[ianamartin]

I can understand how people want to put puzzle pieces together, but this is completely idiotic.

Whatever remaining security holes there are with secure enclave, they have nothing to do with a software chat app.

This is entirely coincidental and has nothing to do with anything.

TechCrunch should be ashamed of itself (again) for being such a douchebag.

Edit: I'm not saying Apple hiring the guy is stupid. I'm responding to the hattery from the article itself.

As a hire, it makes sense. But trying to decide that it means "Apple is now serious about security" is just a bunch of horseshit on both ends.

[dang]

It's arguably a poor, baity article, but please don't rant like this on HN. It lowers the quality of the discussion and usually sets off a degrading spiral (as below).

[ianamartin]

I apologize for the rant. It was misplaced here. If you feel like it needs to be deleted, I'm okay with that.

[dang]

No, but thanks. We really appreciate your understanding.

[vonklaus]

Is it idiotic to assume a company embroiled in a debate about privacy and security for a communication device-- the biggest driver of revenue for the company, hired someone in the secure communications space to work on communications products?

Also, Apple has a PR problem and can't operate without secure systems. Article title notwithstanding, it is a pretty big deal that while an intelligence agency is coming at them hard they hired a developer, in a very public manner, that's application is used by the very person who made the evidence of surveillance known.

This could be a signal to the market that they not only passively oppose this, but they are actively locking down their systems and they won't cooperate. Seems like a very sharp developer and as a bonus he did secure system messaging so it is not idiotic.

edit: I ammended post to reflect that he is likely not working on iPhone directly.

[ianamartin]

I will argue that this guy has none of the skills needed to up the ante on the current security model of the latest versions of iOS. What's not known is how security enclave works. But what is known is that it's firmware.

Something very much outside what we know about the secure chat app.

We also know that iMessage has never been known to have any fundamental security flaws.

I tried to clarify above, and I'll do so here again. I don't think the hire was idiotic. I think TCs characterization of hiring a security messiah was idiotic.

That is not anywhere close to reality.

[vonklaus]

It is a strong signal to the market that they aren't cooperating and actually, actively hiring to get to market with something that is non-trivial to break into.

I don't know about his engineering abilities but the interview I read and some of the news articles presented him as quite a talented person. Signal, if it is as secure as the EFF audit suggests, would be one way to shore up older iPhones.

> I think TC's characterization of it was idiotic.

I mean, if we grade it on the TC scale it wasn't. It is hard to say it is unrelated. Their communication device is very publicly being regulated into compliance and they want to hire all the good people they can get. This is good on 3 levels, solid engineer, strong communication to market and that commitment brings in other solid engineers.

[ascorbic]

"I will argue that this guy has none of the skills needed to up the ante on the current security model of the latest versions of iOS."

What are you basing that assertion on?

[kriro]

I disagree and think this is potentially big news. You push us to relax security...we push back by trying to make a play in the secure chat (for everyone not just iPhone users) market which would make your life a lot harder.

The market is tough but it would be interesting if Apple would actually enter it. They have enough power to seed the network effect needed with a large enough user base. I think this entire saga has actually opened up a nice spot to push really hard for the positioning slot of "secure by default". It's been done by a lot of people including Apple before but I think we're at a point in time where the media echo might be good enough for a big company to make a true positioning play. It's also a great differentiation against Google/Facebook. Apple has voiced the "essentially our competitors are in the we make money off privacy violations business" (in other words) but they might want to hit that harder soon. A bit fickle since you need FB/Google in the "security now" alliance but still interesting.

I'm still skeptical about closed source software for secure X but I guess it's better than nothing.

[izacus]

The worrying this is that Apple really has a terrible record of making their solutions available to other platforms. A secure communication software that will only work well on Apple platforms and have a half-broken solution for perhaps one more is not really the direction we want to move to :/

[studentrob]

It's not idiotic, it's interesting news given the climate. They didn't say what his role or project will be. What's wrong with reporting on Apple hiring a developer of one of the most popular secure messaging tools?

