eWeek Security Watch
Advertisement
Advertisement
August 10, 2008 10:51 AM

Apple's Rotten Decision



One of the more hotly-discussed topics among attendees of this year's Black Hat conference in Las Vegas was Apple's last minute decision to cancel its scheduled presentations, and the somewhat disengaged stance it continues to maintain regarding the vulnerability research community in general.

Most observers have always perceived Apple as the model of intuitive user-friendliness and response to customer feedback, and often cast rival Microsoft as an impregnable corporate fortress that does as it chooses and forces users to deal with the headaches. But the opposite appeared to be on display at the annual hacking summit this week.

If news reports are correct, and Apple pulled its researchers' demonstrations based on issues of marketing or image control, and a seeming refusal to acknowledge that it too must deal with the pervasive security issues that have plagued Microsoft technologies over the years, you have to wonder what the people who made that decision were thinking.

You have to think that the Apple engineers who were planning to be at the show and participate must have been disappointed with the company's decision as well.

If anything, the move only highlighted the genuine validity of Microsoft's ongoing efforts to abandon its own historically draconian stance on security in favor of a more open-door policy through which it is addressing vulnerabilities and attacks head on, and actively courting the help of security researchers to do so -- instead of seemingly pretending that they don't exist by refusing to involve itself in the research community.

Most people at the show seemed to think that Apple's less proactive stance on security research and its decision to stay away from Black Hat will only drive larger numbers of white and black hat hackers to assail the company's products to find the weak points that surely exist in them.

And while Apple may never have to deal with the same level of scrutiny that Microsoft receives when it comes to having its technologies scoured for potential flaws and exploited by hackers, it most certainly is already experiencing larger numbers of attacks as it introduces cash cow products like its iPhones, and iTunes.

Perhaps Apple is merely planning to tackle security more on its own terms, and court the help of the vulnerability research community on its own turf, as Microsoft has with its invite-only Blue Hat meetings. Or maybe the business folks over in Cupertino simply didn't think it was wise to call attention to some of the issues that were to have been discussed by its security experts out of some legitimate concerns regarding its operations or customers.

But there's no question that most of the people attending Black Hat were surprised and disappointed to see this role reversal play out, as Apple has long won its reputation by listening to its users and adapting products to both suit their needs and protect their interests.

Microsoft, Cisco, Google and other industry heavyweights all took their lumps at the conference, with researchers highlighting existing problems with their systems and the companies at the very least admitting they need to keep working to improve their security, if not introducing new methods to do so.

Meanwhile, Apple's image was pilloried on the show floor because in dropping its talks the company seemed as if it refuses to participate in the larger security ecosystem, and it turned off a lot of smart people, many of whom are Apple users, who honestly want to help it build better products.

And that just seems lame, if not unwise.


Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.

Posted by Matthew Hines on August 10, 2008 10:51 AM

| Comments (5) | del.icio.us | digg.com | Trackback | Post a Comment
TrackBack

TrackBack

http://securitywatch.eweek.com/cgi-bin/mte/mt-tb.cgi/14576

Comments (5)

zato :

For the last two or three years, Black Hat has been used to discredit Apple by Microsoft controlled Apple haters, and Apple hating members of the Microsoft controlled IT press. Even the above article is just more of the same.

Posted by zato | August 10, 2008 3:29 PM

are you kidding me? :

Talk about one sided

"Microsoft controlled Apple haters"??

I mean get a grip, Apple pulled out. Apple did not want to work with the community. Apple does not like having its security issues in the public light. They would rather have people believe the Mac Vs. PC crap, when both are equal on the security issues they have, just some are in the lime light more than others.

To me, this just says Apple is hiding, acting like a bird and sticking its head in the sand.

Posted by are you kidding me? | August 12, 2008 8:29 AM

Gis Bun :

Zato: I guess I know what kind of computers and MP3 players and cellphones that you have! You sound like one of those nutcases who blame some religion, country, ethnic group, or whatever for all the problems. If you think Microsoft controls the press, then why does Microsoft get so much negative press? If they are in bed with Microsoft, wouldn't you'd think that Vista would had not one negative article? How do you control thousands of publications and news websites?

Face it, Apple had chickened out because they know they are in hot water because of their sloppy developers and bad decisions and now they're fealing the heat. Why is it that they have the only major OS that has yet to fix the DNS flaw on the clients?

Posted by Gis Bun | August 12, 2008 8:55 AM

Me :

Someday my mac will get a virus. ...Someday.

Posted by Me | August 12, 2008 11:36 AM

Taras :

Black Hat says 'canceled' Apple talk never existed

http://news.cnet.com/8301-1009_3-10008152-83.html?hhTest=1

Posted by Taras | August 12, 2008 1:05 PM

Post a Comment

 
 
RSS Syndication

Security News

Advertisement

Apple

Browsers

Cisco

Corporate espionage

Disaster Planning

eBay

Exploits and Attacks

Flaws

Google

Identity Theft

Intrusion Detection/Prevention

Mergers and Acquisitions

Microsoft Windows

Open Source

Oracle

Patches

Phishing and Fraud

Privacy

Product Reviews

Rootkits

Spam

Virus and Spyware

Vulnerability Research

Advertisement
Security Watch     Contact Us | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Security
Network Security
Infrastructure Security
How To: Data
IT Security News
Cheap Hack Blog
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
Storage Reviews
Data Storage News
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows Vista
Managed Print Services
Cloud Computing
PC Reviews
Microsoft Watch Blog
Apple Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Mobile Applications
Wireless News
Mobile Reviews
Apps & Development:
Application Development
SAAS
Search Engines
Database Software
Web 2.0
IT Project Management
Emerging Tech Blog
CIO Insight Blogs
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel Partners
Careers Blog
Value Added Resellers
More eWeek Links:
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Podcasts
Tech Videos
Green IT
eWeek Magazine Subscriptions
Enterprise Websites:
ZDE Home
Baseline
Channel Insider
CIO Insight
eSeminars
eWeek Mid-Market
Publish Online
Web Buyers Guide
Developer Websites:
Dev Shed
DeveloperShed
ASP Free
MS DevSource
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
iGrep Search Engine
PDF Zone
Linux Watch

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt, and eWeek Security Watch are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
eWeek is your best source for the latest Technology News.
Hosted by Hostway.

Ziff Davis Enterprise