Class of 2004
Head of Apple Security Engineering and Architecture
Alumnus Ivan Krstic first became interested in questions of security when, in 1997, “I read this paper by Peter Gutmann that details the difficulties of safely erasing data from magnetic media, and it blew my mind."
"Not because I much cared, on a practical level, about erasing disk data, but because the seemingly simple question of ‘how do I delete my files safely’ had a tremendously complex answer that spanned subjects ranging from operating system design to magnetism, precision mechanics, and binary data representation in physical objects.”
Krstic has applied those interests and skills in both the commercial and academic worlds. A systems security and architecture specialist, he has worked for a number of years on core security for Apple, did a stint with Facebook, made MIT’s Technology Review’s List of Innovators Under 35 and has been described by Wired Magazine as a security guru – all before his 23rd birthday. He also served as director of security architecture for the non-profit One Laptop Per Child where his goal was to build a secure system that could be used by children and would not require constant – and sometimes expensive – antivirus software updates. Krstic built a security platform called Bitfrost that, when fully realized, will defeat “the entire purpose of writing a virus,” he says.
It is the ever-changing nature of this particular puzzle that has held Krstic’s interest and passion for close to 15 years. “I’ve come to believe it may be the hardest technical engineering field on the planet,” Krstic says. “Virtually all other engineering disciplines deal with static problems: once you have sufficient physics to characterize the issue – the load bearing capacity of a beam, aerodynamic resistance of an airplane wing, downforce from the spoiler of a race car – the problem itself won’t change parameters when you’re not looking. By contrast, the computer security field deals not with defeating physics, but defeating human adversaries. In security, no matter how good a shield you build, someone will show up and break it.”
Krstic’s job is to constantly stay ahead of those adversaries. “It’s an iterative process: I build a fence, hackers bring a ladder. I electrify the fence, they bring rubber gloves. I dig a moat, they bring a wetsuit. It’s not a game of absolutes. The test of success isn’t whether I can keep out all the hackers all the time. It’s about whether the bar is high enough. If hacking a phone requires someone to spend thousands of hours and tens of thousands of dollars, then it’s so uneconomical as to be unfeasible as a casual operation on any kind of larger scale. I get to call that a victory.”