PDA

View Full Version : Apple to Present at Black Hat Security Conference for First Time




MacRumors
Jul 24, 2012, 09:35 AM
http://images.macrumors.com/im/macrumorsthreadlogo.gif (http://www.macrumors.com/2012/07/24/apple-to-present-at-black-hat-security-conference-for-first-time/)


Bloomberg reports (http://go.bloomberg.com/tech-blog/2012-07-24-apple-warms-up-to-hackers-plans-presentation-at-black-hat/) that Apple is taking an interesting step into security research publicity, agreeing to present (http://www.blackhat.com/html/bh-us-12/bh-us-12-briefings.html#DeAtley) at this week's Black Hat conference in Las Vegas for the first time in the conference's 15-year history.While many major technology vendors have overcome their reluctance to making a public showing at the conference, Apple, now the world's most valuable company, has had no problem snubbing a community whose aim is to unearth its vulnerabilities.

That will change Thursday when Dallas De Atley, manager of Apple's platform security team, is scheduled to give a presentation on key security technologies within iOS, the operating system for iPhones and iPads.http://images.macrumors.com/article-new/2012/07/black_hat_usa_2012_logo.jpg


The report notes that Apple's security researchers have attended the conference in past years, but the company has kept a low profile with its presence. Apple researchers were reportedly scheduled to give a panel presentation back in 2008, but the session was canceled once Apple's marketing team learned of the plans."Bottom line -- no one at Apple speaks without marketing approval," [Black Hat general manager Trey] Ford wrote in an e-mail. "Apple will be at Black Hat 2012, and marketing is on board."The annual Black Hat conference has been a popular venue for security researchers to release their findings on vulnerabilities in OS X, iOS and other platforms. Apple has sometimes moved very quickly to patch holes disclosed at the conference, such as in 2009 when Apple released iPhone OS 3.0.1 (http://www.macrumors.com/2009/07/31/apple-releases-iphone-os-3-0-1-to-address-sms-security-vulnerability/) to address an SMS security vulnerability revealed at the conference just one day earlier (http://www.macrumors.com/2009/07/30/iphone-sms-security-vulnerability-to-be-disclosed-today/), although the researchers had previously been in contact with Apple about the issue.

Article Link: Apple to Present at Black Hat Security Conference for First Time (http://www.macrumors.com/2012/07/24/apple-to-present-at-black-hat-security-conference-for-first-time/)



lifeinhd
Jul 24, 2012, 09:41 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

Mattie Num Nums
Jul 24, 2012, 09:42 AM
So this is more for marketing then?

KnightWRX
Jul 24, 2012, 09:45 AM
Perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

They've always pretty much known the security level of OS X. How they chose to spin this in their marketing material as no bearing on their level of knowledge of the actual system.

DisMyMac
Jul 24, 2012, 09:49 AM
BH = intelligence shills for the military-industrial complex. Watch Apple turn into the world's biggest defense contractor...

Mattie Num Nums
Jul 24, 2012, 09:53 AM
BH = intelligence shills for the military-industrial complex. Watch Apple turn into the world's biggest defense contractor...

No company that operates without a Roadmap is going to be a defense contractor.

Kaibelf
Jul 24, 2012, 10:02 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

Frankly, they are pretty timely with their updates and do a good job addressing problems quickly. I would rather have them working on fixes than stroking a bunch of whiners who cry about "transparency" all the time. Their focus SHOULD be on the products at all times, not making you feel fuzzy with a series of empty "we apologize for the inconvenience" statements.

dru`
Jul 24, 2012, 10:05 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

In your enthusiasm to attack Apple, did you miss that the presentation is on iOS, not OS X? Yes, yes you did.

Kaibelf
Jul 24, 2012, 10:05 AM
No company that operates without a Roadmap is going to be a defense contractor.

They have a roadmap, haven't you seen?

http://3.bp.blogspot.com/_db3qCLhj99E/TGi1t-ZV36I/AAAAAAAAA-g/Kdp9lVJPKI0/s1600/ntb2.jpg

rhett7660
Jul 24, 2012, 10:05 AM
No company that operates without a Roadmap is going to be a defense contractor.

