The Mac Observer

Skip navigational links

You're viewing an article in TMO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site:
CNet Offers In-Depth Examination Of OS X Security, Apple's Communication

CNet Offers In-Depth Examination Of OS X Security, Apple's Communication

by , 11:00 AM EDT, June 3rd, 2004

CNet News has published one of the best articles we have read on the site in some time. The subject of the article is security and Mac OS X, with an emphasis on Apple's track record for communicating with its customers about security issues. The article examines recent specific security issues, has comment from Phil Schiller, industry analysts, and users alike. It also offers a look at some of the Unix-related issues affecting security, and compares the security track record of Mac OS X to that of Windows. From the article:

In general, the Mac operating system has seen far fewer bugs than its Windows counterpart. But some say a recent vulnerability demonstrates that the notoriously tight-lipped company must communicate more openly on security issues and move more quickly when it comes to plugging holes.

[...]

Although the tech industry has guidelines that call for researchers to notify vendors of threats and then wait at least 30 days before going public, Schiller said Apple uses its own process to decide when to issue a patch, a process that takes into account Apple's assessment of the threat posed by the vulnerability.

Apple has released a partial patch, but security researchers say the OS remains vulnerable to attack.

Some of the other knocks on Apple's response to security issues also center on the company's communications. For example, critics have called on Apple to offer more detailed information on its Web site, as well as to offer a dedicated e-mail address for reporting bugs. But Schiller said Apple does both those things--security concerns can be sent to product-security@apple.com, and the company posts information on its Web site. But he conceded that many people don't know about those programs and that the company could be doing a better job.

"We're actually doing a lot of the right things people want," Schiller said. "They're just not aware of it."

There is much more information in the full article, and we recommend it as a very good read.

The Mac Observer Spin:

Apple is tight lipped about everything. From product announcements, to long-term roadmaps for Mac OS X, to security issues, the company simply likes to control every single facet of information about everything. That secrecy makes sense in some areas, and doesn't in others. Security is one of those other areas.

The article points out that Apple's track record on security is fabulous, at least when compared to Microsoft, but security is one of those things where there needs to be no confusion or unanswered questions. There are multiple reasons for that, too. For one thing, it's the right thing to do. We have seemingly antiquated ideas about doing the right thing, of course, so take that as you will.

Another reason it would behoove Apple to be very, very open about all things security related is that it would contrast the company to Big Redmond. With Windows security problems leading to billions of dollars in lost productivity around the world, and Microsoft having a deserved reputation for trying to hide all of its security issues, an up-front Apple might well be a selling point to many folks, especially in the IT market. Microsoft has definitely improved its approach to security, but there is plenty of room for Apple to do it better.

In any event, this is an issue we have been contemplating in the halls of TMO Towers, and we found the CNet article to be very timely, and good food for thought.

Recent Headlines - Updated August 1st

Fri,11:18 AM
Apple to Beats: Welcome to the Family
10:42 AM
BadUSB: Undetectable USB flaw Could Expose all Your Tech Gear to Hackers
9:48 AM
Apple Buys Vivendi’s Stake in Beats for $404M
8:45 AM
OS X: Configuring FileVault
Thu,9:43 PM
U.S. Appeals Court Rules Microsoft Must Turn Over Email Hosted in Ireland
8:27 PM
T-Mobile Q2 Earnings Suggest Uncarrier Model Works
7:41 PM
That Time the iPhone Owner Punched His Mugger in the Face
5:52 PM
The Productive Design Mac Bundle: $39.99
3:05 PM
Basic Tips for Using the Dock and Trash in OS X
1:54 PM
TMO Daily Observations: 2014-07-31
11:18 AM
Russia to Apple: All Your Code Are Belong to Us
10:15 AM
Shazam Song Recognition Comes to the Mac
  • __________
  • Buy Stuff, Support TMO!
  • Podcast: Mac Geek Gab
  • Podcast: Apple Weekly Report
  • TMO on Twitter!