Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Taps Cybersecurity Expert as Director of Global Security

Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8F5153d Safari/6533.18.5)

Hackers will hack iDevices and install Mac OS X on PCs. Can't stop 'em.
 
Security

This is a big deal but I don't think Jailbreakers need worry too much.

Is this about the MobileMe issues that are promised for 2011? Imagine if the desktop or laptop was no longer the central hub of our digital life? No syncing our peripheral devices with hardware that may break or be stollen thus losing all our precious files?

What if the North Carolina data centre could store all our music, photos, docs etc and this synced automatically with our devices when and where we want to? Changing playlist is as easy as longing on to your bank and making a transaction? You'd never lose information again!.

I think Mr Rice has been brought in to make the safety of our information in North Carolina as secure as possible.
 
Apple has bigger fish to fry than devise owners jb their phones. For example if they do go to a mostly cloud based system that is going to take a lot of well placed trust to convince people that is secure.

Apple is getting to big not to be a target. Good move.
 
Some more good people at Apple . . . .

Apple again continues to not stop and rest, but understands this business is competitive with many challenges and issues - security is one. Apple has not let its customer base down with this issue in the past and clearly doesn't want to start now with all the Windows-converts that have come into the Apple fold.
 
wiganer said:
This is a big deal but I don't think Jailbreakers need worry too much.

Is this about the MobileMe issues that are promised for 2011? Imagine if the desktop or laptop was no longer the central hub of our digital life? No syncing our peripheral devices with hardware that may break or be stollen thus losing all our precious files?

What if the North Carolina data centre could store all our music, photos, docs etc and this synced automatically with our devices when and where we want to? Changing playlist is as easy as longing on to your bank and making a transaction? You'd never lose information again!.

I think Mr Rice has been brought in to make the safety of our information in North Carolina as secure as possible.
Click to expand...

-------------
I like your thinking!
 
Mr. Retrofire said:
Wrong! The U.S. government always wanted the ability to "jailbraik" iOS devices.

https://www.macrumors.com/2010/07/26/u-s-government-to-explicitly-allow-iphone-jailbreaking/
Click to expand...

You are the one that is wrong. Jailbreaking is legal, but that doesn't mean or imply Apple will allow it to happen easily. In fact, making harder is all Apple can do.

Also, you can't stop jailbreaking, there will always be a bug or hole in the code to exploit. Harder yes. So **** before posting without information.
 
Shouldn't his face be disguised with something like say a "blue dot"? You know like the tv stations used to do...
 

Attachments

  • david_rice_blue_dot.jpg
    david_rice_blue_dot.jpg
    22.9 KB · Views: 499
Apple Security Czar?

I haven't seen that all of President Obama's White House "czars" have been terribly effective in their respective areas so my expectations for this guy aren't too high. Corporate bureaucracy being what it is, coupled with 'not invented here,' makes it tough for appointed czars to make significant inroads.
 
MacRumors said:
Rice is the latest in a series of high-profile security hires made by Apple. The company in 2009 hired Ivan Krstić, former security director for the One Laptop per Child project, and followed that up with the 2010 hiring of Window Snyder, former security chief at Mozilla.
Click to expand...
And what happened to these two, Ivan Krstić and Window Snyder, are they still with Apple and is Rice taking one of their positions or be placed in a new post above them?
 
Good for Apple for trying to stay a step ahead of trouble.

As for everybody moving to some cloud-based storage solution, it's not going to happen. I'm sure it'd be great, if everywhere you go you're either wired or under a cell tower, but you're talking about a very small percentage of the overall user base. ...city people, and relatively stationary ones at that. Primarily, kids. For everyone else, keeping their data far off where access is fickle is pretty impractical.

...beyond security, all this simultaneous network traffic is gonna start requiring a lot more bandwidth & power. As it is now, our wireless networks can barely handle a skype call, much less netflix playing simultaneously and a kid trying to do his homework on the web in the other room.

