Apple reneges on Black Hat security talk

Marketing drones demand Jobsian secrecy

By Dan Goodin in San Francisco • Get more from this author

Posted in Hardware, 5th August 2008 03:41 GMT

Free whitepaper – Comparison of Static and Rotary UPS

Black Hat Apple's politburo has put the kibosh on a presentation scheduled for the Black Hat security conference that was to give an inside look at the ultra-secretive company's security response team.

Black Hat officials had already given the Apple team the go-ahead when people inside Apple's marketing department vetoed the talk, which would have been the first time Apple has discussed its security practices. "Marketing got wind of it, and nobody at Apple is ever allowed to speak publicly about anything without marketing approval," a Black Hat organizer told IDG News.

Apple's policy of saying next to nothing about how it goes about protecting its users from escalating threats is, to say the least, unfortunate. Just last week, the company said it had patched its software from a serious flaw in the net's address lookup system. Three days after two separate researchers warned Mac clients are still vulnerable to the flaw, Apple hasn't uttered a word, an omission that generates confusion and doubt in those who depend on the vendor. Apple's tight-lipped policy contrasts sharply with practices at other companies such as Microsoft.

It isn't the first Apple talk to be pulled from consideration at Black Hat. Security researcher Charles Edge pulled his talk about a previously undisclosed weakness in Apple's File Vault encryption system out of concerns it might run afoul of confidentiality agreements he signed with Apple. A Black Hat representative said Edge had submitted a proposal to speak on the topic, but that it was pulled before officials ever accepted it. ®

Free whitepaper – Guidelines for specification of data center power density