This is an article I’ve been thinking about for a long time. Sure, we security folks seem to love to bash Apple, but I thought it would be interesting to take a more constructive approach.

From the TidBITS article:

With the impending release of the next versions of both Mac OS X and the iPhone operating system, it seems a good time to evaluate how Apple could improve their security program. Rather than focusing on narrow issues of specific vulnerabilities or incidents, or offering mere criticism, I humbly present a few suggestions on how Apple can become a leader in consumer computing security over the long haul.

The short version of the suggestions are:

  • Appoint and empower a CSO
  • Adopt a secure software development program
  • Establish a security response team
  • Manage vulnerabilities in included third party software
  • Complete the implementation of anti-exploitation technologies