Apple Beefs Up Security Efforts, Buys Company Behind Thunderstrike 2 Exploit

| News

One way to beef up security is by hiring the people who find the flaws in your products, and that's exactly what Apple did with LegbaCore—the company that detailed the Thunderstrike 2 Mac firmware exploit. The Mac and iPhone maker bought the security research company in November 2015, and founders Xeno Kovah and Corey Kallenberg became full time Apple employees.

Apple buys security company LegbaCoreThe two are working on what Mr. Kovah called "low level security." Word of the LegbaCore purchase came from security researcher Trammell Hudson during a recent presentation.

Mr. Kovah and Mr. Kallenberg developed the Thunderstrike 2 exploit last year as a proof of concept. The malware they created used a security flaw in the Thunderbolt interface to install itself into the firmware on victim's Macs. Once there, it couldn't be removed.

The good news for Thunderstrike is that the LegbaCore team went to Apple with their proof of concept instead of unleashing it on the world. To date, their exploit hasn't been used in the wild. Apple also released a security update to patch the flaw.

Apple was clearly impressed with the two because it bought the company and has kept both on staff to work on unnamed security projects. That's great for Apple device users because it's another sign the company is serious about security.

[Thanks to MacRumors for the heads up]

The Mac Observer Spin The Mac Observer Spin is how we show you what our authors think about a news story at quick glance. Read More →

  1. It's pretty clear Apple isn't taking the "security through obscurity" approach with the Mac, iPhone, and iPad. Hiring the people who know how to find—and fix—security exploits makes for safer and more hack-resistent products.

Popular TMO Stories



They haven’t taken a “security through obscurity” approach for a long time, if ever. That OS X has benefited from obscurity is debatable, but given the premium placement of the Mac and the skew towards customers with higher disposable incomes there probably wasn’t much effect. There’s been a long campaign to dismiss OS X security as “security through obscurity” by people with a vested interest in downplaying the security risks of OS X alternatives.

Which isn’t to say there aren’t still exploits that can be executed remotely or social engineering issues to address. But “security through obscurity” was always just a way of not giving credit to Apple for creating a system for which no one was ever able to create a true virus.


If security were more important to them than dictat, they would use their formidable talents to allow their customers as much freedom as possible to use their devices as they please, while still keeping the platform secure.  Because this would largely obviate the jailbreak, which is a veritable cottage industry of insecurity, created and fostered by Apple’s overweening control-freakery. 

There was a time when the “walled garden” was balanced by a CEO on a sacred mission to see to it that the user experience of his product was second to none, at which point it was no big deal if he also mandated a high degree of design and operational consistency.  But now we wait years before they get around to adopting superior ideas introduced in other OSs, and, particularly, by the jailbreak devs, who, unlike Apple, are often earnestly responsive to user requests and suggestions.  Meanwhile, Apple regularly thanks the jailbreak hackers for finding security holes, which they immediately plug, in a ridiculous, disingenuous game, from which they benefit greatly in free security and app development services, at the expense of their customers, whose only choice is between getting ordered around or jerked around.

The iPhone continues to be the best smartphone, iOS the most polished and dependable mobile OS, and Apple service, while imperfect, the best by far.  That’s why I jailbreak, rather than, say, root an Android device. 

But Apple is only increasing its dictatorial ways across the board, from port-less laptops, to crippled TV boxes, to stupid, venal RAM options, to the unconscionably fast slamming of the door to previous iOS versions, to rapid-fire release of betas whose purpose can be little more than to confound the jailbreak community.  I’m sick of it. 

As I indicated, I’m not arguing libertarian principle per se; if they did things like Steve did when he was fully engaged, I’d happily defer to their judgement, and forgo jailbreaking.  But they don’t, and it doesn’t look like they’re about to any time soon; and under these circumstances, if they move any further against the jailbreak, I WILL move to another platform rather than tolerate their arrogance and manipulativeness any longer.

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account