, SecurityFocus 2007-03-01
ARLINGTON, VA. -- Security researcher David Maynor got some measure of vindication at the Black Hat DC Conference this year.
Expand all |
Post comment
Maynor reveals missing Apple flaw
2007-03-02
David Taylor (2 replies)
David Taylor (2 replies)
You got it all wrong Robert
2007-03-05
Anonymous (1 replies)
Anonymous (1 replies)
Re: You got it all wrong Robert
2007-03-05
Robert Lemos (1 replies)
Robert Lemos (1 replies)
Didn't Maynor originally claim that the flaw allowed arbitrary code execution? And even all this time later the recent demo was Denial of Service? A flaw yes, but not the same thing at all! Why trust Maynor's word about the so called email "evidence" that he detailed the exploit in Apple's Broadcom driver in this case?
So if I send a message to Microsoft, "Hey, don't freak out, but there is a flaw that allows arbitrary code execution in Vista. My buddy and I are still determining what other platforms are affected so we are not giving you the specifics. Instead, we are giving a demo showing a Denial of Service attack on a Windows CE device!"
Whatever. Maynor wanted to give Apple a quick poke to the eye, and be praised by Apple (and the community) at the same time. If he wants credit as a security professional, maybe he should at least act professionally.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11445/34360#34360