Apple adds to security Dream Team
Apple continues to invest in security personnel
It sounds to me like Apple is a bit more serious about security than what people give them credit for.
Quote:
.Callas is the latest celebrity researcher to join Apple's security team. Last month, former Mozilla security boss Window Snyder, credited with making Firefox's security response more professional, took a job in Cupertino's security department. And in May 2009, One Laptop Per Child's top security architect, Ivan Krstic, signed on to Apple, with the title of "Security Samurai, Core OS."
.Callas is the latest celebrity researcher to join Apple's security team. Last month, former Mozilla security boss Window Snyder, credited with making Firefox's security response more professional, took a job in Cupertino's security department. And in May 2009, One Laptop Per Child's top security architect, Ivan Krstic, signed on to Apple, with the title of "Security Samurai, Core OS."
It sounds to me like Apple is a bit more serious about security than what people give them credit for.
Comments
It sounds to me like Apple is a bit more serious about security than what people give them credit for.
Sure Apple have always had security people but it's down to results. They just had to improve ASLR in Snow Leopard and didn't, so it got hacked at Pwn2Pwn again:
http://news.softpedia.com/news/Famou...y-122116.shtml
Often the best security researchers are the ones on the outside trying to get in than the ones on the inside trying to keep people out, especially the ones trying to make a living from it.
I'd rather have a system that I know if I don't click on any shifty links I don't really need to run time and resource-draining anti-virus programs.
But maybe that's just me.
"Yeah I heard Mac's are easy to crack because they always get owned in challenges"
Yet the fail to understand that guys like Charlie Miller are debatably geniuses when it comes to knowing how Operating Systems work and were weaknesses are. While appears to look "easy" when they compromise a system the work involved to unearth the exploit could take days or even weeks.
The thing that incenses me is the "safe by obscurity" argument. Come'on that worked when Apple was still be labeled "beleaguered" but everyone knows who Apple is and a 3 million Macs sold a quarter isn't obscure.
I'm a believe that whether you're talking a computer virus or Earthly virus the MO is the same. They take the path of least resistance.
The machines here are crawling with viruses, as you might expect from the previous sentence. And as tonton says, these machines are pwned the miute they are plugged in to a network, or a USB key is attached.
I have a new level of appreciation for not having to run AV software that has to constantly update and still doesn't stop many, many viruses.
PS maybe Charlie Miller really wants those Macs? If there was a contest with one prize, a gold-plated Lambourghini, and second prize a burrito, which would you go for?
I'd rather have a system that I know if I don't click on any shifty links I don't really need to run time and resource-draining anti-virus programs.
We're talking about a zero-day exploit though. Saying you prefer to have that insecurity vs anti-virus is like saying you'd rather be shot instantly than tortured slowly. If you click on a suspicious link, it can gain root access to your machine and do anything: install key-loggers to gain access to your banking and drain your accounts, install screen-viewing software to watch everything you do or just start a full filesystem erase.
Windows 7 had one:
http://it.slashdot.org/story/09/11/1...ploit?from=rss
but Miller found 20 in OS X.
Yet the fail to understand that guys like Charlie Miller are debatably geniuses when it comes to knowing how Operating Systems work and were weaknesses are. While appears to look "easy" when they compromise a system the work involved to unearth the exploit could take days or even weeks.
But it's not the researchers who exploit the vulnerabilities. The techniques are sometimes published on security forums and usenet groups, which are then crafted into exploits to be used by any script-kiddie. The Safari zero-day exploit has already been used to jailbreak the iPad.
The thing that incenses me is the "safe by obscurity" argument. Come'on that worked when Apple was still be labeled "beleaguered" but everyone knows who Apple is and a 3 million Macs sold a quarter isn't obscure.
I agree, I think that one big flaw Windows has is the registry when it comes to malware and viruses. The Mac does have startup scripts that can be modified as root but a 30 minute archive install will sort it out in the worst case, which you can't do with the Windows registry. I certainly think the system design plays a big part in the virus/malware targeting and OS X is designed very well.
I would agree that certain types of exploit don't make a platform insecure as a layman would use the term because they can't all be used the same way. Most of the problem with Windows is malware that causes slowdowns, popups etc. A zero-day exploit is more for a targeted attack. A browser flaw based on visiting a URL requires promoting the URL and any suspicious activity will get the site shut down so it's not an attack that will be used much.
But it's not the researchers who exploit the vulnerabilities. The techniques are sometimes published on security forums and usenet groups, which are then crafted into exploits to be used by any script-kiddie. The Safari zero-day exploit has already been used to jailbreak the iPad.
Yes but Miller's work isn't for sale. I envy these guys because the exploits they find can easily be monetized beyond winning free stuff in Pwn2Own contests. A script kiddie could likely get ahold of some exploits but I think it's rare that this stuff ever hits the wild.
I think Apple does indeed realize that they've got holes to plug and I believe they'll get there. The offshoot is that some things will undoubtedly get more cumbersome (I already have to log in to some Apple tools multiple times which feels excessive).
I think Apple's approach will be to sandbox everything and mitigate danger by smartly quarantining compromised systems.
I can't wait to see what's in store for 10.7. Please announce WWDC tomorrow Apple.
Yes but Miller's work isn't for sale.
Sort of - they choose to sell them ethically:
http://www.computerworld.com/s/artic...WN2OWN_wins_5k
"PWN2OWN's sponsor, 3Com Corp.'s TippingPoint unit, paid Miller $5,000 for the rights to the vulnerability he exploited and the exploit code he used. As it has at past challenges, it reported the vulnerability to on-site Apple representatives. "Apple has it, and they're working on it," added Miller."
Some outside researchers sell to the highest bidder. He said the IE8 one was worth way more and it could sell for $50,000.
The Safari exploit (or a similar one) is already out there and in use:
http://news.yahoo.com/s/pcworld/2010...breaktotheipad
"Browser Exploit Brings Jailbreak to the iPad. The hack uses an exploit in Safari to let you get root access on the device."
It wasn't Miller who released this but another hacker who has had his code ported for the use with the iPad by another.