Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Hires Former Security Director of One Laptop Per Child
- Thread starter MacRumors
- Start date
- Sort by reaction score
I'm on my iPhone so I can't look up all this stuff for you now, but look around. His opinion matches up with many other things I've read online that do explain what they're talking about. I'm sure you can find some.
Does anybody else find this funny?
This is how Apple can implement/should have implemented background apps on the iPhone.
I like this Bitfrost system. Please implement it, Apple.
Woohoo... a security guy with an "If it ain't broke, you haven't played hard enough with it" mentality. I wonder how long developers will take to make their apps Bitfrost-aware? I've got my eye on YOU, Adobe.
If you really were that brainy, you'd already have known how brainy you were..
It isn't the easiest thing to do, but it is important. The difficulty is in finding the right balance. There are support/configuration files that several apps need to read/access. My media (songs/photos/videos), several apps need to access. But my private documents, I'd want to limit access, so they can't easily be read/overwritten/deleted by any rogue app.
The one thing I'd love to see: a security manager in OSX. Where you can view every (non-Apple) executable on your machine, and turn internet access on or off, the ability to access your camera, or play sounds etc. You could also view every URL every app has tried to access etc.
Will be interesting to see what he brings to the OS.
I love this quote from the "about me" part of his blog.
"I'm a big believer in open source, which is an ancient African phrase meaning "no, I will not fix your Windows computer for you."
"I'm a big believer in open source, which is an ancient African phrase meaning "no, I will not fix your Windows computer for you."
Mousse said:
I could not agree more.
I love this quote from the "about me" part of his blog.
"I'm a big believer in open source, which is an ancient African phrase meaning "no, I will not fix your Windows computer for you."
HAH! That needs to be on a shirt, I would definitely buy one.
Ads
You know, last night, as I was chuckling thru the new Mac spots, It occurred to me: If Apple is going to keep going down this "PCs have virus/trojan/malware" road it is really going to have to start backing it up hard core. Looks like they are working on it.
You know, last night, as I was chuckling thru the new Mac spots, It occurred to me: If Apple is going to keep going down this "PCs have virus/trojan/malware" road it is really going to have to start backing it up hard core. Looks like they are working on it.
I guess we know one big change that will be in Mac 10.7.
It's good to get a guy like this on things, and to see Apple isn't being as lax about security as their commercials make them seem. I do hope the OS, in general, keeps the Unix core. I find it very useful as a developer.
It's good to get a guy like this on things, and to see Apple isn't being as lax about security as their commercials make them seem. I do hope the OS, in general, keeps the Unix core. I find it very useful as a developer.
I agree COMPLETELY. Apple can't seem to do anything wrong but just get stronger, and better. Me too....Apple, pull finger and release the MBP with Quad Core (and Snow Leopard while you're at it) ASAP as I'm NEVER spending another cent on PC and wanting my first Mac to be one that will be "current" for at least a good few years.
Whatever security Apple can integrate into the OS itself will be used by all applications. But to get an application itself to be Bitfrost-Apple v 2.0 aware, it might have to go through some sort of certification process, and non-compliant apps run through a programming environment that is BF-2 centric.
Rocketman
Rocketman
This would be amazing!
It would be truly amazing if applications had zero access to the file system unless access through a specified OS API.
The browser never needs access to files except isolated in it's own cache directory or if you're saving a file. Saving a file would go through the OS API which would inturn leave you in control of overwriting files or saving files in bizarre places.
Things like Microsoft Word or Photoshop can do the same thing. The only thing they need access to is opening files and saving files when a user says to save it.
The only time a majority of the applications require read/write access to the entire filesystem is at installation.
Adding this extra level of security would be amazing. This would still leave installations the only vulnerable area, which ironically, this is where Mac OSX viruses/trojans are sneaking in through pirated versions of software.
http://rodstech.blogspot.com/2009/01/mac-trojan-beware-of-pirate-ilife-09.html
But this would be truly amazing.
It would be truly amazing if applications had zero access to the file system unless access through a specified OS API.
The browser never needs access to files except isolated in it's own cache directory or if you're saving a file. Saving a file would go through the OS API which would inturn leave you in control of overwriting files or saving files in bizarre places.
Things like Microsoft Word or Photoshop can do the same thing. The only thing they need access to is opening files and saving files when a user says to save it.
The only time a majority of the applications require read/write access to the entire filesystem is at installation.
Adding this extra level of security would be amazing. This would still leave installations the only vulnerable area, which ironically, this is where Mac OSX viruses/trojans are sneaking in through pirated versions of software.
http://rodstech.blogspot.com/2009/01/mac-trojan-beware-of-pirate-ilife-09.html
But this would be truly amazing.
Hummm... When I'm hired for a job for a lot of money, it's to do something based on my prior history. If you're being hired to a burger joint or customer service, it's based on your current ability or knowledge, not prior history.
GREAT Addition to Apple
Ivan is a great addition to Apple. Not just because he's a security expert, but because he is the type of creative, self-actualizing technologist any company would treasure. Nicholas sure screwed the pooch pissing guys like Ivan off at OLPC -- But we Apple users benefit (however, I would actually prefer a talent like Ivan had stayed at OLPC if that org would have stayed true to its objective and Wintel had not F*CKED the world over by being so damn paranoid).
Ivan is a great addition to Apple. Not just because he's a security expert, but because he is the type of creative, self-actualizing technologist any company would treasure. Nicholas sure screwed the pooch pissing guys like Ivan off at OLPC -- But we Apple users benefit (however, I would actually prefer a talent like Ivan had stayed at OLPC if that org would have stayed true to its objective and Wintel had not F*CKED the world over by being so damn paranoid).
Isn't what Activity Monitor does?
Isn't what Little Snitch does? Although, this one is non-Apple...
This really made me LOL - The phrase Intellectual Masturbation came to mind.
They're almost suggesting Windows is more secure because it has more viruses... LOL
OMG, no! Not that it wouldn't be a nice addition but that would postpone 10.7 to 2012...
That would seem extremely silly to hire someone with that kind of innovative expertise and not followup advancing the OS X security underbelly in terms of Apple's often promoted focus on ease-of-use. The idea of having an extremely secure system without having to become an expert in what amounts to very arcane knowledge to the average computer PC user would seem to be very appealing.
Bitfrost in some form coming in 10.7 ?
With all due respect to John Gruber at Daring Fireball, this is jibberish.
Security doesn't deal with 'secure' and 'safer'... those terms don't even occur in the CISSP 10 domains.
There are...
Vulnerabilities: weaknesses in a system
Threats: someone uncovering the vulnerability and developing a method of exploiting it
Risks: probability of a Threat Agent actually executing the threat against the vulnerability.
That's the context in which the whole discussion of 'are there enough Macs out there to justify writing a threat' occurs.