Ou yes? Ou no.
Posted September 21, 2006
By The Macalope
Apple released a wireless security patch late today, noting that SecureWorks
…did not supply us with any information to allow us to identify a specific problem…
It’s just as the Macalope has been saying to George Ou all along. David Maynor lacks the raw physical talent to convey the concept “a heap buffer overflow can allow attackers to cause system crashes, privilege elevation or arbitrary code execution” through the medium of interpretive dance.
Try telling that to Ou, though, and he’ll just insist that Maynor’s an artiste and is misunderstood in his time.
Glenn Fleishman has a good synopsis of the controversy.
Trackbacks
-
[…] George Ou… uh… responds in comments. […]
Leave a Comment
In Maynor’s defense, the dance community hasn’t yet settled on an effective system for conveying the emotions involved with wireless ethernet standards. It’s entirely possible that Maynor, Apple or both failed to keep up with the newest developments and miscommunication resulted. The Fosse movements that convey the feeling of “malformed packet” look very similar to those one would use when making a childish semi-threat against millions of strangers.
Hey that’s a nice spin. What the hell did you expect Apple to say? You’re all full of shit.
Aww, poor Georgie is mad that he was wrong, as usual.
But what can you expect from a moron who says a couple of days means 4-9. Or states as “fact” that Atheros does not have anything to do with the MacBook drivers with no evidence whatsoever, and then has to backpedal when the real facts come out.
George, you’re an idiot. A complete blithering nincompoop. Even better, you’re completely unaware of how certain regulations work. A security update is a major communication that can have an affect on a company’s stock price. It falls under SOX among other things. So, if Apple is lying in this, which they would have to be for you to be right, it’s not just unethical and immoral, it’s ILLEGAL.
But you’ve kissed maynor and the other one’s ass so hard and fast that you’re physically unable to back out now. Of course, it’s simple. If this update DOES fix that “vulnerability” then release your much-trumpeted “super secret knowledge” that you’ve been waving around like the penis you wish you had.
Of course if it doesn’t then you still get to retreat behind your “O NOES! IT’S A S3CR3T!!!111” line. Either way, it’s a win. Until eventually people realize your secret knowledge is that Maynor and the other one have pictures of you actually shoving your head up your ass.
So it’s simple…release your info, since if Apple is spinning this, there’s no reason to keep it secret. Release it all unedited. All the technical information. Set it free George. It wants to be free. Set it free, let it live wild with the rest of its species.
The Croc Hunter would have wanted that.
As Glenn Fleishman says, this is likely the last we will hear of this. I doubt George Ou will show anything. I doubt Maynor will show anything. Prove me wrong George and Dave. There is no excuse to be secretive any longer.
George, George, George. And after the Macalope complimented you in the post below.
Unfortunately, you forgot to show your work in coming to your conclusion that the entire Mac community is, as you so eloquently put it, “full of shit.” Which has really been the problem all along. Neither you or SecureWorks has shown your work.
That is why, sadly, the Macalope is forced to give you an F. Believe me, this hurts the Macalope more than it does you. Particularly because this means you’ll have to repeat the class and the Macalope’s not sure he can stand that.
Really, George, is that it? All your secret evidence that you’re going to reveal any couple of days now, and all you can say is “You’re all full of shit”? Sad.
Oh, wait; Maynor and Ellch are going to reveal all *next weekend*! They wouldn’t, perchance, be using the time in the interim to r.e. Apple’s patch, now would they? Nah, not fine, upstanding security researchers like them.
George Ou misses the point. If Apple were lying all along, then now that the patch is out SecureWorks can release their details and their communications with Apple. They can trivially show that Apple were in the wrong and lied about it.
So… it’s been a couple of days now… any sign from SecureWorks? No? Well… maybe, just maybe Apple are in the clear here and bloggers breathlessly parroting each other into a frenzy of paranoia should take a moment to reflect on what *really* happened.
You sure that was really George Ou responding? What if someone just put his name in there as a joke?
It’s the same IP address as other comments left by “George Ou” and he’s linked to the Macalope in comments on his blog, so the Macalope is fairly certain.
This was rather surprising, but the other comments with the same IP were very much in Ou’s style.
Did y’all forget how Ellch said we were – paraphrasing here – too stupid to get it? Well, there is no reason for Maynor or Ellch to hold back any longer. The patch is out – if it covers their “hack”, and that has yet to be established – and somehow I doubt the Apple engineers are lacking in the mental wattage department.
I would still like to see 12 MacBooks *not owned, touched, or manipulated in any way by Maynor & Ellch* in the front row of ToorCon. There are 12 ripe targets, boys! It should be like shooting fish in a barrel. No restrictions, just 12 stock MacBooks waiting for your video “demonstration” to be reproduced LIVE.
After all, Maynor and Ellch would love nothing better than to extinguish cigarettes in our “smug” eyes, right? What better way than LIVE before the assembled masses? Oh, and you will note that Apple found a _potential_ flaw in PPC equipment, while somehow Mouthy and the Chump missed it, right?
Pre-show prediction – Mouthy and the Chump will not show us a live demonstration, but rather the will show how it all worked _a month ago_. Call it time-shifted proof. I predict in no way will a LIVE demonstration happen anywhere close to the way they presented the “hack” in their video.