Analysis: Apple Security Team's Oh-So-Brief Black Hat Appearance

By Kevin McLaughlin
July 31, 2012 11:40 AM ET

Page 1 of 2

Last week at the Black Hat security conference, Apple got into the spirit of the Summer Olympics with a brief track and field display of its own. The speed with which Apple's security team bolted after their first-ever Black Hat appearance was astonishing -- and possibly record-setting, if records were kept for that sort of thing.

After Dallas De Atley, manager of the platform security team at Apple, wrapped up his presentation on iOS security without inviting Q&A, dozens of Black Hat attendees made a beeline for the stage, eager for some face time.

But De Atley and other Apple employees, including Window Snyder, senior security and privacy product manager, deftly side-stepped the oncoming blitz and slipped out of the room through a side door.

The fact that Apple showed up at Black Hat, after pulling out of the 2008 event at the last minute, is a sign of progress. Yet in the wake of De Atley's presentation -- a verbatim rehash of the iOS security paper Apple released in May -- many Black Hat attendees were left with the impression that Apple's appearance was motivated more by marketing concerns than by a genuine desire to engage with security researchers.

"It would have been good to hear them say, here is where we're going next with iOS, and here is how we are going to lock it down some more in the next version," said Charlie Miller, principal research consultant for Accuvant Labs, in an interview.

Apple has woven a strong web of hardware- and software-based security around iOS, one that has, so far, managed to keep malware off its customers' devices. That said, anyone who expected De Atley to field researchers' questions about Apple's iOS security approach probably still believes in the Tooth Fairy.

For all the recent advances Apple has made in security, it still exhibits a distinct mistrust of researchers. Last November, Apple kicked Miller out of its developer program for a year after discovering he had posted a proof-of-concept app to the App Store to demonstrate a flaw in Apple's code signing process for iOS apps.

NEXT: Apple's Dealings With Security Researchers

1 | 2 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows