Links
Hacker plans to reveal 30 Apple security flaws
By Jim DalrympleMarch 22, 2010, 7:17 am PT
Charlie Miller said he will reveal 30 security flaws he found with Apple’s Preview application at the CanSecWest security conference. Twenty of the flaws were found in the way Apple’s Preview app handles PDF documents. Unfortunately, because Safari uses the same code, he says a computer can be hacked using a malicious Web page too. Miller will demonstrate the flaws, but hasn’t decided whether or not to tell Apple.
He’s also considering keeping the details of his bugs secret and watching to see how long it takes the software vendors to patch them after his Vancouver talk. While that would leave users vulnerable to the secret vulnerabilities he’s found, Miller says it could also help reveal more about just what software companies are doing–or not doing–to patch their products’ flaws.
Researcher Will Expose 20 Hackable Apple Security Flaws [Forbes]
Please take a minute to Tweet, Like, or Share this post with your friends.
TweetShare
Email This Post
⋅ 
Print This Post
⋅ Post a comment
Discussion
10 comments so far
10 Responses to “Hacker plans to reveal 30 Apple security flaws”
Leave a Reply
Hacker plans to reveal 30 Apple security flaws
By Jim DalrympleMarch 22, 2010, 7:17 am PT
Charlie Miller said he will reveal 30 security flaws he found with Apple’s Preview application at the CanSecWest security conference. Twenty of the flaws were found in the way Apple’s Preview app handles PDF documents. Unfortunately, because Safari uses the same code, he says a computer can be hacked using a malicious Web page too. Miller will demonstrate the flaws, but hasn’t decided whether or not to tell Apple.
He’s also considering keeping the details of his bugs secret and watching to see how long it takes the software vendors to patch them after his Vancouver talk. While that would leave users vulnerable to the secret vulnerabilities he’s found, Miller says it could also help reveal more about just what software companies are doing–or not doing–to patch their products’ flaws.
Researcher Will Expose 20 Hackable Apple Security Flaws [Forbes]
Please take a minute to Tweet, Like, or Share this post with your friends.
TweetShare
Email This Post
⋅ Print This Post
⋅ Post a comment
Discussion 10 comments so far
10 Responses to “Hacker plans to reveal 30 Apple security flaws”
Leave a Reply
Charlie Miller, the Barney Fife of computer security.
This guy is an attention-grabbing scumbag. His grandstanding trick this year? Maybe he won't tell vendors of the vulnerabilities. (They probably have people at the event.) I wonder what attention-grabbing trick he'll use next year to keep people's attention on himself?
He didn't notify Apple? So much for white hat hackers.
"Charlie Miller, the Barney Fife of computer security."
Well he is probably quite competent, but I am with Eric in thinking that he is an attention whore. Find the flaws, tell Apple in confidence and then feel good about yourself because you did the noble thing. Have you all noticed that in the recent Apple Security updates they gave credit to the people and organizations that found the holes that were fixed.
Charlie Miller's the Barney Fife of computer security, because he has an over-developed sense of self-importance.
In the past, I've defended this guy because he was mostly responsible. It sounds like he has decided that a small bit of fame (infamy) is more important than his reputation now. That's pretty sad.
Responsible? He takes his payments at contests rather than malware, but I can't help but wonder if that's just because the contests pay better on the Mac.
I thought Macs were secure?
How many free computers has this guy won at security "conferences"?
LOL!