Friday, May 18, 2012

Apple: Viruses, Bugs And A Shrinking Reputation

They might be the biggest company in the world, but a raft of problems with new products are in danger of spoling the near-flawless reputation Apple has built for itself
With a mini iPad and a large screen, ‘liquid metal’ iPhone out this year, one could easily conclude that Apple – now the world’s largest company – is unstoppable.  But chinks in Apple’s armour are starting to appear and Apple’s customers are getting upset.  Their reputation for innovative design is unmatched but, like Microsoft in the nineties, Apple is now releasing software with bugs in it, hardware that’s faulty and customer service that leaves a lot to be desired.
I bought a new iPhone 4S recently worth £600 (Apple sells the most expensive smartphones) and immediately noticed signal issues.  Sure enough, when I walked around with an older iPhone on the same network side by side,  the signal bars on my new phone were lagging behind.  I was pretty shocked it didn’t work perfectly straight out of the box – given the furore over Apple’s previous iPhone 4 antennae issues and given that the newer phone uniquely actually has twin antennae.
Without a software update just a few days old, the iPhone 4S always favours a 3G signal, even in areas where that signal is sparse (its US centric virtual assistant, Siri, needs 3G to operate).   That’s seven months after the phone was released.   Before that, it was even worse.   For the first five months users were much more likely to get ‘No Service‘ as they couldn’t switch off 3G at all.   Even the Vodafone guy who sold it to me admitted after I returned to the shop, “The iPhone’s great – just not great as a phone.”
That’s not the only reason the iPhone 4S doesn’t always work straight out of the box.  To the consternation of most international travellers who buy local sims and swap them into different phones, Apple decided to introduce the ‘micro-sim’ in its iPhone 4 and 4S.  Unfortunately, the world’s mobile companies haven’t kept pace.  Sims come in 128k, 64k, 32k varieties and global telecom networks are not all using the same system.  iPhone customers with China Mobile are still waiting for a software patch to make their sim cards compatible with the iPhone 4S.  And China Mobile is the world’s largest telecoms company with 650 million subscribers.
Even the Vodafone guy who sold it to me admitted after I returned to the shop, “The iPhone’s great – just not great as a phone.”
China Mobile is too big for Apple to ignore though it has ignored plenty of customers in other countries. In fact, remaining silent is becoming a very common complaint about Apple.
Customers who have recently bought the new iPad are complaining that the device overheats, that the the battery status is not accurate and, most significantly of all, that it continually loses Wifi connectivity.  The Apple internet forums are jammed with complaints – and these forums tend to be where customers find out what’s really going on with Apple products.
Sometimes Apple’s silence can really have a devastated effect.  In April, 600,000 Macs were infected with the Flashback virus, designed to steal their bank passwords. I have a Mac and I get plenty of emails from Apple about their products.  But Apple support advised me not to get anti-virus protection as ‘Macs don’t get viruses’.  Why weren’t all Mac users emailed about this one?  In fact, Apple’s slow response to the virus has angered many IT professionals and almost certainly exacerbated global infection rates, leaving large swathes of users more vulnerable than they should have been.  Expect some lawsuits soon (on top of that just brought by the US government for ebook price fixing).
All this makes the minor bugs look… well, minor.  But when you experience them, it’s very frustrating.  iOS 5 for the iPhone came with a bug affecting battery life (after a long history of iPhone battery issues).  After the latest iPad software update, many users – myself included – had trouble retrieving IMAP emails.  After much internet searching I found that if I manually exit and restart the iPad Mail app it will work again for a while – hardly a great solution.   I have always used my Macbook Pro in clamshell mode (i.e. closed) when plugged into an external monitor.  The latest update prevents it.  And these bugs are not getting fixed or responded to.  Users generally have to wait months for new software updates in the hope that if enough people jam the message boards and forums with complaints, Apple will release the fix.
in a world where reputation is all,  you ignore customers at your peril.
This is all especially bad because Apple built its reputation not just on fine design but also on great customer service, stuff that just works straight out of the box and elegant, bug-free software.  That is no longer the case and in a world where reputation is all,  you ignore customers at your peril.
Finally, what of Apple’s flagship service – the iCloud?  Apple’s vision is a world where all your data, music, film, work etc is no longer on any physical machine.  It’s all stored in the iCloud – accessible as and when you need it – on any device.  Soon that is going to get critical mass and Apple is predicting a post PC world.  But what’s going to happen when something goes wrong.. when the unthinkable happens?  What happens when a virus gets into the iCloud and shuts it down?  If Apple’s flagship service sinks in a titanic global data earthquake, their much vaunted and vital customer loyalty would vanish.  This colossus of a company might well go down for good.

Monday, May 14, 2012

Kaspersky exec calls Mac OS "really vulnerable"

The Macintosh is an impenetrable fortress of malware-free computing, right? In recent years, we’ve certainly seen that image eroded a bit, thanks to a number of nasty outbreaks. And if you listen to Nikolay Grebennikov, the CTO of security software maker Kasperksy, things have the potential to be much worse. The executive told British site Computing that the company was invited to improve Cupertino’s security, only to discover that, “Mac OS is really vulnerable.” Grebennikov also had some rather unfortunate news for all the iPad and iPhone owners out there, telling the site, “Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS.

Monday, May 7, 2012

Apple's OS X Lion Update Has Exposed Encrypted Passwords for Three Months

Last Friday, a security researcher warned Mac users of a programming oversight in Mac OSX 10.7 Lion, that exposed encrypted passwords.

According to an email from David Emery, owner of DIE Consulting in Massachusetts, Apple accidentally left a debug option on in FileVault, OSX’s legacy encryption software.

As a result, the login password of a user who had logged in since the update in early February, was saved in plain text in a log file outside the encrypted area. In other words, anyone with administrator access to your computer—which could be anyone if you never log out of your account—can read the file containing the password, and log into the encrypted part of your disk.

The vulnerability affects FileVault users who upgraded from Snow Leopard (OSX 10.6) to Lion 10.7.3, but did not migrate to FileVault 2, the full-disk encryption software that came with Lion. According to Sophos, it does not appear to affect systems that started with Lion and upgraded to OSX 10.7.3.

"This is worse than it seems, since the log in question can also be read by booting the machine into firewire disk mode and reading it by opening the drive as a disk or by booting the new-with-LION recovery partition and using the available superuser shell to mount the main file system partition and read the file," Emery wrote.

Emery also noted that affected users who’ve also been backing up their data with Time Machine are essentially storing their unencrypted passwords over and over again.

Lion users should immediately activate FileVault 2, which can be found in the Security & Privacy setting in System Preferences. Click the FileVault tab to enable.

And hopefully, after a unacceptable delay in patching a Java vulnerability left hundreds of thousands of OS X users infected with Flashback last month, Apple will patch this three-month-old vuln sooner rather than later.

In late April, Flashback authors tweaked the Trojan's code slightly to elude Apple's legacy anti-malware tool, XProtect. Many security researchers have criticized XProtect for offering insufficient protection, as it relies on exact fingerprints of the malware and can be bypassed with a slight change to malicious code. XProtect was originally released last May as part of Snow Leopard OS X 10.6, in response to weeks of media coverage over another enduring piece of Mac malware called MacDefender.