06Jun

Apple’s iPhone may be the world’s most secure device. Apple designed the operating system and manages the apps it approves in such a way as to create what is widely described in the tech community as a walled garden.

Here’s the problem: Like all defensive walls, only the most sophisticated, most advanced enemy can get it. But once in, those walls make it equally challenging for defenders to root them out.

“It’s a double-edged sword,” Bill Marczak, a senior researcher at the cybersecurity watchdog Citizen Lab, tells MIT Technology Review. “You’re going to keep out a lot of the riffraff by making it harder to break iPhones. But the 1% of top hackers are going to find a way in and, once they’re inside, the impenetrable fortress of the iPhone protects them.”

He says that as Apple makes the iPhone ever more secure and difficult to hack, attackers aren’t just sitting back. They are developing ways to take over an iPhone invisibly.

“These allow attackers to burrow into the restricted parts of the phone without ever giving the target any indication of having been compromised. And once they’re that deep inside, the security becomes a barrier that keeps investigators from spotting or understanding nefarious behavior,” writes article author Patrick Howell O’Neill.

According to O’Neill, Apple’s security measures force defenders to look for indirect clues to the safety of a device. iVerify, one of the few Apple-approved security tools, looks for anomalies such as unexplained file modifications to detect breaches.

Now, the security Apple has designed into its iPhone ecosystem is spreading to other of the company’s products, notably the Mac.

Says security researcher Patrick Wardle, “Apple saw the benefits and has been moving them over to the Mac for a long time, and the (special) M1 chip is a huge step in that direction.”

Though Apple’s rules are intended to protect users’ privacy and prevent malicious intrusion, the article says hackers are “creating code that exists in a place where Apple doesn’t allow outside security tools to pry. It’s a game of hide-and-seek for those with the greatest skill and most resources.

‘Security tools are completely blind, and adversaries know this,’ Wardle says.”

O’Neill tells us there is no likely fix to the problem. Apple, he says, “Argues that no one has convincingly demonstrated that loosening security enforcement or making exceptions will ultimately serve the greater good.”

Photo by Tyler Lastovich on Unsplash

[bdp_post_carousel]

author avatar
Green Key

Tech Team Leadership Takes More Than Coding

You’ve just been tapped to lead a development team on a new project. It’s a sign of the company’s confidence in you and the opportunity you’ve been wanting for a while.

Now that you’re back at a workstation, reality is setting in. What do you need to get your team on board and rowing together?

In a word, it’s leadership. And that has far less to do with your coding skills than your ability to communicate, motivate and collaborate. Your team will look to you for guidance in setting priorities, advocating for them up the food chain, and working with them to solve problems.

“In today’s world,” says The Ohio State Engineer Magazine, “It is essential for an engineer to possess strong communication skills; it is the biggest determiner of success in the modern engineer’s professional career.” This goes double for project leads and managers.

Clear communication starts with knowing the details of the project, defining the end goals clearly, assigning roles and setting expectations. Clarity is essential, so even when you see nodding heads, don’t assume everyone understands. Ask for discussion. A diplomatic way of ensuring your team understands what needs to be done is ask if the process and goals are realistic; does anyone see any potential problems. Invite pushback on the timeline.

Besides uncovering misunderstandings or communication gaps, you’ll demonstrate your openness to disagreement and differing points of view. Creating an environment of psychological safety is the single most important component of team success, according to Google, which exhaustively studied team leadership.

Slack blog post describes how a team lead creates psychological safety:

  1. An empathetic approach – “Strive to read your teammates. Are they content, stressed out or struggling?… Aiming to empathize with their point of view is key to gaining their trust.”
  2. Practice active listening – This means listening to understand what the person is saying rather than thinking of how we will respond.
  3. Avoid finger pointing – Constructive feedback is helpful. But blaming does nothing good. When problems arise — and they always do — focus on how to solve them. Involving the team in finding solutions is often a smart way to find creative ways to resolve problems.
  4. Be humble – When you make a mistake, admit it. When you’ve been short with someone, apologize. Say “please” and “thank you” often.

Image by Free-Photos from Pixabay

[bdp_post_carousel]

author avatar
Green Key