Print 85 comment(s) - last by vol7ron.. on Dec 11 at 11:28 PM

Pickup should boost Apple's recently struggling security efforts

Malware authors, who are finally taking note of the company’s operating system amid rising market share, have of late victimized Apple, Inc. (AAPL).  Amid struggles with malware -- mostly Trojans (programs that imitate real software or are carried by seemingly innocent webpages and trick users into installation) like MacDefender and Flashback -- the company has been scrutinized by security firms who suggest it needs help, and a more proactive stance on plug-in patching.

The highly profitable computer and digital device maker made a key step in the right direction this week, though, hiring Kristin Paget (formerly Chris Paget), according to a report by Wired.

Ms. Paget seems a natural fit for Apple.

She has said in past interviews that she is a "total Unix head" (OS X is Unix-like) and dislikes Windows.  And she's expressed an interest in hardware security.  When she left Recursion Ventures, her security firm, in July she expressed a desire to move away from bug-finding.  

Thus she may see her talents first applied to Apple's efforts to lock firmware hackers like George "GeoHot" Hotz out of Apple's iOS firmware.  Since the launch of the iPhone, Apple has been largely unable to stop such hackers from defeating its digital rights management scheme (via jailbreaking) and its network locking (via unlocking).  Apple has hired hackers in the past (most notably "Comex") to try to shore up its firmware, but the efforts have oft fizzled.

The new recruit, though, could fare better as she brings a long history of eye-opening security exploits.  In 2010 at DefCon hacker conference she set up a cell-phone intercepting station, a low-cost homebrew hardware setup that tricked towers into routing calls -- even encrypted ones -- through it, allowing conversations to be snooped on.

Kristin Paget
Kristin (formerly Chris) Paget led the bug finding hunt that helped dramatically improve the security of Windows Vista. [Image Source: Jean-Philippe Martin]

But Ms. Paget's most prestigious honor was delaying Windows Vista and in the process greatly improving its security.  In 2006 she was hired by Microsoft Corp. (MSFT) to assist with the final development of Vista.  According to recent speeches, which she gave after her five-year non-disclosure agreement (NDA) with Microsoft expired in 2011; Microsoft had expected a clean bill of health when they brought her onboard.

Instead, she and her team found a wealth of bugs.  She recalls, "We prevented a lot of bugs from shipping on Vista.  I’m proud of the number of bugs we found and helped get fixed."

The bug hunt was so successful that it forced Microsoft to delay Windows Vista.  Ms. Paget and her team received honorary shirts from Microsoft Vice President of Windows Development Brian Valentine that read: “I delayed Windows Vista.”

Windows Vista is widely viewed as a turning point in Microsoft's security history, paving ground for later 

Source: Wired

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: OS X is not secure?
By faust_67 on 12/9/2012 10:24:25 PM , Rating: 2
Windows is irrelevant? With more than 80% of the market? If Windows is irrelevant, how do you qualify OS X with it 8-9% share? Not that it matters to me. I use Linux. By the way, never had a virus on Linux. More secure that OS X. How do you explain that (of course other than telling me that Linux has a small market since it seems to you it doesn't explain less malware). OS X and Windows fans make me laugh. Any system, even Linux, is not 100% secure once put on a network or when it receives data from an external source (CD, USB key, external drive). The hard time I have with Apple is that they spread this myth that OS X (or iOS) is impervious to malware and fanboys relayed the word without thinking one minute how stupid it was (not only fanboys, but supposedly informed journalists who obviously have no clue). That's why I love the Linux community. Most Linux users have sometimes to scratch their heads to install something (even if with modern distributions you don't have to anymore, which is sad). Users of other operating systems laugh at that, but I am laughing at them because they learn NOTHING. And after that they just claim stuff without having the slightest idea of what they saying. Most of these people have no clue what preemptive multitasking or multithreading are. They want to be spoon fed and like robots repeat PR crap from companies. Who do you believe the most when researching about the reliability of a car? The mechanic or the salesman? It seems we hear more from the salesmen.

RE: OS X is not secure?
By Lugaidster on 12/10/2012 10:05:05 AM , Rating: 3
Hahahaha, it cracks me up when Linux fanboys spout crap like this:

Most Linux users have sometimes to scratch their heads to install something (even if with modern distributions you don't have to anymore, which is sad). Users of other operating systems laugh at that, but I am laughing at them because they learn NOTHING.

I think you ought to get your priorities straight. Time is finite and learning to install a stupid program every single time gets old pretty fast.

I welcome the work companies like Ubuntu are doing. Alas, guys like you make me think they are wasting their effort. In the end, if your community would rather have an obfuscated OS to keep it exclusive than welcoming all kinds of user into an open ecosystem we wouldn't have the issues we have with closed environments being so ubiquitous these days.

Disclaimer: I'm a software developer and a frustrated Linux user. I got to tired of having to crawl the corners of the web to get my hardware to work properly or having to fiddle with it to behave (Optimus comes to mind).

RE: OS X is not secure?
By Cheesew1z69 on 12/10/2012 10:05:39 AM , Rating: 2
Windows is irrelevant? With more than 80% of the market?
That's Tony logic...

"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki