Feeds

Stallman backpedals on Mac OS backdoor claims

Free software advocate still no fan of DRM

Internet Security Threat Report 2014

Free software activist Richard Stallman has withdrawn an accusation that Apple's Mac OS X contained a backdoor after admitting there was no evidence to substantiate his earlier claims.

Stallman has repeatedly levelled charges that Apple could forcibly impose software changes in Mac OS X. He now admits his opinion was influenced by unsubstantiated gripes against Apple's operating system and that there is "no evidence that Apple has installed software changes without the user's permission."

"We have no way to verify that there is no backdoor in Mac OS X that could install changes without permission, but that is no basis to claim there is one," Stallman writes in a post on his FSF blog on Monday. "I apologize for repeating a criticism of Mac OS which I cannot substantiate and must presume is false."

Even after ditching the backdoor claim, Stallman predictably remains a staunch critic of Apple's DRM (copyright technology) push.

"While Apple has not, it seems, imposed changes by force, it has a record of making users install harmful changes on pain of losing functionality, and misleading users about what these changes do."

For example, back in 2005, Apple insisted users needed to upgrade to iTunes 4.7 to use its music store. According to Stallman, Apple misled its users in describing this as a security upgrade. In reality, the change was designed to "change the iTunes system of Digital Restrictions Management (DRM) to make PyMusique stop working." PyMusique was a free software application that allowed GNU/Linux users to access the iTunes store.

This isn't an isolated example, according to Stallman, who accused Apple of sneaking a DRM into Quicktime last year that "stopped users from playing video files they themselves had made."

Stallman concludes that while he no longer believes Mac OS X has a backdoor, he doesn't regard it as all above board either. He is certainly not a candidate for an iBook, much less an iPhone. Stallman's privacy concerns are such that he avoids using mobiles in general.

"If Mac OS X does not have a backdoor to forcibly install changes, that does not make it ethical," Stallman concludes. "It has other malicious features, such as Digital Restrictions Management.

"What makes those malfeatures possible is that users can't remove them. Mac OS is proprietary software, so the users don't have control over it - rather, the developer has sole control over the program, and employs it as an instrument of control over the users. So I don't withdraw my condemnation of Mac OS. But I do withdraw the claim that it has a known backdoor." ®

Internet Security Threat Report 2014

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.