Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Mac Worm Author Gets Death Threats

kdawson posted more than 7 years ago | from the stranger-and-stranger dept.

Worms 244

StonyandCher write(s) to spread news about the strange story of the reported Apple OS X worm, which is growing stranger by the day. The blog of the researcher who claimed to have created the malware reportedly received death threats. The blog was then hijacked, according to the researcher, who calls him/herself InfoSec Sellout. InfoSec blamed David Maynor for hacking the blog. For his part, Maynor apparently unmasked himself as "LMH" and InfoSec as Jon Ramsey. The post to the Fuzzing mailing list has not been independently confirmed.
Update: 07/19 13:48 GMT by KD : David Maynor wrote in and denies that he is LMH.

Sorry! There are no comments related to the filter you selected.

Note to self (5, Funny)

Ogive17 (691899) | more than 7 years ago | (#19912937)

Don't cross a mac fanboy....

Re:Note to self (4, Funny)

Whiney Mac Fanboy (963289) | more than 7 years ago | (#19912993)

Don't cross a mac fanboy....

Amen Brother - I would never do that ;-)

Re:Note to self (5, Funny)

vigmeister (1112659) | more than 7 years ago | (#19913187)

Amen Brother - I would never do that ;-)
Yeah... Once the Church of Apple declares you an SP, there is no escape for you since it is alright for them to "keep you down" and eliminate you. Of course, in the CoA, SP stands for 'Sensible Person' :)

P.S. Oh! my god! The zipper on my flamesuit is STUCK! I'm so getting burnt.

Cheers!

Re:Note to self (-1, Troll)

obergfellja (947995) | more than 7 years ago | (#19913071)

Windows users are use to getting hacked, Linux users can fix the problems. But MAC... there is a fine line between intelligence and insanity. And of course, art is an expression of the inner-self. Mac is known for various art styles. Before you hack a Mac, check the content to ensure that the Mac user shows the intelligence side. (don't get into a huff over this, I am just pointing out stereo-types)

Re:Note to self (0, Offtopic)

Ngarrang (1023425) | more than 7 years ago | (#19913075)

Don't cross a mac fanboy....
And don't stand between two people having a KDE vs. GNOME argument. It is a shame to see two geeks fight. Remember kids, "Fan Boy" is not a compliment.

Re:Note to self (5, Funny)

jdray (645332) | more than 7 years ago | (#19913639)

KDE vs. GNOME?! Graphical user environments?! Kids these days! Back in my day, all we had was the good ol' fashioned vi vs. emacs argument, which I would like to point out to you is still going. I tell you what, that baby has stamina. None of these high-falutin' graphics and acronyms of capitalized letters, no, our flamewars were all lower case, the way they should be. We were so busy arguing, we didn't have time for shifting cases.

And all this business about Windows versus MacOS versus Linux? What has this world come to? All we had to argue over was OS/400 versus VMS. And the computers weren't even ours. We had to steal time on them from the neighbors, in the middle of the night when they weren't looking. And we had to sneak our terminal cables through their open windows, standing on snowdrifts in our bare feet. We couldn't afford shoes, because we spent all our money on our one lone screen. And it wasn't even 132 columns...

Re:Note to self (5, Funny)

mulvane (692631) | more than 7 years ago | (#19913805)

Least you had night!!! In Alaska, we had to do it in broad daylight half the year!! And our nearest neighbor was a snowdrift away!! You ever see a snowdrift in Alaska? Size of Deleware they are!

Re:Note to self (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#19913243)

Why? What does the Mac fanboy do? What can he do? The same stuff Linux fanboys do, flail their arms rambling incoherently?

Computer nerds are weaklings. Couple of slaps and they go home crying. Beating them up is not very satisfactory (their attempts to fight back as laughable) but it's fun nonetheless.

Computer nerds think they are smart. They don't feel smart anymore after being dunked into an unflushed toilet. They think they are superior. They sure don't look superior when we force them to eat dog shit. They picture themselves as heroic rebels against The Man. The don't look any heroic or any rebellious when they cry and beg for mercy as we twist their arms.

Beating up nerds is not just a pastime, it's a calling. We beat up nerds because beating up nerds is good. It's right. It sounds just righteous when our fists smash pimpled faces, when we break crooked teeth, when we deform geeky faces with a relentless bombardment left-right-left-right until all that is left is a bloody pus-ridden pulp.

