Originally Posted by lfmorrison
Perhaps you missed a couple of points in the story above:
1) Miller has not released the technical details of the vulnerability yet. Nobody could create an exploit using only the data that has been released so far. Apple and Texas Instruments still have an opportunity to release a patch before the details are released.
2) When Miller does release the technical details, he has announced that he will also be releasing his own tool to plug the vulnerability at the same time. (This tool is something of a blunt instrument, though: it replaces the battery's password with a random string so no future legitimate Apple updates for future stability and feature improvements will work after installing Miller's patch. This is a tradeoff that each hardware owner would have to consider.)
Releasing his own “fix" is NOT as good as waiting for the vendor’s patch. He should wait for the vendor’s patch—that’s proper protocol and serves security (as opposed to self-promotion) the best. But he isn’t. I wonder what consequences will fall to people who apply his patch and can no longer receive REAL firmware updates?
And although he hasn’t released the details, he’s told the “bad guys” (if any) what to look for. In short, he’s done much to cause malware, and all the wrong things to stop it. Along with all of which, yes, he did catch and report a real problem... in the wrong way by any reasonable security standard. So, thanks to Miller for that. He’s still in the wrong with his self-serving timing choices.
And wrong in exaggerating what he’s found. (Hinting at fires/explosions, and injection of malware to the OS, neither of which this vulnerability can actually cause. He might as well say, “this issue can’t inject malware onto your Mac. But just imagine if there was some other bug too, in the OS itself... maybe that would be scarier and work hand-in-hand with this issue! Well, imagine away... it’s good for self-publicity! What he should say is, “One could wonder whether this issue could cause even worse things. I have no idea. I see no mechanism by which a fire or explosion could happen, nor injection of malware to the OS, so I don’t want to exaggerate this falsely. But I don’t know for sure—those questions are outside my knowledge right now.” Or, he could simply not mention those hypothetical but scary-sounding “extras” at all yet, if he’s trying to be a professional and fact-based "researcher.")