Ten Questions for MacBook Hacker Dino Dai Zovi

Ryan Naraine has a good interview with Dino Dai Zovi, winner of last week’s MacBook Pro exploit contest at CanSecWest:

Q: Apple has been criticized in the past for not responding appropriately to third-party findings.  What has been your experience working with them?

A: On my site, I list several vulnerabilities I’ve found and reported to Apple and I’ve found them to be very responsive and upfront about verifying things and giving credit.  Some things are fixed quicker than others and maybe you can say they take too long on some things but when there are interdependencies on components being fixed, it can be a month of two before you see a patch.

Tuesday, 24 April 2007