Faulty code is found in every operating system, app and software program. But Apple has an outdated strategy for fixing them. Remember when Apple would advertise it was safer than Windows? No more. Apple is now where Microsoft was a decade ago.
Computer engineers, hackers and people familiar with the company's practices explained that Apple is doing five things wrong in its approach to security:
Read more at http://money.cnn.com/2015/06/05/technology/apple-bugs/index.html?iid=SF_LN
Remember when Apple would advertise it was safer than Windows? No more. Apple is now where Microsoft was ten years ago as Jose Pagliery writes at CNN that so far in 2015, five major flaws have affected Apple products putting to rest the argument that "Apple computers are safer and bug-free." Just this week, we encountered a nasty bug that lets hackers bury computer viruses so deep inside Macs, you'll never find it. A week earlier, a flaw appeared that lets a text message crash an iPhone. Of course, faulty code is found in every operating system, app and software program but Apple has an outdated strategy for fixing them.
The problem is that Apple is doing five things wrong in its approach to security:
When hackers broke into celebrity iCloud accounts and exposed nude photos last year, Apple CEO Tim Cook said the company would beef up security measures. But he blamed users, saying the problem was "not really an engineering thing."
According to researchers Apple needs to overhaul its bug-reporting system to one similar to what Microsoft did years ago. In 2003, Microsoft introduced Patch Tuesday. Once a month, users would get a flood of updates to keep them safe. According to Microsoft, sending patches only once a month simplifies patch management. Because the date is known in advance, system administrators can plan for the day. In 2005, Microsoft started hosting Blue Hat, an invitation-only security conference to meet face-to-face with curious (and often aggressive) researchers. In 2013 Microsoft introduced its "bug bounty" program and stopped fighting the legion of hackers -- and turned them into a ragtag army of Microsoft guardians. "Microsoft had worm after worm before meaningful security changes were made," says Katie Moussouris, Microsoft's former chief security strategist who implemented the bug bounty program. "Hopefully, Apple will adapt quickly."
[Ed note: The Hugh Pickens submission somehow lost its formatting and links when the story submissions were merged. We failed to notice that before the story went live. The story has been updated and we apologize for the error.]
(Score: 4, Informative) by TheRaven on Monday June 08 2015, @08:15AM
OS X is a POSIX platform which gives it many intrinsic security features
Mostly it's not the POSIX features that make it secure, it's the TrustedBSD features (the underlying mechanism used for their sandboxing) and the Mach underpinnings (used to establish communication channels that allow you to attest to the remote end and propagate priority so that you don't get priority inversion from application compartmentalisation).
last I checked, Windows still made it's default user part of the Administrators group which is insane.
OS X makes its default user part of the wheel group too.
sudo mod me up