Lessons learned for Mac users from Black Hat and Def Con conferences

News from the recent Black Hat and Def Con security conferences in Las Vegas was…not good. We’ve come to expect bad tidings for our cherished electronic devices at around this time every year. And indeed, these conferences often reveal startling vulnerabilities and exploits that malicious actors and “frenemy” states have probably been privy to for some time. And though, as Buzzfeed tech writer Joe Bernstein points out, Black Hat is the equivalent of a burglar breaking through your windows, entering your home, and then asking for commendation for proving that your windows could use some reinforcement — it’s still an event with a noble goal. In the depraved and paranoid world of the internet, this is what security looks like.

Black Hat and Defcon are places where people take notes on paper, not on electronic devices, and many probably leave their wallets at home, because everyone is too scared about some nut swiping their info with an RFID scanner or cracking into their devices through Bluetooth. Joe Bernstein’s account of his time at Black Hat are prescient. “This event radiates distrust, like a mean old croupier”, Bernstein writes. Between the depressing backdrop of Las Vegas, and the feverish paranoid hallways, it sounds like a bleak event. Bernstein draws a compelling parallel between the city of Vegas, destined to be reclaimed by the desert, and the fragility of our business, our culture, and our lives structured around increasingly complex and still fallible technology.

Among the shocking unveilings at Black Hat and Def Con, Thunderstrike 2 aside, was bad news for new-model car owners. According to Charlie Miller and Chris Valasek, there’s a variety of ways to take control of new Chryslers remotely, brakes, accelerator, and all. This, in the wake of keyless entry scandals plaguing Land Rover and many others, is scary news.

But we’re here for Mac news, and the news is grim. According to former National Security Agency employee Patrick Wardle, Mac’s protection against malware rates only a “C+”. The reason Apple isn’t experiencing large scale issues is the same as its always been, there just still aren’t enough people devoting time to crack Macs. While this is a good thing, it is increasingly becoming a good thing of the past. As Apple devices continue to proliferate, especially iPhones and iPads, Apple will have a day of reckoning soon, security experts fear.

Everyone, countries, commercial users, car drivers, business using contactless payment tech, Apple users, Windows users, Android users, are all, in Bernstein’s words, “fucked”. “It’s enough to make a person long for a little regulation, and a little enforcement, just to put a stop to all the unmitigated fucking”, Bernstein continues to lament. Buzzfeed’s tech writer tells of a speech given by Leonard Bailey, special council for National Security in the Department of Justice. After his “very smart, very clear, very measured” talk, Bernstein realizes that Bailey isn’t as above the fray as he’d like. In fact, as a federal employee his personal information has almost definitely been leaked in the massive Office of Personnel Management hack. Good luck trying to charge whatever state or states were responsible for that with a Computer Fraud and Abuse Act violation.

Well, if you haven’t already built a Faraday cage around your house or chucked all your electronics into the proper recycling bins, what is to be done? Unfortunately, conferences like Black Hat and Def Con are our best weapon against truly malicious forces. One big takeaway from the whole ordeal is for companies to redouble efforts to catch these vulnerabilities early, for Apple to devote more time to security, and for us all to either become OK with the tenuous electronic world we live in, or flip the script like the paranoids in Vegas, and ditch the iPads for notepads, paper notepads.