Apple Fails to Impress Hackers at Black Hat Conference

Earlier this week, we told you that Apple was to appear at Black Hat for the first time in company history. And while Apple security representative Dallas De Atley did speak about iOS security at the hacking conference in Las Vegas yesterday, hackers weren’t very impressed with what they heard, especially since most of the information was simply rehashed from already released Apple documents.

But when hackers and security suits filed out an hour later, most looked bored and deflated. Mr. De Atley had basically done the equivalent of reading aloud a white paper, timed to a PowerPoint deck, before escaping out a side door without answering any questions. Steve Jobs he is not.

Apple has been placing an emphasis on security in the last several months as its OS X and iOS platforms are becoming increasingly targeted with malicious attacks. Earlier this year, over 600,000 Macs fell victim to the Flashback malware that took advantage of a Java vulnerability in OS X. A year prior, Mac Defender malware that was masqueraded as anti-virus software also plagued several Mac users.

“Our attitude is: security is architecture. It has to be built in from the very beginning,” Mr. De Atley said. “In building the iPhone, Apple took a bare-bones approach and sought to use the minimum number of components. Apple purposefully decided not to ship the phone with a shell, or support remote log-in access. There’s an entire set of attack vectors we don’t have to fundamentally worry about on iOS.”

Atley noted during his presentation that Apple aims to make software updates as easy as possible, adding that 80 percent of users are running the latest version of iOS. On the contrary, at a separate Black Hat presentation on Wednesday, smartphone hacker Charlie Miller claimed that over 90 percent of Android users are not yet running the latest version of that platform.

[New York Times]

Post a response / What do you think?