/doubleclick_ads.js?2531">     Sign in Application Development Applications Cloud Computing Data Center Data Explosion Mobile Technology Security Virtualization News Blog White Papers Webcasts Test Center Technologies Tech Watch Video Deep Dives More Feature The best hardware and software of the year

InfoWorld's 2011 Technology of the Year Awards recognize the best products at the forefront of today's top data center, desktop, mobile, and programming trends more

Latest Reviews HTML5 in the browser: HTML5 data communications Top 10 free open source tools for network admins InfoWorld review: Fabulous PHP frameworks HTML5 in the browser: Local data storage The best hardware and software of the year Test Center Home ChannelsApplication DevelopmentApplicationsCloud ComputingData CenterData ExplosionMobile TechnologySecurityThe Industry StandardVirtualization Topic CentersArchitectureBusiness IntelligenceComputer HardwareData ManagementGreen ITHTML5  MacMicrosoft WindowsNetworkingOpen Source SoftwareSOAStorage See all Technologies InfoClipzInfoClipz: Cloud computingInfoClipz: Green ITInfoClipz: Unified communicationsInfoClipz: Storage virtualizationInfoClipz: Server virtualization LineupsLatestNewsInfoClipzScreencastsAnalysisSponsored InfoWorld Video Home Face-to-FaceGaining Control of Your Enterprise Explosion See all Face-to-Face Virtual Conferences See all Virtual Conferences PopularAbout UsApps and ServicesAwardsEventsiGuidesInsider ArticlesIT JobsNewslettersQuizzesRSS and TwitterSlideshows Solution CentersDell EMC and Oracle 11G Innovative Efficiency Solutions CenterIBM Service Lifecycle ManagementIpswitch Managed File Transfer SolutionsIron Mountain Solving Information Management ChallengesManaging Risks in Virtualized and Cloud EnvironmentsRiverbed WAN OptimizationSymantec Small Mid Business SolutionsXerox Managed Print ServicesView all Solution Centers InfoWorld Home / Security / News / Recent events at Apple suggest genuine push for... March 04, 2011Recent events at Apple suggest genuine push for Mac securityMac security expert says Apple is reaching out to researchers and soliciting their feedback for the first time By George V. Hulme | CSOPrint |Add a comment

Just last week news broke that Apple was offering copies of its yet-to-be released Mac OS X 10.7, or Lion, operating system to security researchers and soliciting their feedback.

In an interview with Computerworld's Gregg Keizer, Mac security expert Charlie Miller, with Independent Security Evaluators, and an author of the Mac Hacker's Handbook, acknowledged that he wasn't aware of Apple taking such steps before.

[ Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

Miller sees the step as, potentially, a good move. "That they're thinking of reaching out [to researchers] is a good positive step, but whether it makes a difference, I'll believe it when I see it," he told Keizer.

Miller is widely known for successfully hacking vulnerabilities in OS X and Safari at the annual Pwn2Own contest over the past few years.

Miller is set to do so again next week in Vancouver at this year's Pwn2Own contest at CanSecWest Vancouver.

Though clearly not directly related, this news broke around the same time antivirus firm Sophos reported on a new Mac OS X backdoor Trojan, known as BlackHole RAT (Remote Access Trojan).

Proactively engaging with the Apple security community is Apple's most recent move in what appears, from the outside, that the company is stepping up its security game. Earlier this year Apple reportedly hired noted software security expert David Rice. That personnel move followed the hiring of Window Snyder, former security lead at Mozilla, last year.

"They've hired a number of high-profile people," says Rich Mogul, founder and analyst at researcher firm Securosis. "They've since fallen into the Apple vacuum, but I most definitely get the feeling that Apple is taking security more seriously."

Also, two independent sources close to Apple report that the company is aligning a security member as part of each product team, though CSO has not been able to confirm this.

Steps like this can only be good news for consumers of Apple products, enterprises, and Apple's own ambition to gain a larger piece of corporate sales.

While consumers inherently trust Apple OS X systems to be safer than its Windows competitors, businesses don't have that luxury. That's not to say consumers aren't justified in their belief. They are, as OS X attacks rarely rise above proof-of-concept malware that spread nowhere fast.

Businesses, however, are justified in their cautionary stance as well, experts say. Apple software applications are certainly not without their vulnerability concerns.

Just today, Apple released a security update to fix nearly five dozen significant flaws in iTunes, many based on its web browser engine Webkit.

 next page › 12 Tags: data loss prevention, mac os x, authentication, hacking, mac software, Apple Print |Add a comment Sign up for InfoWorld's Today's Headlines: First Look newsletter. Originally published on www.csoonline.com. Click here to read the original story. Load MoreWhat are you thinking?Twitter search results powered byInsert this article url Tweet Related Content... Overcoming Eight Common Power Management Challenges | White paper A Practical Look at Data Center Sustainability | White paper Oracle Exadata Exceeds Expectations | White paper Webcast Enabling the Database Cloud Faced with static or shrinking budgets, IT organizations need to lower costs throughout the data center, while their business users demand a high quality of service - consistently fast response times, 24x7 availability, and comprehensive security. Improve Data Warehouse Performance by 10x.

