/>
X
Innovation

Apple bug fixer may extend project

Landon Fuller, the developer behind January's Apple bug-fixing project, may expand the initiative to address Mac zero-day vulnerabilities in the future
Written by Tom Espiner, Contributor on

The developer behind the Month of Apple Fixes is considering continuing the project to provide "zero-day patches" for critical issues affecting Mac OS X users in the future.

Landon Fuller was an engineer in Apple's BSD Technology Group, and one of the principal architects of the Darwin Ports project.

Fuller started the Month of Apple Fixes (MOAB Fixes) project in response to the Month of Apple Bugs (MOAB) project, which promised to feature a new Apple software bug for each day in January.

MOAB has now finished, but Fuller is keen to expand the MOAB Fixes initiative into a project similar to the Zero-day Emergency Response Team (ZERT). ZERT is a group of engineers and security experts from industry, community and incident response groups that offers unofficial patches during malware crises.

"Perhaps [it could be] the Mac OS equivalent to ZERT," Fuller told ZDNet blogger Ryan Naraine.

While Fuller and the MOAB Fixes group maintain that a vendor-supplied update is always preferable to a third-party patch, the group may continue the initiative to give Mac users a choice.

"This is more about providing the option, as well as fixing the issues for our own use," Fuller said.

Throughout the MOAB project, Fuller and a group of volunteers — mostly close friends — collaborated on a Google Group to respond to each reported issue with a runtime fix. The group spent between two and eight hours a day coding and testing the fixes but didn't patch kernel bugs because, as Fuller explained to Naraine, "the cost for a mistake in a kernel patch is very high".

Fuller initially suggested extending the project on 19 January, when the idea was met with cautious approval by the other members of the project.

Developer William A Carrel said: "There certainly seems to be utility in projects such as ZERT, which seems to be Windows-focused. Most open-source projects already have a thriving community which can deal with these things. It wouldn't hurt the Mac community to have this too, that is as long as the user community can deal with the situation in a way that doesn't include shooting the messenger or decrying 'unofficial' fixes."

Editorial standards

Related

The 21 best Black Friday deals under $30 ahead of Cyber Monday
Amazon Fire TV Stick 4K

The 21 best Black Friday deals under $30 ahead of Cyber Monday

The 62 best Black Friday deals you can still shop at Costco right now
LG 65" Class - QNED80 Series

The 62 best Black Friday deals you can still shop at Costco right now

The 52 best Black Friday deals on Amazon ahead of Cyber Monday
Image of Amazon Echo Show 8 on a wooden table in front of a person cooking and folding pastry dough.

The 52 best Black Friday deals on Amazon ahead of Cyber Monday