So Apple really doesn't have a security problem?

I see that Bill Ray of the Register has also picked up on the iPad jailbreaking issue I blogged on yesterday.  (No, I don't suppose he read it there.)

Interestingly, though, he talks much less about the security implications than about the slow take-up of  newspaper subscriptions among early adopters.

Andy Greenberg, on the other hand, has blogged an item at Forbes.com that suggests that Apple's  "we don't have security issues" stance has persuaded even the TSA (Transportation Security Administration) that this also applies to the iPad's potential for terrorist activity. Charlene Li (@charleneli) discovered that she doesn't need to put her iPad into a separate tray at airport security because it isn't a laptop, since it "Doesn't have a CPU or hard drive." (Oh really???)

[Update: to clarify, Li was quoting here, as her tweets make clear: I presume she does know that her shiny new iPad has a CPU and a flash drive...]

Greenberg says:

The TSA seems to draw a fairly fuzzy line between what does and doesn't qualify as a computer capable of hiding a bomb. Li says a Kindle doesn't count, but a netbook does, and so does an XBOX. "The iPad is basically a big phone," says Li. "You don't have to show your smart phone, right?"

Please don't tell the TSA how mobile devices work. I really don't want to have to put each of my cellphones, MP3 player etc into a separate tray next time I fly, adding even more time and inconvenience to the journey.

I can't wait to see what Bruce Schneier has to say about this particular slice of Security Theatre. Curtain up!

David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter:
http://twitter.com/esetresearch; http://twitter.com/ESETblog
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:
http://amtso.wordpress.org/
http://avien.net/blog
http://blogs.securiteam.com
http://blog.isc2.org/
http://macvirus.com/
http://chainmailcheck.wordpress.org
http://smallbluegreenblog.wordpress.com/