Canceled Apple talks at Black Hat

Today's IT Blogwatch isn't canceled: in which two Apple-related talks at the Black Hat security conference are pulled at the last moment. Not to mention Error'd...

Robert McMillan reports:

Apple Inc. has pulled its security engineering team out of a planned public discussion on the company's security practices, which had been set for next week's Black Hat security conference in Las Vegas. The panel would have been a first for Apple, but the company pulled out of the discussion at the last minute.
...
The panel would have been a highlight of the show, giving attendees an insider look at Apple's security response team. Apple is notoriously secretive about its security policies, a stance that has made it a constant target of criticism in the security community ... Engineers thought that the panel would be approved by marketing because they were not set to answer any questions from the audience.
...
This was not the first Apple talk to be pulled from Black Hat in recent weeks. Another talk, proposed by consultant Charles Edge on Apple's FileVault encryption software, was also pulled recently. more

Brian Krebs adds:

Almost every year, much of the drama leading up to and during Black Hat seems to revolve around talks that are canceled or censored at the last minute for various legal reasons ... these kinds of reversals have a funny way of stoking the curiosity of the hacker community, already an inquisitive bunch by nature.
...
Charles Edge, a researcher from Georgia, had been slated to discuss his research on a weakness that could be used to defeat FileVault encryption on the Mac. But sometime last week, Black Hat organizers pulled his name and presentation listing from its schedule of talks ... he signed confidentiality agreements with Apple, which prevents him from speaking on the topic and from discussing the matter further. more

Neal Krawetz reminds us:

The Black Hat Briefings security conference is the acme of security conferences. Although the name says "Black Hat", the presenters are far from it. The conference really has two types of talks: (1) good guys telling good guys what the bad guys already know, and (2) good guys telling good guys something that they need to know.
...
Each year Black Hat seems to get larger. This year there are 10 tracks over 2 days -- about 90 presentations total.
...
Many of the talks at Black Hat ... are controversial and bleeding edge. As a result, there can be pressure to censor the presentation. Other talks paint companies in a (usually well-deserving) negative light. And some are just so startling, that it isn't what anyone expected. more

Are you pondering what Peter Lox is pondering?

This is odd. Does this mean that Apple has paid Edge to not discuss FileVault at the Black Hat conference? ... The Apple employees were scheduled to lead a panel discussion about Apple’s approach to security, and answer audience questions. Maybe some other time we’ll find out how Apple approaches security. more

Todd "djtechnocrat" Towles thinks:

This officially sums up why Apple sucks @ security PR. Apple Marketing still doesn't have a clue...someone please tell them that "security" is a product deliverable and is more important to their customers than fancy icons, sliding bars or shrinking windows.

Security researchers who find vulnerabilities might feel that Apple works well with them...but as a normal customer, I see a company that rather put its customers in danger just to protect its image - or should I say what it "thinks" its image is...

In my mind, the company would have a much better "image" if it discussed security issues openly, outlined security threats in their products and warned customers of possible danger....because right now, I just see them throwing innocent customers under the bus. more

David Becker schrieb dieses:

Sounds like the marketing policy is "pretend there are no security issues". Hey, it seems to work. more

Dag Ågren ågrees:

Apple is quiet about everything. This is not a case of Apple trying to cover up security problems, it's merely that Apple talkes about nothing, ever, and that includes security policies. more

And ILongForDarkness longs for openness:

Apple makes pretty good products. But in some ways their business practices are worse than Microsoft's. They are so secretive that it is scary. They add to it by attacking the PC industry and saying how their product is better but all they will give you for information is press releases. At least MS is finally being more open with want is going on in the background with things like Channel 9 and versus blogs. There is a line where you have to protect company interests but it shouldn't compromise the customers' ability to make an informed choice. more

And finally...

• Error'd: Do you want to Cancel or Cancel?
  

Buffer overflow:

• Green Data Center Blog: Water is the next issue for data centers
• Ted Samson: Coding green, revisited
• The New Freedom: Switzerland, the EFF's new net neutrality monitor
• Adam Tow: iPhoneDevCamp2
• Matthew Paul Thomas: Why free software has poor usability, and how to improve it
• Chris Albrecht: Warning sign: Metered broadband already a hassle

Other Computerworld bloggers:

• Angela Gunn: Lamers claim blame in fame? For shame.
• John Traenkenschuh: What is Microsoft doing with Midori?
• Mike Elgan: All-screen clamshell concept phone: A glimpse of the future
• Mike Elgan: Microsoft accidentally dominates the ultraportable PC market
• Seth Weintraub: iPhone tethering now semi-legit (and how-to...too)
• John Brandon: Is it time to drop the exclamation point, Yahoo?
• Michael R. Farnum: The magic disclaimer
• SJVN: Microsoft has serious plans to do away with Windows
• Preston Gralla: Microsoft far outspends Google in D.C. lobbying
• Mark Hall: Bigger travel budget or more video conferencing?
• John Brandon: Why the epic fail at Twitter.com will be a major win
• Ken Gagne: From my cold dead hands
• Douglas Schweitzer: Location, location, location
• Shark Tank: D'you think that could be significant?
• Shark Bait: Fire alarms cause printer problems

Like this stuff? Subscribe to the RSS feed.

Richi Jennings is an independent analyst/adviser/consultant, specializing in blogging, email, and spam. A 21 year, cross-functional IT veteran, he is also an analyst at Ferris Research. You can follow him on Twitter, pretend to be Richi's friend on Facebook, or just use boring old email: blogwatch@richi.co.uk.

Previously in IT Blogwatch:

• del.icio.us 2.0 is fi.nal.ly he.re
• UK UFO-hunter faces 60 years in jail
• The end of Windows predicted by Midori