You're urging it wrong.
"Doering urges Apple to open a bug bounty program to help close its information security vulnerabilities."
Nice idea - now wait for Apple to reinvent it & charge a fee for joining the iBug hunt.
The chief hacker behind the infamous iCloud celebrity hacks has revealed in a documentary how the group dubbed RipSec shook Hollywood by plundering thousands of naked photos and financial data of Tinsel Town icons. The hacker broke silence and spoke to Canadian tech and producer Travis Doering who provides information security …
...but ultimately this is about our sisters, our cousins, the people you have a drink with, that woman who puts in a few hours to serve food and drink at the sports club, the guy who always has a set of jumper leads to start your car.
In every other aspect of their life, when they lock something they know what level of security they've chosen. Big padlock, little three-wheel combination lock, 5-lever mortice, whatever; by-and-large, they have a gut feel for the risk level.
And when something is locked in the safe in the house, that's where it bloody stays.
That's largely the image they have with their phones as well. How do you explain that the stuff locked in their safe in their house isn't actually there, but is spirited off to a distant warehouse on the busiest street they can imagine. A warehouse where maybe the fire exit is left permanently open, or that a window has been forced and no-one noticed for months?
Something has to change.
I wish I could upvote this more than once. We, in IT, have become rather cynical and guarded about this sort of stuff. It doesn't matter if it's smartphones or PC's, we've seen it all or just about have. The average user.. no they haven't. I still hear from people who got a virus from a spoofed email and don't understand why their friend would send them a virus. Or why, they got caught by a nasty from a drive-by or malvertising
Even people who should know better get nailed by phishing emails.. as the number of companies paying fake invoices is showing.
They do have an expectation that the internet is secure. That governments aren't spying on them. That stuff they put onto the cloud or in their devices is not seen or accessed by anyone else.
If the government agencie charged with "policing and protection", if the AV programs all did what they say they do, we might not have these isues. Sadly we can't change the way people think and work. There's always those who look for the easy money... be they malware thugs or even advertisers.
The world lacks trust and ethics and that's something that will damn hard to change.