IBM: Apple Crumble @ Blackhat

In addition to my previous blog post:

From IBM Internet Security Systems:

The highlight of the day was the presentation given by Stefan Frei and Bernard Tellenback titled “0-day Patch – Exposing Vendors (In)Security Performance” covering their analysis of several years of vulnerability disclosures and patching processes from various vendors, and a detailed dissection of Apple’s and Microsoft’s performance. 

In essence, with their “0-day Patch” metrics, they managed to show just how far Apple is trailing Microsoft in security patch responsiveness – in fact, after inspecting their graphs, Apple appears to be trending entirely in the wrong direction; more vulnerabilities, longer patching times, more 0-days, etc. – not the sort of thing we expect from a well known software vendor.

Not entirely unrelated to this: Gone in 2 minutes: Mac gets hacked first in contest
It may be the quickest $10,000 Charlie Miller ever earned. He took the first of three laptop computers — and a $10,000 cash prize — Thursday after breaking into a MacBook Air at the CanSecWest security conference’s PWN 2 OWN hacking contest.



Comments (1)