Clive throws some security complaints against Apple in comments. He's got a point, but what is that point, exactly? The issues raised have little to do with Apple, per se, as they are all generic and familiar in some sense.
Aside from the futility of trying to damage Apple's teflon brand, I guess, for me at least the issue here is when & if the perception, costs and activities of Apple's security begin to cross.
We saw this with Microsoft. Throughout the 1990s, they made hay, the sun shone. Security wasn't an issue, the users lapped it all up, paid the cost, asked for more.
So Microsoft did the "right thing" by their shareholders and ignored it. Having seen how much money they made for their shareholders in those days, it is hard to argue they did the "wrong thing". Indeed, this is what I tried to establish in that counter-cultural rant called GP -- that there is an economic rationale to delaying security until we can identify a real enemy.
Early 2000s, the scene started to change. We saw the first signs of phishing in 2001 (if we were watching) and the rising tide of costs to users was starting to feedback into Microsoft's top slot. Hence Bill Gate's famous "I want to spend another dime and spin the company" memo in January 2002 followed by his declaration that "phishing is our problem, not the user's fault."
But it didn't work. Even though we saw a massive internal change, and lots more attention on security, the Vista thing didn't work out. And the titanic of Microsoft perception slowly inched itself up onto an iceberg and spent half a decade sliding under the waters.
For Microsoft, action started in 2002, and changed the company somewhat. By the mid 2000s, activity on security was impressive. But perception was already underwater, irreversibly sinking.
Now we're all looking at Apple. *Only* because they have a bigger market cap than Microsoft. Note that this blog has promoted Macs for a better security experience for many years, and anyone who took that advice won big-time. But now the media has swung it's lazer-sharp eyeballs across to look at the one that snuck below their impenetrable radar and cheekily stole the crown of publicity from Microsoft. The game's up, the media tell us!
I speak in jest of course; market perception is what the users think, not what the media says [1]. Possibly we will see market perception of Apple's security begin to diminish, as user costs begin to rise. The user-cost argument is still solidly profitable on the Mac's balance sheet, so that'll take some time. Meanwhile, there is little sign that Apple themselves are acting within to improve their impending security nightmare [2].
The interesting question for the long term, for the business-minded, is when should Apple begin to act? And how?
[2] just as a postscript, this question is made all the more interesting because, unlike Microsoft, Apple never signals its intentions in advance. And after the move, the script is so well stage-managed that we can't rely on it. So we may never know the answer. Which makes the job of investor in Apple quite a ... perceptionally challenging one :)
Posted by iang at October 24, 2010 01:30 AM | TrackBack@ Iang,
"but what is the point, exactly?"
Is a very reasonable question to ask, but not so easy to answer :-)
The issue of Apple and securit can be viewed from many angles, your "shareholder value" is very valid short term, but what about market perspective in the long term?
You could view Microsoft as "first to market" and thus you would expect them to fall foul of the "leading edge is the bleeding edge" issue thus some of their sins are forgivable as (supposadly) nobody knew any better...
But Apple is not actually a market inovator in OS design nor is it particularly pushing any bounderies or steping on virgin soil in the field of development, thus to repeat the sins of Microsoft and others is not realy forgivable in the same way (ie they should have known better).
Apple's focus has been on "user experiance" and they have done remarkably well. Their market share may not have changed much over the past few years but the market size has grown so they are atleast doing as well as everybody else. They have also survived ditching their entrenched hardware platform (power PC) and jumping on the Intel platform. Which a number of people predicted (incorectly) would be Apple's demise (although if you think back Apple has changed architecture before it was once 6502 and went to 68K then to Power PC so they had some experiance in this ;)
Many people believe (I think incorrectly) that malware writers are more or less ignoring the Apple OS as long as it stays below some magic market share. Personaly I think the pundits are using the wrong indicator and actuall market size not share will define the tipping point.
That is as long as Apple's "bums on seats" numbers rise they will become of interest to Malware wrighters.
I further belive that Apple's market size is getting close to a tipping point where Malware writers will find it easier to change platform rather than to
stretch their necks steadily higher trying to find the next level of low hanging fruit.
So my point is if Apple really are about "user expeiance" they cannot afford to seriously blot their copybook over Maleware, and they need to address the issue now not Ignore it.
As you note Apple are not known for "talking up future product" whilst current inventory is still gracing their shelves. So we will have to observe carefully to see what trends they react to.
However Malware is also moving away from direct OS vectors to application software which is just sitting a users finger skin under the "user experiance'. So this is an area Apple must also realy get a grip on soon otherwise their loyal fanbase will be sorely tempted to up sticks on. Apple.
Posted by: Clive Robinson at November 2, 2010 06:18 PM