Silence is the virtue of fools - Francis Bacon
|
|
|
The Iphone OS needs to be opened up, says Kaspersky
THE INFOSEC CONFERENCE WAS TOLD that Apple's Iphone is secure for now, but if Apple doesn't open up the system it will lose out to rival mobile operating systems due to its lack of flexibility.
Eugene Kaspersky, founder and CEO of Kaspersky Labs, said at Infosec that if Apple does not change its Iphone OS within three years to be more open like Android, it will lose market share because there will be less software supporting it.
He said, "Symbian was very secure. Nokia had a very secure system for years, but it started to lose the market because it didn't have the functionality."
"They changed its mind and now it's open source. They moved from the far, far left to the far, far right in terms of security."
Software vendors can't put security software on the Iphone because it is so locked down, so Kaspersky obviously has a vested interest in making the device more open as his company deals with mobile security.
So the Inquirer went for a talk with David Harley, director of malware intelligence at ESET, who has had many years experience with Apple security and was speaking at Infosec on the subject.
He said that Apple's whitelisting of Iphone applications, where the availability of apps is controlled by Apple, means that that anything running on the apps store is thought to be 'safe'.
Harley said, "I'm not convinced that they can maintain that model indefinitely. First of all as more and more people want to jump on the [Apple] bandwagon it's going to be less and less feasible to spend the time of checking on every application for total security."
He added that there had been hints that there have been 'grey' applications that had got through.
"The other thing is that a lot of Apple users want freedom to choose their own applications. Sooner or later Apple is going to have to find someway of accommodating some of the people who break Iphones. There are an awful lot of them."
This asks the question about 'jailbreaking', where doing it is a breach of Apple's agreement and in effect the user affected 'deserves everything they get'. This is why last year's reports of Apple Iphone Trojans weren't taken that seriously, as they hit hacked phones.
"I can't say that's completely wrong, but what are the odds that at some point some breach is going to leak into un-jailbroken phones?"
If Apple did loosen the reins, Harley said that it would need some form of security that differed from application whitelisting, although he was unclear about what form this would take. µ
Share this:
Share
Open for Kaspersky to make some money off a platform that is tempting them so much they look less capable of controlling their desires than those wall street high ups who were watching porn while the meltdown was in full swing.
It needs to stay exactly like it is, and Kaspersky and co can stay away from putting their grubby mitts on them thar shiny internals.
That said, I want the Iphone to stay like it is not because I'm a lobotomized turtlenecked dweeb, but because I'm interested in seeing
1) if there are actually any virii that will show up on the platform, thus proving that multitasking is possible without His Jobsness' approval and that fruityness is not, in point of fact, a guarantee against viruses in one fell swoop
2) How the fruity followers will deal with the situation (denial ? righteous indignation ? petitions ?)
3) How His Jobsness will deal with the fallout (could we witness some chair chucking ?)
4) How efficiently Apple programmers will deal with the issue (you know, the ones that actually work while His Jobsness does the marketing)
In order for this experiment to succeed, Kaspersky and all his buddies must absolutely be kept outside the premises. That condition is sine qua non.
Jobs has become so dictatorial and anal these last several years that the iPhone probably doesn't need to be opened up, but SHOVED up where the sun don't shine. That would probably give him some ful"fill"ment.
Unable to edit parts of URL in Safari browser:
Safari wouldn't let me select parts of the url I had typed in so I could delete them or edit them. Try clicking on part of the link and then selecting from there to the left or right, nothing happens, lol.
It was almost impossible to point the cursor to where I wanted to and add a letter. This meant I had to re-write the whole url again. Pathetic. I expected basic functionality like this to be there.
It's sort of easy to use, but sort of not. It's like the parts that work well are better than the competition, like pinch to zoom or scrolling around, but once you try to find settings or do something normal that it cannot do then it's a royal pain in the ass.
Where can I turn on SMS message delivery receipts? Does it even do that? Do I have to BUY a bloody app to do this?
Online Radio app - why isn't there one? This is a joke. I cannot listen to any radio station live through the browser/media player. LOL. Someone made one, but I think it got banned because it doesn't seem to be available anywhere now.
Online radio, isn't that a basic that any smart phone can run, especially over wifi? Not on the iphone 3G latest model.
Fanbois, please provide answers!
First of all, not all iphones are equal. The GS model has twice the RAM that previous models have. This causes problems today with Apps like Ace Combat, and WILL ONLY BECOME WORSE AS THE 4G, 5G, and 6G are released (ad nauseam) AS each NEW MODEL HAS MORE SPEED AND !RAM! THAN THE PREVIOUS MODEL. The 2G phone WILL NOT BE compatible with future iphone updates, it you recall!
Second of all, people with the ability to create new apps for themselves (and maybe some friends) don't want to have to deal with the Jobster just to write some personal scripts or programs. Come on people, does anyone here know how to program?
This discussion reminds me of a friend who spent U$300 on a toaster becuase it was pretty. Fanboui are of that mindset, they'll pay hundreds (thousands?) on a shiny Apple device, but not be interested in making (demanding) a way to make it do real work for them.
I feel like the Apple Fanoui all wish to be sheltered on Retarded Island.
are you sure you've been on earth?
Leap-A was an OSX Virus released early 06
"No OSX viruses - don't know where you've been hiding for the last 5 years."
I've been on the planet Earth, third planet around the star Sol. Where have YOU been?
Please name a single OS X virus in the wild. There are NONE.
