Shostack + Friends Blog Archive


On The Curious Incident Lately in Apple v. Maynor and Ellch

maynor-and-ellch.jpgSo John Gruber, who has written quite a bit on the whole did-they-didn’t-they spat between Apple and Dave Maynor and Jon Ellch, offers up “An Open Challenge to David Maynor and Jon Ellch,” offering them a Macbook if they can root it.

I’d like to mention something that hasn’t happened lately. By not happening, it seems to have not drawn attention to itself. After a war in which gallons of ink were spilled, and every utterance by Apple, Maynor, and Secureworks were analyzed by Talmudic scholars, there’s silence.

What might be the cause of such silence? Are Apple and Maynor finally talking? (In my personal experience of trying to learn more about security issues with Apple products, Apple ignores questions. They ignored questions when I name dropped. They ignored questions when I mentioned things like being an editorial board member at the CVE project.)

So one possible interpretation of events is that there was serious mis-communication, and the parties involved are now having interesting discussions.

If that’s the case, then Gruber is trying to pour gasoline on a fire that others are trying to extinguish.

After I wrote this, Jon Ellch posted to DailyDave, that post was covered in, “Johnny Cache breaks silence on Apple Wi-Fi exploit,” and that story was picked up by Slashdot.

[Update: Rob Lemos has a short article, “MacBook Controversy continues with Challenge” at SecurityFocus.]