Apple's reputation for offering greater security than rival operating systems such as Windows will come under the spotlight in January.
Two individuals, independent security researcher Kevin Finisterre, and a hacker called LMH, say they plan to publish a previously unknown Apple vulnerability every day throughout January. The pair will be scouring Apple OS X and applications that run on top of it.
Finisterre has found a number of bugs in Apple's software in recent years. In early 2006 he wrote a proof-of-concept worm that spread between OS X machines via a Bluetooth vulnerability.
The "Month of Apple Bugs" was first reported on a Washington Post blog. In the posting, LMH claims that the initiative could help improve OS X security — which already has an impressive track record on security.
"Right now, many OS X users still think their system is bulletproof, and some people are interested on making it look that way," LMH said.
Supporters of Apple will typically react strongly to claims that the platform is becoming less secure, as some security vendors and researchers have claimed. Take-up of Macs is growing, partly due to the success of Apple's iPod, and the recent move to Intel chips could help the company grow its market share further. This, some claim, will inevitably make it a more tempting target for hackers — if they can find vulnerabilities to exploit.
Finisterre and LMH's plans have already sparked debate, both on the original Washington Post blog posting and around the internet. On the Washington Post site, Apple-user Ben commented that "there very well could be vulnerabilities in Mac OS X, but they are not real, they don't affect anyone... especially not in the way that millions of PC users' machines are crippled by exploits and spyware and essentially rendered useless because of a weak operating system."
Thor argued that while Apple users should take security seriously, the Mac platform offered greater security. "No reasonable user of any computer system, including Mac users, believes their system is bulletproof. Every system has flaws, and everyone needs to be cautious," wrote Thor. "It's just that, relatively speaking, there is very little in the way of real malware 'in the wild' that affects the Mac OS. This is due to a combination of the small market share of the Mac and its security architecture, as it is harder for malware to be installed without generating a prompt for administrative password."
Apple itself said that: ""Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users. We always welcome feedback on how to improve security on the Mac."
CNET News.com's Tom Krazit contributed to this report.
Talkback
This article could easily have been spun wholeheartedly anti-Apple, respect to Graeme for a balanced story.
I have been heavily critical of the seemingly anti-Apple stance of ZDNET in previous articles, lets hope this is the start of a new approach :-)
Nice one.
Well the only reason they are doing this will be to generate publicity for themselves and not for any philanthropic principles.
The thing is though there seems to be a lot of negative Apple publicity lately and while most of it seems to blow over as mis-reporting or misrepresentation the subsequent changes in story never get the coverage that the false allegations received in the first place.
So generally Apple are undergoing a sort of death by a thousand cuts - which is most certainly reflected in their share price. I wonder if any competition is due out shortly for a competitive product for OS X? Makes you think...
I'm with you John, there is a sinister low level anti-Apple undercurrent to a lot of IT reporting. I guess it's not surprising considering how many pies m$ has it's grubby little fingers in.
I was pleased that Graeme's latest article was a lot fairer and more balanced than we're used to, whether this trend continues is another matter however.
I just wish everyone would see what's happening here and I really hope Apple is able to overcome all this negativity and mud-slinging and come out shining.
Guess we'll just have to wait and see....
I think the ZDNet.co.uk seem to try harder than most to get the facts across. Tech reporting isn't that hard... especially in these days of the interweb thingy. What is hard is extracting any company generated spin on news that gets spewed out from marketing companys. Graeme did pretty well here and Rupert also seems to try very hard to put things over fairly.