Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You are a brainless fanboy.


It's funny that this got voted back up from light grey. One might have a morbid interest in the list of people who cast such votes.


I'll admit I find it horrifying that Apple gets caught dumping a password into a debug log (that the log was enabled by default is a simpler mistake) and your response, as the resident security expert is basically "nothing to see here, no one uses that feature anyway" without even a nod to the fact that it's a real hole. That it has become the top comment on a very large thread is even more upsetting.

This isn't a minor issue, it's a huge mistake. It's the kind of thing Microsoft did for years when security wasn't part of their culture. I simply can't imagine you reacting that way to software from any other source.


I guess when you spend most of every week finding horrible security flaws, most of them remotely triggerable (since those are the ones clients care most about) it's hard to get too riled up about about an egregious log file hygiene issue that affects only a tiny minority of OSX users.

Or, differently: do you really think that people who can run commands in your Terminal window can't already take control of the OS X kernel?

Also: I object to being designated HN's "resident security expert", and I didn't put my comment at the top of this thread.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: