Latest in Bonjour

Image credit:

Alleged OS X worm creator disappears


I'm not sure if you've been following the story of "Infosec Sellout" (it's a tough one to follow), but apparently the anonymous Mac hacker has given up blogging about OS X security-- his blog has been deleted and renamed on Blogspot. Just recently, he made headlines by claiming that he'd developed a worm for OS X called "Rape.osx," that hit a known vulnerability in the OS X mDNSResponder, an open source Internet protocol used by Apple. But apparently Infosec Sellout didn't think Apple responded appropriately to his warning (and/or his site was hacked itself), and he's gone quiet.

Robert McMillian of the IDG news service has has contact with Infosec Sellout in the past, and heard from the hacker in an email that "it was a great experiment to see how the industry could handle some honesty, which they can't. They are quick to attack the credibility of others in order to hide their own flaws." From that comment, it sounds like Infosec thinks Apple is somehow claiming to be impenetrable, but as other security analysts say, that's far from true. Still another story is that Infosec's identity was close to being found out, and he quit because of that. Apparently Infosec says that the identity discovery was a factor, but not because he didn't want to be found out, just because he didn't want his employer to be approached by "crybabies."

Strange story indeed. Unfortunately Infosec still hasn't revealed the hack, and says he won't reveal it to Apple until testing is completed.

From around the web

ear iconeye icontext filevr