backtop


Print 31 comment(s) - last by Cheesew1z69.. on Jul 28 at 10:17 PM

Alcoholics Anonymous says the first step to recover is to admit you have a problem

Black Hat's sister conference DEF CON already scored an intriguing high-profile keynote speaker -- General Keith Alexander, head of the U.S. National Security Agency (NSA) and U.S. Cyber Command.  Now Black Hat has an equally surprising keynote of its own from the corporate sector -- a top executive from Apple, Inc. (AAPL).

Apple's talk will be given by Dallas De Atley, manager of Apple’s platform security team -- a team responsible for security both Apple's iOS (iPhone, iPad, iPod) and OS X operating systems.

For years, Apple enjoyed one of the positives of having a small market share and proprietary operating system -- general disinterest via cybercriminals.  But rather than take this safety for what it was  -- safety via obscurity -- Apple instead told customers that its machines were never hacked because their security was lightyears ahead of Microsoft Corp.'s (MSFT).

Security researchers called this a baldfaced lie.  In fact, some say Apple is 10 years behind Microsoft.  Indeed, while Apple security researchers have long reportedly lurked incognito at DEF CON and Black Hat, they did not venture to give a talk until 2008 -- ten years after Microsoft's first (1998) presentation at the conventions.

Black Hat
Apple's first Black Hat talk comes after marketing scuttled a 2008 keynote.
[Image Source: Cult of Mac]

And Apple's late arrival was quickly scuttled by Apple's marketing folks who feared a public relations disaster.  After all, they had been pitching for years that Macs were "magical" and immune to "PC viruses".

Lately, however, OS X has been besieged by malicious Trojans -- first with the fake anti-virus program MacDefender, then Flashback, a fake Flash player update that infected 600,000 Macs.  To make matters worse, a memo leaked from Apple public relations to store employees suggesting they lie to customers about the existence of MacDefender.

Trojan horse
Macs are increasingly the target of Trojans.  Malware writers love Apple's
sluggish pace of patching. [Image Source: Venitism]

The issue for Apple was that with 10 percent of the market and a demographic of relatively affluent users, Apple was starting to become a worthwhile target.  And it struggled with this new breed of OS X-centric malware.

Even Apple's marketing team was forced to reword their marketing amid a rash of infections, perhaps fearing user lawsuits.

Apple's reappearance at Black Hat is significant as it represents Apple marketing's silent acknowledgement that keeping customers in the dark about security threats is no longer a viable option.  With mass media frequently seizing on reports of new malware or security holes in iOS and OS X, Apple is back at Black Hat, much as Microsoft was in 1998 -- looking to turn over a new leaf.

Hopefully this year they won't get cold feet.

Sources: Black Hat, Bloomberg



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: It's not that bad
By bug77 on 7/25/2012 11:18:26 AM , Rating: 2
It's not necessarily about being gullible. It's just that problems you don't understand, simply do not exist for you. Do you parents know the difference between a trojan and a worm? Mine don't. Hell, it took years to educate people Internet Explorer is not the Internet and there's a thing called a web browser. Now finally people have smartened up: now they know the web is the internet...
This is the basis of Apple's approach after all: if users don't know they have the right to do stuff on their computer, they won't mind if that right is taken away. Especially if you promise to take of security for them in exchange.


RE: It's not that bad
By Apone on 7/25/2012 12:18:21 PM , Rating: 2
quote:
It's not necessarily about being gullible.


But isn't that why people migrate to the Mac platform? Because it apparently makes computing idiot-free? Heaven forbid Mr./Ms. Average Joe computer user cannot be bothered to learn common sense computing precautions such as not automatically opening every email attachment they receive.

Also many Mac users are people who don't know (or don't care) about technology and just want to use a computer. If it's not that, it's bandwagon Mac customers jumping aboard the OS X train because their friends and family, etc. are all on it (social peer pressure?).

You actually bring up a good point between knowing the difference between worms and trojans. If the infection is on a Windows PC, Mac users always lump it into one big infection category and just assume Windows is inherently insecure. But if it's on a Mac, now there's a difference between worms and trojans?

Also when Mac users say "IT'S SOCIAL ENGINEERING, THE INFECTION REQUIRES USER INTERVENTION!". Isn't that exactly how a Windows computer gets infected? Unless there are airborne Windows viruses/malware/trojans that I don't know about?....


RE: It's not that bad
By bug77 on 7/25/2012 1:05:53 PM , Rating: 2
Well, computers are not an end-goal, they're just a means to an end. If you're a writer and only need to write your stuff or a photographer that only needs to launch Photoshop, should you also become a security expert and systems administrator? As an engineer, I would answer yes, but many people will disagree.
I wouldn't call anyone gullible just because they want to get their job done.
Of course, Apple's approach of "forget everything about security and it won't harm you - because we say so" isn't productive either. When you're using a tool you don't know much about, you should, at the very least, try to find out if it could cut your fingers if not used properly.


RE: It's not that bad
By testerguy on 7/26/2012 8:58:31 AM , Rating: 2
quote:
quote: It's not necessarily about being gullible. But isn't that why people migrate to the Mac platform?


How ironic.

You confuse people who don't seek unnecessary complications (the idea, at least, of Mac OS), with being gullible?

Do you not understand that you don't necessarily have to be gullible or lack anything to seek simplicity? In fact, it is the logical deduction given two systems, all else being equal, to seek the least complicated and least time consuming one to use. This is why the Google home page is essentially just a textbox and a button. Are you 'gullible' for using that instead of Yahoo? No, because complication isn't desirable in itself. Exactly the same can be applied to the Android vs iOS debate.

Of course, all else isn't equal - for me Mac OS is rubbish and of course the claims of being easier to use are just that - but your logic is completely flawed.


RE: It's not that bad
By Cheesew1z69 on 7/28/2012 10:17:22 PM , Rating: 2
quote:
your logic is completely flawed.
Everybody but you has flawed logic. Simply amazing.


"We are going to continue to work with them to make sure they understand the reality of the Internet.  A lot of these people don't have Ph.Ds, and they don't have a degree in computer science." -- RIM co-CEO Michael Lazaridis














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki