At 7:52 PM +0100 10/29/03, Ragnar Sundblad wrote:
>--On den 29 oktober 2003 13:03 -0500 Adam Shostack <adam (at) homeport (dot) org [email concealed]> wrote:
>
>>I think that announcing a set of security issues, and saying "the fix
>>is to upgrade your entire OS" is not a great disclosure strategy.
>
>I certainly agree here, as do we all, I think. Let me just again
>point out that we don't know yet if this is what they say.
>
>All of you who care, please show them that you do.
>Either register for a developer account (free) and send
>a bug report on <http://bugreport.apple.com>, or send an
>email to product-security (at) apple (dot) com. [email concealed]
>
>/ragge

As an OSX admin I am with you all on this. Here's another place to
speak up. This is the link from the icon in the OSX Dock.

<http://www.apple.com/macosx/feedback/>

I'm hoping they're in the process of doing the right thing and just
haven't announced it yet. The wording of Apple's security
announcement did make me wonder though.

Kurt

[ reply ]