**Developer Dismay: Apple’s Disregard for Reported Security Flaw**
In the realm of tech giants, Apple’s apparent sluggishness in responding to bug reports is not a new narrative. However, stories about the company’s lack of urgency towards security issues that seem to slip through its radar garner particular attention. One recent account comes from the developer behind the email backup application, Mail Archiver, shedding light on this concerning trend.
The developer shared her experience in a blog post, detailing a security oversight she stumbled upon and promptly reported to Apple. In September of the previous year, she discovered that her app retained access to a user’s Mail directory even after the user supposedly revoked its Full Disk Access permissions. This scenario unfolded amidst the transition from macOS Ventura to the latest macOS Sonoma, elevating the concern to a critical security issue. Users naturally expect that withdrawing an app’s permission would block its access to their data.
However, when this anomaly was brought to Apple’s attention, their reaction was bewildering. Various developers could replicate the issue across multiple applications, suggesting a systemic problem. Despite this, Apple concluded that there was no security issue to be seen and subsequently closed the bug report. This response followed an already hesitant engagement with the developer, who was asked to provide an extensive array of proof, including videos, code snippets, and screenshots, just to substantiate her claim.
This incident is peculiar, not only for its specific technical details but for the broader implications regarding Apple’s commitment to user security. When personal user data is at stake, one would expect a technological leader like Apple to approach such reports with utmost seriousness. The inaccurate representation of App permissions, as reflected in the system settings due to this oversight, misleads users about the security of their personal data.
This reluctance or oversight on Apple’s part to acknowledge and address security flaws not only leaves users potentially vulnerable but also raises questions about the company’s priorities and its approach towards the developer community. It suggests a need for greater transparency and urgency in handling security-related feedback, ensuring that user trust remains intact and that their data remains secure.
source: https://www.ifun.de/entwickler-frust-apple-will-gemeldetes-sicherheitsproblem-nicht-sehen-227917/
