How childish

Hmm, I wonder what their goal is in "trying" to block you. Are they thinking they can silence their critics that haven conclusively proven what they said about some things is incorrect? I mean, you pretty much schooled them on the DMG bug "exposé" you did. Or... I wonder if they're more angry at the fact you got Secunia to downgrade their rating.

Looks like you are pissed at them... you could have taken that screenie after they removed the ban or whatever was in place. Nothing to see here but a rant.

Actually I believe the attempt at blocking is still in place.

And I’m not “pissed at” LMH or info-pull. I happen to think that what they’re doing is wrong, and that there is a significant risk that it will have a negative impact on end-users. There is also the matter of LMH’s continued propensity for insults, which frankly I don’t particularly appreciate.

There will only be a negative impact on the users if Apple and Co refuse to patch these vulns. Nobody can contest that in the past they have showed a rather less than adequate response in regards to patching vulnerabilities, so if this is what it takes to get them fixed, then it /is/ better for the end user. If Apple doesn't get to the patching, then maybe its time for these threatened users to re-think their OS of choice.

- Nex

That’s a rather naïve view, for various reasons. Firstly, it isn’t possible for Apple to patch all of these issues immediately; even if you assume that the MOAB project get their diagnosis right, Apple still have to think carefully about how to fix some of these issues, and one or two of them are not actually all that simple to fix. Even the MOAB fixes people, who have been trying to come out with fixes quickly, haven’t manage to patch everything quickly (the DMG issues in particular are a thorny problem). Plus, a number of the problems reported so far are not, in fact, Apple bugs, but bugs in third-party software.

On top of that, as has been demonstrated time and time again on the Windows platform, not everyone installs the security fixes in a timely manner, not every bug fix is without problems, and the black hats are constantly on the look-out for problems that will let them compromise machines so they can turn them into zombies to distribute spam and/or carry out DoS attacks.

The fact is that publishing the details of security flaws prior to the availability of a vendor fix—on any platform—puts end users at increased risk. It is irresponsible and unnecessary, and users shouldn’t have to put up with it. Frankly I’d like to see it made illegal, and if that’s not possible then maybe someone should bring a class action suit against people who do this kind of thing to discourage it.

For some reason this reminds me of people microwaving dry sponges.

:-) :-) There was a chap on TV in the U.K. from the Royal Society for the Prevention of Accidents (yes, it really does exist) trying to tell people not to microwave wet sponges, never mind dry ones.

Actually, RoSPA’s website is great; for instance, did you know that in the United Kingdom in 2002, 128 people were injured in accidents involving a goat? This and other worthwhile facts can be found here.