[sophacles]

Um... the effort I had to take to patch my linux boxes was: Do nothing. (security fixes had been released and installed before I learned of the bug).

The effort I'll have to take to patch my Mac is:

* Download a new bash.

* recompile it

* install it by hand.

(and this is assuming I already have xcode/developer tools installed).

Not quite the same level of effort.

Is the article wildy off topic? Not really - its an article about yet another instance of Apple ignoring security issues, why wouldn't a previous example be relevant?

[fleitz]

What is the software vulnerability used for the iCloud hack?

[sophacles]

Is your position that a software vulnerability the only type of security issue? Is your position that ignoring software vulnerabilities is fundamentally a different thing than ignoring other types of security issue? I'm confused by why you are asking.