Apple's Security Through Obscurity Fallacy

[david_e]

.....

[teh603]

Quote:

Originally Posted by obsessed2

Again, the FBI denied they were the source of the leak. What's hilarious is that people still buy into anything the government denies. The U.S. Government Denies Just About Everything ... Agent Orange.

Well, it did happen at the bureau originally run by J. Edgar Hoover. That probably has everything to do with both the breach and the denial.

In a month or two they'll probably make a press release about communist hackers operating under the orders of Hugh Heffner, or something equally absurd.

[JoeD]

The 12 million IDs is in no way related to security through obscurity

Obscurity is when someone claims their product is safe but in reality the security depends upon you not been able to know how it works or view the code doing the protection.

Apple is actually pretty good when it comes to not using security through obscurity. They've used open source encryption routines and released their changes which allows peer review. Now they may still wrap obscurity on top of any real protection due to the nature of the rest of their code been proprietary, but I very much doubt they rely on that to provide any form of security.

Apple do however make mistakes just as any other software company will and their system will have holes just as any other system will.

As an aside, just because the device IDs are for apple devices, that doesn't automatically imply that the DB that was stolen was stored on a mac. For all we know it could have been on a linux or windows machine/server. Not that it changes anything.

[afv011]

Quote:

Originally Posted by david_e

So how is it that a security breach of an FBI laptop is Apple's fault?

Seems the only obscurity occurred when the facts got in the way of your dull-ax-to-grind mission.

What I find hilarious is that you whine about the government but advertise a branch of the service as your picture. Is that just to drum up sympathy or empathy for your personal point of view? Is it supposed to add some credence to your buffoonery?

MonkeyLuis, is that you?

[RainingLemur]

Quote:

Originally Posted by afv011

MonkeyLuis, is that you?

Could be worse. Could always be a certain..."Rock"ing individual.

But, back on topic - It's inevitable that these kinds of breaches are going to happen, I think. As we have more and more crap on our mobile thingies, and the push to put stuff on "the cloud," we're probably going to see more of this sort of thing pop up in the future, regardless of the OS/device manfacturer/*insert other reason to bicker here*.

[Andrew H.]

Quote:

Originally Posted by afv011

MonkeyLuis, is that you?

Boswd? Long time no see!

[obsessed2]

Quote:

Originally Posted by david_e

What I find hilarious is that you whine about the government but advertise a branch of the service as your picture. Is that just to drum up sympathy or empathy for your personal point of view? Is it supposed to add some credence to your buffoonery?

Attack my point of view, no problem. But, to mount a personal attack and say I am trying to use my military service to draw up sympathy, empathy, or add credence to any of my buffoonery is despicable. None of the above !!! My logo has been proudly displayed since I joined Mobileread in April 2011. I humbly served my country's Navy for over 24 years. This does NOT mean I agree and support everything they do or have done.

BTW, if you own an iPad or Ipod at least check out the website posted in this MSNBC story to see if you your UDID was compromised.

http://www.nbcnews.com/technology/te...ice-ids-977988


Would hate to see this happen: http://www.securitynewsdaily.com/213...nightware.html