Granted, there are a few trojans, but that's a different thing entirely. You might want to learn the difference between a virus and a trojan before shooting off your mouth.
In short, a virus is self-propogating. This is incredibly dangerous because the user doesn't have to do anything to get it. Fortunately, there are NONE for Mac OS X vs tens of thousands for Windows.
A trojan is a piece of malware which ASKS the users if it should be installed and then installs itself if the user says 'OK'. There's really no way to protect people against doing stupid things - on any platform. Even so, there are far fewer Trojans for the Mac than for Windows.
Oh, BTW, in case you want to make the NEXT juvenile response (that no one writes malware for the Mac because it's not common enough), there are plenty of counterexamples which show that to be wrong, but let's say you're right? Since I don't think Mac OS X is going to outsell Windows any time soon, that logic implies that Macs will ALWAYS be safer.
"Eugene Kaspersky, founder and CEO of Kaspersky Labs, said at Infosec that if Apple does not change its Iphone OS within three years to be more open like Android, it will lose market share because there will be less software supporting it."
What proof does Kaspersky have that customers or developers value openness, so much, that they will desert Apple because of it? None. There is no lack of applications for the iPhone; nor is there a lack of developers.
Comparing the iPhone OS to inferior software like Symbian is absurd. The Android phones are so open that they do not have the same hardware specs; this limits the compatibility for applications.
There could be 50 thousand Android applications, but less than a quarter could work on any particular Android phone. Apple has 200 thousand apps which work on all of its phones. This practice will be changing with the iPad, but it will be less of a problem than the Android phones have now.
"Software vendors can't put security software on the Iphone because it is so locked down, so Kaspersky obviously has a vested interest in making the device more open as his company deals with mobile security."
The iPhone has no need for Kaspersky's software, so it doesn't matter if Apple is open or closed.
"David Harley, director of malware intelligence at ESET ... said that Apple's whitelisting of Iphone applications, where the availability of apps is controlled by Apple, means that that anything running on the apps store is thought to be 'safe'"
This is faint praise. It assumes that Apple is perfect, so that all the applications it approves will be perfect too. What balderdash!
""I'm not convinced that they can maintain that model indefinitely. First of all as more and more people want to jump on the [Apple] bandwagon it's going to be less and less feasible to spend the time of checking on every application for total security. He added that there had been hints that there have been 'grey' applications that had got through."
Hey! Wait a minute. Wasn't Kaspersky saying that people wouldn't be developing for the iPhone?
Now, the author is using Harley to say that there will so much development that Apple will lose control of it? Will the author make up his mind? What is he trying to prove, except his biases against Apple?
""The other thing is that a lot of Apple users want freedom to choose their own applications. Sooner or later Apple is going to have to find someway of accommodating some of the people who break Iphones. There are an awful lot of them."
Yes, Apple will need to lock down the iPhone even further. But, doesn't that contradict what Kaspersky said?
The Author is merely repeating a series of anti-Apple assertions and speculations which contradict each other.
If Apple doesn't lose control, then the author will be claiming that Apple is taking too much time approving apps. He will be saying that is proves Kapersky's point. But, wait! Saying so would disprove Harleys assertions.
Wait again! Doesn't this prove that the author is mindless? Yes.
No OSX viruses - don't know where you've been hiding for the last 5 years.
Looks like James Katt is another deluded fanboi. Tell me, do you like the taste of Steve Jobs' meat?
The only iPhones that get security breached are the iPhones that are jailbreaked. Otherwise, the iPhone is a highly secure platform because no unsigned app can run on it.
Realize that the underlying operating system of the iPhone is THE SAME as on Macs - OS X.
And in 10 years of OS X's existence there have been ZERO viruses.
There are no OS X Botnets.
There are no OS X Viruses.
There is no need for iPhone security software that Apple, itself, doesn't build into every iPhone.
This article is just another whiney article and is much ado about nothing.
Joe - you might like to get some professional help for your problem.
@hexx:
"ps3 os nees to be open, xbox os needs to be open....why???? i don't get this, why?"
Because some people are radicals who believe that 'Open' is the only thing that matters. They'd rather have an open POS app than a proprietary app that works incredibly well.
Fortunately, most of the world doesn't work that way. If we divide the entire world into 'open' and proprietary, let's see what we have on the 'open' side:
Linux
Android
Former Soviet Union (and other communist countries - IN THEORY, but not in practice)
ummmmm....
Well, looks sort of one-sided. I guess the 'you must be open to succeed' mantra doesn't work as well in real life as in their yoga sessions
ps3 os nees to be open, xbox os needs to be open....why???? i don't get this, why?
Suppose that Naughtyware Inc. puts an app on, say for social networking or media sharing, that either does a bit too much with users' personal data, or just turns on the camera and watches for you taking out your credit card.
Apple becomes aware of this and summarily kills the app.
Who are we going to hear about it from? Not Apple because the story only hurts their image, and they have dealt with it and destroyed the evidence. And not Naughtyware Inc., because either they're embarrassed too or they are cold-hearted fraudsters.
The one thing about the restriction on native language of apps is that while Apple probably can't scrutinise every app's source code, they probably can scrutinise any app's source code when there seems to be a problem. Which is good, probably, but you'd better not have any cool unpatented algorithms or trade secrets in there. Uncle Steve could just help himself.
Not a chance.
"He added that there had been hints that there have been 'grey' applications that had got through."
Not an iPhone fan but how leading is this comment? No facts,just innuendo - sounds just like FUD to drum up business.
Might be true I suppose but surely he can provide some evidence in that case