back of my neck stand up…
John Doe has written a ‘post’ in his blog, saying he debunks the XXX bug, what’s that?
No worries. It’s probably someone begging for attention or PR-brainwashed. Like good old Dirty Harry said…
De Georgio: You need any help?
Harry Callahan: Go on out and get some air, fatso.
“Begging for attention” that’s the line that chaps my ass. PR-brainwashed…I’ve seen that…I know it exists…but I don’t know that I’ve ever seen a bigger case of the “Pot calling the Kettle Black” as a team put together with a misleading name that is designed only to gather publicity, taking a preemptive strike against those that might actually call them out for what they are doing.
But you know what the WORST part is? The WORST part? They might actually have some REALLY important vulnerabilities lined up for the rest of the month…but I’m not going to be paying attention…and I don’t think most other people will either…because “exposing” the VLC vulnerability on day 2 throws all credibility to the project right down the tubes.
Am I crazy here? Am I wrong? You tell me…if so, I’ll shut up…
Subscribe to the Apple Gazette RSS Feed and stay up to date with Apple News, Site Contests, and Live Macworld Coverage!