So, what are Mac fanboys going to do, huh?

Re:Note to self (1)

tak amalak (55584) | more than 7 years ago | (#19913359)

The irony of you AC diatribe is delicious.

Re:Note to self (1)

sohare (1032056) | more than 7 years ago | (#19913443)

The irony of you AC diatribe is delicious.
Not everyone is a karma whore.

Re:Note to self (2, Insightful)

cp.tar (871488) | more than 7 years ago | (#19913395)

How fitting, that a person glorifying beating up weaklings writes as Anonymous Coward.

Re:Note to self (5, Funny)

elrous0 (869638) | more than 7 years ago | (#19913249)

Does this mean I should end my genetic experiment to cross-pollinate a Mac fanboy with a Scientologist to produce the world's most pompous asshole?

Re:Note to self (0, Flamebait)

rootofevil (188401) | more than 7 years ago | (#19913335)

if you could either add in or make sure one of them is a born-again christian, youd easily have the most annoying person imaginable.

Re:Note to self (0, Offtopic)

canUbeleiveIT (787307) | more than 7 years ago | (#19914303)

I wonder what you would get if we mixed a Linux fanboy and an atheist...oh, never mind it would be a slashdork living in his mother's basement.

Now, let's see if this gets modded "Funny" like your post or "Flamebait."

Re:Note to self (2, Funny)

Chas (5144) | more than 7 years ago | (#19913541)

Yep. Nature beat you to it by several decades at least.

Life found a way.

Now prepare to be nibbled on by velocimactors before finally getting chomped on a toilet by Lord Xenu's Applesaurus Rex.

Re:Note to self (-1, Troll)

mulvane (692631) | more than 7 years ago | (#19913873)

Does this mean I should end my genetic experiment to cross-pollinate a Mac fanboy with a Scientologist to produce the world's most pompous asshole?

Mix in a little Windows Zealot and we could at least rest assured they would self destruct themselves.

Mac "Security" forces (0)

Anonymous Coward | more than 7 years ago | (#19913295)

Wow, those Apple zealots sure get surly when you take away their illusions of having a secure OS.

Good thing that guy never saw SecurityTracker.com... if he sent a death threat for every bug and exploit in OSX, he would be busy for the rest of his life and still never finish.

You might be a Mac zealot when... (1, Funny)

Anonymous Coward | more than 7 years ago | (#19914069)

You love your computer so much you will kill for it. Of course I'm the same way with hot dogs. Don't mess with my Hebrew Nationals!

Re:Note to self (1)

Ilgaz (86384) | more than 7 years ago | (#19914349)

Don't cross a mac fanboy....
Especially don't do if you are using a Mac whereever possible like me. :)

It really creates some real schizoid situation.

Woohoo!! (3, Funny)

Rob T Firefly (844560) | more than 7 years ago | (#19912943)

It's been far too long since we had a nice bit of hacker drama! Now, where did I put my popcorn and my MOD vs LOD t-shirt...

Local network only (1)

KiloByte (825081) | more than 7 years ago | (#19913257)

Yeah... and, considering that the worm in question can spread only on the local network, we know it's a person close to the virus writer.

Good chances for actually carrying out the threat, a small number of people to investigate... can be interesting. Grab some popcorn for me too?

That'll teach you (1, Funny)

Anonymous Coward | more than 7 years ago | (#19912945)

Artsy types get violent when they get mad.

Re:That'll teach you (0)

Anonymous Coward | more than 7 years ago | (#19913293)

Yes. See any drama on furaffinity.net.

Should have picked a softer target (5, Funny)

DrXym (126579) | more than 7 years ago | (#19912947)

He would have been better off picking a weaker target such Islam. You don't want to mess with those Mac zealots.

Re:Should have picked a softer target (0, Troll)

iknownuttin (1099999) | more than 7 years ago | (#19913059)

He would have been better off picking a weaker target such Islam. You don't want to mess with those Mac zealots.

Oh oh! I have these cartoons showing MACs blowing up and Steve Jobs carrying them.

Re:Should have picked a softer target (4, Funny)

elrous0 (869638) | more than 7 years ago | (#19913225)

Of course they're blowing up. They contracted their battery design out to Sony.

