MacDailyNews - Where Mac news comes first

If it's true, they need to be prosecuted just like anyone else who tries to hack others peoples personal property.


Pushing the envelop just a little too far.

F%&K;these AssH$s;.

Must be paid by Microshaft.

We hate grandstanding scumbags like these Bug guys.

I POOP on these Leno-sucks!

I agree with Toby. This is illegal they should b prosecuted.
Aren't they supposed to be anonymous? Soon they'll be John Does #1 and #2.

1. Assholes
2. Okay, they made an image that crashes a program. So?

Productive, aren't they?

Perhaps not as bad the guys just arrested for planning to kidnap, torture and behead a British soldier in the UK... but I'd still squeeze their tiny testicles to pulp. Not that I'm violent or anything.

Alberto Gonzalez, hello! Time to sick the DOJ on these fools!

Neutral and unbiased, my a$$!

Camino is not affected by this.

I'll bet this isn't even the Bug o' the Month Club people...! You'd have to think they would realize that "we" the Mac community would be able to find that code pretty easy, and I doubt that they would use such vulgar language, if they are truly trying to be taken seriously. I'd be willing to bet that this jpg thingie was hacked onto their page...! Wonder what computer their website is run on? ; )

Get a grip guys. This is actually a good thing. It spots a vulnerability in the OS.

This may expose other similar weaknesses as well.

Apple will fix it and that will be one less bug that anyone can exploit.

It's only a matter of time until the first one appears.

In case it wasn't apparent before, the MoAB guy LMH (little mac hater) is a dick.

I am running Safari on 10.3.9 and it did basically tie up the browser. However the page worked in Opera.

<sarcasm>I would like to stick a lit cigarette in his eye if I were to ever meet him.</sarcasm>

Nothing happens with Firefox 2.0.0.1.

Got Virus? "It's only a matter of time until the first one appears."

Perhaps, but so far its been almost 6 blissful years without a virus to worry about. Or any other malware for that matter. I think I can live with that.

I think I'll just sit back and let MDN tell me when there's something to take note of on the MoAB site.
.
.
It's just safer that way.
.
.
Right?

Haven't been back since MacDailyNews stop posting them over here, BUT seems that if the vulnerabilities had continued to be listed here, then fewer users would have need to go to their site anyway.

I new it - who do we sue.

Well, here it comes, sciggaley thingys for the Mac - Only 113,000 more to go and we'll have caught up to Windhoes.

It is possible that this was hacked onto their page. But given the nature of the MoAB people, it's not unreasonable that they themselves did this.

When was the last time you heard anything about the "Month of Mac Bugs"? Three weeks ago?

The poor slobs expected the Internet to explode in terror as their slew of shocking exploitations chilled Mac users everywhere to their core, unplugging their ethernet cables to protect themselves from the coming storm. Instead, people looked at their first few bugs, said "Is that the best you can come up with?", shook their head and laughed, and went on with their lives.

I imagine the MoAB guys are in a pretty bad mood right about now. I'm not surprised that they'd try a bitter stunt like this. "Ignore US, will you? We'll show you! We'll show you all!"

Of course, since most Macs users don't care about their pissy little crusade, and aren't visiting the site, very few will be impacted by this.

No but really - Is it perfectly alright for anyone to publicly announce that they're going to be "looking for holes" in someone else's product? Basically advertising that they will be creating bad things meant to explore the proverbial vulnerabilities of a software product? If something they create gets out, whether its really bad or just sort of a nuisance, is there absolutely no culpability? Ooops, that's it? You gotta be kind'n me.

That would be 113,999

That was weird. Safari just had hang up. Had to force quit. Could moab have placed something here?

Hrm seems to be quicktime .. downloaded it tried to open it in preview hung the finder and preview .. tried to open it in QT in windows xp with parallels blew that up too..

Those guys are playing with fire. Even with the disclaimer, if they intentionally planted a bomb on their web page, they should be prosecuted.

Out of curiosity I clocked on bug #29

My safari froze...had to force quit
My photoshop froze...had to force quit
My entourange froze...had to force quit

Tried to restart....wouldn't accept the command

Had to yank the plug.

Somebody ought to shoot those bastards.......

I was so mad I spelled clicked wrong....


Shoot'em twice....grrrrrrrr

The bug is apparently in Core Graphics, so any program that uses the routine and tries to open the malformed JPEG 2000 (.JP2) may hang.

From the MoAB fixes post by Matt Beaumont:

"FWIW, the relevant library is Kakadu [1], licensed by Apple for use with CG. It lives in
'/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Framew orks/ImageIO.framework/Versions/A/Resources/libJP2.dylib'. "

That which does not destroy me-
Makes me stronger

In this case I would favor Apple layers sue them and have the FBI knock at their door as with any other malware moronic fscking idiot out there.

Then it would be "Don't fsck with Mac OS X and its users or you'll regret when you'll spend few nights in jail. MORON"

Not to take into account that the entire collection of their bugs is risible. If anything they are making Mac users just raise shoulders and laugh at one more wannabe cracker of Mac OS X.

Yup, the Web page hung Safari for me. I'm running 10.3.9 with all the latest. Type command-option-esc to force-quit.

Hey looper: What you did is nothing more magnificent than spray painting graffiti on a wall. GET A LIFE. Otherwise, you'll probably be 29 years old before you get laid for your first time (when your parents aren't upstairs). Looser.

No really, does anybody know a good attorney?

In other news Apple recently had to pay bloggers $700,000 in attorney fees to defendents claiming freedom of speech violations...

Are we bloggers? And is our freedom to use something other than Windows being directly and illegally attacked by this MOAB entity? Just wondering...

My question is, is this the best they could do? So an application hung? That does happen from time to time, but a virus that erases my HD or steals info from my computer is another story. THAT would have been scary.

These guys are just ticked off that:
a) Apple has become so incredibly popular (first and foremost).
b) They couldn't find anything really nasty.
and
c) They don't get laid as often as Mac users.

"Farva! Your suspension... CONTINUES!"

CPT SM

I've been following the MoAB since the beginning and my opinion as an average user (not a programmer or a security expert)

A lot of the bugs were for apps that I dont use.

A lot of the bugs rely on malformed inputs and seem like they can be fixed relatively easily.

Only a few of the bugs could conceivably be used to take over a Mac, most will just crash the computer. LMH will argue that any crash can allow exploitation, but this doesn't really seem that plausible for most of the bugs.

Turning off "Open Safe Files after Downloading" and running as a normal user (not as an Admin user) will mitigate several of the potential exploits.

LMH is a jerk and a hypocrite.

waitaminnit... the Month of Apple Bugs is over? that's it? no Earth shattering discoveries? no flood of malware? no Macs going up in smoke? and in order to make my browser crash i have to visit the MoAB website?

that wasn't even worth the time...

"No Earth shattering kaboom?"
-Marvin the Martian

"Jealousy makes the bones brittle", Let the rage begin with all the windows loser's jealousy over Mac OSX!!!!!