Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

Apple Should Be More Transparent About Security

3/09/2014 by

W1siziisijiwmtqvmtavmjgvmtuvmtyvntmvntiyl2zpbguixsxbinailcj0ahvtyiisijywmhg0mdbcdtawm2uixv0

It seems that Apple has gotten embroiled in a security scandal of one sort or another every few months.

It dodged Heartbleed but was hit by the very embarrassing ‘goto fail’ bug. It was called out for not adequately documenting the uses of diagnostic tools that could have been used to collect data from user devices. Late last year researchers showed off a method for siphoning data via the charging port of iOS devices. A year ago a researcher went public with a method for accessing Apple IDs of developers after he says he got no response from Apple. And then there was this week’s celebrity photo hack, which may have been able to be prevented by making iCloud backups more secure.

In each of these cases, Apple fixed vulnerabilities, released support notes or patched bugs. But in almost all cases, and many others over the years, the company was as opaque as possible about explaining the details of security issues, reluctant to admit to them publicly and very unresponsive to independent security researchers. That leads to misunderstandings and FUD about the extent of the problems and the risks involved for users.

This needs to change or it will continue to happen.

Apple as a company has shown to have deep concern for the privacy of its users. It very frequently goes against common business wisdom to protect user information from third parties. One example of this is Apple refusing to share subscriber info with the publishers of iPad magazines. Apple sources, including both past and present employees, have never shared any information with me that indicates that Apple is interested in anything less than complete user privacy.

But though the company appears on many levels to have the best interests of users at heart, it does not appear to be expending the same kind of deep, detail-oriented effort on security as it is famous for in many other product areas. Apple will obsess over the degree of chamfer on a button, but somehow shoots itself in the foot with silly security mistakes over and over again.

This article has been extracted from http://www.techcrunch.com/, please click on this link to read the article in full http://www.techcrunch.com/2014/09/02/why-apple-should-be-more-transparent-about-security/

Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdkvmjevmdgvndmvmduvmtmxl1vudgl0bgvkigrlc2lnbiaomjmplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Why do we punish the victims of hacking?

2017-09-21 09:00:00 +0100

Hacks occur every 39 seconds, with 95% of them targeting governments, retailers and the tech industry. If the hackers are caught, they'll face prison time under the Computer Misuse Act. More often than not, the businesses who are victims of those attacks expose themselves to punishment of their own. The laws that determine the duty of protection owed to businesses and their customers is both vague and broad, making them question just how much protection...

W1siziisijiwmtcvmdkvmtgvmtavmtivndyvodeyl1dvbwvuigluihrly2ggkdiplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Tech is for girls... and always has been!

2017-09-18 10:00:00 +0100

Today, it's hard to deny that the IT and tech industry is a male-dominated field. Women earn only 28%[1] of computer science degrees, while the quit rate for women in the high tech industry is 41%[2], twice as high as it is for men. These two statistics would suggest that perhaps women aren't just discouraged from entering the tech field, but may find it a challenging environment to work in both in terms of treatment and pay. Facebook chief operating of...