Apple Computer will soon be a member of the “month of bugs” club.On Jan. 1, two security researchers will begin publishing details of a flood of security vulnerabilities in Apple’s products. Their plan is to disclose one bug per day for the entire month, they said Tuesday.The project is being launched by an independent security researcher, Kevin Finisterre, and a hacker known as LMH, who declined to reveal his identity. Some of the bugs “might represent a significant risk,” LMH said in an e-mail interview. “Others have a lower impact on security. We are trying to develop working exploits for every issue we find.” The two hackers plan to disclose bugs in the Mac OS X kernel as well as in software such as Safari, iTunes, iPhoto and QuickTime, LMH said. Some of the bugs will also affect versions of Apple’s software designed to run on Microsoft’s Windows operating system, he added.LMH was one of the brains behind the recent Month of Kernel Bugs project, which exposed flaws at the core of several different operating systems. It was inspired by an earlier effort, called the Month of Browser Bugs, which was kicked off in July. This latest Apple project is being launched to raise awareness of security vulnerabilities in Apple’s products and to “stomp smugness,” Finisterre said via e-mail.While the Macintosh is generally considered to be more secure than the Windows PC, many security researchers believe that this reputation is not attributable to any superior security practices on the part of Apple. They say attackers have been deterred by the Mac OS X’s more secure Unix kernel and the product’s less widespread adoption. Apple MacBook Pro Apple enthusiasts and security researchers have been at odds since last August, when David Maynor and Jon Ellch claimed to have discovered a flaw that affected Apple’s wireless device drivers. They played a video at the Black Hat conference demonstrating how this flaw could be used to run unauthorized code on a MacBook. However, their claims have been slammed because the demonstration used a third-party wireless card rather than the one that ships with the MacBook, and because the two hackers still have not published the code used in their attack.LMH said the Apple community’s negative response to Maynor and Ellch’s claims played a role in the decision to launch the Month of Apple Bugs.“I was shocked with the reaction of some so-called ‘Apple fans,’ ” he said. “I can’t understand why some people react badly to disclosure of issues in their system of choice. … That helps to improve its security.”A similar effort to disclose flaws in Oracle’s software had to be abandoned before it was ever launched last month. The man behind the Week of Oracle Bugs, Cesar Cerrudo, of Argeniss Information Security, said he pulled the plug when it became clear that the project could damage the relationship between one of his customers and Oracle. “This customer realized that they could have had serious business problems, so they changed their mind and asked to cancel it,” he said via instant message on Tuesday. LMH said he didn’t expect any legal problems from Apple. “I keep talking to a guy from the Apple security team and I’m willing to help whenever necessary,” he said. “I’m far away from any illegal activity.”Apple, for its part, did not seem to be upset with the project. “We always welcome feedback on how to improve security on the Mac,” said Anuj Nayar, an Apple spokesman.-Robert McMillan, IDG News Service (San Francisco Bureau)Related Links: Sophos Security Experts: Buy a Mac Apple Mac OS and Safari: Virus Targets Hacker Project Puts Spotlight Back on Mac SecurityCheck out our CIO News Alerts and Tech Informer pages for more updated news coverage. Related content brandpost Sponsored by Catchpoint Systems, Inc. Gain full visibility across the Internet Stack with IPM (Internet Performance Monitoring) Today’s IT systems have more points of failure than ever before. Internet Performance Monitoring provides visibility over external networks and services to mitigate outages. By Neal Weinberg Dec 01, 2023 3 mins IT Operations brandpost Sponsored by Zscaler How customers can save money during periods of economic uncertainty Now is the time to overcome the challenges of perimeter-based architectures and reduce costs with zero trust. By Zscaler Dec 01, 2023 4 mins Security feature LexisNexis rises to the generative AI challenge With generative AI, the legal information services giant faces its most formidable disruptor yet. That’s why CTO Jeff Reihl is embracing and enhancing the technology swiftly to keep in front of the competition. By Paula Rooney Dec 01, 2023 6 mins Generative AI Digital Transformation Cloud Computing feature 10 business intelligence certifications and certificates to advance your BI career From BI analysts and BI developers to BI architects and BI directors, business intelligence pros are in high demand. Here are the certifications and certificates that can give your career an edge. By Thor Olavsrud Dec 01, 2023 8 mins Certifications Business Intelligence IT Skills Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe