July 25, 2012
Apple Executive To Present At Black Hat Conference
Michael Harper for redOrbit.com — Your Universe Online
For all the positive aspects of Apple and their products, there are many people who have multiple complaints about the company and the way they handle certain issues, particularly when it comes to matters of security.Though their “walled garden” approach aims to keep most harmful elements of internet computing out of their systems, there are some who clearly see gaping holes and have become frustrated with Apple´s response to these issues. So, when Apple´s platform security manager takes the stage at this year´s Black Hat conference in Las Vegas to discuss “iOS Security,” Apple will likely be walking into the lion´s den (pardon the pun) to discuss all matters of mobile security on their iPads, iPhones and iPod Touch devices.
Hackers and security specialists alike have been gathering in Las Vegas for the past 15 years to discuss all matters concerning security and privacy. In those 15 years, Apple has been notably absent from the proceedings, much to the chagrin of many who wish the Cupertino company would not only admit their weaknesses, but take action to address them.
Therefore, Apple is seen to be turning over a new leaf as they send Dallas De Atley to give a presentation concerning the security of their iOS platform, marking the first time any Apple executive has ever officially taken the stage at Black Hat.
As Apple continues to grow, their vulnerabilities have become all the more apparent as hackers have discovered ways to break into the tightly built iPhone and Mac, finding ways to jailbreak or compromise the integrity of the platform.
Most recently, a Russian hacker was able to sneak a dirty app containing malware past Apple´s app approval process. Once installed on an iPhone, Find and Call took contacts from a user´s Address Book and began sending them spammy messages with the user´s phone number, marking the first time malware had ever made its way into the Apple App Store.
Earlier this year, Apple faced some serious scrutiny when it was announced that more than 600,000 Macs had been infected with the backdoor.flashback malware, enlisting them in a giant botnet. Of those 600,000 Macs, 274 were located in Apple´s own headquarters at 1 Infinite Loop.
According to Ars Technica, security researcher Charlie Miller revealed a major vulnerability in iOS last year which allowed applications to execute code to writeable areas of the internal memory, a common way hackers can break into an otherwise secure system.
In August 2010, a hacker known as Comex discovered a PDF flaw in mobile Safari which allowed users to jailbreak their phones by simply visiting a website. To add insult to injury, users only needed to use Apple´s familiar “Swipe to Unlock” gesture to completely remove Apple´s security features. Once this flaw had been revealed and thousands began jailbreaking their devices, pranksters began visiting Apple stores and jailbreaking demo iPads and iPhones. This got Apple to respond pretty quickly, first blocking the site in their stores, then addressing the security flaw in a new version of iOS. Apple later brought Comex on-board through an internship.
Trey Ford, general manager at Black Hat told Bloomberg that members of Apple´s team have quietly attended the conference before, but have never officially spoken for the company.
“Bottom line – no one at Apple speaks without marketing approval,” said Ford in an email to Bloomberg.
“Apple will be at Black Hat 2012, and marketing is on board.”
Apple hasn´t completely forgotten their old tricks, however. Though they have announced that De Atley will be presenting at the conference, they´ve yet to announce any specifics about what he will discuss. When asked, an Apple spokesperson, as they often do, declined to comment.