![]() “What I would personally like to see is more openness towards third-party security vendors, so when an incident the size of XCodeGhost occurs, the security community is prepare to intervene with tools and fixes. Here Botezatu said that: “With minor exceptions (such as the failed Rootpipe exploit patch), Apple has done a good job in patching vulnerabilities in the past. Is Bitdefender calling on Apple to fix bugs and security issues at a much faster pace than it has been doing? ITWire’s write-up on Schiller’s statements is here, but aside from Apple’s initial short statement, and Schiller's interview with SINA, I still think it would still be useful for Apple to say something more on the topic - but that's just my personal view. The question was put to Botezatu before Apple’s Senior VP of Worldwide Marketing granted a Chinese news site called SINA an interview on the topic, although the article was published in Chinese. Is Bitdefender calling for Apple to make a further, more detailed statement about the malware incursion beyond the simple statement it has already made saying it has removed affected apps?īotezatu stated: “Yes, we would have expected a comment related to the number of devices that have been affected by the incident.” It would definitely be interesting to see how Apple is going to improve the screening process given that they already had one of the best review processes in the world.” “These applications had been reviewed by human operators, but potentially dangerous code such as XcodeGhost still snuck into the Store. Here Botezatu replied that “Apple has had a great screening program for applications submitted to the App Store in the past. Is Bitdefender calling for Apple to make an announcement on how it will dramatically improve its proactive countermeasures? Adding an extra layer of anti-malware technologies will definitely improve the security of the user.” “The recent attacks against both OS X and iOS have proven that built-in security countermeasures, although effective to some extent, are not perfect by themselves. Is Bitdefender calling on Apple to explicitly allow third-party security solutions?īotezatu responded that, “For years, Apple has strongly communicated that, unlike other platforms, Mac OS X and iOS are secure by default and users should not be concerned with running third-party security. Now, you’ll probably expect an Internet Security company is going to want to be able to offer a version of the anti-malware/security suite that would be offered on Android, for example, and to be sure, a variant of that was my very first question. The comments were presumably sent so journalists could insert it into any story they might be writing on the XcodeGhost event, but I decided to write back and ask some extra questions so I could write a fuller story on Bitdefender’s views on the topic. ![]() However, iOS has become the second largest mobile operating system in the world and hackers are constantly improving their tactics to get to those 40% of iOS users,” continued Botezatu. “For years, Apple users have dismissed the idea of third-party security solutions, claiming that the iOS ecosystem was so well designed that they are practically immune to threats. “Human error (the developers running tools downloaded from third parties), paired with lack of proactive countermeasures (in-depth review upon approval and advanced anti-malware on users’ terminals) have exposed a significant number of iOS users to malware. I received an email from Bitdefender’s Australian PR company offering comment on the XcodeGhost malware incident from that seems to have been primarily aimed at Chinese iOS App Store users, and wrote back with a few questions of my own, asking for additional comment.īitdefender’s Senior E-Threat Analyst, Bogdan Botezatu, is the person in question making the comments, which started off by noting that “the XCode Ghost infection is the first large-scale incident to ever make it through the Apple walled garden.
0 Comments
Leave a Reply. |