Apple Acquired Firmware Security Company LegbaCore Last November

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Feb 2, 2016.

  1. MacRumors
    Expand Collapse
    macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    [​IMG]
    Apple acquired firmware security company LegbaCore in November 2015, according to security researcher Trammell Hudson, who revealed the acquisition in his presentation at the 32C3 conference in December. LegbaCore's goal, according to founder Xeno Kovah, is "to help build systems that are as secure as we know how to make."

    In November, Kovah and fellow LegbaCore founder Corey Kallenberg revealed that they had joined Apple as full-time employees. Just a couple days before that, LegbaCore's website announced that it would "not be accepting any new customer engagements", noting that the website would remain up "to serve as a reference for LegbaCore's past work."

    LegbaCore had collaborated with Hudson on Thunderstrike 2, the first firmware worm to affect Mac computers. The malware is impossible to remove, resistant to both firmware and software updates. LegbaCore and Hudson had alerted Apple to Thunderstrike 2's vulnerabilities and Apple began work on fixes, issuing one in June 2015.

    On Twitter, Kovah said that Apple began discussions with LegbaCore after the consultancy's presentation in summer 2015. It soon became clear to Kovah and Kallenberg that Apple had "some *very* interesting and highly impactful work" that the two could participate in. They were eventually convinced to wind down LegbaCore's existing contracts and begin work at Apple.

    While LegbaCore is a security consultancy firm that doesn't own any specific technology, it's likely Apple will use Kovah and Kallenberg's talent and knowledge to help improve firmware and software security in future iterations of Apple's various hardware and software products. LegbaCore's work includes research on Thunderstrike 2, "dead code" for BIOS attacks and more.

    (Thanks, Jost!)

    Article Link: Apple Acquired Firmware Security Company LegbaCore Last November
     
  2. sp3k0psv3t
    Expand Collapse
    macrumors regular

    sp3k0psv3t

    Joined:
    Jun 3, 2013
    Location:
    Miami, FL
  3. neilw
    Expand Collapse
    macrumors regular

    Joined:
    Aug 4, 2003
    Location:
    New Jersey
    #3
    You know where firmware security would be *really* critical?

    A car.

    Just sayin'.

    Of course it matters everywhere else too...
     
  4. VanillaCracker, Feb 2, 2016
    Last edited: Feb 2, 2016

    VanillaCracker
    Expand Collapse
    macrumors 68000

    VanillaCracker

    Joined:
    Apr 11, 2013
    Location:
    Washington D.C.
    #4
    With that image it makes them look like they're a conglomerate for some jailbreaking organization. I Like it.
     
  5. Sasparilla
    Expand Collapse
    macrumors 6502

    Joined:
    Jul 6, 2012
    #5
    This rocks. If there is one thing Apple can do to distance itself from the competition (Google and Microsoft where your the product or your the product and shared with the NSA) its going all in on giving users privacy and security.

    Apple will need an extended focus on this (the security / privacy environment will only get worse) so this is a good sign upper management really gets it. Go Apple - this is how you make sure I get a Mac next time I'm replacing a PC.
     
  6. jdillings
    Expand Collapse
    macrumors 6502a

    Joined:
    Jun 21, 2015
    #6
    1. Create exploit
    2. Publicize exploit
    3. ???
    4. Profit
     
  7. Devie
    Expand Collapse
    macrumors 6502a

    Joined:
    Aug 30, 2004
    Location:
    Adelaide, Australia
    #7
    The exploit already exists, they just find it and take advantage of it. Then they let Apple know. Then they tell Apple we will tell you how for a fee. Then profit
    if they do nothing they release the exploit. Then no profit.
     
  8. dotnet
    Expand Collapse
    macrumors 6502a

    dotnet

    Joined:
    Apr 10, 2015
    Location:
    Sydney, Australia
  9. Yod4
    Expand Collapse
    macrumors newbie

    Yod4

    Joined:
    Sep 12, 2014
    #9
    "The malware is impossible to remove, resistant to both firmware and software updates"
    How can a bug be resistant to firmware updates?
     
