Apple pitches gadget security to hacker crowd (Update)

Jul 26, 2012 by Glenn Chapman
Apple pitched security measures in its mobile gadgets on Thursday during its first presentation at a premier gathering of hackers and those intent on thwarting cyber attacks.

Apple pitched security measures in its mobile gadgets on Thursday during its first presentation at a premier gathering of hackers and those intent on thwarting cyber attacks.

The unprecedented talk by Apple head of software platform security Dallas De Atley at the 15th annual Black Hat conference in Las Vegas came as hackers increasingly target smartphones at the heart of Internet Age lifestyles.

"We are really excited to be here," De Atley said before launching into his presentation at a packed Caesars Palace ballroom.

"When we were developing the iPhone we realized there were aspects that make it different from computers," he continued.

"Security is architecture; you have to build it in from the very beginning. It is not something you can sprinkle over your code when it is done."

De Atley spent an hour providing insights into encryption, software keys and other security features built into the iOS operating system for iPhones, iPads and iPod touch devices.

Hacking attacks on mobile devices, especially Apple gadgets or those powered by Google-backed Android software, were hot topics at Black Hat, where developers voiced doubt that device makers are devoted to security.

Unlike other speakers at the weeklong gathering, De Atley did not field questions from the audience. Instead, he brushed aside queries as he was ushered quickly out a side door after his talk.

His brusque departure underscored a complaint by developers, and those who craft security for Apple gadgets, that they are often left guessing answers to questions when dealing with the revered gadget maker.

"IOS is pretty secret," said Accuvent Labs principal research consultant Charlie Miller, who is credited with the first remote hacker exploit of an iPhone.

"How do they test their software before they ship it?" he continued, rattling off a litany of questions he'd like Apple to answer. "How do they determine an application is malicious and how many times has it happened?"

In the room where De Atley made his presentation, a team from security firm FishNet later announced that in the days ahead it will release a tool designed to expose security problems in applications tailored for Apple gadgets.

"I feel like Apple's security is reactive and not proactive," said Seth Law of FishNet.

"They picked a great base to start from but continually get burned," Law continued. "The fact you can jailbreak an iPhone points to the fact that it is not rock solid."

With Apple boasting of more than 650,000 applications in its online App Store and the addition of more than a thousand a day, an automated way to check third-party software security is needed, according to the FishNet team.

Concerns in applications include whether they intrude on privacy by mining contact lists or other data on devices.

"The process for approving applications (for the App Store) is more about the business decisions than the security aspects," Law said. "Apple's testing in this case is the big unknown."

The list of rules Apple provides developers calls for software to work smoothly on devices but makes no mention of security issues, according to FishNet.

"Developers out there learn to game the system to push their apps through the registration process as fast as possible," Law said. "Apple is looking at how to best enforce their rules and make their money; they want their 30 percent cut."

Cupertino, California-based Apple gets 30 percent of the money from sales of virtual goods or subscriptions in applications on its globally popular devices.

Explore further: Fans hop aboard exclusive train to Comic-Con

add to favorites email to friend print save as pdf

Related Stories

Computer hackers and defenders mix in Las Vegas

Jul 24, 2012

Rival factions from the Internet security world will mix warily this week at a pair of Las Vegas conferences gathering computer security experts and software savants who make sport of hacking them.

Security holes discovered in iPhones, iPads

Jul 08, 2011

A new security hole has opened up in Apple Inc.'s iPhone, iPad and iPod Touch devices, raising alarms about the susceptibility of some of the world's hottest tech gadgets to hacker attacks.

Apple girding gadgets against hackers

Jul 08, 2011

Apple on Friday said it was working to patch a vulnerability that hackers could use to break into the company's popular iPad, iPhone and iPod Touch gadgets.

Hot Apple developers rally gets June 11 keynote

May 29, 2012

A sold-out Apple gathering devoted to tailoring programs for the company's coveted gadgets will kick off in San Francisco on June 11 with a keynote presentation by top executives.

Recommended for you

Google worker shows early-draft glimpse of Chrome OS

Jul 20, 2014

The Chrome OS is in for a future look. Athena, a Chromium OS project, will bring forth the new Chrome OS user experience. Google's François Beaufort on Friday, referring to the screenshot he posted, said," ...

Google eyes Chrome on Windows laptop battery drain

Jul 19, 2014

Google Chrome on Microsoft Windows has been said to have a problem for some time but this week comes news that Google will give it the attention others think the problem quite deserves. Namely, Google is to ...

User comments : 0