Apple and Charlie Miller, peas missing a security pod


Forbes are reporting that security researcher Charlie Miller has had his iOS developer program licence terminated following his decision to submit an application to the AppStore which hid a proof of concept for exploiting a javascript security bug.

Leaving aside the fact Miller deliberately broke his agreement with Apple, and potentially put other AppStore users at risk, you’d like to think that Apple should instead just take the app down, admit the flaw and work with him to help resolve the issue in a future update.

Security researchers seem to like to publicly embarrass companies who don’t admit to or schedule a fix for flaws they have found. And while there is good reason for that happening – keeping the developer on their toes as it were – there are converse reasons why a software company would refuse to admit the flaw and refuse to advise of a fix. Apple, particularly, for real or flawed reasons have been traditionally ostrich like when it comes to admitting they have a ghost in the machine.

Perhaps a bit less of the Head on and little more conversation between both sides of the equation might help resolve this fundamental dichotomy. In other words; get into bed guys, as a user I know I’d appreciate it.

Advertisements

One thought on “Apple and Charlie Miller, peas missing a security pod

  1. Pingback: Apple’s Marketing did not stop you from getting your new iPhone | Making Hay

What do you think about what I wrote?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s