TSC Trusted Advisors’ Blog

What the hell is going on over at Apple?

How do you release a product that has such a basic flaw in it that one of the fundamental tools that this product provides can be used to turn it into a zombie? What I’m talking about is the newest security flaw to hit the iPhone, the SMS vulnerability. (http://hothardware.com/News/iPhone-SMS-Vulnerability-Found-Getting-Patched/)

I’m amazed that something like this leaked through their system. But I guess that’s the question here: what is their system? Many people complain that Apple doesn’t listen when people complain about things. They’re too closed. I’ve had that experience myself with the wifi issue on my MacBook Pro. The MBP had unreliable connectivity to access points. The issue was documented all over the Internet. Folks had workarounds that would provide temporary relief, but nothing permanent. I could see it happening! But when I brought my computer into an Apple store they denied that there was any issue at all!

The lesson that Apple should take away from this is two-fold. First, you can’t solve a problem until you admit that you have one and second, there’s no substitute for a well designed and implemented product development process. In this case, one that takes into account the security issues. What this recent posting says is that even though Apple is one of the most improved vendors around with regard to their ability eliminate software flaws, they have a process that is still generating them!

As much as I’d like to offer a solution, the best I can say right now is be careful who you give your phone number to until this is fixed. For most of us, that cat is already out of the bag!

Maybe the answer is to get another phone?

Oh, and Apple, it wouldn’t hurt to spring for a little independent 3^rd party validation of your products. It would help Apple, and it would help the folks that depend on your technology.