Jimmy Crack Mac and I Don’t Care

March 19th, 2009, by The Angry Drunk

So, CanSecWest ran another one of their “crack shit and we give you prizes” con­tests and sur­prise, sur­prise, the MacBook got cracked.

Ok, before we get this ball rolling let me make some­thing clear. I’m not a secu­rity expert. I’m not look­ing at this as a secu­rity expert. I’ll leave that to peo­ple much smarter than me. So, hav­ing said that, any­one who attempts to ques­tion my secu­rity exper­tise in way of rebut­tal will be shot.

I hate these sort of com­pe­ti­tions, because they are just the­ater. And, while one could make the argu­ment that com­pe­ti­tions like this help spread aware­ness about com­puter secu­rity, I’d argue that they don’t. Here’s why.

The prob­lem with com­pe­ti­tions like this is that the tech media, and the hordes of mouth breath­ing com­menters / forum retards never seem to take away the impor­tant mes­sage. Instead we usu­ally get breath­less hyper­bole (note, I’m specif­i­cally not accus­ing Macworld of that. I linked to them because they were the first story about this that I had open).

Whenever one of these sto­ries breaks, you can be assured that the bulk of the responses will gen­er­ally fall into one of two buckets.

The MacMacs will inevitably come out of the wood­work to point out every tiny flaw and nig­gle in the report. In this case the going meme seems to be: “Well, since this exploit required a user to click a link it really isn’t that bad.” Look, chuckle-nuts, it’s a fuck­ing exploit, Apple needs to fix it. Get over it.

Which leads us to the any­thing but MacMac zealots (Linux, Windows, BlackBerry, take your pick). They, of course, will imme­di­ately begin their chants of “Ha ha the MacBook got cracked. I hate you Apple pricks.” All the time ignor­ing the fact that every­thing gets cracked.

The only one hun­dred per­cent secure sys­tem is one that doesn’t inter­face with the out­side world in any way. Exploits hap­pen, and the goal shouldn’t be to use their exis­tence or lack thereof as a mar­ket­ing tool (and yes, I’m call­ing Apple out on that point as well). The goal should be to patch the exploits that are there now, and work to pre­vent future ones from occur­ring. Unfortunately, the­atrics like the PWN2OWN com­pe­ti­tion do not fos­ter that mindset.

4 comments - (Comments closed)
«  
  »
  • http://moeskido.wordpress.com Moeskido

    Yours very well might be the most sober, thought­ful analy­sis of this issue I’ve ever seen weigh in on this sub­ject. Likewise for your take­down of the psy­chol­ogy of NMD behav­ior.

    The irony is killing me.

  • http://rip-ragged.com/dross Rip Ragged

    What the fuck is thiis? I didn’t come here for insight and rea­son­ing. I come nere for ram­bling, pro­fane, drunken screeds.

    Everybody knows you need at least two sets of closed-minded morons to make a good flame war. MacMac/NotMacMac; Liberal/Conservative; Creamy/Crunchy; Quilted-scented/Plain; Paper/Plastic; Soup/Salad, and what-have-you. But by golly when I come to a site called “The Angry Drunk” I want vit­riol, anger, scotch neat.

    Straighten up, young man.

  • blind­mul­let

    I think you have missed the point of the CanofJohnWest com­pe­ti­tion, which doesn’t sur­prise me because your cre­den­tials for com­ment­ing (in this ridicu­lous new com­ment­ing sys­tem) on secu­rity BANG! uhngggg.

  • http://www.theangrydrunk.com The Angry Drunk

    Good work, you got me. I read that com­ment before my morn­ing gin and thought you were seri­ous for a moment. I wasted pre­cious neural activ­ity com­pos­ing a seething bile-filled rant in reply. Well played!