Apple's PR "besmirched security researchers" claim

LIFESTYLE entertainment gear maker Apple used its chums in the media to smear two security researchers who found a bug in its operating system, ZDNet claimed.

George Ou said that he is now able to “name and shame” the people involved after one of the researchers David Maynor left SecureWorks and was prepared to name names.

Last year the two researchers David Maynor and Jon "Johnny Cache" Ellch miffed Apple by finding a fault on the MacBook wireless system and were set to show it all to a security conference. However the Mac Press unsurprisingly weighed in claiming that the research was based on “misrepresentation”.

According to Ou, editor of Mac Central Jim Dalrymple wrote a piece based solely on the word of Apple PR director Lynn Fox. Apple blogger David Chartier went even further and claimed that the pair's employers SecureWorks had admitted to falsifying MacBook wireless hack.

The latter quote was based on a SecureWorks disclaimer that reaffirmed that a video of the hack was was based on third-party wireless hardware. Ou said that the result of these two stories made Maynor and Ellch appear to be frauds and even admitting it, even though their claims were correct. It turns out that Fox had contacted sympathetic bloggers like Chartier and Dalrymple. She had also forced SecureWorks to publish the "clarification" in the first place and used it to convince the tame Apple-friendly press that the hack video was a fraud.

Secure Works apparently published the clarification after Fox had demanded and failed to get a full confession. In the end SecureWorks and Fox agreed to the clarification as a compromise. Apparently SecureWorks had no idea that Fox would use it to discredit their researchers and certainly did not think it changed its position on the wireless flaw.

Ou said that Fox played Jim Dalrymple, David Chartier, and the rest of the Mac bogosphere like a Strad violin. He said that what was scary is that they were all willing participants and prepared to roll over and do what Apple told them.

While Apple continued to claim that there were no vulnerabilities in Mac OS X it actually patched the hole, that didn't exist, a month later. More here. µ