I am sure they operate on a pretty good road map, just not a public one or one they are going to share with a client.

lifeinhd
Jul 24, 2012, 10:11 AM
Frankly, they are pretty timely with their updates and do a good job addressing problems quickly. I would rather have them working on fixes than stroking a bunch of whiners who cry about "transparency" all the time. Their focus SHOULD be on the products at all times, not making you feel fuzzy with a series of empty "we apologize for the inconvenience" statements.

That's not the problem. They have been known to just stay silent in the past and take their time putting out fixes, or not actually address problems at all, which is unacceptable esp. when it comes to security.

Besides, do you really think having a spokesperson say "a fix will be out in x days" somehow affects the ability of an engineer to address problems quickly? :rolleyes:

----------

In your enthusiasm to attack Apple, did you miss that the presentation is on iOS, not OS X? Yes, yes you did.

Yes, the presentation is about iOS. But in your enthusiasm to flame me, did you miss...

The annual Black Hat conference has been a popular venue for security researchers to release their findings on vulnerabilities in OS X, iOS and other platforms.

And if they're going to be present, others can use the opportunity to alert them to security issues irregardless of platform.

samcraig
Jul 24, 2012, 10:11 AM
The move is definitely marketing/pr. Given the past year of hoopla (whether you agree with it or not) around iOS and OSX and various security issues - it's a chance for Apple to "clear the air" and talk about all the amazing things they are doing which is revolutionary and how no other company is going to such extremes to make sure the OS and data is "safe."

chrmjenkins
Jul 24, 2012, 10:13 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

As they advertised. Apple doesn't employ dummies. They've known they weren't bulletproof.

Sixtafoua
Jul 24, 2012, 10:15 AM
Yes, because upgrading my own hard drive is a hostile... aim is to unearth its vulnerabilities.

This whole thing is ridiculous.

RalfTheDog
Jul 24, 2012, 10:20 AM
Dear Apple,

Black Hat can be a fun party. Please remember, not everything can be cured with antibiotics.

commander.data
Jul 24, 2012, 10:21 AM
I can sometimes understand Apple being slow to patch vulnerabilities, particularly if it's low risk or isn't being actively exploited, if it's because they want to fully investigate the vulnerability and the impact of the fix before pushing it to customers. However, while they are working to fix things, they shouldn't be denying that there is a vulnerability. They should acknowledge it and provide mitigation steps (like disable x or avoid y, etc.) until the fix is out. That would go a long way toward assuring everyone, consumers and security professionals, that Apple is on top of security.

RalfTheDog
Jul 24, 2012, 10:24 AM
I can sometimes understand Apple being slow to patch vulnerabilities, particularly if it's low risk or isn't being actively exploited, if it's because they want to fully investigate the vulnerability and the impact of the fix before pushing it to customers. However, while they are working to fix things, they shouldn't be denying that there is a vulnerability. They should acknowledge it and provide mitigation steps (like disable x or avoid y, etc.) until the fix is out. That would go a long way toward assuring everyone, consumers and security professionals, that Apple is on top of security.

Hey hackers, Free exploit here, get it while it is hot!

lifeinhd
Jul 24, 2012, 10:32 AM
Hey hackers, Free exploit here, get it while it is hot!

OS X/iOS exploits always go public anyways, so what's your point?

Mattie Num Nums
Jul 24, 2012, 10:34 AM
I am sure they operate on a pretty good road map, just not a public one or one they are going to share with a client.

Exactly my point. Not giving a client a roadmap makes planning and budgeting difficult. Another issue is Apple's constant changes without notice. Large companies and Defense contractors don't like things like that.

RalfTheDog
Jul 24, 2012, 10:40 AM
OS X/iOS exploits always go public anyways, so what's your point?

OS X/iOS exploits THAT YOU KNOW ABOUT, always go public anyways.

How many exploit fixes are quietly bundled into updates? Even if the exploit is eventually found, it would be borderline criminal for Apple to put it to the public, one day before it is published. Even if it is known by a small number of black hats, publicizing it will increase the number of people trying to exploit it.

