“The anonymous blogger who claimed to have a Mac OS X worm has vanished, claiming his blog was hacked,” Robert McMillan reports for IDG News Service.
“Just days after claiming to have written a worm that could be used to attack Mac OS X systems, the anonymous blogger known as Infosecsellout has gone quiet,” McMillan reports.
“His (or her or their) blog as been renamed. Old posts have been removed, the blog has been renamed ‘Security Information,’ and Infosecsellout says the blog is finished. Mysteriously, however, there are two new posts on the blog, one of which provides a link to information on the alleged worm,” McMillan reports.
“But they are fake posts, according to Infosecsellout, who said the blog was hacked on Tuesday night and will not be revived,” McMillan reports.
“‘Infosecsellout is now dead,’ the anonymous blogger said in an e-mail message. ‘It was a great experiment to see how the industry could handle some honesty, which they can’t. They are quick to attack the credibility of others in order to hide their own flaws,'” McMillan reports. “Though Infosecsellout provided nothing to back up his claim, the story was widely reported and security researchers began to investigate who may have been behind the blog.”
Full article here.
Greg Keizer reports for Computerworld, “The hubbub started earlier this week, when a researcher responsible for the Information Security Sell Out (InfoSec) blog announced a proof-of-concept worm that exploited a Mac OS X vulnerability which Apple missed in a May round of patches. The vulnerability exploited by the worm was in mDNSResponder, a component of Apple’s Bonjour automatic network configuring service, InfoSec said then.”
“Criticism from Mac users and other security researchers was almost immediate, with the former focusing on crude insults and the latter concentrating on InfoSec’s refusal to identify himself or herself, or prove that the worm existed,” Keizer reports.
“Tuesday night, the InfoSec blog’s title changed to ‘Security Information…’ and all former postings, which began in January, had been deleted. When asked via e-mail Wednesday to explain the changes, InfoSec answered: ‘Blog was hijacked somehow. Also the blog stating I am associated with PHC on another Blog is false and a myth created by Dave Maynor who is involved in the hijacking of the Blog,'” Keizer reports.
“Dave Maynor, a researcher who last year was involved in a very public spat with Apple over a wireless hack demonstration he and a colleague gave at the Black Hat security conference, refused to be drawn into the argument with InfoSec. ‘I am not even going to comment on that stupidity,’ Maynor wrote in an e-mail responding to an offer to rebut or comment on InfoSec’s allegations,” Keizer reports.
Full article here.
MacDailyNews Take: As the worm turns.
Yet another faker. Does he also have a WiFi hack?
Sorry, it sounds like “the big lie” to me.
nothing is fool-proof. there are holes in everything. The secret is fixing it in a day or 2 and having it automatically updated on every mac within 72 hours. Not only does Apple close the holes, it finds other associated with the problem and gets those too. It’s the response that is more important than the actual security issue.
Less than a day, awesome
worm = Wonder Of Rumour M ills
(nearly) instant karma! too funny!
MW: it would “appear” that your BS story is unraveling.
This is hysterical. A SECURITY person gets his blog hacked?
F *cough* raud *cough*
I agree their is no perfectly secure OS, but if you’re going to accuse the most secure OS with the biggest fan base you a) need to no remain anonymous and b) prove that your exploit exists. Otherwise you’re just a troll looking for hits.
As the worm turns…
Even if he was a faker, the reaction claimed from Mac users, while probably a small fanatical percentage, is pretty disturbing. Posting insults happens on this list happens too often; I can just imagine what happened on this guy’s blog. It’s far too easy for someone to post nasty comments anonymously.
Unfortunately, the few people like this spoil it for the rest of us who would like to see people like this come forward, if they actually have any information.
Interesting: MDN Magic Word: “attack”
Holly homicide Batman!! The guy would have been safer by posting a picture of Mohammed on his blog.
If there is such a thing as worm in Mac OS, why didn;t he just unleash it in the wild without chit chat. Prove it then maybe i will believe it.
Anyway one or two worms won’t make me love my mac any less.
and in the next story…..hacker gone mad, releases exploit in the wild!! Then it’ll really be a good soap…..
i’m just sayin, this stuff’s as made up as the exploit is. I know my macs secure. =) and if not, i got faith will fix it, in a timely fashion….i hope….
Hmmm, what’s that smell?
Fish?
I KNEW it! I just knew that Maynor or Ellch were somehow involved. That he denies it makes no difference. He’s now connected.
“Even if he was a faker, the reaction claimed from Mac users, while probably a small fanatical percentage, is pretty disturbing.”
No, no, they were Microsoft employees worried about there 100% monopoly on viruses and other malicious code.
I’ve developed a proof of concept as well which takes out all iphones and AT&T’s complete network. But I’m anonymous, so I can say whatever shit I like. Just like that other asshole.
http://securitytracker.com/alerts/2007/May/1018123.html
The FUD asswipe is a stinking little snitch liar. Whoever is after him, keep it up and hound this little lying ass dog down.
is he still alive?
That these people are referred to as “researchers” is an insult to professionals who actually do important research. Anyone can put up a blog and claim whatever they want, without showing proof or identifying themselves. As far as Mac OS X security is concerned, my own “research” shows that there is no real world threat. Until there is such evidence, these Mac OS X security stories are just a source of ongoing amusement.
Most of the guys in here are worried about Proof of Erection. If this blogger does time, he will learns something.
OK, 15.5 nanoseconds.
What’s all this about mac people posting the alleged threats? It could have just as easily been a PC fanatic trying to make mac people look bad or the blogger himself trying to make himself look like a poor victim.
The point is you don’t know. The post is just as believable as the alleged worm.
@DJ Jac
Not fish, Mate….
A little browner – a lttle more of a pile – something you woudl flush!!!
You know, like a
ZUNE!!!!
As for the security hack – that is pure BS…
Show me a recent worm for UNIX that would effect OS X (not the Morris work – OK) and I will buy his BS…
OR better yet… I will buy a ZUNE…
(cough, gag, cough cough) I said it twice in one post… YIKES…
I’m getting Ballemered!!! Look out for the chairs!!!
This bozo’s whole story is reminisent of the Morris Unix scare – well, his actually worked and since he was at Cornell – he was actually proud of it enought to add his name to it. Well, it was the FIRST worm…
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
This guy is taking a page out of history – really.
Or as is said here in Oz, “He’s taking the mickey outta ya, Mate”
MDN – taking