Developer Hack Exposes Apple Policy of Silence

It sounds like something out of cyberpunk novel.

Security researcher pours over a pile of buggy code and logs them into a developer site database…then accidently uncovers sensitive user data and cracks the most secure commercial operating system (I said commercial, Linux-lovers) in the world.  All that really happened.

Instead of following this with gunfire and a romantic lead, the accidental hacker issues an apology video and waits for Apple’s response. Very nervously waits for a response, because his accident just tarnished the reputation of the tech colossus only weeks after a previous malware scandal.  The security researcher claims he was only logging bugs, and he reported the leak of data as soon as it happened. His apology is sincere, and viewers can almost picture him, hat in hand, begging for Apple’s forgiveness.

Apple Down A Whole Peg?

If Microsoft had its developer site accidently hacked, the news media would ignore it in favor of a dog doing back flips. Why? Because it’s boring news. Microsoft and PCs are always getting hacked or inundated with malware or releasing sensitive data…but Apple? Now that’s news.

Is it news because Apple programmers’ talents eclipse those of the worse cybercriminals? Deny it all they want, that is EXACTLY the image Apple has cultivated through its habit of hushing security issues. In fact, the censoring of security weaknesses is so ingrained that it could be called “defrauding investors.” Or at least misleading them.

Apple devotees (you’re probably fuming right now) may consider that sensationalism, but for the most profitable company in the world, a single point loss amounts to almost a billion dollars. As fickle as investors are, news of a security breech would certainly affect the market value. That’s not sensationalism, that’s economics. Apple knows this.

Let’s Be Fair to Apple

To be fair, few companies respond to a crisis as well as Apple.  An alert that would barely raise an eyebrow at Microsoft brought all hands on deck at Apple. As soon as the intrusion was detected, Apple shut down its developer site. It is currently revamping the developer site and database (a monumental task in itself).  Nearly every employee was required to alter his or her password. You can expect security on the developer site to increase exponentially now, and certainly the terrified researcher will be debriefed.

Critics should not go so far as to consider Apple’s slow disclosure criminal. The company yanked down the site Thursday and released a statement on Sunday. Not exactly Johnny-on-the-spot with information, but not horrible. The statement itself was PR-speak, so it said little to nothing. One line was amusing in its unintended irony: “in the spirit of transparency…”

Transparency?

Few companies volunteer scandals gladly, so calling Apple’s business practices a “policy of silence” might be hyperbole. After all, it’s not like the company ever…

  • Stalled reports of exploding iPods for seven months in 2009
  • Attempted to pay poisoned Chinese workers for silence in 2011
  • Admitted to 2008 accusations of poor working conditions for Chinese laborers (including child laborers) in 2012
  • Continues to deny involvement in 2010 e-book price fixing, despite overwhelming evidence against them
  • Dismissed the infamous antenna “dead zone” in 2010 then finally acknowledged problems by suggesting owners don’t grab the lower left corner

For more information about malware related issues and threats, visit the author’s website at www.onlinevirusrepair.com

More Tech articles from Business 2 Community:

Loading...
See all articles from Business 2 Community

Friend's Activity