Never publicly announce an unknown exploit for any company, unless, it is your goal to destroy them and their users.

deannnnn
Jul 24, 2012, 10:44 AM
Awesome! Acknowledging your own problems is the best way to fix them. Glad to see Tim Cook understands that.

Stridder44
Jul 24, 2012, 10:58 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:


Crap like this is the reason we need a down-vote button.

Anyway, this is good to hear. Marketing or not, it's good to see Apple step up its game in this area

gnasher729
Jul 24, 2012, 11:10 AM
I can sometimes understand Apple being slow to patch vulnerabilities, particularly if it's low risk or isn't being actively exploited, if it's because they want to fully investigate the vulnerability and the impact of the fix before pushing it to customers. However, while they are working to fix things, they shouldn't be denying that there is a vulnerability. They should acknowledge it and provide mitigation steps (like disable x or avoid y, etc.) until the fix is out. That would go a long way toward assuring everyone, consumers and security professionals, that Apple is on top of security.

How many percent of all users would read this information? Very low.
How many percent of malicious hackers would read this information? Close to 100%.

Assuring people may give them a warm and fuzzy feeling, but assuring them this way actually makes them a lot less secure.

blackburn
Jul 24, 2012, 11:19 AM
How many percent of all users would read this information? Very low.
How many percent of malicious hackers would read this information? Close to 100%.

Assuring people may give them a warm and fuzzy feeling, but assuring them this way actually makes them a lot less secure.

Security through obscurity? Very bad idea. Hackers don't give a rats ass if you go to black hat or not. Most people don't even patch their systems properly so yeah you do have a point, bit still there are underground networks of hackers that already are very well informed, this only invites script kiddies to try and do the same.

gotluck
Jul 24, 2012, 11:20 AM
BH = intelligence shills for the military-industrial complex. Watch Apple turn into the world's biggest defense contractor...

Apple has made it quite clear that they cater to consumers with a one size fits all philosophy. Good luck getting defense contractors on board - go read posts about the Mac Pro on here to get a vibe on how prosumers are feeling now (neglected).

Wokis
Jul 24, 2012, 11:23 AM
Ah. They just want hackers to present various jailbreak exploits, pay them and then patch them. Well, that's what I think.

hobo.hopkins
Jul 24, 2012, 11:28 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

Despite it being on iOS (which I presume you read), have you at all seen Mountain Lion? Gatekeeper isn't enough to assuage your ire? Jesus Christ; I can't imagine anything much more secure.

Andronicus
Jul 24, 2012, 11:40 AM
Why does marketing get the final say, weird, right?

Thunderhawks
Jul 24, 2012, 11:42 AM
Maybe we'll finally see some timely security updates and a little transparency? Or perhaps they're finally recognizing that OS X isn't as secure as they thought :rolleyes:

As the genius that you are, you know that when a vulnerability appears that the first thing is to NOT tell everybody that it exists and cause panic.

We have the media for that and to blow things out of proportion.

Then one needs to analyze what the issue is , discuss measures to fix it and try these out.

Once everything checks out security updates get published.

As for transparency, do you want to be notified personally what they are doing? Or, advertise it, so the virus and malware people get an idea how to circumvent it sooner?

It is not exactly deep thinking to assume that Apple doesn't care about security issues, risking it's business and won't fix them as fast as they can.

Never had one security issue on any of my multiple Macs with any Apple OS since 1984!

commander.data
Jul 24, 2012, 11:47 AM
Hey hackers, Free exploit here, get it while it is hot!
How many percent of all users would read this information? Very low.
How many percent of malicious hackers would read this information? Close to 100%.

Assuring people may give them a warm and fuzzy feeling, but assuring them this way actually makes them a lot less secure.
True. Although I was thinking more about the vulnerabilities that have already been publicly disclosed such as those revealed in security/hacker conferences/competitions, those documented and already patched on other platforms, or those starting to proliferate. Apple in the past has been slow to acknowledge those vulnerabilities even though information about them is already in the wild. Here timely acknowledgement and information on mitigation steps would be useful until a patch can be released. Obviously those vulnerabilities that Apple finds internally or are directly/privately reported to them by third-parties don't need to be disclosed to the public until a patch is ready or unless it's being actively exploited.

