Apple hires firmware security experts who worked on Thunderstrike 2 exploitApple recently added a pair of firmware security experts to its ranks when it hired the team behind "deep system security" startup LegbaCore in November, an apparent effort to bolster platforms like iOS and OS X.
Former LegbaCore cofounders Xeno Kovah and Corey Kallenberg were brought on by Apple to work on unknown projects, according to tweets Kovah posted over the past few months. The hires were revealed in a December presentation by security researcher Trammell Hudson, who discovered the Thunderbolt-based Thunderstrike vulnerability in 2014 and worked to create the subsequent Thunderstrike 2 proof-of-concept with LegbaCore in August.
Thunderstrike took advantage of a documented flaw in Thunderbolt Option ROM to insert nefarious EFI boot ROM code on any Mac with a Thunderbolt port. The follow-up Thunderstrike 2, based on code from LegbaCore research, used the same attack vectors, but installed a worm capable of replicating and transferring itself between Macs.
Initially reported by MacRumors as an acquisition, it is more likely that LegbaCore simply shut down operations after Kovah and Kallenberg accepted jobs at Cupertino. LegbaCore had no valuable IP or tangible assets associated with its name.
The timing of Kovah's tweets suggest Apple took notice of his work after the Thunderstrike 2 presentation and ultimately hired both LegbaCore cofounders in November. In a subsequent tweet, Kovah said they were working on "low level security" projects, but had yet to be given official titles.
On Topic: General
- Apple hyping this week's opening of first-ever Brooklyn retail store
- This week on AI: 'Apple Car' delayed, new iOS 10 & macOS betas, 'iPhone 7' leaks & more
- Hacker who targeted celebrity Apple and Google accounts sentenced six months in prison
- US appeals court vacates Apple win in Unwired Planet patent suit
- Apple retakes top spot in FutureBrand 'perception strength' rankings