A Club Apple Wants Out Of

Windows users most likely yawned at last week's warning that Apple's Safari Web browser contains a critical vulnerability that exposes Mac users to attacks using malicious Zip files with virus-laden payloads. Subsequent reports of an exploit that makes it possible to take advantage of this latest Mac OS X flaw surely elicited no sympathy from long-suffering Internet Explorer devotees.In fact, Windows users have been saving a seat in the digital infirmary for their Linux and Mac counterparts now that attackers and virus researchers have increasingly turned their attention to these operating systems. Some say the security research community is more dangerous than the hackers they warn against. Mac users saw so-called proof-of-concept exploits placed directly on the Web soon after the vulnerabilities were discovered.

Howard Schmidt, a former White House cybersecurity adviser and former chief security officer at eBay and Microsoft, likens this behavior to a form of extortion: Researchers who publish before going to the company with their findings put publicity ahead of the IT community's security. The reality of today's threat environment is that no system is safe, Schmidt says. "The bad guys don't care what platform you're running--they want to get into your system."