Thunderhawks
Jul 24, 2012, 11:58 AM
Apple in the past has been slow to acknowledge those vulnerabilities even though information about them is already in the wild.

Who decides what slow is? And, who decides that these issues need to be acknowledged?

Quite the opposite should happen. Quietly fix one hole after another , which they are and have been doing.

A hacker spends whatever time to create a virus or malware and Apple or for that matter any manufacturer of any OS is supposed to pull an immediate antidote out of their hats?

Probably 99% of all consumers don't ever hear about this and will just install the updates when they appear on the screen.

And, that only because they want that window to disappear, not because they are worried about hackers.

Slivortal
Jul 24, 2012, 12:03 PM
Security through obscurity? Very bad idea. Hackers don't give a rats ass if you go to black hat or not. Most people don't even patch their systems properly so yeah you do have a point, bit still there are underground networks of hackers that already are very well informed, this only invites script kiddies to try and do the same.

This. Security through obscurity is regarded as a terrible idea in computer science. Trying to hide exploits only serves to weaken the community, and promotes bad security protocols. If this is honestly Apple's version of security, they deserve to be laughed out of black hat.

Exploits should be promptly and publicly noted, and patches should be made. Honestly, the only people who security through obscurity helps are the big corporations (until they lose big time when their plans are exposed).

If there's an exploit out there that Apple finds, you can be pretty sure that out of the much more populous (and arguably more experienced) hackers out there (of all hats) will find it in relatively quick fashion (if not before).

Mattie Num Nums
Jul 24, 2012, 12:09 PM
As the genius that you are, you know that when a vulnerability appears that the first thing is to NOT tell everybody that it exists and cause panic.

Actually these days things get fixed faster when they are reported to the mass media. IE, Apple would have never fixed that JAVA issue had it not been turned into a $h!t storm.

Thunderhawks
Jul 24, 2012, 12:26 PM
Actually these days things get fixed faster when they are reported to the mass media. IE, Apple would have never fixed that JAVA issue had it not been turned into a $h!t storm.

Don't agree about never. As I wrote before bad business to not fix ANY security issue asap.

That is for all manufacturers, not just Apple.

commander.data
Jul 24, 2012, 12:35 PM
Who decides what slow is? And, who decides that these issues need to be acknowledged?
In the case of the recent Java exploit, when they take months to patch a vulnerability that has already been patched on other platforms, such that hackers are able to take advantage of it widely, do you really consider that a fast response? When it's already being exploited in the wild, was not acknowledging the problem until the fix is ready the right course of action?

Yes, if the first you hear of a vulnerability is the day it starts spreading in the wild there's a limit to how fast you can respond and put out a fix. However, if you've known about a vulnerability for weeks/months and take so long to patch it that despite the weeks/months of lead-time, it's being actively exploited before you put out a fix, I think that is slow.

JustMartin
Jul 24, 2012, 12:40 PM
I am sure they operate on a pretty good road map, just not a public one or one they are going to share with a client.

I'm sure they'll share it with a client as well, as long as that client is big enough and prepared to sign a Non Disclosure in blood.

rhett7660
Jul 24, 2012, 12:53 PM
I'm sure they'll share it with a client as well, as long as that client is big enough and prepared to sign a Non Disclosure in blood.

Ha... you are correct. Most big contracts who work with the DOD will no disclose unless there is some clearance and documents signed.

LethalWolfe
Jul 24, 2012, 01:04 PM
Why does marketing get the final say, weird, right?
I don't think so. Marketing is basically responsible for the 'voice' of the company, any company not just Apple, so anytime you have a person speaking publicly on behalf of the company (such as on a panel discussion) marketing/PR will be involved to make sure the person speaking knows the boundaries of what they can say.

I've worked with a number of interviews with engineers or developers from big gaming or tech companies and 99/100 there is a marketing/PR person off camera making sure the person being interviewed doesn't say anything they shouldn't.

