toggle

AAPL Stock: 111.78 ( -0.87 )

Printed from http://www.macnn.com

MS blogger criticizes Apple\'s security

updated 09:00 pm EST, Wed March 22, 2006

Microsoft criticizes Apple

Microsoft program manager Stephen Toulouse today publicly challenged Apple to hire a security expert and overhaul the way information is released when Mac OS X updates are released. "Look, the only way you can tackle security issues is by getting out ahead of them and clearly communicating to your users the threat, and the clear guidance on how to be safe," Toulouse said. "Here's the reality, for the next couple of years the Mac OS will experience increasing security threats and mark my words, the company will have to seek outside expertise in the form of a head of security communications in the next 12 months," Toulouse added. The program manager said Apple needs a person "steeped in security issues, true technical analysis, and [who] can lead a good security team to get good guidance out there," according to a report from eWeek.com.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. bhuot

    Joined: Dec 1969

    0

    must be a joke

    This is a joke that anyone actually thinks that Microsoft knows anything about security. Microsoft admitted that even its latest offering - Windows XP has no security whatsoever. And people actually buy what Microsoft claims as servers from them. Windows is the only platform that people have to worry about viruses and other malware.

  1. hayesk

    Joined: Dec 1969

    0

    Ha ha

    Agreed. Any employee of Microsoft has no business criticizing anyone on security.

  1. dashiel

    Joined: Dec 1969

    0

    glass houses

    i don't necessarily disagree with this guy, hiring a dedicated security head will continue to keep apple and os x an exceptionally safe operating system. but let's be real here microsoft lecturing anyone on security is a bit like paris hilton lecturing someone on etiquette.

  1. iamdravenman

    Joined: Dec 1969

    0

    If I hadn't just gone...

    to the bathroom, I'd seriously have pissed myself when I read this.

    I doubt I can really add much to these comments, other than that it takes more than a chip change to make an OS weak. It takes a crappy OS to make a weak OS. OSX is not crappy. That didn't change when Apple moved to Intel, just the chip did.

    Some people.

  1. Senbei

    Joined: Dec 1969

    0

    the only problem...

    ... is that it is difficult to find someone who is a true IT security expert. The expertise requires a breadth of technical knowledge which essentially spans the entire OSI model. To find such a person and to have them waiting to audit completed code at the end of the line would be a waste.

    The place I worked for had one of these so called Information Security Officers and that person was pretty much useless aside from being a mouthpiece and point of contact. They got paid a good salary while adding an unnecessary layer of bureaucracy since even certain technical related issues (which went well beyond their knowledge level) had to go through this person.

    What might be more useful is a corporate culture where every person involved is security conscious and that the auditing process involves everyone. A security team can be composed of key engineers, programmers, and security specialists who do the final audits as checks against audits done during the development instead of one security expert who for the most part will end up just being a PR mouthpiece.

    Finally, it is fine that someone at Microsoft is so concerned but maybe they should tend to their own business instead of meddling in the business of others.

  1. Interlard

    Joined: Dec 1969

    0

    Mission Accomplished

    Evidently this is mouthpiece from the G-Dubya-Bush school of public relations:

    Talk like things are going your way. Enough idiots will believe you.

    Fortunately, all the idiots already bought Windows so the rest of us are still safe.

  1. Thorman777

    Joined: Dec 1969

    0

    Stephen is right

    I'm a long-time Mac user, and a Windows Admin for the last 5 years. 2 years ago I began the trek towards security administration, and now administer a rather large network of devices using Host-Based Intrusion Prevention Software (HIPS), firewalls, IDSs, etc... I say this so you'll know I have a clue, though certainly not expertise, in the area of network security and host security.

    Stephen is right on the money - and I do mean money. Apple needs to directly address this issue now, because it will take years for a culture of security to begin to permeate Apple Computer. They need to conduct penetration testing and invest R&D into making Mac OS X the gold-standard for secure operating systems.

    Apple has an opportunity here to penetrate the Enterprise market, and if they don't specifically address security and make it a priority the Enterprise market won't be impressed.

    Yes, Mac OS X has holes in it - every OS does. Secunia lists 64 advisories since 2003 (http://secunia.com/product/96/), with 67% of them remotely exploitable. Apple, by publishing Darwin, has made it easier for the bad guys to figure out how Mac OS X ticks...

    True believers will scream that "Apple is secure, you're a jerk!" and plug their ears. Those of us who want secure systems and want to use Mac OS X in the Enterprise will ask hard questions of Apple and watch to see if they take security more seriously. Case in point - check out the lame 'security' web page linked in small text at the very bottom of Apple's support page - http://www.apple.com/support/security/. Pathetic. Where are my white-papers? Where are the downloadable security tools that will walk me through securing my host or network of hosts? Where are the links to third-party vendors that can further secure my systems?

    Working in Enterprise, this is the first time ever that I've heard people mentioning wanting to purchase Macs for servers or desktops... Primary reasons? Unix and security....

  1. ZinkDifferent

    Joined: Dec 1969

    0

    That's fresh...

    ..Microsoft, security risk #1, lecturing Apple on security.

    This must be part of the new Microsoft "Do as I say, not as I do" strategy.

  1. zep79

    Joined:

    0

    THIS JUST IN...

    Osama Bin Laden says the Pope is an evil S.O.B.

  1. kw99

    Joined: Dec 1969

    0

    Here we go again...

    Since it is apparently very difficult (based on real-world evidence) to pose a real-world security threat to Mac OS X, other than "concept" malware that has to get the user's permission before taking action, the "security experts" are now resorting to challenging Apple's (supposed) lack of a "security expert" as the security threat to Mac OS X.

    How desperate can these people get...?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

toggle

Most Commented