Thursday marked the first time ever Apple presented at the annual Black Hat hacker conference, and while expectations were high, the reality proved to be underwhelming.
The New York Times “Bits” Blog:
The annual Black Hat hacker conference in Las Vegas on Thursday represented the first time Apple cleared an employee to discuss its internal security so publicly. So when Dallas De Atley, manager of Apple’s platform security team, took the stage, the room inside the Caesar’s Palace hotel complex was packed tight and thick with anticipation.
When everyone filed out an hour later, it was agreed by those in attendance that the results were disappointing to say the least. The Bits blog reports, “Mr. De Atley had basically done the equivalent of reading aloud a white paper, timed to a PowerPoint deck, before escaping out a side door without answering any questions. Steve Jobs he is not.”
It was considered a big deal that the presentation happened at all. Apple’s team is tight-lipped, especially when it comes to security. Four years ago, members of Apple’s security engineering team pulled out of a scheduled appearance at Black Hat after Apple’s marketing team balked at the appearance.
During his presentation De Atley showed off a number of “sandboxing” technologies had in place. “The goal is to physically isolate and separate processes from each other so that if one has a flaw, it can’t easily wreak havoc on the rest of the system.”
He explained that all third-party apps are stored in their own container on a users device. User data is stored in such a way that any OS updates do not affect a users personal data. He also noted that every file created on iOS devices get their own encryption key, and are wrapped in the user’s passcode.
As the talk wrapped, bored facial expressions told of the mood of the crowd. An audience member’s post on Twitter: “It was very, very meh.”