Learn more » White Paper Address Top Network Priorities with ANPMRead EMA's independent assessment of Riverbed's Cascade compared against 18 other solutions. See how it ranked in terms of analyzing traffic data, overall architecture, security awareness and integration with CMDB/CMS and SIEM.

Read now » White Paper Business Benefits of Collaborative Communications Examine business scenarios and learn how unified communications can be leveraged to maximum competitive advantage. Discover how to ensure better connectivity between all individuals, fostering an environment that supports innovation through employee engagement across organizations, business units and companies.

Read now » White Paper The Bandwidth Hunters: The Hunt for Better HD Telepresence

Follow along as a mythical band of veteran IT professionals try to deploy high-definition (HD) telepresence on an enterprise-wide scale. Their biggest hurdle? They can't upgrade the network to handle more bandwidth. Other challenges include budget, reliability and user experience issues.

Read now » Sign In to comment 10 great error messages 20 years of innovative Windows malware Can the Atrix 4G really become your next PC? How, where, and when IT pros cheat Welcome to the iPad 2: Inside Apple's new tablet Webcast: Best Practices for DDoS Mitigation | WebcastGuide to Insider Threat Protection | WebcastData loss prevention | WebcastA Brief History of Malware | WebcastLearning to Love your Log Files | WebcastHow to Choose a Qualified Security Assessor | White PaperNext Generation of Cybercrime | White PaperPCI 2.0: What's New? What Matters? What's Left? | White PaperRealtime Publishers: The Business Case for Security Information Management | White PaperFoundations of Security Information Management | White PaperSee all White Papers / Webcasts Today's Headlines: First Look Newsletter

Find out what will be news for the day, with our first-thing-in-the-morning briefing.

/* powered by sh */#wrapper #sh_job_widget .sh_powered_by { margin-top:0; text-align:right; font-size:1.1em; line-height:1.2em; padding-top:0.3em; }#wrapper #sh_job_widget .sh_powered_by a { text-decoration:none; }#wrapper #sh_job_widget .sh_powered_by .sh_blue { color:#00ACF1; }#wrapper #sh_job_widget .sh_powered_by .sh_green { color:#A6CE3A; } See All Jobs » Post a job for $295 » Go Jobs powered by SimplyHired Test drive the world’s leading SSL for free at verisign.com/ssl/free-trialSign up for a free 30-day trial of Cisco Show and Share!ManageEngine: End-to-End Java Performance Management. Download Product Now!Transform with Mobile AppsMaximizing Business Application FunctionalityIPv6: Complete these 5 Steps to PrepareComparing Private Line, Frame Relay, ATM, Ethernet and IP VPNsLearn how Red Hat delivers modern message-oriented integration with AMQPHP BladeSystem powered by AMD Opteron™ 6100 Series processorsSymantec Security Webcast Series: Protection for the Modern EnterpriseEMC Power, Iomega Price! VMware-certified network storage, 2-24TB.Focus on Business. Let Rackspace Manage Your Cloud.New guide shows you how to accelerate unified communications ROI.Eaton's Intelligent Power® Software Suite, all the tools you need to monitor and manage power devices on your network.ERwin® in the Cloud: How Data Modeling Supports Daas ImplementationsOnly protect the information you need with Symantec Backup Exec.Discover how to make e-discovery easier. Find out now.One number. One voicemail. Sprint Mobile Integration.iTKO - The DevTest Cloud: Virtual software labs eliminate constraintsLive Webcast: Don’t Fire Your Firewall Read the white paper on fast iPad and iPhone developmentHP ProLiant FlexFabric enabled server powered by Intel® Xeon®Accurate time synchronization - Symmetricom's network time servers.Mobility Applications Before and AfterKeep Your Enemies Closer: Get Proactive about SecurityFirewall podcast Q&AsChoosing the Right Metropolitan Ring For Your BusinessThis year, go Beyond the Hour at www.earthhour.org/beyondthehour.Go on the offense with a proactive IT security defense.Unleash the Power and Performance of Physical and Virtual DesktopsPower Your Applications with Rackspace CloudGet Proof. Not Promises! Take the Netezza TestDrive..The SMB IT Decision Maker's Guide: Choosing a SaaS Service Management SolutionWith Xerox, you'll be ready for real business. Find out how>HP StorageWorks D2D2500 Backup System with Intel® Xeon® 5500 seriesKnow where your sensitive data is with Symantec Data Loss PreventionKnow the biggest risks to your small business. Find out now.Protect 500 virtual machines in 17 minutes with CommVault® Simpana® software!How are YOU investing in efficiency? Check out CIO Debate today and compare your strategies against your peers.Why Virtualize?
About Us| Advertise| Contact Us| Newsletters| Privacy Policy| Reprints, Permissions, Licensing| Terms of Service| About AdChoices The IDG Network CFOworld| CIO| Computerworld| CSO| DEMO| GamePro| Games.net| IDC| IDG| IDG Connect| IDG Knowledge Hub| IDG TechNetwork| IDG Ventures| InfoWorld ITwhitepapers| IT World| JavaWorld| LinuxWorld| Macworld| Network World| PC World

--> ©1994-2011 Infoworld, Inc.

View the Original article