SANS Technology Institute: Interview with Charles Edge

Posted on September 20, 2007 in General News

How did you first get interested in information security?

It seems like Ive been interested in security since I started playing with computers. It was always about trying to push the limits of what could be done. As I moved through the various phases of an IT career my interest just grew. At the University of Georgia and then in enterprise environments that I worked at when I first got out of school there was a lot of infrastructure being built out, but not a lot of interest in security. This is about the time that I found Def Con, 2600 and Black Hat, and became part of that community. Once I got a little involved in those the interest seemed to grow exponentially. Then, when I got involved in networking Macs in the Entertainment Industry, these interests came together. Now I see the hacker community somewhat of a protector, finding flaws so they arent discovered by people with bad intentions and helping to make systems more secure for everyone.

Did you always work with Macs, what is the story there?

I started out programming Basic and Pascal on the Apple II. I stayed loyal to the Mac up until I got out of college when I went to work for the then Big 6. At that time there werent many Macs in enterprise environments so I switched over to a Microsoft/Unix guy. Once I moved to LA, I started to work with the Entertainment Industry, which is predominantly Mac. Back then it was mostly OS 7 and 8 but my Unix skills came in handy during the switch to OS X from OS 9. As OS X gained more and more of a foothold and Apple began to adhere to networking standards, the skills from my past and present really started to come together. I am fortunate that I happened to be at the right place at the right time and be able to stand on the shoulders of some of the real giants in enterprise environments and at Apple, where there is never a shortage of great talent.

A lot of people tell me Macs cannot be hacked, is that true?

No system is perfectly secure out of the box. Passwords can be brute forced, there are some vulnerabilities in services that listen on the network and with all of the pieces that make up the puzzle of the OS, there are always ways to get into almost any system provided one has the patience and manages to go unnoticed. This is no different with a Mac. However, with some tuning and user education, the OS becomes much more secure.

The core OS is pretty safe. But like most nix flavors it relies on a patchwork of open source software. As new versions of these packages become available Apple isnt always quick to integrate. These 3rd party packages are more commonly vulnerable than OS X itself. If you take packages like Apache, Samba and LDAP they can be made really secure, but it often takes a lot of experience with the package itself to harden each one appropriately.