George Ou speaks again, John Gruber’s “super long analyis” (shorter Ou: “Damn, this David Burke, who has a recurring role as a D.A. on Boston Legal.

That’s just the kind of of top-notch legal advice you want when refuting a blog post!

So, let’s get down on it! Burke copies whole heaves of text from Daring Fireball to set the ground work for his massive take-down!

Sorry for the following extended quotes, but this is the evidence he uses to support his concern, search the link if you would like to double check…

Uh, no, dude, that’s OK. I’m sure you’ve got mad copy/paste skillz. I’m sure you beat the hell out of that V key.

“Copy. PASTE! Copy. PASTE! Copy. MOTHERFUCKING PASTE! Oh, man, I’m on fi-ya!

Fox’s statement simply says; Maynor and Ellch have not demonstrated such a vulnerability to Apple.

Apple may in fact fully well have been contacted by Secureworks and may be quite aware the exploit exists and are working on it.

So his main concern is garbage.  See why you need trained people to examine the evidence?

Ah! You mean like someone who plays a D.A. on TV?

There’s just one problem with Mr. Burke’s stunning legal analysis.

“Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is,” Apple Director of Mac PR, Lynn Fox, told Macworld.

[Emphasis mine.]

This is the graph that Maynor’s defenders kind sorta wish wasn’t there and, if you repeat it, will probably make them stick their fingers in their ears and go “LA-LA-LA-LA-LA-LA! I AM NOT LIS-TEN-ING!”

They much prefer to focus on the “sharing of code” quote, as Ou does here:

Fox never stated SecureWorks never contacted them, they only said that no code was shared.

The first part of that sentence is true. The second is not because of the use of the word “only.” She said that SecureWorks provided no evidence.

Ou says “You can’t have their code, bitch!”

You’re not entitled to a researcher’s code which they spent time developing.  Giving them the actual malformed packet that triggers the exploit and a pointer to the location of the flawed code is standard practice.

But for SecureWorks to have done this would have been to provide evidence, in which case Fox was mistaken or lying. But Ou’s not arguing that Fox is mistaken or lying. He’s arguing that she used PR gobbledy-gook to try to trick the world into thinking SecureWorks was wrong about the Airport hardware and drivers.

Ou then compliments his possibly imaginary friend on his legal acumen. You can learn a lot on the set of a popular legal show! I wish he’d asked him what Shatner’s really like!

While I know for a fact that Gruber is wrong and doesn’t know what he is talking about since I’m sitting on sensitive information at this point, I’m amazed that you can take Gruber’s own analysis and take it apart and get eerily close to what the truth is.

Well! Someone’s been hanging out in the super-secret hacker treefort in Maynor’s mom’s back yard with the Farah Fawcett poster on the wall!

I wonder if Ou has talked to Apple. Because single-sourcing from SecureWorks may not be the best way to go right now (see: Krebs, Brian). We already know that Ou has gone out of his way to falsely portray SecureWorks as good faith actors who were only interested in making Macs more secure and kittens and puppies more prevalent and spring! with the flowers and dancing and… and…

And that’s bullshit.

You don’t get to run around and say you want to stick a lit cigarette in its user-base’s eye and then pretend you weren’t out to get Apple.

At the end of the day, SecureWorks may be able to demonstrate a hack of Airport. I suspect there’s smoke coming out of that super-secret treefort right now and it’s not from the vigorous self-gratification to the Farah Fawcett poster. But until someone puts up or shuts up, a responsible journalist would not make ham-handed efforts to brow-beat others into silence with vague threats of lightning bolts from Mt. Olympus.

You might be thinking, jeez, this guy writes for ZDNet, I mean, that must mean he’s a responsible journalist, right?

Eh, maybe not.


  1. > Also I like how he doesn’t never use a lot of double negatives.

    Ou am to journamalism what Bizarro is not to Superman!

  2. journamalism…YES! And commenting on your own post repeatedly. That’s just damn fine journamalism®™℠©℗.

  3. “But my money’s on this David Burke, who has a recurring role as a D.A. on Boston Legal.”

    There’s something oddly familar about that twitchy barrister…

  4. What disappoints you most about the video iPod 1.0?

    Total number of votes cast: 26206

    It doesn’t get Cinemax:
    3465 votes, 13.22%

    It requires far too much physical effort to cram a DVD into the Dock connector:
    3170 votes, 12.10%

    You can’t stick your face in the screen like with the TV in Videodrome:
    3239 votes, 12.36%

    Showing home movies on the iPod makes it too easy for viewers to escape:
    3171 votes, 12.10%

    I can fit 140 hours of TV in my pocket, but it sure is a hassle lugging this couch everywhere I go:
    13161 votes, 50.22%

  5. You know, I should care more, but I can’t seem to garner the strength.

    Maybe it’s because I’m still on frickin’ DIAL-UP.

    Yeah. No hi-speed, so no Wi-Fi worries, no staying awake nights worrying about hackers using my toothbrush…unless they’re DIAL-UP hackers.


    Someone needs to send me a pony.

  6. Thanks Nxxx,

    My mom always promised that one day she would tell me where ponies came from, but due to a terrible accident with a three hole paper punch I was never to learn the answer.

  7. It’s an interesting article, but there is an error students of logic and critical reasoning will discover when they read through it, and it is a very critical error in the bloggers main concern.

    You know, I *am* a lawyer and a “student of logic and critical reasoning,” and I’m baffled by the entire post.
    Both Ou and Burke basically ignore the fact that Apple itself says it has seen no evidence of any kind of an exploit, and instead cherry-pick and obsess over the claim that Apple says it was given no code, and parse this to mean (ignoring everything else Apple said) that Apple could still have been contacted by Maynor and is just using PR weasel words to make him look bad.