Mattie Num Nums
Jul 24, 2012, 01:08 PM
Don't agree about never. As I wrote before bad business to not fix ANY security issue asap.

That is for all manufacturers, not just Apple.

Apple ignores these things until its made a big deal.

Examples:
JAVA
"You're holding it wrong"
Tracking on iPhone

etc. etc. etc.

Slivortal
Jul 24, 2012, 01:12 PM
Why does marketing get the final say, weird, right?

Marketing is Apple's lifeblood. Most of its success has come from excellently done marketing campaigns, as well as being able to portray their computers' features to their customers (for most people, CPU, RAM, and SSD are all part of a foreign language).

As much as I hate marketing, it's how Apple sells as much product as they do. From their customer service to their "simple" feel, Apple can easily be seen as one of the best examples of good marketing. :apple:

santaliqueur
Jul 24, 2012, 01:18 PM
No company that operates without a Roadmap is going to be a defense contractor.

What you mean to say is public roadmap.

If you actually believe Apple operates without any sort of roadmap, I have a bridge to sell you.

aristotle
Jul 24, 2012, 02:09 PM
No company that operates without a Roadmap is going to be a defense contractor.
Apple does have a roadmap. They simply do not publish it to the general public and it is not completely static/rigid.

Roadmaps are bull poop anyway and only serve to give warm and fuzzy feelings to some corporate types.

If you have a publicly published roadmap then you are constrained in your ability to be innovative or you give your competition advanced notice of your future product lines.

Microsoft has a "roadmap" and it constrains them from taking risks for innovation.

If Apple was a defense contractor, they could publish it to their defense clients in a vague enough way as to limit damage if it were ever leaked accidentally by their clients.

gotluck
Jul 24, 2012, 02:12 PM
Microsoft has a "roadmap" and it constrains them from taking risks for innovation.


Yet they have endless corporate and professional clients.

gianpan
Jul 24, 2012, 02:32 PM
exactly why would the DOD choose apple for their needs?
What is it that a customized linux or unix based solution can't give them?
Flexibility? Reliability? High performance? Low cost?
And what about all the software they have already developed for other platforms they have to take the extra effort and cost to port them to OS X?

Not sure if I understood correctly what some of you are suggesting so I may be wrong. But I can't see a standard OS X installation run in places like the DOD, it has nothing to offer.


Despite it being on iOS (which I presume you read), have you at all seen Mountain Lion? Gatekeeper isn't enough to assuage your ire? Jesus Christ; I can't imagine anything much more secure.

Well still doesn't solve an exploit issue but it will protect stupid users from doing stupid things.
I disagree with the "anything much more secure" part :P

Slivortal
Jul 24, 2012, 02:53 PM
exactly why would the DOD choose apple for their needs?
What is it that a customized linux or unix based solution can't give them?
Flexibility? Reliability? High performance? Low cost?
And what about all the software they have already developed for other platforms they have to take the extra effort and cost to port them to OS X?

Not sure if I understood correctly what some of you are suggesting so I may be wrong. But I can't see a standard OS X installation run in places like the DOD, it has nothing to offer.




Well still doesn't solve an exploit issue but it will protect stupid users from doing stupid things.
I disagree with the "anything much more secure" part :P

This. I'd honestly hope that the DOD would take their time in creating a Linux or Unix system from the ground up to prevent all possible security bugs, rather than relying on a corporation to do it for them.

Mattie Num Nums
Jul 24, 2012, 02:59 PM
Apple does have a roadmap. They simply do not publish it to the general public and it is not completely static/rigid.

Roadmaps are bull poop anyway and only serve to give warm and fuzzy feelings to some corporate types.

If you have a publicly published roadmap then you are constrained in your ability to be innovative or you give your competition advanced notice of your future product lines.

Microsoft has a "roadmap" and it constrains them from taking risks for innovation.

If Apple was a defense contractor, they could publish it to their defense clients in a vague enough way as to limit damage if it were ever leaked accidentally by their clients.

