backtop


Print 85 comment(s) - last by vol7ron.. on Dec 11 at 11:28 PM

Pickup should boost Apple's recently struggling security efforts

Malware authors, who are finally taking note of the company’s operating system amid rising market share, have of late victimized Apple, Inc. (AAPL).  Amid struggles with malware -- mostly Trojans (programs that imitate real software or are carried by seemingly innocent webpages and trick users into installation) like MacDefender and Flashback -- the company has been scrutinized by security firms who suggest it needs help, and a more proactive stance on plug-in patching.

The highly profitable computer and digital device maker made a key step in the right direction this week, though, hiring Kristin Paget (formerly Chris Paget), according to a report by Wired.

Ms. Paget seems a natural fit for Apple.

She has said in past interviews that she is a "total Unix head" (OS X is Unix-like) and dislikes Windows.  And she's expressed an interest in hardware security.  When she left Recursion Ventures, her security firm, in July she expressed a desire to move away from bug-finding.  

Thus she may see her talents first applied to Apple's efforts to lock firmware hackers like George "GeoHot" Hotz out of Apple's iOS firmware.  Since the launch of the iPhone, Apple has been largely unable to stop such hackers from defeating its digital rights management scheme (via jailbreaking) and its network locking (via unlocking).  Apple has hired hackers in the past (most notably "Comex") to try to shore up its firmware, but the efforts have oft fizzled.

The new recruit, though, could fare better as she brings a long history of eye-opening security exploits.  In 2010 at DefCon hacker conference she set up a cell-phone intercepting station, a low-cost homebrew hardware setup that tricked towers into routing calls -- even encrypted ones -- through it, allowing conversations to be snooped on.

Kristin Paget
Kristin (formerly Chris) Paget led the bug finding hunt that helped dramatically improve the security of Windows Vista. [Image Source: Jean-Philippe Martin]

But Ms. Paget's most prestigious honor was delaying Windows Vista and in the process greatly improving its security.  In 2006 she was hired by Microsoft Corp. (MSFT) to assist with the final development of Vista.  According to recent speeches, which she gave after her five-year non-disclosure agreement (NDA) with Microsoft expired in 2011; Microsoft had expected a clean bill of health when they brought her onboard.

Instead, she and her team found a wealth of bugs.  She recalls, "We prevented a lot of bugs from shipping on Vista.  I’m proud of the number of bugs we found and helped get fixed."

The bug hunt was so successful that it forced Microsoft to delay Windows Vista.  Ms. Paget and her team received honorary shirts from Microsoft Vice President of Windows Development Brian Valentine that read: “I delayed Windows Vista.”

Windows Vista is widely viewed as a turning point in Microsoft's security history, paving ground for later 

Source: Wired



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: OS X is not secure?
By Tony Swash on 12/7/2012 3:05:50 PM , Rating: -1
I think the claim is that MacOSX get's far, far less malware infections than Windows - and that is indubitably true.


RE: OS X is not secure?
By momorere on 12/7/2012 3:18:16 PM , Rating: 3
Saving the day on another article ah ? What do you really expect when crApple only has 8.54% of the desktop marketshare ? That is like robbing a house that you know is poor, in other words, nothing to gain. Hurry and say how such a small percentage generates so much more profits than all of the top 10 competitors combined as per your usual post.


RE: OS X is not secure?
By Tony Swash on 12/7/12, Rating: -1
RE: OS X is not secure?
By 91TTZ on 12/7/2012 7:05:46 PM , Rating: 3
Apparently Apple's leadership doesn't agree with you which is why they're spending the money to hire people specializing in the subject.


RE: OS X is not secure?
By Tony Swash on 12/8/12, Rating: -1
RE: OS X is not secure?
By momorere on 12/8/2012 11:57:06 AM , Rating: 2
Still trying to pass opinions as "facts" huh ? Haven't you figured out that isn't the case ? I can just as easily point to some random person's blog/site and state that it is 100% fact/legit. I'm thinking about creating a site with "facts" to link to you on all your posts and you HAVE to believe everything they say as it is per your usual tatics along with crApple's financial stats. I fully understand that all your efforts are part of your position as a PR rep at crApple but you take it to heart.

