Undercover 0.1: Bottom Line

What thief could possibly resist?

It takes a lot of guts (or something else) to put one's trust in an application with so grievous design holes. It takes more trust to give such software one's admin password.

For one must never attribute to malice that which can be explained by pure stupidity: bad things can and do happen not because software authors are evil but most often because they're just plain stupid.

It doesn't take much computer savvy to disable Undercover on a stolen box. Undercover can only work when the computer is connected to the Internet - and when the box initially starts it won't be connected.

And if the admin password be lacking, said thief can boot into single user mode and fix a new one.

Then it's just a matter of going into /private/etc and one of the 'libraries' and removing the product. To make a good thorough cleanup, the thief can then go into /Users/Shared and remove any flotsam and jetsam lying around.

Piece of cake.

The author of Undercover wants people to think his product is an improvement over existing solutions but even a nearsighted analysis shows the opposite is true.

What Others Say

Eloquence can be manifold, and the teenage mutant ninja hero coders [sic] have a lot to say about Undercover.

The bottom line? A PhD in biology does not a programmer make, and sophisticated software design especially in the security field is not the product of unbridled enthusiasm but the result of long hard work.

Credits

Chris Klein did the legwork on this one.