Re:Should have picked a softer target (5, Informative)

jdray (645332) | more than 7 years ago | (#19913743)

showing MACs blowing up and Steve Jobs carrying them

It's early yet, and the coffee hasn't kicked in, so I'm feeling a bit snippy. Please grant pardon for this:
When posting among confirmed geeks, you should understand the difference between "Mac" as a shortened colloquialism for "Macintosh," a brand of computer system, and "MAC," an acronym for "Media Access Controller," a component of a network controller, as in "my MAC address is 0F:BA:29:C6:D5:18." If you want to refer to a Macintosh as MAC, go post over at PCWeek.

Re:Should have picked a softer target (0, Offtopic)

superbus1929 (1069292) | more than 7 years ago | (#19914381)

Who the fuck modded this down as a troll? Is this the week the Apple fanboys got all the mod points or something?

Now we know (5, Funny)

blueg3 (192743) | more than 7 years ago | (#19912949)

Now we know the real reason there is less malware for the Macintosh.

Re:Now we know (3, Insightful)

Sponge Bath (413667) | more than 7 years ago | (#19913331)

I wish they would apply this technique to spammers.

Re:Now we know (3, Funny)

Mutagenic (1105159) | more than 7 years ago | (#19913415)

just because you are so unpopular you cant get laid doesn't mean you cant catch a STD.

Re:Now we know (5, Insightful)

cp.tar (871488) | more than 7 years ago | (#19913435)

Security by malware author assassination?

Hey, if it works... I'm buying a Mac.

Re:Now we know (5, Funny)

RealGrouchy (943109) | more than 7 years ago | (#19914459)

Security by malware author assassination?

Hey, if it works... I'm buying a Mac.

There's MS's problem right there. They need to develop a chair that is fatal when thrown.

- RG>

Re:Now we know (2, Interesting)

MouseR (3264) | more than 7 years ago | (#19914619)

Just don't spread the word. We work in the shadows ;-)

*) standard disclaimers apply; for entertainment purposes only; your results may vary.

Well That's one way ... (5, Funny)

mshmgi (710435) | more than 7 years ago | (#19912953)

Well, that's one way to keep an OS safe, I guess. Just think how secure Windows would be if Bill Gates focused his vast resources on killing every malware author. Ballmer would probably do the dirty work cheap ... just for the thrill of it all.

Why, Bill might even have a few million bucks left over at the end of the day.

Re:Well That's one way ... (1)

XxtraLarGe (551297) | more than 7 years ago | (#19913007)

Ballmer would probably do the dirty work cheap ... just for the thrill of it all.
No doubt by throwing chairs at them, even!

Re:Well That's one way ... (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19913069)

Just think how secure Windows would be if Bill Gates focused his vast resources on killing every malware author.

The downside would be a shortage of Linux developers....

Sounds familiar.... (5, Funny)

MarcoG42 (1087205) | more than 7 years ago | (#19912955)

Wasn't there some stories about religious zealots threating professors who taught evolution recently? It all begins to make sense now...

So it seems like.. (0, Redundant)

vigmeister (1112659) | more than 7 years ago | (#19912965)

There WERE in fact Mac viruses written... but Jobs had death threats sent to the authors and they backed off on deploying them... Well, better MO than anti-viruses and firewalls :)) Good to know you have a mafia behind you if you have a Mac... but question is if they ever require you to do 'favors' for them?

Cheers!

Re:So it seems like.. (0)

Anonymous Coward | more than 7 years ago | (#19913043)

Steve Jobs already did. Remember? He said that you need to buy an iPod ONCE A YEAR.

If your iPod is more than 12 months old, don't get too used to your kneecaps.

Re:So it seems like.. (3, Funny)

mwvdlee (775178) | more than 7 years ago | (#19913045)

The high pricetag of a Mac is enough protection money to last a lifetime.

More likely it is another publicity stunt (3, Insightful)

vivaoporto (1064484) | more than 7 years ago | (#19913009)

More likely it is another publicity stunt, to make their work to look more "legitimate", to get more people to side with them (the "I may not agree with what you say, but would defend to death your right to say it" crowd), to generalize even more the feeling that Mac users are dangerous fanboys disconnected with the reality, etc.

The only thing easier than to make threats to people on the Internet is to fake threats to oneself on the Internet. We got plenty of these drama queens in the nineties, hopefully this is not a trend that will come back.

Re:More likely it is another publicity stunt (2, Interesting)

jcr (53032) | more than 7 years ago | (#19913235)

I agree, it smells like BS to me. None of the claims have been substantiated, neither the alleged worm itself, nor the alleged threats.

