Hello, Penguins! We will interrupt this week’s showcase friday to bring you a breaking news story. Apple just released an update to iOS 17 that fixes a bug that has been leaking users’ Wi-Fi MAC addresses for the past three years. This is a major privacy faceplant for Apple, and it’s a cautionary tale for all closed-source giants.

The bug, reported under CVE-2023-42846 could have allowed attackers to track users’ movements by monitoring their Wi-Fi MAC addresses. That’s like leaving a trail of breadcrumbs wherever you go, with each crumb stamped with your personal ID. Not exactly what you’d call “Incognito mode”!

For three long years, Apple’s privacy façade shone bright, concealing a gaping vulnerability behind the glossy veneer of proprietary code. Apple’s privacy features impressed in publicity alone while utterly failing at being as effective as a chocolate teapot.

Apple’s latest coding snafu has privacy advocates everywhere smacking their foreheads in disbelief. For three years, iPhones happily leaked users’ Wi-Fi MAC addresses, rendering Apple’s so-called “privacy protections” utterly pointless. And the worst part? This bug was so easy to spot that even a child could’ve found it. But Apple’s proprietary code kept it hidden for years, leaving users exposed to snoops and stalkers.

Yet another win for open-source software! If only Apple’s code was free and open, instead of shrouded under lock and key, this glaring vulnerability could have been spotted almost immediately. But alas, the tech giant chose secrets over scrutiny, and users paid the price.

Imagine an alternate timeline where iOS was open-source. Hordes of reviewers worldwide could pore over the code, double-checking every privacy feature before release. This MAC address leak would have lit up message boards within days, sparking a flood of bug reports. Apple could’ve fixed it promptly, instead of leaving users unknowingly exposed for years. But instead, Apple chose to keep its code closed, and users paid the price.

But when you prioritize profit over transparency, disasters like this are inevitable. Closed-source code enables laziness, as developers grow complacent knowing their mistakes will stay hidden for ages. No wonder this flaw slipped under the radar so long without open peer review. Apple’s proprietary code is a breeding ground for bugs, and this one is just the tip of the iceberg.

So to all you corporate giants out there, clinging to your closed-source models like a penguin to its pebble, take heed! Your penchant for secrecy comes at a cost, and now Apple is footing the bill. While you may take users’ privacy for granted, the open-source world does not. And this debacle demonstrates clearly the fiduciary duty you owe users to open up your code.

Until then, expect more conveniently undiscovered privacy bugs to lurk in the shadows. And try explaining to users why exactly your profits matter more than their security. The open-source community eagerly awaits your response. Or better yet, your code.

Until next Friday, keep your flippers warm and your code open, Penguins! See you then!


Next friday, we will return to our regularly scheduled showcase friday. See you then!