Tuesday, February 12

SC Magazine Interview

I was contacted today by a writer for SC Magazine named Dan Kaplan.   He wanted me to shed some light on what I thought about the OSX update that just came out and specifically, if I thought that OSX would become increasingly a target for future vulnerabilities as Apple's Market Share continued to go up.

The article is live and you can get to it here.  Thanks Dan for putting in a few of my comments.  However, I wrote, practically a whole blog entry for him (overkill I guess ;), and thought that I should post what I wrote to him on the blog here.

Feel free to comment.

"The patches really strike me as Apple listening to it's users and really taking it's competition in the OS space to heart. Apple has always prided itself on being different yet being able to implement functionality in a coherent product. They have realized that it's not about the features of the OS, or trying to make it "pretty", it's about how the user approaches the product. How can they make it easier and make it an easy product to use and figure out.

Along the lines of listening to it's users -- a lot of people didn't like Stacks, (the fan), they liked the list format that was popular in Tiger. So Apple put that back in. Some people didn't like the translucent menu bar, so Apple gave you a way to turn it off. There was no obvious way to tell when a Time Machine backup last occurred without opening System Preferences and looking it up. Or there was no way to tell when a backup was taking place. So Apple put an icon in the menu bar to tell you. Taking it a step further, even allowing you to click on "Back Up Now", forcing the backup. Figuring out better interoperability with 3rd party routers with Back to My Mac and iChat. Figuring out how to make a consistent user experience. All of this to me shows that Apple is listening to their users, making features that users really like present in the product.

Apple furthermore having the Leopard Graphics Update come out really shows where Apple shines. Having the hardware and software coupled together allows Apple to maintain a better user experience for their customers. The ability to upgrade drivers through a patch, pushed down from the vendor, without the user having to go to 30 different sites to update their BIOS, their graphics drivers, their OS patches, etc... This really makes for a consistent user experience. The ability for Apple users to get ALL of their updates in the SAME place, just by going to Software Update. It's priceless in my opinion. I'd like to see more convergence in this space as well. The ability for a user to click on Software Update, and not only get patches for OSX, but also for third party applications, such as Firefox or Thunderbird even the Cisco VPN client. Having all these updates come from a single location would be ideal.

As for the security updates, of course, as OSX gains market share, it will become increasingly a target. That is inevitable. However, Apple has made the decision in the past to kill legacy hardware and software. They killed off an entire OS! (OS 9 -- Classic) Sometimes at the detriment of their users. However, they don't have to deal with driver issues and hardware/software issues that Windows has been plagued with for years. Windows has had to drag all this old code along in each of their OS updates, and while Microsoft has made a lot of progress in recent years with the security of it's platform, the same old Spyware, Malware, Trojans, Worms, and Viruses are still a problem. I believe that OSX increasingly will be in the crosshairs of the malware/spyware/trojans/worm/virus/exploit writers, and there is recent evidence of this when it comes to the Safari browser and Quicktime. Apple has been dealing a lot better with the community and those that find vulnerabilities in OSX, communicating better between researchers and the Product Security Department.

Apple also integrates alot of Open Source code into their Operating System, take a patch for Samba that just came out with the 10.5.2 (Security Update 2008-0001). Samba is a piece of Open Source code that allows for interoperability with Windows networks. While the vulnerability isn't one of Apple's, but that of Samba's. Apple integrates Samba's code, so Apple is also responsible for patching OSX as well. "

 Subscribe in a reader

No comments: