Find A Vulnerability In Apple Software; Lose Your License As An Apple Developer
from the kill-the-messenger dept
It appears that Apple is the latest company to take a “kill the messenger” approach to security vulnerabilities. Hours after security researcher Charlie Miller found a huge vulnerability in iOS, which would allow malicious software to be installed on iOS devices, Apple responded by taking away his developer’s license.
The obvious implication: don’t search for security vulnerabilities in Apple products, and if you do find them, keep them to yourself.
First off, here’s Miller explaining the security hole:
?I?m mad,? he says. ?I report bugs to them all the time. Being part of the developer program helps me do that. They?re hurting themselves, and making my life harder.?
And, no, this is not a case where he went public first either. He told Apple about this particular bug back on October 14th. Either way, this seems like a really brain-dead move by Apple. It’s only going to make Apple’s systems less secure when it punishes the folks who tell it about security vulnerabilities.