-jcr

Re:More likely it is another publicity stunt (5, Insightful)

Anonymous Coward | more than 7 years ago | (#19913677)

"None of the claims have been substantiated, neither the alleged worm itself, nor the alleged threats."

You mean like all of Maynor's other allegations?

I've posted to his blog a few times, especially the ones where he is claiming that he is being censored (??? I can't say what I'm saying on my own blog because they won't allow me to say what I'm now saying, but I'm saying it, but I'm really not because of a world conspiracy) -- but surprisingly, my comments never show. Only the comments where others are obviously blowing him get through. Of course, I'm not going to claim censorship -- thats bullshit -- only a government can censor, where as you have every right to disallow contrary thought in your own living room.

But everything about this man smacks of sensationalism. For instance:

"It was a great experiment to see how the industry could handle some honesty, which they can't. They are quick to attack the credibility of others in order to hide their own flaws."

What? Someone announces a flaw, but says they won't talk about it, hints that they will sell it to the highest bidder, and the company doesn't want to deal with you??? And then when they don't bite, claim that you were actually pre-compensated for writing this virus from someone else (now who would gain from this? Spammers? Scam Artists? Mafia? Microsoft? The only ones that would gain are the scum of the earth and he has no problem claiming to take money from them).

And finally:

"I made up the LMH identity for bashing Apple and appearing on the media while I was preparing for launching Errata Security with Robert. Since my credibility was severely damaged after the wireless driver exploit, I needed a sock puppet."

Admitting that he was manipulating the media, and has an ulterior motive to bash Apple, solely for bashing Apple. The guy lied in the first apple hack, he manipulated the media, worse yet -- academic dishonesty through his publication of the 'hack' at a conference with a setup that was guaranteed to work, even when they later claimed even if it did work, it would take a few hundred attempts to even crash a machine, and far more than that to weaponize it (i.e., nearly impossible).

AND HE ACTS SHOCKED THAT HIS CREDIBILITY IS DAMAGED AND BLAMES 'FANBOYS' WHO HE PREVIOUSLY STATED HE WANTED TO STICK CIGARETTES IN THE EYES OF AS THE REASON FOR HIS LACKING CRED.

What an idiot. I hate to give the man any more air time, but I hope this is the final straw. From what I understand, he use to be a pretty good security analyst...now its just all about the publicity and not actually doing any real work. I wish there was some real and credible persons working to find holes in OS X. I use it as my daily computer. I know one member of my team found one hole a few years ago and reported it to one of the developers and it was fixed quickly (and they were properly credited for it). I know there are holes in the system, like any system, and they need to be found. And unfortunately, the only ones working on finding anything are more interested in the sensationalism than anything else.

Re:More likely it is another publicity stunt (2, Interesting)

blowdart (31458) | more than 7 years ago | (#19913871)

However if it is true it's not the first time people poking fun at the Mac have had death threats; Overclockers had them [wired.com] when they pretended to put an Intel/Windows motherboard/system inside a G5 case and Maynor reported death threats [zdnet.com] after his Wifi debacle.

Re:More likely it is another publicity stunt (5, Insightful)

CopaceticOpus (965603) | more than 7 years ago | (#19913575)

The problem here is that the death threats need to be translated from blog-speak to their real world equivalents.

Blog-speak: thats dumb
Translation: I respectfully disagree on that point.

Blog-speak: ur a fuckin loser noob go eat shit
Translation: I strongly disagree, and hold you in low esteem.

Blog-speak: im gonna come find ur house and chainsaw you into pieces and feed u 2 my dawg
Translation: I find your opinions reprehensible and I see no value in continuing this discussion.

I don't know if it is even possible to express a legitimate death threat in blog-speak. Perhaps with punctuation it could be done.

Re:More likely it is another publicity stunt (1, Insightful)

Anonymous Coward | more than 7 years ago | (#19914397)

Blog-speak: im gonna come find ur house and chainsaw you into pieces and feed u 2 my dawg
Translation: I find your opinions reprehensible and I see no value in continuing this discussion.

I don't know if it is even possible to express a legitimate death threat in blog-speak. Perhaps with punctuation it could be done.


The law takes a dim view of death threats. Even on blogs.

Could be a great way to shut up a mac fanboy though!

