Page 1 of 2
Apple has hired a security researcher who built a name at Microsoft by helping to strengthen security around the Windows operating system.
In the new role for her Cupertino, California-based employer, Kristin Paget, formerly known as Chris Paget, is expected to net similar results for Apple's OS X operating system and related product lines.
During Paget's tenure at Microsoft, a variety of security bugs that would have further impacted the Vista operating system were identified prior to launch. The launch date was subsequently delayed until those issues could be resolved.
[Related: Apple's Oh So Brief Black Hat Appearance]
Paget joined Apple in September, according to her LinkedIn profile, where she claims the title, Core OS Security Researcher.
The hiring is a "smart move," according to Steve Weeks, president of Netcetera, a North Vancouver, British Columbia-based channel partner. "Everybody knew that as [Apple] became more popular in the business space, people would start to attack them. I think a lot more security vendors saw that coming, so they started doing things to make sure that their products were able to support Apple. I don't think Apple is less secure than they used to be, but I do think they're a lot more on the radar of people who are trying to hack and push out viruses. They've moved into a more vulnerable space by getting into the business end of things."
Given that shift, security appears to have a higher profile at Apple than has previously been the case. The company for the first time sent representatives to address last summer's Black Hat conference in Las Vegas, but their presentation was immediately followed by a notably hasty exit.
But, Paul Henry, a forensics and security expert at Lumension, suggests that Apple has a long way to go.
"Apple is trying to be an enterprise player, yet at the same time are not doing an enterprise-class job of patching things," he said. "Apple, as a company, needs to grow up."
Specifically, Henry takes issue with Apple's patch deployment, not just in terms of its own technology but also as it relates to technologies embedded into Apple's systems.
"We had an issue a few months back with three known Java vulnerabilities. But, Apple only included one of those patches in their download, so people were still exposed for quite some time. Microsoft rolled out the patches instantly, but Apple drags their feet. Apple needs to investigate what's been done by Microsoft, but Apple will never admit, or want to do, anything like Microsoft."