Taking a bite out of Apple
Computerworld reports from the Blackhat conference that a couple of researchers have successfully attacked a MacBook using a wi-fi hack. It's news because Apple has been smugly sniping at Microsoft Windows machines for being less than secure (true) and harder to use (truer) and no fun (truest).
This doesn't surprise me a bit. The underlying point is that No Computer System is Secure. This truism is often swept out with other dirt by the PR brooms, but is one of the underlying truths of the computer age. If there is a sufficient reason, any computer system will eventually go down to a concerted attack. In this case, the motivation was a presentation at an important peer conference. Imagine how much stronger it might have been if there had been a lot of money involved.
Part of the problem is that the lifecycle of computer systems is such that there is simply not enough time for systematic testing of every release, allowing bugs or at least opportunities to creep in.
Apple is no worse than anyone else, probably better. So far, they have been very good about patching security holes when they're pointed out. This is in sharp contrast to companies like Cisco, who sued Michael Lynn last year for demonstrating a significant flaw in Cisco routers, (Lynn was also investigated by the FBI).
Computer security is a function of time and money. The more money that's at stake, the less viable any particular security system will prove to be. The future of data security will not be fortress walls, but hidey holes. If you really want to protect important computer information, hide it.
Posted on August 03, 2006
