Apple pushed out a raft of security updates for its much hyped iPhone on Tuesday. Availability of the first iPhone patches comes just ahead of a planned presentation of problems with the phone's software due to take place at the Black Hat conference in Vegas on Thursday. Apple also updated its desktop software. Several of the …
Blackhat is not the worry
Blackhat should not be the Vegas conference that Apple is worried about. The vulns that will be discussed at Blackhat were only covered "in general" up to now, although I suspect we'll get details.
Now DEFCON is what they should be sweating. Any vulns there will be zero day, with full disclosure and probably proof of concept code.
Apple is very, very lucky
Patching 2 vulns in Safari, 2 in WebKit and 2 in OSX? Sounds like the only reason Mac users are allowed to be smug about the paucity of invasions has been a string of good luck. The popularity (if you can call it that) of the iPhone will surely turn some nasty attention their way, and soon they may find themselves scrambling to keep up with the flood, as MS customers do. Security through arrogant obscurity is no way to protect your userbase.
I've been hearing the same doomsday predictions from (as FSJ would put it) commentards for the past 3 to 4 years now (if not longer) and, you know what... still waiting for the first truly serious attack to happen. And, gosh darnit, so typical of arrogant, arrogant Apple to intentionally keep their market share small just so they can protect their precious userbase - which is what you imply in your post. ::rolleyes::
Yeah, OK, you've told us a zillion times it's much hyped. I think you've got the point across...
@ James - do your research
The story only mentions two particularly important/interesting fixes for OS X - I've updated my MacBook overnight & there are many more patches in there that the article does not discuss. If you're going to attack Apple's maintenance of its platforms, then at least do so from a well-informed standpoint - ElReg news articles != exhaustive release notes!
Accusing a vendor of security through obscurity simply because their market share is small is just petty, small-minded and really rather stupid.
doesn't commentards relate specifically to people who post about other users comments and not the article? like you and now me dammit!
"much hyped" suggests Apple did something to exaggerate the significance of iPhone. They didn't. It was you, the media, who voluntarily hyped it, and now trots out "much hyped", as though someone made you do it. They didn't. What little marketing Apple did was restricted to very factual material. Even the TV ads simply showed how to use iPhone in a factual way. Apple is notoriously uncommunicative; not the behaviour of a hype artist.
If you believe in "security by obscurity", there will be no iPhone exploits. Although iPhone has already almost overtaken Windows Mobile phones in web browser usage stats, the level of use is still far, far behind the supposedly "obscure" Mac/Safari combination.
We like to see our suppliers quietly and professionally dealing with security issues. To date there's no evidence that Apple isn't doing this, and the open source foundations add to customer's confidence. Any sign of Apple doing any sweating or scrambling, as suggested by"Dillon Pyron" and "James", would indeed be distressing.
A commentard is someone who comments on another comment ? I'm old enough to remember when that used to be called "a discussion" so I'm glad to hear the quaint old term has been upgraded, or is that just the jackboots of progress marching up behind me?
(imagine you're own "apple sucks / does not" type comment in this intentionally blank space)
I think I've lead a pretty sheltered life on the internet over the last decade and a half or so, as "troll" I only discovered the meaning of some months ago and now "commentard" has entered my online lexicon... for better or worse.
Anyhow, spent the last three weeks trialling software to protect my Win PC as my Norton subscription is just up now. Trying hard to find something that doesn't slow the PC down ridiculously or pop up pop-ups when I don't want them etc whilst my girlfriend sits across from me happily getting on with life on her Mac - personally, now looking forward to joining those Mac obscuri-tards, when budget allows, with their arrogant, self-satisfied safety stuff...