Re:More likely it is another publicity stunt (1)

tlhIngan (30335) | more than 7 years ago | (#19914509)

More likely it is another publicity stunt, to make their work to look more "legitimate", to get more people to side with them (the "I may not agree with what you say, but would defend to death your right to say it" crowd), to generalize even more the feeling that Mac users are dangerous fanboys disconnected with the reality, etc.

The only thing easier than to make threats to people on the Internet is to fake threats to oneself on the Internet. We got plenty of these drama queens in the nineties, hopefully this is not a trend that will come back.


Or heck, how about some malware writers eager to get their hands on some valuable zero day vulnerability? I suppose some of these people set themselves up for it - by not disclosing to the vendor, etc., making it really valuable on the malware market (without vendor notification, it means the exploit will most likely work, and thus something can spread in the wild before it's caught - valuable for that next spam campaign).

And the bug-a-day crap would just as easily anger these malware writers who could use these in their next campaign, but now it's public knowledge. As they already use it for criminal activity, what's another death threat or two to someone who can impact your money making scheme? And now, there's an undisclosed vulnerability that supposedly works - why not try to get the guy scared enough so he'll release it to you so you can make the next big spam botnet?

Can anyone help (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#19913011)

with locating some Cory Doctorow fan-fic? I already gots Cory felates Mickey while copyfighting the Martians, and I'm jonesing for more.

Unacceptable (3, Insightful)

Ngarrang (1023425) | more than 7 years ago | (#19913021)

It is as if the fanatics actually believed their OS was so secure it had no security holes.

Re:Unacceptable (1)

Selfbain (624722) | more than 7 years ago | (#19914485)

The strategy is to have faith the Mac OS is completely secure without evidence and viciously attack anyone who says otherwise no matter what proof stands in our way. Hey, its worked before...

fuzzing] The Truth (4, Informative)

djupedal (584558) | more than 7 years ago | (#19913039)

[fuzzing] The truth [linuxbox.org] Lance M. Havok:
>br> "Since the cover is becoming more difficult to maintain, I've decided to stop this. It simply can't stand anymore and I can't let this harm my company and its customers.
I am David Maynor. I made up the LMH identity for bashing Apple and appearing on the media while I was preparing for launching Errata Security with Robert. Since my credibility was severely damaged after the wireless driver exploit, I needed a sock puppet. The idea of LMH and the Month of Apple Bugs came a while after I resigned from SecureWorks."

Re:fuzzing] The Truth (2, Informative)

shawnce (146129) | more than 7 years ago | (#19913391)

[blockquote]bca2fee517ff50ddd01bb7d6ed9c3043
The above MD5 hash of a text file should serve as a proof in case
someone attempts to deny the statements of this message.[/blockquote]

Anyone care to tell me how expects the above to prove the email message you quoted is legit? If it is only a text file that David Maynor has how are we supposed to know what it is? If it is a text file that we can get at then how is the MD5 hash of it useful?

Re:fuzzing] The Truth (1)

djupedal (584558) | more than 7 years ago | (#19913701)

If you have the hash, how many people can supply the text file that matches? Only the author of the message...thus closing the loop.

Re:fuzzing] The Truth (0)

Anonymous Coward | more than 7 years ago | (#19914225)

Or, anyone who re-types the statement into a text file and generates the same hash.

Re:fuzzing] The Truth (1)

djupedal (584558) | more than 7 years ago | (#19914361)

huh..?

The hash isn't of the statement, Mr. Wizard...

Re:fuzzing] The Truth (0)

Qzukk (229616) | more than 7 years ago | (#19914623)

Oh Yeah? Well, dbb3def560c4e620d61db69ea4c154d2 proves he's wrong! After all, it's a hash of a text file too!

don't write viruses/worms and brag about it (1, Insightful)

acomj (20611) | more than 7 years ago | (#19913051)

Hi

I'm ____, I wrote that worm that messed up your computer costing you tons of time an agravation. Here's my email if you want to thank me.
--------------
although in this case it more like "I may have written a worm the exploits a now patched problem".

Threats are inappropriate but seriously, what did he think would happen?

Re:don't write viruses/worms and brag about it (0)

Anonymous Coward | more than 7 years ago | (#19913127)

1. Do something stupid
2. *
3. Profit!

He thought he had found the magic step, or possibly he was looking for hot grits!

Re:don't write viruses/worms and brag about it (1)

obergfellja (947995) | more than 7 years ago | (#19913145)

he probably thought it would be like windows, where the company doesn't give a flying ----, until they can send a patch out on the first tuesday. or like Linux and people fix it themselves.

