Apple pitches gadget security to hacker crowd (Update)

Jul 26, 2012 by Glenn Chapman
Apple pitched security measures in its mobile gadgets on Thursday during its first presentation at a premier gathering of hackers and those intent on thwarting cyber attacks.

Apple pitched security measures in its mobile gadgets on Thursday during its first presentation at a premier gathering of hackers and those intent on thwarting cyber attacks.

The unprecedented talk by Apple head of software platform security Dallas De Atley at the 15th annual Black Hat conference in Las Vegas came as hackers increasingly target smartphones at the heart of Internet Age lifestyles.

"We are really excited to be here," De Atley said before launching into his presentation at a packed Caesars Palace ballroom.

"When we were developing the iPhone we realized there were aspects that make it different from computers," he continued.

"Security is architecture; you have to build it in from the very beginning. It is not something you can sprinkle over your code when it is done."

De Atley spent an hour providing insights into encryption, software keys and other security features built into the iOS operating system for iPhones, iPads and iPod touch devices.

Hacking attacks on mobile devices, especially Apple gadgets or those powered by Google-backed Android software, were hot topics at Black Hat, where developers voiced doubt that device makers are devoted to security.

Unlike other speakers at the weeklong gathering, De Atley did not field questions from the audience. Instead, he brushed aside queries as he was ushered quickly out a side door after his talk.

His brusque departure underscored a complaint by developers, and those who craft security for Apple gadgets, that they are often left guessing answers to questions when dealing with the revered gadget maker.

"IOS is pretty secret," said Accuvent Labs principal research consultant Charlie Miller, who is credited with the first remote hacker exploit of an iPhone.

"How do they test their software before they ship it?" he continued, rattling off a litany of questions he'd like Apple to answer. "How do they determine an application is malicious and how many times has it happened?"

In the room where De Atley made his presentation, a team from security firm FishNet later announced that in the days ahead it will release a tool designed to expose security problems in applications tailored for Apple gadgets.

"I feel like Apple's security is reactive and not proactive," said Seth Law of FishNet.

"They picked a great base to start from but continually get burned," Law continued. "The fact you can jailbreak an iPhone points to the fact that it is not rock solid."

With Apple boasting of more than 650,000 applications in its online App Store and the addition of more than a thousand a day, an automated way to check third-party software security is needed, according to the FishNet team.

Concerns in applications include whether they intrude on privacy by mining contact lists or other data on devices.

"The process for approving applications (for the App Store) is more about the business decisions than the security aspects," Law said. "Apple's testing in this case is the big unknown."

The list of rules Apple provides developers calls for software to work smoothly on devices but makes no mention of security issues, according to FishNet.

"Developers out there learn to game the system to push their apps through the registration process as fast as possible," Law said. "Apple is looking at how to best enforce their rules and make their money; they want their 30 percent cut."

Cupertino, California-based Apple gets 30 percent of the money from sales of virtual goods or subscriptions in applications on its globally popular devices.

Explore further: Technology to help people with disabilities to learn and communicate

add to favorites email to friend print save as pdf

Related Stories

Computer hackers and defenders mix in Las Vegas

Jul 24, 2012

Rival factions from the Internet security world will mix warily this week at a pair of Las Vegas conferences gathering computer security experts and software savants who make sport of hacking them.

Security holes discovered in iPhones, iPads

Jul 08, 2011

A new security hole has opened up in Apple Inc.'s iPhone, iPad and iPod Touch devices, raising alarms about the susceptibility of some of the world's hottest tech gadgets to hacker attacks.

Apple girding gadgets against hackers

Jul 08, 2011

Apple on Friday said it was working to patch a vulnerability that hackers could use to break into the company's popular iPad, iPhone and iPod Touch gadgets.

Hot Apple developers rally gets June 11 keynote

May 29, 2012

A sold-out Apple gathering devoted to tailoring programs for the company's coveted gadgets will kick off in San Francisco on June 11 with a keynote presentation by top executives.

Recommended for you

BPG image format judged awesome versus JPEG

Dec 17, 2014

If these three letters could talk, BPG, they would say something like "Farewell, JPEG." Better Portable Graphics (BPG) is a new image format based on HEVC and supported by browsers with a small Javascript ...

Atari's 'E.T.' game joins Smithsonian collection

Dec 15, 2014

One of the "E.T." Atari game cartridges unearthed this year from a heap of garbage buried deep in the New Mexico desert has been added to the video game history collection at the Smithsonian.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.