Bull. Apple doesn't publish anything no matter what. We buy millions of dollars in Apple equipment every quarter and we've asked and they have actually given us "bogus" roadmaps. When we were launching JAMF Casper Apple told us not to, instead to use the Golden Triangle and to buy hundreds of thousands of dollars in xserves. Thank god we waited a month because the xserve was axed a month after that BS preso they gave us.

aristotle
Jul 24, 2012, 03:00 PM
Yet they have endless corporate and professional clients.
I'm trying to parse what you said has anything to do with what I said. I was talking about how roadmaps constrain the ability of a company to quickly adjust course and innovate to match changing market conditions. I also mentioned that roadmaps only exist to placate corporate types with their list of checkboxes to mark off and really give not actual specific details on the future products other than telling you that there will be new ones but at the same time, they prevent a company from being able to quickly pivot around the competition as they are expected to deliver on all of the products mentioned in the roadmap.

What exactly did you contribute to the conversation?

I was not disputing that they are entrenched on the corporate desktop but they have missed the boat on tablets and phones.

Pilgrim1099
Jul 24, 2012, 03:22 PM
BH = intelligence shills for the military-industrial complex. Watch Apple turn into the world's biggest defense contractor...

That would not happen because for one thing, the military-industrial complex don't f--k around.

The minute the military gives Apple a contract, they demand accountability and transparency. Apple cannot afford to act like a coy little girls playing games. They have to run like clockwork and be 100% with the military upfront.

The second they f--k with the military, they get dropped.

rhett7660
Jul 24, 2012, 03:27 PM
That would not happen because for one thing, the military-industrial complex don't f--k around.

The minute the military gives Apple a contract, they demand accountability and transparency. Apple cannot afford to act like a coy little girls playing games. They have to run like clockwork and be 100% with the military upfront.

The second they f--k with the military, they get dropped.

Yes because this happens will all the big military companies. Ha. Yeah Ok.

gotluck
Jul 24, 2012, 04:13 PM
I'm trying to parse what you said has anything to do with what I said. I was talking about how roadmaps constrain the ability of a company to quickly adjust course and innovate to match changing market conditions. I also mentioned that roadmaps only exist to placate corporate types with their list of checkboxes to mark off and really give not actual specific details on the future products other than telling you that there will be new ones but at the same time, they prevent a company from being able to quickly pivot around the competition as they are expected to deliver on all of the products mentioned in the roadmap.

What exactly did you contribute to the conversation?

I was not disputing that they are entrenched on the corporate desktop but they have missed the boat on tablets and phones.

The point was that a roadmap is necessary for Corporate and Professional entities to commit to an OS / Tech on any substantial basis.

You gave me the impression that a roadmap is a negative. "Quickly pivoting around the competition" also leads to dropping support for relatively new computers (ie. ML drops support for certain C2D's (my C2D is still just fine on W7 & W8 - even for AAA game titles). Apple is a consumer company, their neglect concerning the mac pro is more than enough evidence.

They drop support for their products at the drop of a hat and in some cases without warning.

aristotle
Jul 24, 2012, 04:44 PM
The point was that a roadmap is necessary for Corporate and Professional entities to commit to an OS / Tech on any substantial basis.

You gave me the impression that a roadmap is a negative. "Quickly pivoting around the competition" also leads to dropping support for relatively new computers (ie. ML drops support for certain C2D's (my C2D is still just fine on W7 & W8 - even for AAA game titles). Apple is a consumer company, their neglect concerning the mac pro is more than enough evidence.

They drop support for their products at the drop of a hat and in some cases without warning.
*Sigh*
WinFS was on the roadmap since the days of Cairo and yet MSFT did not deliver it with Win NT 4.0 or Windows 2000 or Windows XP or Windows Vista.

Despite all of the dropped features MSFT had promised, corporate buyers still bought MSFT.

DisMyMac
Jul 24, 2012, 04:48 PM
Yes because this happens will all the big military companies. Ha. Yeah Ok.

Don't know how big contractors work except for the jobs-and-politics nonsense, but I know of smaller companies forced into commie/fascist production. Even the FDA (or CDC?) can seize biotech facilities in a national emergency such as a flu outbreak.

