So much for the “bulletproof” Apple
Apple has surpassed Microsoft in the number of disclosures of software vulnerabilities, according to an IBM security report. This is really no surprise to those who have understood the impact of the Trustworthy Computing Initiative and Secure Development Lifecycle at Microsoft over the last 5-7 years. I wonder how long it will take for public consciousness (perception) to catch up with the reality of the security implications here. I remember back when “coolness” trumped security in programming at Microsoft; perhaps Apple is in for some of the same consequences, but for now their “halo” still seems to be firmly in place. Sadly, we’re still ahead in public exploits, but that’s more a reflection of the fact that we’re still considered a much more desirable target, since, as the report points out, we presumably now have fewer vulnerabilities to exploit. See below for a link and an excerpt from the article. The “Apple gets bruised” title is a very clever play on words IMHO, too bad the whole article wasn’t as well written as the title (I found it very difficult to understand).
Computerworld - August 06, 2008
“Apple gets bruised in vulnerability report
…Apple has taken the place of Microsoft for disclosing more vulnerabilities than any other vendor, according to an IBM security report.
The company rose from second place in 2007 to take the top spot away from Microsoft, which had fallen into third place behind open source content management system Joomla.”