Arik Hesseldahl

Recent Posts by Arik Hesseldahl

Meet Some of the People at Apple Responsible for Fighting Hackers


Sergey Nivens /

When Apple disclosed to the world yesterday that it, too, had suffered a breach at the hands of unknown hackers — apparently by way of a website devoted to iPhone software development — it brought some unwelcome attention to the company in an area where it has rarely had much bad news to talk about: Security.

But that’s not to say that Apple hasn’t been preparing — quietly as always — for the kind of eventualities that tend to crop up when hackers and other digital miscreants are taken to probing your systems for vulnerabilities.

One visible sign of that preparation can be detected in the personnel that Apple has been hiring in the area of software and system security in recent years. Apple rarely if ever comments on any but its most senior hires. Nevertheless, several names have come to light. And while Apple generally doesn’t comment to confirm or deny the role that any of these people may or may not be playing in response to the latest incident, here are some people whose job at Apple involves security.

Craig Federighi: Senior vice president for software engineering, Federighi is in charge of all aspects of Apple’s operating system software, both on the Mac and the iOS platforms, and reports directly to CEO Tim Cook. He inherited responsibility for iOS after last year’s departure of Scott Forstal. He worked at Next Computer, the company Apple acquired in 1996 that brought Steve Jobs back to Apple after more than a decade. Later, Federighi spent a decade at Ariba, including a stint as its CTO. Everyone involved in OS security, whether for the iPhone, iPad or the Mac, reports to him.

David Rice: Hired in 2011 as Apple’s global director of security, Rice is a graduate of the U.S. Naval War College and spent time at the National Security Agency. However, he’s best known for his 2007 book “Geekonomics,” in which he argued that software is a new kind of public infrastructure that when built badly amounts to a public hazard, and those who buy it become virtual crash test dummies who have to suffer with a software industry that is unaccountable for the results.

Window Snyder: Hired in 2010, Snyder lists her title as Senior Product Manager, Security and Privacy. She had previously headed up security operations at Mozilla, the open source software organization responsible for the Firefox Web browser. She has also held software security positions at Microsoft and @stake, a security firm that’s now part of Symantec. She’s listed as co-author, with Frank Swiderski, of a Microsoft-produced book called “Threat Modeling,” which focuses on looking at computer security from the point of view of an attacker.

Ivan Krstić: Hired in 2009, the Croatian-born Krstić is in charge of core OS security on the Mac. He previously ran security for the One Laptop Per Child program, where he came up with a method to secure programs in Linux called BitFrost that wrapped individual programs in their own virtual operating environments so that one couldn’t harm the other. The approach was considered so novel that some suggested incorporating it as a core feature of Linux.

Kristin Paget: Currently a Core OS Security Researcher, Paget is a Microsoft veteran who’s generally credited with “saving Windows Vista” by forcing a delay in that operating system’s release after demonstrating that it wasn’t as secure as previously thought, Paget joined Apple late last year as a Core OS security researcher. Her hiring was first reported by Wired.

Image: Sergey Nivens /

Latest Video

View all videos »

Search »

First the NSA came for, well, jeez pretty much everybody’s data at this point, and I said nothing because wait how does this joke work

— Parker Higgins via Twitter