Well, (-1, Troll)

Anonymous Coward | more than 7 years ago | (#19913063)

those faggots are sooo melodromatic, what did you expect?

Re:Well, (3, Funny)

Anonymous Coward | more than 7 years ago | (#19913125)

The Spanish Inquisition?

So this "security researcher" cannot even keep his (0, Redundant)

antifoidulus (807088) | more than 7 years ago | (#19913065)

own blog from being hacked? Remind me to talk a couple of large grains of salt with whatever he says in the future. I'm not saying he is totally discredited, but it seems to me that doing something as simple as securing a blog shouldn't be that hard for an expert security researcher.....

Re:So this "security researcher" cannot even keep (4, Insightful)

stubear (130454) | more than 7 years ago | (#19913157)

You're assuming he hosts his own blog and you know what they say about assuming. Beyond that, why is his message less credible? if he can prove the worm works, the message is still the same, even if his blog is hacked. Perhaps the person responsible for hacking his blog is simply a much better hacker? There are so many variables to consider that your comment seems ridiculous when you even begin to look at even a tiny fraction of them.

Re:So this "security researcher" cannot even keep (1, Funny)

Anonymous Coward | more than 7 years ago | (#19914193)

you know what they say about assuming
You make an ass out of "u" and "ming"?

Re:So this "security researcher" cannot even keep (0)

Anonymous Coward | more than 7 years ago | (#19913387)

What you just said is the equivalent to "Their web site sucks, so I'll dismiss their work because it must suck too!"

He may not give a flying fuck about the security of his blog. He may be busy researching other, more important security issues!

Only on /. could such an ad hominem attack get a +5 insightful.

Re:So this "security researcher" cannot even keep (0)

Anonymous Coward | more than 7 years ago | (#19913469)

His blog was on blogspot so it's not exactly like he had much control of it's security.

Re:So this "security researcher" cannot even keep (1)

db32 (862117) | more than 7 years ago | (#19913613)

In your world do all CCIEs know how to manage web servers because a cisco device can have a web interface? Who hosts it, who owns the server, who wrote the code, and please tell me you aren't part of the crowd that believes anyone in the field of security somehow should be expected to know everything about all possible aspects of it? There is simply too much to know, and typically researcher types are going to be even more specialized than the generic "Hi, I R here to sekure ure network!" Security Analyst or whatever.

Allow me to say: WTF? (1, Funny)

mattgreen (701203) | more than 7 years ago | (#19913089)

I really hate people sometimes. How can anyone be so stuck on themselves that they issue death threats because someone creates a virus for the operating system they use? In doing so, they are saying, "I'd rather you be dead than deal with the possibility that what you created would endanger my computing platform."

If you don't think that is sick, I'm not sure what is. This sort of fanaticism is extremely dangerous, and essentially a curse upon the Apple community.

Re:Allow me to say: WTF? (1, Interesting)

daeg (828071) | more than 7 years ago | (#19913291)

How do we even know the threats are legitimate? I'm not saying death threats are something to be fooled around with, but for someone already pulling stunts, it isn't a leap of logic to assume they will pull further shenanigans to get even more publicity.

I would take everything this man says with a large grain of salt.

Re:Allow me to say: WTF? (1, Interesting)

ivan256 (17499) | more than 7 years ago | (#19913299)

It's more likely the guy is a troll and you took the bait.

Gives new meaning... (1)

sircastor (1051070) | more than 7 years ago | (#19913133)

to the old Apple blog "As the Apple Turns"

no death threat (2, Funny)

4play (720611) | more than 7 years ago | (#19913159)

They just implied not to release the worm or he would be dealt with using their iphones like they did at duke

Wait... (5, Insightful)

whisper_jeff (680366) | more than 7 years ago | (#19913189)

Wait, so someone who claims, without providing proof, that they found/created a vulnerability in an operating system is now claiming to have received death threats and claiming that their blog was hacked? Again, without providing any real proof?

Uh, yeah. Count me skeptical.

Can anyone say "attention whore."

Re:Wait... (3, Funny)

shentzu (457013) | more than 7 years ago | (#19913283)

yet you will notice that all the slashdoters assume he really has a virus and assume he really had threats made against him.

hating Apple is like believing in god, apparently. no amount of proof for it needed, no amount of proof against is enough....