I'm not worried about Apple as much as the spy-boys in media and cyber security (eg. Black Hatters or Anonymous) generating stories like Kony and even social engineering. Their powers are great and potentially threatening.

jcpb
Jul 24, 2012, 04:50 PM
Won't stop any Apple device from getting "owned" within 24 hours of PWN2OWN.

rhett7660
Jul 24, 2012, 04:52 PM
Won't stop any Apple device from getting "owned" within 24 hours of PWN2OWN.

You mean 24 seconds...... or was it 25? :D

gotluck
Jul 24, 2012, 05:50 PM
*Sigh*
WinFS was on the roadmap since the days of Cairo and yet MSFT did not deliver it with Win NT 4.0 or Windows 2000 or Windows XP or Windows Vista.

Despite all of the dropped features MSFT had promised, corporate buyers still bought MSFT.

Still better than no roadmap at all and eol (well eol as far as osx is concerned) products after 5 years.
*sigh*

satcomer
Jul 24, 2012, 05:58 PM
That would not happen because for one thing, the military-industrial complex don't f--k around.

The minute the military gives Apple a contract, they demand accountability and transparency. Apple cannot afford to act like a coy little girls playing games. They have to run like clockwork and be 100% with the military upfront.

The second they f--k with the military, they get dropped.

Um they are already reading your email dude (http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml) :)

I have seen rows and rows of Mac Pros in server racks at a site that will never see the light of day (in the people's republic of Maryland no less) etc. Apple is already a DOD supplier and has been for a good number of years by places that read your email.

SurferPup
Jul 24, 2012, 08:31 PM
I love this website and read it daily however one complaint is the constant misuse of the word 'an'. "... Apple released iPhone OS 3.0.1 to address an SMS security vulnerability ..." There is never 'an' before a word that starts with a consonant plus it sounds wrong.

aristotle
Jul 24, 2012, 10:26 PM
Um they are already reading your email dude (http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml) :)

I have seen rows and rows of Mac Pros in server racks at a site that will never see the light of day (in the people's republic of Maryland no less) etc. Apple is already a DOD supplier and has been for a good number of years by places that read your email.
Wow, you are brave. I have always been careful to never reveal anything specific that could possibly tie me to a specific employer or sector while trying to warn people about the surveillance culture already in place when some people start asking for NFC and other "cashless" payments. Unfortunately, my warnings have fallen on deaf ears.

I was told a while ago by a colleague that they had a dream that I had come to work covered in soot after having survived a car bomb encounter on my way to work. I did not know what to make of that but I thought that maybe it was a sign that I should watch what I say for a while.

shaunp
Jul 25, 2012, 03:11 AM
Firstly this is about IOS, not OS X, but it shows that Apple are starting to take security more seriously. This is also one way Apple can give something back into the community too as they don't do open source.

Bezetos
Jul 25, 2012, 07:01 AM
Apple is learning alas slowly.

Pilgrim1099
Jul 25, 2012, 09:27 AM
Um they are already reading your email dude (http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml) :)

I have seen rows and rows of Mac Pros in server racks at a site that will never see the light of day (in the people's republic of Maryland no less) etc. Apple is already a DOD supplier and has been for a good number of years by places that read your email.

Of course, I'm aware they're capable of it. Project Echelon, that is. So it's not surprising to me if Apple is one of the many other companies that supply the goods to the government/military sector.

My point is that Apple likes to get 'coy' with the consumer market, but when it comes to working as a contractor for the government, they can't play games. I think there is a difference here.

twoodcc
Jul 25, 2012, 07:21 PM
i'm interested to learn what apple presents

aaronchow
Jul 27, 2012, 07:59 PM
I was there. I thought it was an interesting talk because I am not an expert in this field. But my co-workers hated the speech because they said that the presenter re-read a white paper, which was released 2 months ago. So if you've already read that white paper before, you wouldn't learn anything new. And the presenter just sneaked off the stage without any Q&A session, which all of the other presenters offered. So, it seems that most of the insiders found the speech pointless and boring.