/linked/2017/09/12/locking-it-all-down

Comments

Sebby:
> I don’t want to get into a “blame the victim” scenario,

(Because it's Apple ...)

> The wrongdoer is the person who leaked the URLs.

...

> But given how sensitive these GM builds of iOS 11 were, there’s no way they should have been publicly accessible. The richest company in the world — and a computer company at that — must do better than security by obscurity.

But they *were* publicly accessible. So who's fault is it? The leaker wasn't exploiting any insecurity; they were just preying on Apple's incompetence. You just can't defend security by obscuring, under any circumstances.
4:50 pm — Tuesday, 12 September 2017
Gruber F. Johnson:
If this had happened to any other company, Gruber would be ripping them a new asshole.
7:15 pm — Tuesday, 12 September 2017
Tim Cook:
John, this post came awfully close to criticism. You don't get to tell us what to do; it's firmly the other way round. If we want to post things on the open web, we'll do it, and have none of your back-talk! Remember our agreement.
11:47 pm — Tuesday, 12 September 2017
Legion of Bad Ideas:
Leaking the firmware was totally unexpected at this point.
12:52 am — Wednesday, 13 September 2017
Leave a Comment
To leave a comment, install the Safari extension!