Microsoft program manager Stephen Toulouse, in a series of entries on his personal blog, has challenged Apple to hire a security czar and revamp the way information is disseminated when Mac OS X security updates are released.
“Look, the only way you can tackle security issues is by getting out ahead of them and clearly communicating to your users the threat, and the clear guidance on how to be safe,” Toulouse said. “Here’s the reality, for the next couple of years the Mac OS will experience increasing security threats and mark my words, the company will have to seek outside expertise in the form of a head of security communications in the next 12 months,” Toulouse added. The program manager said Apple needs a person “steeped in security issues, true technical analysis, [someone who] can lead a good security team to get good guidance out there,” according to a report from eWeek.com.
Full article here.
MacDailyNews Take: What’s next, Donald Trump advising Patrick Dempsey on hair styling? Rob Glaser lecturing Jack LaLanne on physical fitness? William Hung as Pavarotti’s voice coach? The size of Microsoft’s cojones sometimes defy description.
[Thanks to MacDailyNews Reader “Jim” for the heads up.]
Advertisements:
• Apple’s brand new iPod Hi-Fi speaker system. Home stereo. Reinvented. Available now for $349 with free shipping.
• Apple’s new Mac mini. Intel Core, up to 4 times faster. Starting at just $599. Free shipping.
• MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
• iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
• iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
• iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
• Connect iPod to your television set with the iPod AV Cable. Just $19.
Related articles:
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Those who can’t do it, write about it.
hes got to be kidding, right?
a microworm flunkie lecturing apple on security and “getting out ahead of them”?
when was the last time ms got out ahead of anything?
he (the asshole) should be taking care of his own house before criticizing someone elses.
If providing “advice” means offering some specific, meaningful, useful, and practical guidance for developing more secure code, fine and thank you. Toulouse apparently thinks that openly manifesting an illusion of caring by acknowledging design errors in security is equivalent to security itself. What a maroon.
Toulouse considers handling security issues to be more public relations instead of cultivating an environment for active development of more secure code. I don’t want an ineffectual company that makes apologies, I want a responsible and proactive company that designs better software.
ROFL!!!
I think Microsoft should concentrate on trying to repair the fcuk ups in the security in their own OS before preaching to other companies that have a far better security record about security.
This guy is AN ASSHOLE THAT KNOWS FCUK ALL ABOUT ANYTHING.
Would Luxus hire a Ford engineer? Didn’t think so.
“Look, the only way you can tackle security issues is by getting out ahead of them and clearly communicating to your users the threat, and the clear guidance on how to be safe”
MS, practice what you preach.
Q-Bert wrote: “The trust in the competance of Apple to produce a secure OS has been shattered completely.”
We all know there is nothing like 100% security but this statement is complete and utter b*ll*cks!! I and every other Mac user is no more threatened today than yesterday or any day before that.
Any evidence to show that a genuine user has been compromised? …NO…I thought not.
Back into your win-swamp Q-Bert, you’re clearly no Mac user.
Has this dickhead EVER used a mac?
Obviously not.
Ive been using OS X since version 10.0 and not once have I had ANY security issue or compromise.
btw – I have my own business running 50 macs.
Q-Bert, that article is more dead than on. FUD. The Leap A ‘exploit’ has been out since Febuary 16, and since then how machines have been infected? That’s correct, none. Will Leap B, C or D do better? Perhaps, but for 5 years plus OSX is unblemished. There are VISTA virii in the wild and it’s been out how long? Yes, minus 10 months. Do we need to be alert? Sure. But there has been NO rash of exploits, that’s a plain lie. a ” a bad track record of exploits “? Again, a lie. “No longer a 100% solid OS” Zero exploits on how many running machines? That’s 100% until it’s not. “The trust in the competance of Apple to produce a secure OS has been shattered completely.” FUD, plain and simple. “Apple’s policy is to say nothing until a patch is ready, not even updating people”s computers to turn off “safe files” and isolating Ternimal.” Apple’s policy is to have a Security Update ready within a week or two. Compare and contrast with the ahem, ‘experienced’ M$’s approach of doing patches on a “as they’re ready and a little later” approach.
So far our best defense against malware is just knowing not to type our password unless we’re installing software by choice. That may change someday, but the sky is not falling today.
Yeah, I’d hire the security chief from MS… so he could FAIL miserably once again!! NOT….
They need to make Toulouse take a drug test.
Q-bert, the article you linked to is more of a scathing retort to Mac users than pointing out anything concrete about compromised Mac security. There is a difference between a vulnerability and an exploit. Yes, the Mac OS has had many vulnerabilities revealed and patched over the last few years. But none of those have been successfully exploited. That’s the key word here, “Successfully”. Yes, there have been “proof-of-concepts” discussed and more than a couple “Sky-is-falling” press releases from Anti-virus companies (which leads one to doubt the urgency of the reports, seeing who is the source) but even with Leap.A, there have been NO verifiable exploited Macs. Period. I haven’t seen in any reports on any news site anywhere of a single Mac that was affected. That’s a HUGE positive on the side of the Mac.
