Apple's security through obscurity policy at Black Hat

Apple pulled out of the Black Hat conference, which is precisely what it should not be doing as it seeks to improve its security.

Tech Culture

Apple makes beautiful products, but don't try looking under the hood to see how secure they are. I'm a huge Apple fan, but I found this news that two presentations on Apple's security were pulled from the annual Black Hat conference.

One was a presentation by Apple employees on the company's security policies. On that one, it's shocking that the employees were planning to speak at all, as Apple is very tight-lipped about anyone within the company speaking publicly.

But the other, as the Slashdot commentary highlights, was to discuss problems with Apple's FileVault encryption system. This sort of public discussion is critical to helping to resolve security issues, especially with Apple recently found to have the most security vulnerabilities by an IBM research team. Security through obscurity doesn't work.

As Apple (thankfully) becomes a bigger force in the market, it needs to ensure its security is top-notch. Its architecture and Unix underpinnings already give it a headstart, but working through potential security problems in a transparent manner would help further.

Yes, Apple is skittish about any public disclosure. But security is one area that it can't afford to keep its cards too close to its vest.

Click here for full coverage of Black Hat 2008.

Autoplay: ON Autoplay: OFF