  10. pat500000
    Expand Collapse
    macrumors 68030

    pat500000

    Joined:
    Jun 3, 2015
  11. jgelin
    Expand Collapse
    macrumors 6502

    jgelin

    Joined:
    Jul 30, 2015
    Location:
    St Petersburg, FL
    #11
    Could be to make apple pay more secure, also could be used in a car as mentioned above.
     
  12. VanillaCracker
    Expand Collapse
    macrumors 68000

    VanillaCracker

    Joined:
    Apr 11, 2013
    Location:
    Washington D.C.
    #12
    Plus now they have to worry about the government trying to backdoor their ass for the next few decades. No pun intended.
     
  13. wozmatic
    Expand Collapse
    macrumors regular

    wozmatic

    Joined:
    Apr 30, 2014
    #13
    Hoping they will help secure those new macbook pros.....
     
  14. pat500000
    Expand Collapse
    macrumors 68030

    pat500000

    Joined:
    Jun 3, 2015
    #14
    I thought they stated it was secured? Unless they want to make it more secured.lol.
     
  15. sudo1996
    Expand Collapse
    macrumors 6502a

    sudo1996

    Joined:
    Aug 21, 2015
    Location:
    Berkeley, CA, USA
    #15
    I'd like to see better sandboxing in OS X.
     
  16. duffman9000
    Expand Collapse
    macrumors 65816

    Joined:
    Sep 7, 2003
    Location:
    Costa Mesa
    #16
    Could it be that the current running firmware may help download the new firmware? The compromised firmware can choose to not update itself.

    I've come to expect the worse. Every peripheral needs a digital condom. In lieu of a digital rubber for your internet connection, just blacklist 99% of the sites and hope the remaining 1% aren't compromised. If your computer still gets infected nuke your Mac from orbit. It's the only way to be sure the firmware exploits will die.
     
  17. 69Mustang
    Expand Collapse
    macrumors 68030

    69Mustang

    Joined:
    Jan 7, 2014
    Location:
    In between a rock and a hard place
    #17
    Definitely agree. With more and more cars adding customer facing technology, it will be critical to have that firmware locked down tightly. Cars are already being hacked. The more tech added, the more vectors available to attack. IF Apple makes a car, I think close integration with iOS is a safe bet since it's their most used and familiar OS. I can imagine JB'ers champing at the bit to be the first to JB that mythical unicorn that is the Apple car.
     
  18. duffman9000
    Expand Collapse
    macrumors 65816

    Joined:
    Sep 7, 2003
    Location:
    Costa Mesa
    #18
    Gatekeeper is a joke. It has been defeated using simple hacks. Microsoft would have been skewered for such a pathetic attempt at security.
     
  19. Bubba Satori
    Expand Collapse
    Suspended

    Bubba Satori

    Joined:
    Feb 15, 2008
    Location:
    B'ham
  20. jonnysods
    Expand Collapse
    macrumors 68040

    jonnysods

    Joined:
    Sep 20, 2006
    Location:
    There & Back Again
    #20
    Killer news, more security the better. Good stuff!
     
  21. C DM
    Expand Collapse
    macrumors Penryn

    Joined:
    Oct 17, 2011
    #21
    Most things can be improved in one way or another.
     
  22. MarkusL
    Expand Collapse
    macrumors 6502

    Joined:
    Jun 1, 2014
    #22
    No, I think it means Apple is now being run by the Free Masons.
     
  23. MrNomNoms
    Expand Collapse
    macrumors 65816

    MrNomNoms

    Joined:
    Jan 25, 2011
    #23
    Will be interesting to see what happens particularly how many large enterprises are now deploying Mac's into their work place under BYOD policies. It'll be interesting to see how this impacts the Mac UEFI security as well as Apple taking it further when it comes to the whole jail break community but then again mind you there is the ability to side load applications by compiling them from the source so for many technology enthusiasts there really isn't a need to jail break.
     
  24. justperry
    Expand Collapse
    macrumors 604

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #24

    The standard Firmware is vulnerable to attacks but it can still be updated, if the malware installs custom Firmware which blocks updating then that's a whole different story.
     
  25. AppleMark
    Expand Collapse
    macrumors 6502a

    AppleMark

    Joined:
    Jun 17, 2009
    Location:
    The CCTV Capital of the World
    #25
    The best way to catch thief has always been to hire one to help you do it.
     

Share This Page