Apple Hires Former Security Director of One Laptop Per Child

[MacRumors]

In a blog post, Ivan Krstić, former director of security architecture at One Laptop per Child (OLPC), has revealed that he has taken an unspecified position related to core security at Apple. Krstić is well-known among security experts, having been named the second most influential person in security by eWeek in 2008.

As Krstić notes on his personal web site, his expertise and passion lie in making computer security easy for users:

I enjoy breaking computers. I enjoy making computers hard to break even more. Unfortunately, most people are really bad at the latter. At OLPC, I had put a lot of work into designing Bitfrost, which is a system for securing computers that's trying to be both hard to break and easy to use.

Bitfrost is a security specification that "sandboxes" applications into their own virtual operating systems, preventing viruses or other programs from damaging the operating system or accessing files. Given the focus of OLPC on children, Bitfrost is designed to be almost invisible to the end user.

We have set out to create a system that is both drastically more secure and provides drastically more usable security than any mainstream system currently on the market. One result of the dedication to usability is that there is only one protection provided by the Bitfrost platform that requires user response, and even then, it's a simple 'yes or no' question understandable even by young children. The remainder of the security is provided behind the scenes.

Bitfrost is meant to improve upon the 35-year-old UNIX permission system which persists today in Mac OS X, but Bitfrost requires that individual applications be "Bitfrost-aware", meaning that the security specification is unlikely to easily transition to mainstream operating systems. Krstić's work on Bitfrost, however, demonstrates his focus on novel security approaches that are easy to use.

Article Link: Apple Hires Former Security Director of One Laptop Per Child

 

[Consultant]

Cool. Even more security for osx when it's already much more secure than windows:

Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows
http://i.gizmodo.com/5101337/giz-explains-why-os-x-shrugs-off-viruses-better-than-windows

 

[Roller]

Any movement toward improving security in OS X is welcomed.

 

[Small White Car]

Cool. Even more security for osx when it's already much more secure than windows:

Let's start this thread off with the correct terms so everyone knows:

Windows is more secure.
OS X is safer.

Users care more about safety, so Apple's on the right side of that equation. But let's keep our comments accurate, otherwise it gets very confusing.

More here:
http://daringfireball.net/linked/2009/05/13/security-safety

 

[NinjaHERO]

Even with all their success on protecting us from virus's and spyware, they still bring in someone to make it better. Gotta love that in a company. Nice move apple. Now release an updated Macbook already. I'm ready to buy.

 

[Shiner]

Let's start this thread off with the correct terms so everyone knows:

Windows is more secure.
OS X is safer.

Users care more about safety, so Apple's on the right side of that equation. But let's keep our comments accurate, otherwise it gets very confusing.

More here:
http://daringfireball.net/linked/2009/05/13/security-safety

Thanks for starting the thread with some good info. I am worried this post will still get out of hand.

 

[Sambo110]

Any more security is good security! Make Mac OS X even harder to make viruses for, I would hate for there to be viruses for the Mac.

 

[talkingfuture]

Looks like a positive step for the future. Hopefully it will make OSX both safer and securer!

 

[HailToTheVictor]

If you are safer aren't you more secure, or if you are more secure aren't you safer?

 

[Consultant]

Wow, that's a lot of security for something that's almost free.
http://wiki.laptop.org/go/OLPC_Bitfrost

 

[mackensteff]

If you are safer aren't you more secure, or if you are more secure aren't you safer?

On island, no one around safe, but not secure

In a bank vault, nuclear bomb goes off, secure but not safe

In a lead lined fridge, safe and secure

 

[puuukeey]

sell your stock. bunch of high profile hirings = jobs is jumping ship

 

[Santabean2000]

If you are safer aren't you more secure, or if you are more secure aren't you safer?

Just want a virus free computer experience please. If this move from Apple helps, then I'm all for it!

 

[jtgotsjets]

This guy sounds like a perfect fit for Apple.

ETA:

Let's start this thread off with the correct terms so everyone knows:

Windows is more secure.
OS X is safer.

Users care more about safety, so Apple's on the right side of that equation. But let's keep our comments accurate, otherwise it gets very confusing.

More here:
http://daringfireball.net/linked/2009/05/13/security-safety

That website explains the difference between security and safety, but I am finding no reason to believe what it's saying—it's essentially an opinion piece.
Who are these nebulous experts he speaks of?

 

[instaxgirl]

Hm I thought the Gizmodo article made it sound like OS X was more secure than Windows . . .

Ah well, I don't want to get into this. Anything that allows me to keep moseying around the web with nary a care in the world is all good

 

[VanMac]

Sounds like a great addition to the team.

 

[Stampyhead]

As long as I don't have to answer the question 'Cancel or Allow?' I'll be happy with whatever new security measures Apple decides to implement.

 

[MacBoobsPro]

Weird. I'm no expert when it comes to security but I thought to myself the other day wouldn't having apps in their own little 'space' make them extremely secure?

I must be brainier than I thought.

 

[mousouchop]

Sounds like a very good addition to the team. I would love to have Macs be the safest and most secure systems out there.

I also made an internal comment when I first saw the title:
"Oh, trying to make a cheaper Macbook?"
Then I realized that that would not make sense, haha, and on I read.

 

[whooleytoo]

Sounds interesting! Must learn a little more about BitFrost, to see if it provides any protection against Trojans (more dangerous than viruses/worms, IMO).

I've never subscribed to the notion that "only dumb users get trojans, so they're on their own". The OS needs to provide secure and private 'boxes' that can't be readily accessed by all apps, where private documents can be stored.

 

[Spades]

Bitfrost, or something like it, is long overdue. The first consumer OS to implement this level of isolation is going to get massive positive publicity. And yes, this would go a long way towards stopping trojans.

Trojan: "Gimme your address book!"
OS: "Address book? What address book?"
Mail.app: "Address book, please."
OS: "Here you go."

It won't stop brute force methods of propagation.

Edit: Wow. Bitfrost can control just about all possible I/O. It could stop trojans and bot nets completely.

 

[Stephen123]

Let's start this thread off with the correct terms so everyone knows:

Windows is more secure.
OS X is safer.

Users care more about safety, so Apple's on the right side of that equation. But let's keep our comments accurate, otherwise it gets very confusing.

More here:
http://daringfireball.net/linked/2009/05/13/security-safety

By making a valid distinction between security and safety this article attempts to trick people into taking it's assertions about Mac and Windows as factual.

 

[ChrisA]

More here:
http://daringfireball.net/linked/2009/05/13/security-safety

The above is just "fluff" with zero content. They don't even talk about one technical security feature or offer any data to back claims. And yes I means literally "not one" and "none". It is all strictly opinion without even an attempt at justifying the opinion presented.

 

[gnasher729]

If you are safer aren't you more secure, or if you are more secure aren't you safer?

Imagine wearing a t-shirt at your local church meeting, or wearing a bullet-proof vest in Iraq. With the bullet-proof vest you are more secure; but you are still more likely to die, so the guy in the t-shirt is actually safer.

 

[adbe]

By making a valid distinction between security and safety this article attempts to trick people into taking it's assertions about Mac and Windows as factual.

Would you care to detail why they are not?