Apple’s debut at Black Hat started off on the wrong foot
Apple recently made its first ever presentation at the Black Hat security conference, and despite being one of the most expected and highly anticipated moments of the event, the Cupertino, Calif.-based corporation hasn’t made the best possible initial impression. The audience was left somewhat disappointed, only to have Apple follow up a major security acquisition.
The keynote was presented by the manager of Apple’s platform security team, Dallas De Atley, who reiterated the iOS security paper that Apple released two months ago. The problem stems from the fact there were higher expectations for Apple's debut: updated information on steps the Cuppertino, Calif.-based corporation is taking to resolve their security issues and concerns would have been of far greater interest, and it would have shown how seriously Apple takes security.
Moritz Jaeger, an attendee of the event, said: “This was one of the worst talks i have ever seen at Black Hat. Nothing new, no informations and no questions. It was a vendor pitch. Too bad for all the other talks that got rejected because of this.” on Black Hat’s Facebook page.
Jaeger's comment that Apple's presentation was a vendor pitch likely referred to some of De Atley's language. For example, De Atley said, "Security is architecture. You have to build it in from the very beginning. It's not something you can sprinkle over the code at the end." This is clearly reiteration of Apple's new security marketing language, and not an embrace of iOS security issues.
To top the bad news with more bad news, Dallas De Atley left attendees waiting for the usual question and answer session following the keynote speech, but simply left the room after the presentation instead of offering the mic to the audience. This left a bad impression with the audience.
Accuvant security research consultant, Dr. Charlie Miller, tweeted after the presentation: "Disappointing that the Apple security [team] didn't take questions at the end of the talk." He then went on to add: "Also he never mentioned the app store review process. Does this imply it does not have a role in the security process?"
The next day, the story broke that Apple was acquiring security vendor AuthenTec, but it's not clear how that acquisition will play into the Apple security strategy. What is clear is that Apple must be more careful in future security community events, because millions of people pay attention to its every move, and its security is in the spotlight.
Photo Credit: Jirsak/Shutterstock