P.S. It's REALLY nice to see crApple getting closer and closer to that mystical $1,000 stock price. LOLZ !!!


RE: OS X is not secure?
By faust_67 on 12/9/2012 10:24:25 PM , Rating: 2
Windows is irrelevant? With more than 80% of the market? If Windows is irrelevant, how do you qualify OS X with it 8-9% share? Not that it matters to me. I use Linux. By the way, never had a virus on Linux. More secure that OS X. How do you explain that (of course other than telling me that Linux has a small market since it seems to you it doesn't explain less malware). OS X and Windows fans make me laugh. Any system, even Linux, is not 100% secure once put on a network or when it receives data from an external source (CD, USB key, external drive). The hard time I have with Apple is that they spread this myth that OS X (or iOS) is impervious to malware and fanboys relayed the word without thinking one minute how stupid it was (not only fanboys, but supposedly informed journalists who obviously have no clue). That's why I love the Linux community. Most Linux users have sometimes to scratch their heads to install something (even if with modern distributions you don't have to anymore, which is sad). Users of other operating systems laugh at that, but I am laughing at them because they learn NOTHING. And after that they just claim stuff without having the slightest idea of what they saying. Most of these people have no clue what preemptive multitasking or multithreading are. They want to be spoon fed and like robots repeat PR crap from companies. Who do you believe the most when researching about the reliability of a car? The mechanic or the salesman? It seems we hear more from the salesmen.


RE: OS X is not secure?
By Lugaidster on 12/10/2012 10:05:05 AM , Rating: 3
Hahahaha, it cracks me up when Linux fanboys spout crap like this:

quote:
Most Linux users have sometimes to scratch their heads to install something (even if with modern distributions you don't have to anymore, which is sad). Users of other operating systems laugh at that, but I am laughing at them because they learn NOTHING.


I think you ought to get your priorities straight. Time is finite and learning to install a stupid program every single time gets old pretty fast.

I welcome the work companies like Ubuntu are doing. Alas, guys like you make me think they are wasting their effort. In the end, if your community would rather have an obfuscated OS to keep it exclusive than welcoming all kinds of user into an open ecosystem we wouldn't have the issues we have with closed environments being so ubiquitous these days.

Disclaimer: I'm a software developer and a frustrated Linux user. I got to tired of having to crawl the corners of the web to get my hardware to work properly or having to fiddle with it to behave (Optimus comes to mind).


RE: OS X is not secure?
By Cheesew1z69 on 12/10/2012 10:05:39 AM , Rating: 2
quote:
Windows is irrelevant? With more than 80% of the market?
That's Tony logic...


RE: OS X is not secure?
By faust_67 on 12/7/2012 3:29:35 PM , Rating: 5
Maybe. Bur I remember many fanboys comments stating that OS X was less subject to viruses because it was a superior OS. The reality is far different. OS X was so far less exposed because of its smaller market share. I have been using Linux as my main OS for about 5 years, and so far I had NO viruses. Linux has security holes too, but they are less exploited because of the small market share (one of the advantages of Linux over OS X and Windows is that security holes are patched much faster. Security holes in OS X and Windows remain sometimes unpatched for months). I once read an article about one of these hackers competition in which they tried to hack into a computer the fastest: some hackers refused trying hacking into OS X because it was "too easy". I think that tells a lot.


RE: OS X is not secure?
By superstition on 12/10/2012 2:14:42 PM , Rating: 2
OS X is a more secure design than DOS-based Windows.

When OS X came out, the consumer version of Windows was still DOS-based.

So, yes, they were right.

Plus, nearly all malware, if not all of it, has been via Java. It is a philosophical debate as to whether or not Java should be considered part of the core of OS X or not.

Marketing OS X as being impervious to malware, though, was not a good move for consumers, because no OS is impervious.


"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." -- Charlie Miller














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki