Core Problem for Apple

[As ever, you can read this on the BBC News website. And it was picked up on the MSDN Developer blog]

The computer manufacturer formerly known as ‘Apple Computer’ changed its name to Apple Inc. eighteen months ago, reflecting the growing importance to its profitability of consumer gadgets like iPods, shiny toys like iPhones and of course music sales from the iTunes Music Store.

It was a sensible move, since the real money is no longer in powerful multi-processor servers for high-end graphics, video and music production but in laptops for the Vista-resistant masses, phones to keep workers connected to corporate servers and music devices for the kids.

Being a cool brand really helps in this, of course. Apple’s reputation may be  built on high design, functionality and usability, but a big part of its current success comes not from the quality of its products but careful control of all aspects of the message.

New product launches get a lot of press attention partly because they are genuinely newsworthy. There are very few leaks and those that do occur are stamped on with such legal force that anyone tempted to talk to a journalist will be deterred, while journalists who write things that Apple don’t like find that they simply don’t have any access in future.

Most of the time the lack of advance information doesn’t matter, and it provides an entertaining diversion for technology commentators as they try to guess whether the new MacBook will have rounded corners like the Air or come with a non-Intel chipset.

Whether or not the next iPod nano will revert to the stick format from its current fat instantiation is really about as important as the latest celebrity diet or David Beckham’s career plans, but it offers some entertainment in the technology pages.

The design and launch of new products is Apple’s business, and while I think the paranoid fear of anything that might spoil the next Steve Jobs keynote is a sign of weakness rather than strength it is clearly up to Apple, and the law of commercial confidence is on its side.

But different calculations apply when it comes to dealing with people who already use its products, where Apple’s unwillingness to divulge details of security flaws or even the specifics of how flaws are fixed leaves customers confused, ignorant and possibly exposed to attacks that could be avoided.

Patches are simply distributed through Software Update, with little detail about the problems they address or the changes they make, and discussion of security is severely restricted.

We have seen this recently, as two Apple-related talks at this year’s Black Hat hacker convention were pulled before at short notice. A discussion of flaws in the Mac OS disk encryption system FileVault by Charles Edge was withdrawn because he has signed confidentiality agreements with Apple.

And a promised panel discussion by members of the security engineering team was dropped because it had not been cleared with marketing, who clearly have more clout here than the people who are actually responsible for making sure that Apple systems are secure.

This approach was never popular, but its dangers have been highlighted by the fuss around the public release of the details of the flaw in the domain name system identified last year by researcher Dan Kaminsky.

While many vendors patched their DNS software weeks ago and a growing number of ISPs have updated their systems to the latest version, Apple did not offer an update until last week.

What’s more, the update only fully fixes the problem with Mac OS X Server, and leaves the client software running on millions of laptop and desktop computers vulnerable.

We don’t know if this is an error or whether Apple believe there is no need to fix the client for some reason, as the company does not discuss this sort of thing. In this case it may be that few desktop machines actually store or serve domains and so this is a small problem, but Apple has not chosen to share its thinking.

It is rather ironic that one of the attacks being developed to take advantage of the DNS flaw subverts automatic updating of software, so we Mac users might be tricked into downloading malicious software because we assume it’s just another unexpected update pushed at us by Apple.

In the last two years Microsoft has made strenuous efforts to be more open about security issues, a process that has culminated in a blog where senior engineers discuss the latest patches and the problems they are intended to solve.

It’s not quite full disclosure, and there’s still not even a whisper of a hint that they would accept any liability for the consequences of their programming errors, but it does mean that those working with Microsoft software can consider the nature of the patches they are being asked to apply.

With Apple it remains ‘take it or leave it’.  And much as I trust Apple and its engineers the nature of the threats facing all computer users on today’s internet means that this is no longer sufficient.  Building system security is a collaborative activity, and Apple are not currently playing as a member of the team.

Bill’s Links

Black Hat Talks cancelled:
Apple’s DNS Patch Flawed:
Apple sues bloggers:
Apple DNS Patch:
Microsoft Security Response Center:
Subverting software update:

This entry was posted in billblog and tagged . Bookmark the permalink.

3 Responses to Core Problem for Apple

  1. Peter Lewis says:

    Interesting post, Bill.

    I believe that the trust issue you mention is one of the reasons that more and more people are moving away from non-free software to that which is developed in the open.

    Given how much we now rely on our computers for our most sensitive information and communications, trusting one company, based in a different jurisdiction from yourself – especially one which appears to value its image so highly – with my security and privacy, is not a risk I’m willing to take.

    Anyone who isn’t completely satisfied that they can trust that a company like Apple or Microsoft really is their benevolent big brother (despite their keeping any evidence – or code – secret), should steer well clear in my opinion, and choose a free system instead. There are very few reasons not to use a free system as easy as Ubuntu is these days.

  2. I wonder how many of these security issues actually have resulted in real world effects for Mac OS X 10.5.4?

    I feel totally safe in front of my iMac in Mac OS X. I feel totally vunerable if I boot into Windows XP on the other hand, even with Norton Anti-Virus and Firewall turned on.

    If Apple says something is “fixed” then I’m sure it is. If you want to test this try hacking a Mac using the security flaw you think it has. If your hack works Apple has to try again. Simple! 🙂

    All too often the computer press (infected with PC users :-)) talk about making sure you turn on firewalls etc. to protect your Mac. Clearly they underestimate the power of the UNIX core hidden inside every new Mac.

    The fact that the Mac OS is full blown UNIX some 30 years old now.

    Obviously in the days of UNIX users had little idea about hackers. Since then UNIX has developed into a very robust OS.

    This robustness does rely on users having decent passwords on their account and not being stupid enough to login as root all the time.

    While on this security “subject”… I can’t believe the people that think it a good use of their money to buy Anti-Virus software for their Mac either. What really gets me is that Apple sell the very same in their stores!

  3. Tim Chater says:

    You say: “Patches are simply distributed through Software Update, with little detail about the problems they address or the changes they make…”

    Software Update says: “Security Update 2008-005 is recommended for all users and improves the security of Mac OS X.

    For detailed information on this update, please visit this website: http://support.apple.com/kb/HT1222.”

    A couple of clicks later and you’re here. Pretty detailed I’d say.

Leave a Reply

Your email address will not be published. Required fields are marked *