New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Acquired Firmware Security Company LegbaCore Last November

legbacoreApple acquired firmware security company LegbaCore in November 2015, according to security researcher Trammell Hudson, who revealed the acquisition in his presentation at the 32C3 conference in December. LegbaCore's goal, according to founder Xeno Kovah, is "to help build systems that are as secure as we know how to make."

In November, Kovah and fellow LegbaCore founder Corey Kallenberg revealed that they had joined Apple as full-time employees. Just a couple days before that, LegbaCore's website announced that it would "not be accepting any new customer engagements", noting that the website would remain up "to serve as a reference for LegbaCore's past work."

LegbaCore had collaborated with Hudson on Thunderstrike 2, the first firmware worm to affect Mac computers. The malware is impossible to remove, resistant to both firmware and software updates. LegbaCore and Hudson had alerted Apple to Thunderstrike 2's vulnerabilities and Apple began work on fixes, issuing one in June 2015.

On Twitter, Kovah said that Apple began discussions with LegbaCore after the consultancy's presentation in summer 2015. It soon became clear to Kovah and Kallenberg that Apple had "some *very* interesting and highly impactful work" that the two could participate in. They were eventually convinced to wind down LegbaCore's existing contracts and begin work at Apple.

While LegbaCore is a security consultancy firm that doesn't own any specific technology, it's likely Apple will use Kovah and Kallenberg's talent and knowledge to help improve firmware and software security in future iterations of Apple's various hardware and software products. LegbaCore's work includes research on Thunderstrike 2, "dead code" for BIOS attacks and more.

(Thanks, Jost!)



Top Rated Comments

(View all)

9 months ago
You know where firmware security would be *really* critical?

A car.

Just sayin'.

Of course it matters everywhere else too...
Rating: 21 Votes
9 months ago
This rocks. If there is one thing Apple can do to distance itself from the competition (Google and Microsoft where your the product or your the product and shared with the NSA) its going all in on giving users privacy and security.

Apple will need an extended focus on this (the security / privacy environment will only get worse) so this is a good sign upper management really gets it. Go Apple - this is how you make sure I get a Mac next time I'm replacing a PC.
Rating: 13 Votes
9 months ago
I like where this is headed.....

Stay tuned!
Rating: 9 Votes
9 months ago

This rocks. If there is one thing Apple can do to distance itself from the competition (Google and Microsoft where your the product or your the product and shared with the NSA) its going all in on giving users privacy and security.

Apple will need an extended focus on this (the security / privacy environment will only get worse) so this is a good sign upper management really gets it. Go Apple - this is how you make sure I get a Mac next time I'm replacing a PC.


Plus now they have to worry about the government trying to backdoor their ass for the next few decades. No pun intended.
Rating: 8 Votes
9 months ago

With that image it makes them look like they're a conglomerate for some jailbreaking organization. I Like it.

No, I think it means Apple is now being run by the Free Masons.
Rating: 7 Votes
9 months ago

1. Create exploit
2. Publicize exploit
3. ???
4. Profit

The exploit already exists, they just find it and take advantage of it. Then they let Apple know. Then they tell Apple we will tell you how for a fee. Then profit
if they do nothing they release the exploit. Then no profit.
Rating: 7 Votes
9 months ago
With that image it makes them look like they're a conglomerate for some jailbreaking organization. I Like it.
Rating: 6 Votes
9 months ago
Creepy logo.

Reminds me of something the US Department of Defence would come up with...

Rating: 4 Votes
9 months ago
"The malware is impossible to remove, resistant to both firmware and software updates"
How can a bug be resistant to firmware updates?
Rating: 3 Votes
9 months ago
Acquihire in its most pure form. I don't think it was done with any specific project in mind, but rather the importance of making all systems as secure as possible. The question I have is will Apple keep them off-campus or find them an office at one Infinity. That might give us a better indication of how Apple intends to use their insight; i.e., part of a design team or as quality control.
Rating: 3 Votes

[ Read All Comments ]