    Burke finishes his “cross examination” by saying “So his main concern is garbage. See why you need trained people to examine the evidence? Sometimes what looks obvious is not.”

    Whenever someone essentially says “Nuh uh! You’re just saying that because you’re not as smart as I am” you know they’ve got nothing.

  8. What is most frustrating about this, is all the shots across the bow (blog posts) between everyone and breaking down into a game of “he said, she said, whatever you say bounces off of me and sticks to you”, but Maynor and “Johnny Cahce” are both silent.

    I think they thought they had invented Cold Fusion, called a press conference, and realized too late that what they really had was Con Fusion, and just decided to go with the Con.

    The defenders of these two also can not seem to make a straight thought as to how Maynor can come out with his “I want to burn the eyes of smug Mac users with a lit cigarrete” blast, but this NOT be all about trying to descredit the Mac. If this was just about wireless drivers in ALL computing platforms, we would not have Kerbs coming out with his “MacBook Hacked in 60 seconds or less” article that started the uproar. I think they started this off as being an anti-mac thing, then realized how much the wrath of the Mac users can burn, and now are hiding under their beds and hoping it all goes away.

    I have two theories on this.

    1. This smacks a lot of the Anti-Linux crap that MS has been pushing for so long. Their ad’s about how much more secure Windows Server 2003 was compared to Linux, and how much more cost effective it was as well. I can just see M$ out there paying people like this to find any major security hole and exploit their find in the media for all it is worth. This rings even more true when you look at some of the articles that Ou has published, including the article where he states that people who say that M$ produces bloated programs don’t know what they are talking about. Yeah, I am sure Ou is VERRRRRY objective.

    2. (This IS a Crazy Rumors site, so stay with me on this one). Maynor and company have found a wireless security hole on ALL laptops that they can hack into the computer and make the battery explode, the user of the computer to worship at the shrine of Monkey Boy Balmer, and steals their toothbrush. Maynor and company realize that this is a HUGE threat to national security, and have decided to sell it to Iran, but got caught, and are now in an undisclosed prision being held on terrorist charges, which is why he has not been able to contact Apple.

    I will say this just as I said it on Ou’s blog comments. Maynor and company can make this ALL go away if they either come out and tell the truth that it was a hoax, or they can demonstrate this “in the wild” on a target laptop that they have not had any physical access to. Anything short of that, and this isn’t going away for a very long time. And it only hurts them to have someone like George Ou trying (and failing) to defend them.

  9. Ou gives himself away in the responses to his blog post:

    “Does this mean that for a machine to be vulnerable it has to have two network cards?”

    No, it means for a non-weaponized version of this exploit, it needs the two cards. But the exploit is still very serious. Exploits don’t have to be weaponized or 100% reliable to be of a grave concern. You shouldn’t have to wait for a 100% reliable exploit to demonstrate a serious issue.

  10. If Ou was a responsible journalist, he’s lost it, should have shut up the minute the s#@t hit the fan.

  11. Smallworks is now claiming that they’ve been unable to hack a MacBook with Apple hardware and software. Looks like Ou and Krebs are busted.

  12. You make some funny points, but it’s just as sloppy of you to assume that the David Burke in question is an actor and not a lawyer as it is for Ou to make his strange “out of ass” arguments.

    I mean, wouldn’t the David Burke in question more likely be this one:

    or this one?

    I mean, if you’re going to pick actors named David Burke, are you sure you’ve picked the right one out of ten?

    Good times.

  13. As a professional journamalist…


    (clears throat)

    As a VERY SMART professional journalist, I can say two things with some confidence. First, Ou can’t write. If I got copy in like that from a freelance it wouldn’t be so much ‘subbed’ as ‘butchered’. With seasonings and everything. And crackling. And fries, obviously.

    Secondly, David Burke isn’t the actor. Sorry. Nor is he the one from Robinson & Moltz LLC or whoever the hell they are. No, he’s a figment of Ou’s imagination. I mean, if you take “but one of my readers David Burke who is a very smart legal professional took it upon himself to cross examine Mr. Gruber’s analysis”, add some punctuation to make it a vaguely coherent sentence, use Google Translate to turn it into Russian and then back to English again, then you get:

    “The lurkers support me in e-mail”.

    You do. Try it.

  14. According to the Boston Legal guy, “there was some level of compliance with Apples wish’s and a third party card and driver was used”. Ummmm, “wish’s”? How could anybody take this legalman seriously?

  15. Man, this guy is hilarious??? First off he thinks an actor in a TV show about law qualifies as a legal professional. Funny thing is, I am in law, and not in acting, and the commentary I made on Ou’s blog has to do with my extensive training in logic an critical reasoning and nothing to do with my legal expertise.

    I mean I’m kind of laughing, but who is this John Moltz wing nut…with all the clever analysis with the extra added cursing for emphatically pretending to sound like he knows what he is talking about…and angry too!

    I’m not going to waste my poor typing pinkies spending a lot of time responding to this kind of shoddy reporting/analysis. Its so poorly thought out its only reasonable purpose must have to be comic relief! Ha!

    Let’s put it this way on each significant comment he makes

    1. Wrong
    2. Wrong again
    3. Don’t even think you understand the issue so no comment
    4. Umm…clearly wrong
    5. Really wrong

    Saying much more I’m just robbing myself of valuable time.

  16. I couldn’t understand some parts of this article BREAKING NEWS: OU LASHES OUT AGAIN!, but I guess I just need to check some more resources regarding this, because it sounds interesting.

  17. Pingback: Allen

Comments are closed.