Rotten Apples?

It's almost enough to make me a Luddite. Apple, having apparently learned nothing from last years embarrassment, gets hacked in seconds at Pwn2Own. There's a new drive-by Firefox exploit that won't be fixed until next week. We can't even trust our routers anymore because people are hacking them.

That last one is something we should have seen coming. It's apparently from brute force attacks on routers with "weak username and password combinations or exploitable firmware". I've bitched before about customers bitching at me because the passwords I put on their routers and servers are "too hard!" - how many million routers do you suppose can be logged into with "admin/admin" or something equally stupid?

The only folks who apparently learned anything was Microsoft. The hackers said:

For all the browsers on operating systems, the hardest target is Firefox on Windows. With Firefox on Mac OS X, you can do whatever you want. There's nothing in the Mac operating system that will stop you.

Second year in a row, guys. And remember: Firefox isn't helping, but the real problem is what happens once they get the shell. Is Apple really this clueless? I guess so..

I'm not going to worry about my router because I can't even remember the user name and password I used. I have it written down somewhere (I hope). I used to not worry too much about the Mac attacks because they were Safari based - but now they use Firefox, so I'm vulnerable. Remember, this is drive-by stuff: no user cooperation needed.

Maybe it is time to switch to Linux for my desktop? Arragh.. I hate change! But unless Apple starts taking this stuff seriously, I'm going to have to.

Of course we really don't know how Linux would have done: Linux wasn't in the running this time.. Last year, only the Ubuntu machine survived, but of course that doesn't necessarily mean it would have again. Still.. I'm going to have to see serious moves by Apple if I'm going to keep using this.