As for trust in Apple’s security, I have little worry in that regard. I am certain from the array of released updates and security fixes that Apple is very concerned with maintaining the Mac OS’s track record of security. They know it’s not invulnerable and it *IS* likely that someday someone will come up with an exploit for an undiscovered vulnerability, but until that day happens, I won’t worry too much about it. I have enough things in my life to keep me occupied and worried without adding a “might be, could be” to the list. It’s just not worth the stress.
Whilst it’s true that Apples response to security issues could possibly be better, faster, whatever. To have Microsoft, or at least 1 Microsoft employee say that Apple should be more like them is a joke.
Admittedly Microsoft, due to their larger customer base are going to have to devote more resources to security issues – even security issues of comparable importance to those Apple have had, and yes Apple will have to ramp up their responses as they grow in size but Microsoft have to respond like they do, in such a public way because their massive security issues cause millions/billions of dollars of problems.
So far, all the Apple “problems” have caused me to do is stop running my day to day account as admin – something I really should have done anyway, but even though I hadn’t it didn’t cause me any problems.
Guys, you don’t get the obvioius between the lines message. This guy is telling Apple “Make me an offer.”
” width=”19″ height=”19″ alt=”grin” style=”border:0;” />
Why wouldn’t he want the job at Apple, Since there
have been no virus’s or worm’s sucessfully
launched , and I’m not counting that feeding frenzy over some suposedly dangerous worms that were out last month.
Why don’t I count them? Did anyone report serious meltdowns from them? Were there worldwide problems in our small market of mac users? No.
Isolated incidents and proof of concepts. Mac is still very secure, but that frenzy in the media was blown out of proportion.
Yea, security at Apple would be a cake walk for Stephen Toulouse
¡Qué huevotes de este tipo!
http://huevocartoon.com/home_contry.asp
Those are cojones!
Real explanation for Vista/Longhorn delay: MS is busy entering these Mac security contests. hard at work trying to make a virus their next Mac application. Its been said before they should have a point person for security, but its funny hearing it from MS.
PS: MDN, “cojones”= slang for testicles. “cajones”= drawer or cabinet type thing.
This wonderful guy is doing everything he can to discourage people from buying a Mac b/c he knows MS is going to get its ass handed to them this year.
As for the communication issue on security threats, I like the way Apple does it. They don’t go making the whole world panic by stating there is a security issue. They fix it (and a few others) and send it out. Also, they don’t make me have to run 37 updates w/ a restart after every one.
Apple needs a security czar about as much as a dump truck needs to drive through a nitroglycerin plant.
MDN word == times as in “The times they are a changin”
we need a term for when someone tries to criticize OS X by linking to Secunia, thereby instantly shattering his/her own credibility, invalidating all future arguments, and providing good chuckles to all.
Today’s winner at “how to lose an argument before you even begin” was Q-Bert. Way to go chief!
Check out Q-Bert, he just Secunia’d himself.
Toulouse–This guy’s mouth is too loose. Of course, it could be that the MS virus thingies are like lice, and he needs to de-louse the OS.
Yes let me think about this for a moment.
Microsoft, the company with an operating system with so many security holes, that it wants to begin selling users a Microsoft security suite to protect it. Hmmm, if you can’t secure your OS, why would I think you could create a security suite that would work any better? I can hear Steve Balmer now… “Please purchase our poorly secured product, and then pay extra for what will surely be another poorly designed and secured product”. If anyone needs to get their security act together, it’s the one with thousands of worms, viruses, mallware, trojans, spyware, and countless other security problems.
” width=”19″ height=”19″ alt=”hmmm” style=”border:0;” />
More of the Redmond Mac OS X talking points. Keep tearing down OS X flaws to make Windows seem not so bad. Isn’t it Vista that has been delayed to “upgrade security”? Why would you have to delay an XP update for another 6 months for a security update? Keep it up with the smoke and mirrors MS! Ballmer’s a frickin’ genious!
Nothing like a great big crap first thing in the morning.
In other news:
1. Kia and Hyundai are going to lecture Volvo on auto safety.
2. Afghanistan will lecture the rest of the world on religious tolerance.
3. Rob Glaser will lecture Bart Conner on how to be slim and fit.
4. The U.S. Congress will lecture American consumers on irresponsible spending habits.
5. William Hung will lecture the remaining American Idol contestants on proper vocal techniques.
MW: future, as in, I believe that children ate our future. Treat them well and let them gorge their way.
Crap. That’ll teach me to read the MDN take first next time.