[ianamartin]

Are you blind to the difference between reporting an event and interpreting the event badly?

[studentrob]

Please quote the article where you feel it interpreted events poorly. And be civil.

[teamhappy]

How about the first paragraph?

    > Apple hires plenty of interns all year round, but one particular addition
    > revealed this week caught the eye given the company’s current position
    > opposing a controversial order to enable the FBI to access the iPhone used
    > by one of the San Bernardino shooters.

// Of course it's worth writing about, but it certainly would have been higher quality reporting if they didn't immediately link it to the FBI story.

[studentrob]

That is hardly a misinterpretation of events. They're just saying,

"hey, there's this software developer who's done some work in the field of security on an app which is famous, and he's going to work at Apple during a time when some issues with Apple's security are in the news. And we noticed and we want to share that with you"

It's interesting. Tech Crunch can write about whatever they want. If you don't like the article, downvote it and move on. Perhaps Ian is just jealous nobody is writing an article about him, because he is clearly smarter than this developer.

[yarou]

TechCrunch can certainly write whatever they want, but it becomes problematic when they think a single tweet is newsworthy.

When news outlets start writing puff pieces about memes[0], you know that we've all collectively hit rock bottom.

[0] http://qz.com/622001/damn-daniel-the-new-viral-meme-is-gener...

[mc808]

> If you don't like the article, downvote it and move on.

Generally it's courteous to leave a comment explaining a downvote before moving on.

[sbose78]

It does make sense to hire a guy who has had great success in Security. The chat app is just one of the use cases which he handled, and a good experience in designing secure software always helps.

[imron]

No, but this is very likely to be them tightening up other parts of their software stack.

[ianamartin]

Oh right. All the other insecure parts of their software stack. You know, all that other insecure stuff that's notoriously insecure. That one guy who wrote a chat app is going to tighten up.

Come on. Don't pretend this is anything more than it is. A really hard-working guy worked hard and built a thing that worth while. Apple said, "hmmm, it would be easier to buy this person than to hire him." So they did.

There is no one-person fix to secure enclave or any of Apple's other problems. You are being delusional. Apple's problems, such as they are, are systemic and cultural. Apple cannot buy its way into better cloud services or better Siri, or better security, and certainly not with the purchase of a such a small company.

[studentrob]

> Apple said, "hmmm, it would be easier to buy this person than to hire him."

Those two things sound the same to me. The guy was hired. What are you saying here?

> There is no one-person fix to secure enclave or any of Apple's other problems

Nobody said he's going to work on that.

> Apple's problems, such as they are, are systemic and cultural. Apple cannot buy its way into better cloud services or better Siri, or better security, and certainly not with the purchase of a such a small company.

You seem to know a lot about Apple's culture. Do you have some evidence to support your claims?

[imron]

> All the other insecure parts of their software stack

I didn't say all the other parts, or that he's going to do it singlehandedly. Maybe they want to improve end-to-end encryption for iMessage or similar and figure he's got relevant experience.

> Apple's problems, such as they are, are systemic and cultural.

Possibly, but even then, I would argue that this current situation is a culturally defining moment for post-Jobs Apple, maybe even strong enough to override other parts of their culture.

One thing for sure, it's being driven from the very top down and Tim Cook is making clear, unequivocal comments about where the line in the sand is.

[ontoillogical]

> "hmmm, it would be easier to buy this person than to hire him."

In what way did they buy him?

Apple didn't buy Whisper Systems. They hired Frederic Jacobs.

[dotch]

There are probably not many tech companies who would turn down an internship applicant with this guy's résumé. So, yes, no puzzle to be pieced together here.

[ascorbic]

He's not been hired to work on messaging though. He's been hired to work on the Core OS team, i.e. the low level parts of iOS and OS X.