Charles Edge, researcher and Director of Technology at 318, Inc., was scheduled to give a talk at Black Hat concerning an unreleased vulnerability in File Vault. While the exact reasons aren’t yet known it appears that he was forced to cancel this talk possibly due to a confidentiality agreement with Apple.
More concerning is a report that a second session being hosted by Apple’s own security engineering team was canceled by the marketing department. Black Hat’s director Jeff Moss stated:
“Marketing got wind of it, and nobody at Apple is ever allowed to speak publicly about anything without marketing approval,”
While it is unfortunate that Charles Edge had to cancel his session it is very disconcerting that Apple’s marketing department can stop the engineering department from talking to the community, even in a case such a this where questions were not going to be asked by the audience. Being an Apple user and fan I find it very frustrating how Apple treats customers at times but I get especially annoyed at their stance on security in general. While they have no problem taking shots at Microsoft’s Windows Vista in commercials they are very tight lipped and often do not work well with the community to fix problems in their own house.
If you’re as concerned as I am about Apple’s security, especially File Vault, I suggest TrueCrypt. It is far more powerful and useful than File Vault without the concerns that come with trusting Apple. If you frequently travel internationally TrueCrypt offers some excellent features such as hidden volumes to hide confidential data from anyone looking at your data when crossing borders.