Re:Wait... (0)

Anonymous Coward | more than 7 years ago | (#19913301)

Yeah, I can say whisper_jeff...attention whore, sorry. It's so easy to get the two mixed up.

Re:Wait... (1)

phoenixwade (997892) | more than 7 years ago | (#19913329)

Wait, so someone who claims, without providing proof, that they found/created a vulnerability in an operating system is now claiming to have received death threats and claiming that their blog was hacked? Again, without providing any real proof?

Uh, yeah. Count me skeptical.

Can anyone say "attention whore."
"Cynical" is more like it..... But you are not the only one...

Re:Wait... (1, Funny)

Anonymous Coward | more than 7 years ago | (#19914549)

You really find it so hard to believe that someone's found a security hole in a piece of software as large as an operating system? It's been done thousands of times before, it's not like there's no precedent to make this difficult to believe.

And you find it hard to believe that a Mac fanboy would issue death threats to someone who is attacking their operating system/Way of Life?

You're just being sarcastic, right?

Probably already being used ... (0)

Anonymous Coward | more than 7 years ago | (#19913239)

So it might not have been the Mac Fanboys issuing the death threats ...

Most likely hackers were already using that hole, and who don't want it patched are quite irritated that they will have to find something else to attack, which takes time and effort.

Cognitive dissonance (5, Insightful)

manekineko2 (1052430) | more than 7 years ago | (#19913309)

Cognitive dissonance is truly a funny thing. It's fascinating the lengths the human brain will go to in order to protect its version of reality.

The New Ad (4, Funny)

Dystopian Rebel (714995) | more than 7 years ago | (#19913419)

PC: Hi, I'm a PC.

Mac: And I'm a Mac. PC, who are all those people smacking you in the head and rifling your pockets?

PC: [Sigh] Those are viruses and worms. Even though I scream "DENY! DENY!" as loudly as I can, they keep smacking me in the head and rifling my pockets. You know how it is.

Mac: Actually, I don't. You see, with a Mac...

[One of the worms moves sinisterly toward the Mac. A man in a black suit appears suddenly from the right and collars the worm, shaking it roughly.]

Man In Black Suit: Listen, woim. If you takes one more step taword da Mac kid, I'm gonna whack you and yer whole family, see?

Worm: Uh... uh... I'm just a proof of concept.

MIBS: Concept shmoncept. Not only will I whack you and yer family, I'm going to hack yer blog so bad it'll look like AintItCool.com.

Worm: [panics, runs away, screaming]

MIBS: [Claps hands as though rubbing dirt off. As he leaves to the right, Mac slips him a small paper sack.] Tanks, kid.

Mac: As I was saying, with a Mac, there are no viruses.

Re:The New Ad (1)

WhiteRider (1129293) | more than 7 years ago | (#19913539)

I hope someone from Mac is reading this...it would make a great commercial!

Re:The New Ad (1)

newbish (909313) | more than 7 years ago | (#19914079)

Murder its part of the "Mac Experience" and its now part of your support contract.

Re:The New Ad (1)

dema (103780) | more than 7 years ago | (#19914433)

Subtle.

Maybe if Windoze Luzers... (1)

Farfnagel (898722) | more than 7 years ago | (#19913447)

...had been this aggressive against virus writers in the beginning, Windoze might be less of a 'virus propogation agent' today.

Unverified claims to support unverified claims (4, Insightful)

argent (18001) | more than 7 years ago | (#19913487)

Sheesh.

Now we have unverified claims of death threats to add credibility to unverified claims of worms attacking a deep flaw in mDNSresponder... a flaw so subtle that Apple wouldn't be able to fix it without the help of said anonymous researcher who's allegedly received death threats over it.

Now this could all be true, but then SCO could really have thousands of lines of Linux code copied from UNIX they're still hiding so they can bring it out in a dramatic eleventh-hour release and snatch victory from the jaws of defeat.

I don't doubt that there's flaws in mDNSresponder. I don't doubt that you could write a worm to exploit them. I don't doubt that Apple is capable of fixing one symptom of a flaw rather than the cause... they've done it before. But there's nothing new here... schemes like Rendozvous/Bonjour/Zeroconf and the superficially similar "Universal Plug and Play" in Windows are a compelling target for potential attacks and have been criticized in the past. They're not needed for the normal operation of the system, and should be disabled unless you actually know you need them and are on a known secure LAN ... and recipes and utilities for disabling both have been around for years.

