Hacker News new | past | comments | ask | show | jobs | submit login

> Apple controls the entire stack

Control doesn't guarantee security, it just assesses accountability. Also, control doesn't mean Apple writes all the software. They outside code like everyone else.




It reduces trust … in a good way. Whenever a machine says “well if just have to trust this other component”, security is reduced.

Apple rarely has to “just trust” a part of its stack.


But they don’t have to. If anyone had the resources to hire top tier software engineers to write or audit everything in house it would be Apple. That they don’t do it is almost… greedy and shows a lack of foresight imo.


> If anyone had the resources to hire top tier software engineers to write or audit everything in house it would be Apple. That they don’t do it is almost… greedy and shows a lack of foresight imo.

Maybe it shows that even Apple doesn't have the resources to do it, and therefore nobody does.


Not only that, but there is more going on than just auditing. If Apple spent the time necessary to constantly do deep security dives, and spent the money on top talent to do it, it still wouldn't get done because it is constantly a moving target unless they froze all new development. Otherwise they have done a complete walk through of Mac OS 12.1, but 12.3 is released and they have n't even started on a full walk through of 12.2. These are time intensive tasks, meanwhile customers and shareholders are still wanting the latest, greatest, and shiniest.

Then at the end of the day, customers are still installing 3rd party applications, so does apple have to walk all of their code too?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: