In the past, despite being a Mac fan, I’ve been pretty critical of how Apple handles a lot of security. While I still don’t agree with how they handle everything, I’ve noticed a massive change in the past 2 years. With Lion, Apple for the first time invited certain security researchers to evaluate pre-release software (albeit under NDA) without forcing them to pay for a Developer Program subscription. With Mountain Lion they pre-briefed an outside security type for the first time ever. They have hired a bunch of very smart and experienced security experts.With Sony, we have all seen what can happen if you take security lightly. Apple seems to be aware that they are now a mass-market company.
I believe Apple recognizes they aren’t the kid in the corner hanging out with all the artsy types any more. They know that the bottom line will be affected if users no longer feel safe on their products. So they are taking security much more seriously.
But this is still Apple. The culture of secrecy is definitely intact, and don’t expect them to talk about vulnerabilities and exploits like Microsoft. Apple talks when Apple wants to, and they will patch and update on their own schedule, based on their own priorities. They have hardened the platform, and now we need to watch and see how they respond to future security incidents.