You're viewing an article in iPO's historic archive vault. Here, we've preserved the comments and how the site looked along with the article. Use this link to view the article on our current site: Security Analysts Concerned Over iPhone Patching Mix of Features & Security

News

Security Analysts Concerned Over iPhone Patching Mix of Features & Security

Tuesday, October 2nd, 2007 at 12:45 PM - by

Some security analysts are concerned about the bundling of ten security patches for the iPhone and firmware upgrades that provided new functionality in the iPhone September Update. The worry is that stories of bricked phones will cause customers to defer needed security updates, according to PC World on Monday.

"With the iPhone update, Apple is now producing a fear of taking their patches," said Andrew Storms, director of security operations at nCircle Network Security Inc. "If they release a functionality update and security fixes at the same time in the future, some users will think twice about applying it. They'll ask themselves 'What will it break this time?' and 'Will it backfire on me?'"

Mr. Storms felt that the publicity around disabled phones may have been more important, and maybe more confusing, than the security updates themselves.

Garter, Inc.'s John Pescatore agreed. "There should definitely be a separation between security and functionality," he said. "Users shouldn't be forced to accept new functionality to get security fixes." He pointed out that, at least in the PC World, the bundling of security and features, which is good for the vendor, forces the users to choose between testing all the new features or passing on the security fixes.

iPO notes, however, that the situation is different with a consumer product. The iPhone is not an enterprise product, and there are no massive IT teams required to test the new features for enterprise integration. The user just buys new music with new features. Second, the vast majority of iPhone customers aren't inclined to spend a lot of time reading the opinions of PC security analysts. They just want to update their phone, get new features, get better security and get on with life. Finally, if they do hear about bricked phones, they know that a tiny fraction of customers have hacked their phones and are paying the price.

As a result, it's not likely that typical iPhone users worry about this kind of bundling, one that's a concern in the PC and Windows community. Apple is, in fact, doing what it believes to be in the best interests of their customers and their own corporate obligation to AT&T.

8 comments from the community.

You can post your own below.

+ show options

Your current settings, click to change: Sort Oldest First, Show Guest Posts, Hide Community Stats

A guest said: (hide)

Tue Oct 02, 2007 2:08 pm

Editorialize much?

I thought this was a news story, not an Op-Ed piece. Information stated as fact without attribution, asserting knowledge of Apple's motives -- come on, TMO, you're better than this. Those last two 'graphs shouldn't even be in this article.

Quote this post ↓

vasic said:

member since 09 Aug 2005 with 279 posts, unranked, send him a message or view his profile

Tue Oct 02, 2007 2:26 pm

I totally disagree with guest. What would be the purpose of copy-pasting some text from another publication without providing some opinion.

In fact, the last two paragraphs essentially pointed out how misguided the original article is in the first place.

IPhone owners have nothing to worry about. When there is an update, they should apply it. Unless they tampered with the device, all should work fine (the supposedly bricked unaltered phones are a red herring). If they ever, for any reason, encounter a problem (for example, their PC experiences the Blue Screen of Death half-way through their iPhone update process), they can always bring it to Apple and it will be replaced.

In fact, there were some cases where a hacked, bricked iPhone was brought to a Genius Bar and it was replaced with a new one (no questions asked). While your mileage may vary, it just reinforces the image of Apple's unparalleled customer support.

Quote this post ↓

A guest said: (hide)

Tue Oct 02, 2007 2:45 pm

The story is that a security analyst has concerns over how Apple is mixing features with security fixes in its updates. If TMO wanted to do original reporting and get dissenting views from other security analysts, that would have been awesome. If they wanted to dissect this guy's arguments and do an analysis or opinion piece, that would have been fine, too, but it should have been labeled as such, not news.

News is reporting what other people did/said. The reporter's opinions do not belong in a straight news piece. That's Journalism 101.

Injecting your own bias in a piece and labeling it as news is lackeyism. That's what's wrong with the state of the Mac web. TMO should have higher standards than that.

Quote this post ↓

rjackb said:

member since 08 Dec 2005 with 37 posts, unranked, send him a message or view his profile

Tue Oct 02, 2007 3:42 pm

I'm glad that iPO did point out the absurdity of the analysts' statements. And it is clearly labeled as coming from iPO.

Quote this post ↓

j.martellaro said:

member since 07 Dec 2006 with 97 posts, TMO Staff, send him a message or view his profile

Tue Oct 02, 2007 3:42 pm

Within editorial guidelines and based on my expertise, I may provide context for the reader.

That is different than editorializing. We add context all the time to add value to the story.

-JM

Quote this post ↓

A guest said: (hide)

Tue Oct 02, 2007 4:43 pm

j.martellaro wrote:
Apple is, in fact, doing what it believes to be in the best interests of their customers and their own corporate obligation to AT&T.

Sorry, John, that's not adding context, it's either presuming to read a corporation's mind or shilling for them, neither of which belongs in a story labeled as hard news. You state this (literally) as fact, but you cannot know it unless someone from Apple said it. And if that was the case, you should have said so.

I meant my original comment as good-natured constructive criticism, but I'm disappointed that you're defending this.

Quote this post ↓

Bosco said:

member since 03 Jun 2002 with 1002 posts, unranked, send him a message or view his profile

Wed Oct 03, 2007 12:03 am

I like it when John editorializes. It makes for a great jumping off point for heroes of the comment board, like yours truly. By pointing out the problems with the analysts' arguments, John has made it possible for me to chime in and say that these analysts should never visit your house until you have securely bolted down the furniture. Otherwise, their off the chart anal retentiveness might literally suck up all your couch.

Quote this post ↓

gslusher said:

member since 13 Nov 2002 with 2088 posts, unranked, send him a message or view his profile

Wed Oct 03, 2007 6:10 am

Bosco wrote:
I like it when John editorializes. It makes for a great jumping off point for heroes of the comment board, like yours truly. By pointing out the problems with the analysts' arguments, John has made it possible for me to chime in and say that these analysts should never visit your house until you have securely bolted down the furniture. Otherwise, their off the chart anal retentiveness might literally suck up all your couch.

"All your couch"? You're slipping, Bosco, or have you begun writing Engrish?

It is funny.

Quote this post ↓

Post Your Comments

  Remember Me

Not a member? Register now. You can post comments without logging in, but they'll show up as a "guest" post.


Please enter the word exactly as you see it in the image above. Registered users aren't prompted for this. Having trouble reading the image get a new one.