Apple plays it quiet in the security cat-and-mouse game
With security in general, it’s often a cat-and-mouse game, where vendors release the latest patches or anti-whatever tools, and researchers figure out a way to bypass them, Foreground Security’s Henderson says. Vendors engage with security researchers and white-hat hackers to identify and close off vulnerabilities in an awkward but useful dance — not Apple, though.
“Apple should take the ‘help us help you’ approach and publicize the fact that it is willing to work with independent security researchers,” Henderson advises. “If we look at the increased security features that Microsoft has started to include in its products over the past decade or so, you will see that most of these features are a result of working with security researchers and the general public.”
Apple is much less transparent about its security policies than other vendors, says Mike Silver, a distinguished analyst at Gartner. (Apple declined to comment to InfoWorld on Mac security issues.) Plus, “Apple doesn’t have specific timelines on how long it will support an OS for, which makes it difficult for organizations that have to certify security.”
An excerpt of Bob Violino article on Infoworld