Though I wonder, if you're Apple and build a data center to store everyones personal files, but also commercial music and movies, do you store the same movie 100,000 times? Or just store it once and give everyone access to it? Hmmmm...
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8C148 Safari/6533.18.5)

"Director of Global Security". Now that's a job title!!
 
A lot of people do not understand the difference between user initiated vulnerabilities and remote exploits that require no user intervention.

Security through obscurity does somewhat protect OS X from the first type which would take the form of viruses and Trojans. Once hackers get over the hurdles of understanding the Unix security model in general and the OS X security model specifically, all that is needed is social engineering and playing upon peoples greed and dishonesty.

The majority of trojan infections on OS X have been the result of people downloading what they thought was a pirated version of a commercial application.

Another vector is infection through the browser but that again requires some social engineering to get people to visit unsavory websites with the payload.

One area where OS X excels is the remote security of the default OS X install. You can put an OS X machine on a wide open network without a firewall and be quite safe from any remote exploits. Remote exploits require open ports with a listener. In the past, Windows was so easy to exploit with remote attacks because of all of the open ports. It was not until XP SP1 that you could connect a windows machine to an open internet without risk of infection almost immediately because it used to listen for RPC (Remote procedure Call) right out of the box.

I remember stories of people plugging in their XP box onto cable internet to setup the machine without a router between it and the internet and having the machine completely owned by bots and viruses before initial setup was completed thanks to DHCP and those open ports on XP prior to SP1.
 
I see this hiring as a big win all around. With Naval cryptographic service and NSA experience, his talents can be put to good work at Apple in hopes of keeping iOS and OS/X as secure as possible.

Good job!
 
I took David's class on Microsoft .NET security back when he was doing that gig for SANS. He knows his stuff and is a really nice guy. He even responded to an email I had sent him regarding new security features in Windows Vista (when Vista was released). He co-wrote NSA guidelines for Windows system security. I think he'll make a nice fit with Apple.
 
aristotle said:
A lot of people do not understand the difference between user initiated vulnerabilities and remote exploits that require no user intervention.

Security through obscurity does somewhat protect OS X from the first type which would take the form of viruses and Trojans. Once hackers get over the hurdles of understanding the Unix security model in general and the OS X security model specifically, all that is needed is social engineering and playing upon peoples greed and dishonesty.

The majority of trojan infections on OS X have been the result of people downloading what they thought was a pirated version of a commercial application.

Another vector is infection through the browser but that again requires some social engineering to get people to visit unsavory websites with the payload.

One area where OS X excels is the remote security of the default OS X install. You can put an OS X machine on a wide open network without a firewall and be quite safe from any remote exploits. Remote exploits require open ports with a listener. In the past, Windows was so easy to exploit with remote attacks because of all of the open ports. It was not until XP SP1 that you could connect a windows machine to an open internet without risk of infection almost immediately because it used to listen for RPC (Remote procedure Call) right out of the box.

I remember stories of people plugging in their XP box onto cable internet to setup the machine without a router between it and the internet and having the machine completely owned by bots and viruses before initial setup was completed thanks to DHCP and those open ports on XP prior to SP1.
Click to expand...

Spot on. There will likely never be perfect protection against trojans, because there will always be stupid people.
 
kas23 said:
This is becoming just a bit too much. They're an electronics company. Who do they really have to fear? If some teenager decides to jailbreak his iPod late at night in his dark bedroom, is some ninja going to come crashing through his bedroom window?

And besides, wouldn't it be cheaper to just hire the dev-team?
Click to expand...

This guy is not here for his technical skills but political connections. He is going to bring into Apple the "establishment" types that the counter-culture roots of Apple has deplored for the past three decades. Even Steve knows it is time to grow up and take some responsibility around these genius products.

This will be good for all except the sociopath like Crunch and company who have been latching on from genius to genius their entire lives talking about the "crimes of the man" and such while ignoring their own transgressions, not to mention drug use.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back