LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

What lessons can be learned from the iPhone worms?

What lessons can be learned from the iPhone worms?

Posted Nov 12, 2009 22:03 UTC (Thu) by NAR (subscriber, #1313)
In reply to: What lessons can be learned from the iPhone worms? by dariush
Parent article: What lessons can be learned from the iPhone worms?

I'd guess that Apple has some kind of security checklist containing stuff like "are network services listening on only the necessary interfaces?", "are passwords stored encrypted?" or "is there a patch process documented in case a security vulnerability is found?". I'd also guess that every product they ship has to be checked for this checklist. I'd also guess this checklist would contain "are there any default passwords on the system?".

If they don't have such checklist or it doesn't contain "are there any default passwords on the system?" or they don't care - that doesn't look well for their other products. I don't think it would be that complicated to not have a root password, so it wouldn't be possible to login at all as root.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds