I came across this article "Apple security - silence then abuse: The strange case of the company that could see no wrong."(Techworld.com) surprised me to read how lax and arrogant Apple can be towards security lapses in their products.

Extract:

Anyone who covers Apple’s security problems is very quickly faced with the same frustrating pattern. A hole is discovered and then Apple either refuses to discuss the issue or it says it is “looking into the issue” and refuses to say anything else until it has properly reviewed it. The company then produces a fix in its own time and releases it along with a whole bunch of other patches, providing the bare minimum of information in the hope no one notices.

At no point does it inform its users that there is a problem, and it goes out of its way to underplay the extent of the hole in the advisories when the fix is finally produced. If a security company, frustrated at delays, goes public with the hole, Apple immediately criticises the company, and then claims the hole is not significant and it knows of no actual exploits. It does the same every time and this damage limitation is subsequently and consistently shown not to be true.

What’s crazy is that these exact same criticisms used to made of Microsoft, to the extent that the company’s security image has never recovered. But rather than go Microsoft’s more open and honest route, Apple has decided to go the ostrich route by relying on its own customers’ fierce loyalty to protect it.