Former Apple employee takes Apple to task for delay in sending out security patch for iOS

Former Apple employee takes Apple to task for delay in sending out security patch for iOS
Kristin Paget, who once worked on the Apple iPhone security team in Cupertino, questioned Apple on her blog for a decision it made relating to recently discovered security issues on OS X and iOS. Usually, two separate products from the same company, with the same security issue, are fixed at the same time. Instead, Apple went ahead and fixed the OS X flaw first, waiting for this week's iOS 7.1.1 update to repair the problem on its mobile OS.

The same issue happened in reverse earlier this year, with the SSL flaw that affected both OS X and iOS. In that case, iOS was fixed first as iOS 7.0.6 resolved the problem on a Friday, and OS X 10.9.2 took care of the same problem the following Tuesday.

Paget's blog contains a no holds barred attack on her former employer, questioning why Apple apparently doesn't see anything wrong with how it has handled these bug fixes. Is her attack on Apple warranted, or is she making mountains over molehills? You can check out some of her comments below.

source: KristinPaget'sBlog via RedmondPie



1. techperson211

Posts: 1280; Member since: Feb 27, 2014

Now where are the comments here?

8. PhoneArenaUser

Posts: 5498; Member since: Aug 05, 2011

"President Obama says that he can't own an Apple iPhone for security reasons"

2. 0xFFFF

Posts: 3806; Member since: Apr 16, 2014

Apple took a long time trying to think of some way to blame the customers -- "you are SSLing it wrong" -- but failed to come up with something that believed they would get away with. Kristin -- isn't this a normal aspect of owning Apple products? I am surprised that you are surprised, having worked there and all.

3. BCMWorld

Posts: 59; Member since: Mar 24, 2014

When you our of Apple and when you done using iOS, that's only when you will realize that the walled garden is bugs ridden nonstop

5. SuperMaoriBro

Posts: 533; Member since: Jun 23, 2012

i've read and reread post #3 and I still have no idea what you are actually trying to say. Can the people who thumbed it up please translate? cheers

7. jroc74

Posts: 6023; Member since: Dec 30, 2010

Probably thumbed up because of wall garden, bugs ridden.... I will try to decipher it tho, I think it meant: "when you get out of Apple and are done using iOS....thats when you realize the walled garden is bug ridden non stop."

10. networkdood

Posts: 6330; Member since: Mar 31, 2010

not bad!!! Or, maybe he just means when you are with it long enough you will learn that there are plenty of issues that constantly afflict the OS...

4. networkdood

Posts: 6330; Member since: Mar 31, 2010

This is kind of what Microsoft does - it knows of the security issues with its OS and purposely leaves it open - in Microsoft's case they did that for the NSA....

6. jroc74

Posts: 6023; Member since: Dec 30, 2010

"Someone tell me I’m not crazy here. Apple preaches the virtues of having the same kernel (and a bunch of other operating system goop) shared between two platforms – but then only patches those platforms one at a time, leaving the entire userbase of the other platform exposed to known security vulnerabilities for weeks at a time?" She does make a good point here.... Learn something new everyday it seems... I didnt even know that about the kernel..

9. flipjzn

Posts: 257; Member since: Jun 22, 2012

iOs for phones and OSX for computers, I don't see anything wrong if they don't release updates for both at the same time. Different people are in charge different fixes and processes. Oh well.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.