Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Apple (Barely) Pulls Security Covers Back at Black Hat

Black Hat 2012

In a talk at Black Hat, Apple’s Dallas De Atley Shared Few New Details; Disappoints Attendees

Black Hat 2012

In a talk at Black Hat, Apple’s Dallas De Atley Shared Few New Details; Disappoints Attendees

Apple has not always been the most open company when it comes to discussing security. But for roughly an hour Thursday, Dallas De Atley, manager of the platform security team at Apple, stood in front of a crowd of attendees at the Black Hat USA conference and outlined the company’s approach to protecting iOS.

When Apple began designing the iPhone, he said, the company quickly realized there were aspects to developing a secure smartphone that were different from other computers at the time. That idea helped drive the phone’s security model.

“Security is architecture – you have to build it from the very beginning,” he said.

Unlike a laptop, a phone is “always connected” and “does not fully go to sleep” like a laptop would if a user closed the lid, he said. The fact that a smartphone can contain a significant amount of personal data and be easily misplaced also played an important role in Apple’s approach, he added.

Starting with Apple’s Secure Boot chain and continuing on to the topics of code signing and sandboxing, De Atley did not cover any unexpected ground; instead, he largely rehashed material from a whitepaper Apple released in May.

While Google Android has been the focus of attention for much of the malware in the mobile world, the iPhone has not been without its challenges. The company’s approach has not stopped researchers from poking around and trying to figure out ways to circumvent Apple’s protections. In fact, a number of talks at Black Hat covered exactly that, attempting to poke holes in the iOS security blanket in order to steal data from the phone.

“The phone has personal data,” he said. “It knows who you call, who you send email to, what websites you visit (and) what games you play. These devices know an awful lot about how we live our lives, and they’ve become a critical part of how we interact with people.”

Advertisement. Scroll to continue reading.
Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.