By John Gruber
WorkOS: APIs to ship SSO, SCIM, FGA, and User Management in minutes. Check out their launch week.
Matthew Panzarino, writing for TechCrunch:
The question I’ve been asking myself over the months since the SSL vulnerability debacle has been ‘why?’ Why is a company who is generally very well-rounded operationally, and like it or not, produces extremely well-liked and complex devices so bad at communicating about security?
The answer I’ve come up with, and this is just a personal theory, is that Apple thinks about security communications in the same way that it thinks about product communications. In other words, it plays its cards incredibly close to the chest at all times by default. These tactics have served it well in the consumer products arena, creating a frenzy of attention around the releases of new devices and services. And that’s great; I don’t mind a little mystery around products as a consumer, even though my job as a reporter is to figure out what Apple could do next and decide whether that’s important enough to talk about publicly.
But in security, this kind of ivory tower comms strategy is a losing game, especially as smartphones become an increasingly information-rich repository of our personal lives.
Good piece, and I largely agree. Apple’s messaging on security- and privacy- related issues ought to come across as honest and straightforward, but instead it often comes across as evasive.
★ Wednesday, 3 September 2014