All eyes on Apple with it set to take security public
In a first, Apple manager scheduled to take stage Thursday at Black Hat to discuss security technologies in iOS
By Antone Gonsalves
July 26, 2012 — CSO — Anticipation was high Wednesday among Black Hat attendees awaiting Apple's first public appearance at the security conference under way this week in Las Vegas.
Dallas De Atley, manager of Apple's platform security team, is scheduled to take the stage Thursday to discuss security technologies in iOS, the operating system used in the iPhone and iPad. "Everyone is thrilled," Black Hat spokeswoman Natalia Wodecki said.
The only other time Apple was scheduled to appear at Black Hat, held in the Nevada desert city for the last 15 years, was in 2008. That appearance was cancelled at the last minute by the company's marketing department.
"Bottom line -- no one at Apple speaks without marketing approval, Apple will be at Black Hat 2012, and marketing is on board," Trey Ford, general manager of Black Hat, said in an emailed statement on Wednesday.
Apple has always taken a say-nothing approach to security, even when it implements major improvements. For example, the company quietly added address space layout randomization for iOS last year. ASLR randomly arranges of positions of key data areas, making it more difficult for hackers to exploit memory-related vulnerabilities.
Apple's Black Hat appearance comes in the wake of April's Flashback botnet that infected more than 600,000 Macs and netted its authors $10,000 a day, Symantec said. Flashback was the first major malware outbreak on the Mac, tarnishing Apple's image of having hack-proof products.
Beyond Flashback, research has shown that Macs are carrying malware unbeknownst to users. A security scan of 100,000 Macs found 3 percent infected with Mac-capable malware, according to anti-virus vendor Sophos. When Windows malware was included, one in five Macs were found to be harboring some type of malware.
While the Mac has been the primary target, hackers are taking notice of iOS. This month, Kaspersky Lab reported finding an iOS Trojan that uploaded a user's address book to a remote server. Spam messages with a URL to the application, called "Find and Call," were sent from the server to all the users' contacts.
Apple's approach to security in iOS has been about control. Only apps vetted by Apple are sold through the company's App Store, which is the only outlet for iPhone and iPad software.
In Mountain Lion, the latest version of Mac OS X, Apple is taking a hybrid approach more applicable to the PC world. Released Wednesday, Mountain Lion introduces a security feature called Gatekeeper.
The component provides customers with three security modes. The first lets a Mac behave as before, installing any application from any source following permission from the user. The second will only allow the Mac to install apps from Apple's Mac App Store or identified developers. The last option limits all installations to apps downloaded from the Mac App Store.
For years hackers focused on Microsoft Windows PCs instead of Apple products, which had a fraction of the market share. Today, Apple's success in selling the iPhone and iPad have made it the world's most valuable company and its products a potentially lucrative target for cybercriminals.
Read more about wireless/mobile security in CSOonline's Wireless/Mobile Security section.