Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more


Apple has taken the unusual step of sharing a copy of its Mac OS X Lion operating system with external security researchers, some of whom have published vulnerabilities with past Mac software.

That’s pretty progressive thinking for Apple, which has previously kept mum about cooperating with security researchers, also known as hackers, who have from time to time caused the company embarrassment by breaking the security of its systems and then telling the world about it. In this case, the company is seeking feedback from the hackers in advance so that it can patch any holes in the security of the operating system before it is released. If it’s true, that’s a big step because it means that Apple is willing to trust the hackers with its code.

“I wanted to let you know that I’ve requested that you be invited to the pre-release seed of Mac OS X Lion, and you should receive an invitation soon,” said a letter sent by Apple to an unknown number of security researchers. “As you have reported Mac OS X security issues in the past, I thought that you might be interested in taking a look at this. It contains several improvements in the area of security countermeasures.”

Dino Dai Zovi
(pictured on left) and several other researchers tweeted about being invited to try out Lion. Charlie Miller (pictured on right), another security researcher, told Cnet that Apple has never reached out to security researchers in this way. If the researchers sign a non-disclosure agreement with Apple, they won’t be able to talk about what they find until the product is released. That muzzles any criticism until Apple has time to fix any flaws.

“At least security crosses their mind now,” Miller said.

Both Dai Zovi and Miller are authors of the book The Mac Hacker’s Handbook and have become famous over the years for breaking the security on Apple’s products.

You know that Apple wasn’t happy about that book. But it is very common for big companies to hire people like Miller and Dai Zovi to undertake “penetration testing,” where the company sanctions them to break the company’s security so that it can be improved. The Linux operating system is constantly improved through the open-source process. But Apple has operated more as a closed company when it comes to security matters. Apple could afford to put security as a lower priority for many years because hackers always went after Windows instead. But now that Apple’s products are more popular, it is becoming a target.

VentureBeat

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more
Become a member