iPhone forensics expert, security researcher, and former jailbreak community developer Jonathan Zdziarski today announced he has accepted a position with Apple's Security Engineering and Architecture team. He did not reveal his official starting date or responsibilities at the company.
/article-new/2016/02/touchid.jpg?lossy)
I’m pleased to announce that I’ve accepted a position with Apple’s Security Engineering and Architecture team, and am very excited to be working with a group of like minded individuals so passionate about protecting the security and privacy of others.
This decision marks the conclusion of what I feel has been a matter of conscience for me over time. Privacy is sacred; our digital lives can reveal so much about us – our interests, our deepest thoughts, and even who we love. I am thrilled to be working with such an exceptional group of people who share a passion to protect that.
Zdziarski has provided input on a number of important iOS-related security matters over the years, ranging from Apple's high-profile battle with the FBI over unlocking an iPhone used by a shooter in the 2015 San Bernardino attack to smaller incidents such as a potential WhatsApp flaw uncovered last year.
Zdziarski was known as "NerveGas" within the jailbreaking community. He was formerly part of both the iPhone Dev Team and Chronic Dev Team.
Zdziarski used to be an active Twitter user, but it appears he has disabled his account recently, possibly due to his employment at Apple.
Top Rated Comments
(View all)Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.
Thanks for the kind words.My point was simply that it's funny that the media (MacRumors specifically) often refers to him as an expert when his level of expertise is only slightly above that of the average user. He's the guy quick to go to the media and fluff up accomplishments but not really doing any real work.
[doublepost=1489515225][/doublepost]
If he knew more than Johnathan, Apple would have hired him.
Back in 2008 I met with Apple's iOS security team. We showed them a tool we'd developed that pulls out passwords, email history, text messages, location data, network information, browsing history and more from the iPhone. They still claimed it was secure, what we were doing was impossible (despite seeing it right before they own eyes) and refused to work with us. So we worked with Apple's government sales guys and sold the hell out of this product to law enforcement. They've only made minor changes since then which have required very minor work to keep this method of exploiting macOS and iOS security working.Myself and my boss have spoken about computer forensics (Mac/iOS most often) at multiple MacWorlds, the DoD Cyber Crime Summit multiple years, numerous HTCIA events including their national event each year, and countless others across the world. I've trained law enforcement around the world in Mac/iOS examination. I created the concept and first software which have now become standard features in all major industry forensic tools. I may have some expertise on the topic.
You're assuming this is some big position they've offered him. MacRumors has frequently talked him up quite a bit. The reality is, he's a nobody within the world of computer forensics. Throw his name out at a conference and they'll have no idea who he is. Say someone else's name, like Andy Rosen, and they'll be able to tell you instantly about their contributions to computer security and forensics.
He probably knows more than either you or I regarding the intricacies of iOS security. Also, he’s not necesarilly taking on executive level or even senior engineer level responsibilities. He could be a paid intern for all we know, based on this article.
Let me introduce you to OldSchoolMacGuy, he's been writing forensic analysis software since (probably) before I was born. Johnathon may know more about iOS security than *you* or *I* but I'd wager OldSchoolMacGuy has a very in depth knowledge of the subject matter.Regardless, Apple should continue to hire people in the security field. It can only be good for consumers in the fight against black hats, whether individual, or state-sponsored.