Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

klasma

macrumors 604
Jun 8, 2017
7,387
20,617
A number doesn't mean much if critical vulnerabilities aren't fixed. The real metric is number of CVEs fixed.
Good point. And the legislation may actually make manufacturers liable if they don’t provide timely fixes for known vulnerabilities during the period for which they promised security updates.
 

phenste

macrumors 6502a
Sep 16, 2012
725
2,106
doesn’t seem like this’ll be much of an issue for Apple, as plenty of others have already pointed out. they fare perfectly well with security updates for older OSes & have never kept it a secret what their timeframe is for devices becoming vintage/obsolete (though I get this has more to do with software than hardware, a device attaining such status implies it will not receive major software updates, simply critical security updates as-needed).

as far as reporting on security vulnerabilities goes, it’s my understanding Apple’s done better with this in recent years as well—even if what they do with the information they’re given does leave a bit to be desired…
 

Jim Lahey

macrumors 68030
Apr 8, 2014
2,726
5,636
It's trying to sell an unpalatable bill by adding some window dressing - they don't really care about security. They only really care about encryption because it stops them reading everyone's messages.

Bingo. Stuff like this is just the pretext so that they can use legal force to drag a chair up to the table when tech firms are discussing network security. Then they start twisting arms and greasing palms.
 
  • Like
Reactions: gusmula

macduke

macrumors G5
Jun 27, 2007
13,458
20,507
I'm looking forward to having access to this information for two reasons:

  • It will help me make recommendations about older or used devices to people like my grandparents who don't care about the latest and greatest iPhone or iPad
  • It will help me plan out my longer-term purchases such as Macs as well as refurbished iPad generations for my kids
It will be great to have a concrete reference for how long devices will be supported. Can use this to calculate approximate cost per year of ownership to see if purchasing a used or refurb device is worthwhile when weighed against other tradeoffs. I welcome this change wholeheartedly! More information about a product being purchased is always better for the consumer.

However, I could see a scenario where Apple only guarantees 3 years of updates or something low like that and then "surprises and delights" with additional years of support. Classic under promise, over deliver, which would be in the spirit of this law. Although this might affect consumer choice if other brands offer longer terms. The thing is, many other companies don't offer more than a few years. Only recently did Google start offering longer software support updates for their products.
 

jlc1978

macrumors 603
Aug 14, 2009
5,843
4,808
If this applies to all companies that manufacture smart devices, I would imagine Apple is probably one of the most compliant of most manufacturers already.

Getting rid of default passwords is a good idea. Far too many people don't realize devices beyond phones and maybe a WiFi router have default passords, let alone change them. Some of my devices come with a sticker with a unique default password on it, so unless I lose the device I can always reset it to default.
 

Reverend Benny

macrumors 65816
Apr 28, 2017
1,171
924
Europe
Not just security updates, but also browser and connected-services updates, because you’re unlikely to be able to browse the internet very well with a ten-year-old browser.
True, but as long as an OS is supported most developers will continue to develop software for it. Apple wouldn't let some other browser steal market share and would prob continue to release Safari if that would be the case.
 

Reverend Benny

macrumors 65816
Apr 28, 2017
1,171
924
Europe

wanha

macrumors 68000
Oct 30, 2020
1,841
5,122
No wonder Apple is surviving without any sanctions because of the quality of your government. /s Just kidding. I don't know which government is yours. But the point is that Apple is no saint, it uses your data exactly like Google for ads.

Does it, though?

Does Apple sell that data to third parties?
 

Surf Monkey

Suspended
Oct 3, 2010
6,249
5,384
Portland, OR
When things like this are going on and Apple has no official comment about it, can you blame regulators for becoming increasingly concerned about Apple’s commitment to security??

 
  • Like
Reactions: arkitect

coolfactor

macrumors 604
Jul 29, 2002
7,457
10,379
Vancouver, BC
Yup, I trust Apple, a greedy corporation, with my data so that it can use it for its ad platform. I do not like my government to access the data to solve crimes of national importance.


There is a stark contrast between Google's advertising and Apple's.

Google is selling YOU! Apple is selling ads based on anonymous data.

In that article you linked, there's this...

Google is working with advertisers on providing cookie alternatives.

What cookie alternatives? Oh ya... users "signed into" Chrome. Google gets your data. Google was even busted collecting Incognito data!
 

gsurf123

macrumors 6502a
Jun 1, 2017
508
898
All this concern for privacy and security when the very governments issuing these requirements are themselves keen to collect data on their own citizens and want backdoor entry points to mobile operating systems.
The UK is a country that wants encryption backdoors, which nullifies the point of encryption.
 

jlc1978

macrumors 603
Aug 14, 2009
5,843
4,808
Here's the perfect example of government stupidity: First require Apple to allow sideloading of apps. Then, threatent Apple with fines if they don't improve cybersecurity!

This somewhat bolsters Apple's argument for sandboxing sideloaded apps in the name of cyber security.

Nothing makes me feel smarter than knowing my elected leaders are idiots.

And yet we keep reelecting them.

Yes, sir. We provide seven years of security updates. (If our brand exists.)

Laws are for law-abiding entities.

Yea, fly by night companies will simply change their name and keep selling the same junk.
 

Fuzzball84

macrumors 68030
Apr 19, 2015
2,553
5,934
I left my front door open

my wallet is on the coffee table

my passport is in the bedroom side table

my cars key fob is hanging in the hallway

and I left the back door open... not by design or intention, I just forgot to close it

but I use strong and secure passwords, and everything that hasn't been taken is updated to the latest version as per government requirements.
 

MNGR

Contributor
Sep 17, 2019
338
450
Yeah this in particular shouldn't be controversial or hard for Apple to comply. The security that needs to be stepped up is all round encryption against everyone that is not the account user, including, or especially, governments. But of course the EU and other governments are not going to legislate against themselves.
And what about the 3rd party App stores in the EU (I know this is the UK). And weren't the the ones demanding a backdoor into the system?
 

Mousse

macrumors 68040
Apr 7, 2008
3,644
7,075
Flea Bottom, King's Landing
The law specifically targets the inadequacies in current security measures by mandating three major changes: the elimination of default passwords, a clear protocol for reporting security vulnerabilities, and detailed consumer information on the length of product support and software updates.
That last mandate is worthless. Replace it with have a built in firewall mandate and we're golden. All these laws for network security and not a single one address the most glaring flaw. If the criminal doesn't have free access to your device, they have a harder time accessing your data.

I've been banging on the table this one issue for years. No one seems to care for firewalls on their always connected device.😒 It's like walking in the rain without an umbrella and expecting not to get wet. The most basic of network protection and you have to root and sideload to get have some modicum of security.😫
 
  • Like
Reactions: gusmula
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.