Re: Apple's worst security breach: 114, 000 iPad owners exposed

[Joel Esler <joel.esler () me com>]

Summary of that long winded email:

I'm smarter than you.
You're wrong.
Apple is guilty too.




On Jun 10, 2010, at 8:55 PM, Nick FitzGerald wrote:

> Joel Esler wrote:
>
> > My only problem with the article is the inaccuracy of the headline. 
> > Gawker is known for their sensationalism.  Frustratingly awesome. 
>
> My only problem with your commentary on this is the inaccuracy of your 
> use of the word "inaccuracy".
>
> Although technically "inaccurate" means only "not accurate", due to the 
> tendency of (simpler) humans to conceive "accuracy" as a binary state 
> (akin to true/false), common use of "inaccurate" tends to have a strong 
> connotation of "false", and even "wrong" (with all its connotations).  
> (Should we be surprised that Wikitionary suffers this misperception, 
> unlike the professionally maintained dictionaries I checked?)
>
> You would have been more accurate (now, how can that be a meaningful 
> utterance for something that ostensibly has binary state?) to have 
> said:
>
>   My only problem with the article is the less than fully accurate
>   headline.  Gawker is known for their sensationalism.  ...
>
> Of course, that is not quite as sensationalistic as strongly connoting 
> that Gawker was wrong...
>
> True, their headline was not fully accurate.
>
> But do you really not think that Apple must at least partly carry the 
> can for this?
>
> After all, it was Apple that decided to make 3G iPads available in the 
> US (and Canada I presume) via an exclusive deal with AT&T.  If the 
> devices were available across any 3G network, Apple's customers would 
> have had to choose their carrier, and thus only those who chose AT&T (a 
> presumably small number from what I've heard of that network's 
> coverage, reliability and service) would have been exposed by this lack 
> of security smarts at AT&T (well, we have to speculate and as you seem 
> to be into sensationalism, let me assume that none of the other 3G 
> networks are run by such security dullards as those at AT&T).
>
> Of course, the real reason behind Apple's choice of AT&T had nothing to 
> do with "providing the most consistent user experience" and all that 
> touchy-feely mush the fanboiz lap up, but had everything to do with 
> making the device "more exclusive" and keeping the price rather on the 
> high side (i.e. it was about making profits for Apple, and presumably 
> the fixed-term service contracts had something to do with making 
> profits for AT&T).
>
> So, I have no sympathy for Apple being socked with the full blame for 
> something like this.  If Apple really cared about its reputedly ever so 
> valuable customers, Apple would have made sure that it was not teaming 
> with a security-challenged carrier and thus inflicting that carrier's 
> low standards on Apple's "valuable customers".  (And arguably it would 
> have made the device network agnostic to provide its ever so valuable 
> customers the best range of choice to get the device and carrier deal 
> that suited them...)
>
> Apple is at least as guilty in this as AT&T, because from a great deal 
> of pre-existing commentary on the quality of AT&T's service in general, 
> and from its direct past experince with the iPhone fiasco, it seems 
> that Apple should have been more than aware of the potential for brand 
> spoilage by partnering with AT&T.
>
> So, to label this anything other than a failure by Apple, and worse to 
> only focus on AT&T's role in this (I'm not saying that Joel did this -- 
> just that some are), is actually aiding and abetting Apple, maintaining 
> the Jobs/fanboi circle-jerk that "everything Apple is perfect".
>
>
>
> Regards,
>
> Nick FitzGerald
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

--
Joel Esler
http://www.joelesler.net

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.