But there is no way that any legitimate security professional would proceed in the manner that the people alleged to be involved in have been behaving over the past several months. The whole presentation of this affair seems almost designed to discredit the security community in the public eye.

Notify Apple, then release the details. There's no other ethical course of action.

I think this is great (1)

verybadradio (1129207) | more than 7 years ago | (#19913595)

This is wonderful. More people who write worms, viruses, send out spam, annoying pop ads or another annoying services should be treated like this. To those out there involved in stopping this kind of thing, you have my support.

sad (2, Insightful)

tvon (169105) | more than 7 years ago | (#19913629)

This whole thing is getting a lot of coverage for what basically amounts to "random dude claims OSX vulnerability, produces no evidence to substantiate claim".

The responses are entertaining to read though. Hoards of morons attacking the Mac platform and users without any evidence that there is anything actually wrong. Lots of straw man arguments (nobody with half a brain ever said OSX was impervious to security issues), lots of hate... so much hate.

Like a bunch of catty middle school girls...

Re:sad (-1)

Anonymous Coward | more than 7 years ago | (#19914203)

He can post whatever he wants on his own blog. He didn't ask for his story to be posted on Slashdot so that idiots like you who will
comment on something they know nothing about.

http://www.securityfocus.com/bid/24924 [securityfocus.com]

Whats worse? (1)

xhydra (1083949) | more than 7 years ago | (#19913641)

Whats worse.
biting an Apple and finding a worm in it
OR
biting an Apple and finding a half a worm in it?

I would kill the SOB myself.

Yours Truly

Mac FanBoy #1

David Maynor != LMH (2, Informative)

OriginalArlen (726444) | more than 7 years ago | (#19913671)

David Maynor just posted this to Full Disclosure; the post claiming to be from him and asserting that he's LMH was spoofed [blogspot.com] . Who'd a-thunk it, mail spoofing on a security list... DUH!

Re:David Maynor != LMH (0)

Anonymous Coward | more than 7 years ago | (#19913815)

No I am LMH!!! Bwhahaha.

unmasking (0)

Anonymous Coward | more than 7 years ago | (#19913921)

I think its a pretty good idea to idenify virus and spyware makers. Hell post their pictures and addresses too so that we can all show them how much we love their kind :)

Jobs has a Blade Runner squad on hand ... (0)

Anonymous Coward | more than 7 years ago | (#19913959)

... to terminate the processes of worm, virus and malware authors as well as any other pestilent replicant that attacks the safety and security of OS X.

Jesus (0, Troll)

suv4x4 (956391) | more than 7 years ago | (#19913977)

Check this out: the first like 10 posts in this article are +5 Funny.

Slashdot: the place where death threats are funny!

Re:Jesus (1)

Rob T Firefly (844560) | more than 7 years ago | (#19913995)

Slashdot: the place where death threats are funny!
Correction: the place where death threats against malware authors are funny.

Mac doesn't have enough of an audience.. (1)

i8myh8 (859764) | more than 7 years ago | (#19914137)

..on the computer side to make anyone want to write a worm/virus. You wouldn't try and make a name for yourself in the snow shoe business in Miami, why would you write malicious code for a Mac?

As far as death threats go, that's believable, though the guy making the claims is probably just some attention whoring drama queen. You know the type, new illness every week, back trouble, relationship trouble, no one likes me, nobody wants to play with me, Timmy stole my fire engine, Bobby is teasing me.

Mac, we shoot people in the face! (1)

FictionPimp (712802) | more than 7 years ago | (#19914175)

This is the perfect antivirus strategy. You write a virus, we go to your house and shoot you in the face. No need for security patches any longer.

Where do i sign up? (1)

nurb432 (527695) | more than 7 years ago | (#19914341)

I would like to be there to help out during the lynching.

Let me see if I have this straight... (1)

catdevnull (531283) | more than 7 years ago | (#19914497)

Let me see if I have this straight:

-A guy anonymously says he found an exploitable hole in mDNSResponder (isn't this open source?) under MacOS X.
-He says he's still working on it and refuses to disclose himself or his findings
-A few idiot trolls post about busting a cap in his head or some such and now he's in hiding.

Jeez. You'd think he posted a pro-Microsoft or anti-Linux article on Slashdot or something.

I think it would be funny if he had the exloit on his website and all the Apple fanbois who posted from Safari were infected. I think he would have the last laugh.

Uh....I'd better check my box...
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?