Posted on 08/05/2008 8:38:22 PM PDT by Swordmaker
"Apple's absence from Black Hat had a bit of a ripple effect, as security consultant Charles Edge was forced last month, upon finding out of Apple's plans to cancel their presentation, to withdraw a session he had proposed to Black Hat organizers about flaws in Apple's FileVault encryption software, citing confidentiality agreements he had signed with the company, according to the Washington Post."
Any "security consultant" who had already signed "confidentiality agreements" would have known that discussing unpatched "flaws" in an important security aspect of OSX would not have Apple's blessings. What I infer happened is that Edge shopped his discovered flaws to Apple and they hired him to help close them and required him to sign the NDA which, consequently resulted in his canceling is scheduled presentation at Black Hat.
Somehow this has been confabulated in this article into APPLE, INC., being scheduled to discuss their commitment to security and APPLE pulling out of an agreement to speak. That just doesn't comport to Apple's history or corporate policies. It would have been a major coup to have Apple officially address the Black Hat convention. Since they were not advertising this presentation out the kazoo, I don't think it was ever scheduled.
I think this entire article is FUD.
I don't think that is what happened.
Thanks to Leonard210 for the heads up.
If you want on or off the Mac Ping List, Freepmail me.
FUD? FUD? Who would do that to Apple???
Dija catch this gem?
“Thanks to this move and a few other gestures of ill will toward its customers (such as dropping the price of the iPhone...”
Dropping the price of a very popular product transmogrifies into a gesture of ill will towards the customers!
Apple is running UNIX. Gee, like that’s ever been hacked?
...says Herbert "Hugh" Thompson, chief security strategist at New York software security firm People Security, "Apple's shield of being a charmed company could be lifting."...and who are ya gonna believe, some software patch salesman, or...
They are already ticked off.
Last year, a couple of these Black Hatters in a video demonstrated a claimed Zero Day infiltration of an Apple MacBook Pro at the convention that gained user level access through a flaw in the MacBook's WIFI.
However, the demonstrated exploit turned out to be done by using non-Apple hardware (third party USB WIFI card) and software (third party WIFI drivers) that is NOT installed in a MacBook Pro. The demonstrated flaws were in the third party stuff that would not normally be used on a Mac because the functionality is already built in. . . but they touted it as a Mac vulnerability. It took months to clear that FUD party up and get them to admit it was NOT a flaw in OS X as shipped by Apple.
The vulnerability was much more common on Windows computers that DID use the third party stuff... but the demonstrators said they chose to use a MacBook Pro because "they wanted to stick a lit cigarette into the eyes of smug Mac users"so they cheated to damage Apple's reputation.
Yep. UNIX has undergone a lifetime of testing by hackers... and patching by the open source community. Most of the vulnerabilities have been found and fixed long ago. There are still things that Apple has added that have vulnerabilities, but since they run on top of UNIX, they are protected from doing too much damage through those vulnerabilities.
A lot of Apple's OS X applications are also open source and the OS community also searches through them for potential vulnerabilities.
For all the supposed smugness of Mac users, it seems to me that Mac detractors are the truly self-righteous.
Exactly! The hackers so far showed relatively no interest in Apple due to their miniscule marketshare. And the fact they have already exploited OSX Leopard shows it isn’t some superior OS that is flawless like Apple wants people to believe.
Sounds like the standard liberal tactic being used from anyone from Hilary Clinton; Nancy Pelosi; Barack Obama to people like Jesse Jackson and now Apple. They don't want to answer questions from an audience probably smarter than most of their engineers at Apple, but they snidely want to introduce the hackers to their Security Experts. I'm syre they see right through that BS and Apple probably pissed off the wrong people with this one.
Miniscule Market Share = 33,000,000 Mac OS X users.
And the fact they have already exploited OSX Leopard shows it isnt some superior OS that is flawless like Apple wants people to believe.
Please provide us poor deluded Mac users the real, in the wild exploits, not mere vulnerabilities, that are plaguing Mac users today. Name them. Proof-of-concept viruses and trojans that exist only in a Security Company lab are not in the wild.
Spot The Fed!
I can find no other primary source that says that Apple was intending to officially attend the Black Hat conference. To criticize Apple for supposed restrictions on a undocumented appearance that was not touted by the promoters in all of their promotion materials is absurd. I think the supposed appearance is bogus.
As I mentioned, this "cancellation" was reported last week and at that time involved only Edge. Not Apple.
Participants in the Black Hat conference have been known to lie about Apple before. Since Apple's non-participation fits much more the history of the company and its known reticence about talking about anything security related, I strongly doubt that Apple's security experts would have scheduled themselves to be featured at a conference with the animosity that it has shown in the past toward anything Apple. Blue, it makes no sense.
Sounds like blackmail to me. So which nation is going to pursue him for cyberterrorism?
So I say to the FUD-spewing Win-trolls: WHERE ARE THE MAC BOTNETS???
Right on dayglored. Hackers hack ‘cause they love to hack. How stupid do they think we are? No one has tried to hack a Mac ‘cause there aren’t enough of them yet? What tripe.
“One of these days Alice. Bang! Zoom! Just as soon as there are enough of you out there, you’re goin’ to the moon!” (For the kiddies, it’s a Jackie Gleason reference. He used to say, ‘You’re goin’ to the moon Alice...’ Gleason. Jackie Gleason. Oh, never mind!)
Either I'm missing something, or the author of this article is.
Un-Scientific American article.
Just more crapola from a rag which evangelizes Global Warming.
I use Win, Mac, Linux, and NetBSD computers every day. I'm in charge of System Administration at a software company.
VMware Fusion on the Mac -- I run Windows, Linux, NetBSD, even MS-DOS on my MacBook. Beats the crap outta everything else out there.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.