Skip navigation
Menu
Security

Stupid Security Tricks?

I'm not sure whether this new trend is stupendous or plain stupid. You be the judge.

First came "The Month of Browser Bugs," and it caused quite a stir, plus is exposed a lot of security problems in browser as was fully intended. Fine.

Then came "The Month of Kernel Bugs," which revealed a range of problems in various platforms, including Windows and Windows-relate products.

Next, someone announced "The Month of Oracle Database Bugs," but for some undisclosed reason that project was cancelled before it ever started. We might be able to discern at least two possible reasons on our own anyway.

And now here we go again with the upcoming "Month of Apple Bugs" slated to begin in January 2007. This is supposedly to help people stop thinking that Apple computers are bullet-proof. Ya right. This makes no sense to me. Most Apple users are not technically inclined and thus they are as oblivious to computer security as are millions of Windows users. So how would an security-oblivious person even be able to think their OS X system is bullet proof. Sure, there are a handful (out of the millions) of Apple users who might, maybe, think their OS X is bullet proof. Just like a handful of Windows users do.

On the one hand this trend of disclosing security problems is beneficial since it does help get problems fixed. On the other hand, millions upon millions of people are put at risk when the bugs become public knowledge before patches are available.

Granted, vendors sometimes take forever and day to fix security problems. But do the bugs have to be exposed completely in order to get a vendor's attention. Would it suffice to post extremely vague info to show that the bugs exist and that specific vendors are dragging their feet about fixing the problem?

I tend to think that there is another, deeper, yet mostly superficial motive behind these "Month of Bugs." I think the motive is directly related to a need for personal attention (grandstanding). This assertion that "I'm doing to help people" seems like a bunch of nonsense.

But that's just my opinion. And certainly I've been wrong plenty of times.

Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024