Apple hires OLPC security guru to harden OS

Krstic signs on with “local fruit vendor” to beef up Mac OSX.

Apple has hired the security chief behind the one laptop per child (OLPC) initiative to harden up its operating systems.

Ivan Krstic left the OLPC project a year ago and was the chief architect behind the project’s BitFrost security system. He left the project after a botched internal restructuring and set out to, as he put it “seek adventure.”

“I have — at long last — found my new adventure. After a great deal of deliberation, I moved to California and joined the local fruit vendor,” he writes in his blog.

“Today was my first day on the job, and I couldn’t be more thrilled.”

The hiring indicates that Apple is taking a hard look at the security of its systems. While malware targeted as Apple is still rare experts have expressed concern that Apple users may be increasingly targeted.

Krstic’s BitFrost system - named after the bridge which keeps mortals from venturing into Asgard, the realm of the gods in Norse mythology - is a new form of computer security design that makes many types of malware difficult or impossible to run and eliminates the need for passwords.

At its heart is the concept of sandboxing each individual application so that it has strictly limited access to other parts of the system. This makes applications like spyware next to impossible to run.

The system also checks in to a central server daily, so that if the laptop is stolen it can be shut down remotely.

It is unlikely that a similar system could be built into the Apple operating system without a major rewrite but Krstic’s will be highly useful in locking down any areas of OSX that cause concern.