Skip Navigation
June 14, 2010, 0 Comments

A Response to AT&T’s Letter Regarding the iPad Security Leak

From the guys who discovered the issue:

AT&T had plenty of time to inform the public before our disclosure. It was not done. Post-patch, disclosure should be immediate– within the hour. Days afterward is not acceptable. It is theoretically possible that in the span of a day (particularly after a hole was closed) that a criminal organization might decide to use an old dataset to exploit users before the users could be enlightened about the vulnerability.

Even in this disclosure, which I feel they would not have made if we hadn’t publicized this vulnerability, AT&T is being dishonest about the potential for harm.

I’m pretty sure I was impacted by this list the first time around, and it’s clear that AT&T doesn’t have a clue what they’re doing when it comes to the web, especially when it concerns security.

Visit this Link

By the way, since you've made it to the bottom:

  • You should subscribe to my RSS feed here.
  • You should follow me on Twitter here.
Avatar of M. Jackson Wilkinson

I'm M. Jackson Wilkinson, a technologist, designer, speaker, educator, and writer in San Francisco. I'm the CEO and Founder of WeSprout, which is coming soon. I'm from Philadelphia, went to Bowdoin College in Maine, root for the Phillies, and love to sing.

Comments

There are no comments.

Add a comment


Real names, svp.


Required, but I won't use it for anything, promise.


It'll get checked to make sure it's legit, but it's optional.


Don't be mean, don't be a tool, and make a contribution. Use markdown.