Apple hires firmware security experts who worked on Thunderstrike 2 exploitApple recently added a pair of firmware security experts to its ranks when it hired the team behind "deep system security" startup LegbaCore in November, an apparent effort to bolster platforms like iOS and OS X.
Former LegbaCore cofounders Xeno Kovah and Corey Kallenberg were brought on by Apple to work on unknown projects, according to tweets Kovah posted over the past few months. The hires were revealed in a December presentation by security researcher Trammell Hudson, who discovered the Thunderbolt-based Thunderstrike vulnerability in 2014 and worked to create the subsequent Thunderstrike 2 proof-of-concept with LegbaCore in August.
Thunderstrike took advantage of a documented flaw in Thunderbolt Option ROM to insert nefarious EFI boot ROM code on any Mac with a Thunderbolt port. The follow-up Thunderstrike 2, based on code from LegbaCore research, used the same attack vectors, but installed a worm capable of replicating and transferring itself between Macs.
Initially reported by MacRumors as an acquisition, it is more likely that LegbaCore simply shut down operations after Kovah and Kallenberg accepted jobs at Cupertino. LegbaCore had no valuable IP or tangible assets associated with its name.
The timing of Kovah's tweets suggest Apple took notice of his work after the Thunderstrike 2 presentation and ultimately hired both LegbaCore cofounders in November. In a subsequent tweet, Kovah said they were working on "low level security" projects, but had yet to be given official titles.
On Topic: General
- Tim Cook responds to $14.5B Irish tax bill with open letter, says decision will be reversed
- Alphabet executive steps down from Uber board as firms prep driverless cars
- Apple event invite inspires wild speculation about 'iPhone 7' iris scanning, bokeh, more
- EU will order Ireland to collect over $1B in back taxes from Apple - report
- Apple sends invitations for 'iPhone 7' event on Sept. 7: 'See you on the 7th'