It’s hot news in the mac world today that Apple have not yet patched Windows File Sharing (Samba) on the very latest OS X. This is unforgivable since they released a security update this week and a fixed version of Samba has been available for weeks now. That was the blog post I wanted to write this evening but before I did I wanted to read the actual Symantec advisory that I see quoted all over the place. Surely, if there was any proper journalism on the web all online articles referencing the advisory should contain a link to it so people can read it themselves? None that I have found do. So, I went to the Symantec site to see if I could find it there. Not a hope. I used Google to try to find the original everyone is quoting. No joy. I don’t feel comfortable reporting on what Symantec supposedly said in an advisory based on second-hand information. Others on the web don’t seem to be as picky as me. Shame really.

[tags]journalism, standards, symantec, usability, Mac World[/tags]

Brick Wall The First – Lack of References

I read blogs a lot. All the good ones provide links to what they talk about so you can follow up yourself. Those that don’t are immediately suspicious to me because they are either too lazy to do proper research before they mouth off, or they are making things up! Why do supposedly reputable internet news sites not feel they have the same obligation to back up their stories? Here are some links from major internet news sites that reference this mythical Symantec Advisory that I simply cannot find:

I don’t think this is good enough. If a blogger quotes something without a link it’s suspect, but if Mac World do it it’s somehow acceptable?

Brick Wall The Second – The Symantec Site

You would imagine that if a large security company issues and advisory to warn people about a real danger that such warnings would be easy to find on their site. I mean, what’s the point of issuing an advisory if then go and hide it? If this advisory is on their site I sure can’t find it and neither can Google. It’s amazing how many words it can take to say nothing!

Maybe Symantec don’t publish their advisories on their website. If so I think that’s retarded. Surely the point of security advisories is to warn people so they can protect themselves. What is the point of not publishing that information? Either way, their site sucks, the advisories should be there and easy to access.

Anyhow, I am left with a choice of two worrying conclusions. Either Symantec’s site is pathetically poor making it impossible for people to access vital security information that Symantec apparently released, or Mac World made up the story. Personally I’m hopping it’s the former, because the latter doesn’t bear thinking about!