OMG! Pwnies! from Applefun.Blogspot.ComIt always amused me as a user of both Windows and OSX how rabid the Apple fanbois would get defending their superior OS at the expense of Windows. Usually claiming that their security model was so advanced that there was nothing to worry about.

Even as long ago as 2002 though there were exploits possible against OSX apps (not Apples fault for sure, but OSX users, and Apple, should have learnt from Microsoft's history in the security arena and made sure their yard was as tidy as they claimed)

Time passed and researchers started finding security holes in OSX and Apple products (as well as third party ones) but when they tried to do the right thing they were met with scorn and derision by the community and Apple alike.

When Apple did respond to an issue they often failed to credit the researcher or downplayed the problem after the fact to preserve the shiny image of their OS.

Luckily for the long term wellbeing of OSX though some researchers have decided that it's no longer good enough to sweep the issues under the carpet and "the Month of Apple Bugs" was born.

Each day during January these guys are releasing documentation for one security exploit for the operating system or a popular application.

The good news is that the community is reacting to confirm and fix these bugs themselves (and the researchers are helping). It seems Apple is yet to do anything but deny the problem exists and refuse to comment on the campaign.

I'm not a proper Apple fanboi because in the past I've complained about OSX phoning home and requiring as many reboots as Windows for updates - but I hope I'm not alone in the wider audience of OSX users in wishing that Apple take this as a gentle reminder to embrace security researchers and be much more proactive in fixing things before they have to undergo the sort of transition that MS has going from WinXP to Vista and adding a lot of security upgrades.

Oh, and one final note.... for Vista users who don't like UAC it's no more annoying the the OSX pop-up that asks for my password every time I try and do anything that comes close to the "system"