×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security Firms Can't Protect iPhone From Threats

kdawson posted more than 4 years ago | from the work-with-me-here dept.

Cellphones 137

nk497 writes "F-Secure researchers are calling attention to the fact that it's impossible to run third-party anti-virus on iPhones, because the SDK doesn't allow for it. It's a problem, as they claim malware will start to target the phone. 'None of the existing anti-virus vendors can make one, without help from Apple,' chief research officer Mikko Hypponen said. 'Apple hasn't been too interested in developing antivirus solutions for the iPhone, because there are no viruses, which of course, isn't exactly true.' At the moment, the only worms faced by the iPhone have targeted unlocked, jailbroken devices — so Apple's not too bothered protecting users of such phones." While Apple claims that the iPhone's closed nature offers protection to its users, and security vendors maneuver for a piece of a market now closed to them, clearly both sides are pushing their own self-interest.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

137 comments

It's closed so it's perfect (3, Insightful)

Fred_A (10934) | more than 4 years ago | (#30244986)

And it's from Apple.

So it's doubly perfect. It's not like Mac OS has any security problems either.

So nothing to see here.

Re:It's closed so it's perfect (1, Interesting)

sopssa (1498795) | more than 4 years ago | (#30245016)

Mac OS X has security problems because it allows running executables and non-signed programs too. iPhone on the other hand doesn't, so trojans and such wont work. The only possible way is to exploit a vulnerability, but that doesn't happen every day and should be pretty quickly patched by Apple (doesn't the phone network push updates automatically?). And if there's a new exploit, antivirus software are just as bad in protecting against it.

Re:It's closed so it's perfect (5, Insightful)

v1 (525388) | more than 4 years ago | (#30245786)

This entire thing is just laughable. "we can't write A/V software for your product because no one can write software for the iphone that is, or that stops, viruses". So, they're asking Apple to create the problem, which they will then be able to sell a fix for.

Just HOW stupid do they think we all are?

The only people right now that have any use for antivirus or antimalware software for their iphone are those that have jailbroken them, in which case they could also install and run AV software But there's not a big enough market for that at this point. If they really wanted to write it, they could, right now. There's just not enough profit in it yet.

Re:It's closed so it's perfect (1)

cepayne (998850) | more than 4 years ago | (#30246446)

The gold diggers are circling.....

It translates into, "it's my right to be able to profit from someone else's product"...

AV Vendors please go back to the windows desktop PC where you came from.

Re:It's closed so it's perfect (2, Insightful)

v1 (525388) | more than 4 years ago | (#30246692)

AV Vendors please go back to the windows desktop PC where you came from.

And a portion of the irony here is that this is partly the reason that windows has such a virus and malware problem. "We want the mac platform to be just as exploitable as the windows platform, so we can profit from it too."

Uh... NO . go away.

Re:It's closed so it's perfect (5, Interesting)

rolfwind (528248) | more than 4 years ago | (#30245048)

Anti-virus/anti-malware always seems to be a shitty bandaid to a badly designed system. Even running Windows 7, with UAC on, non-administrative account 99.999% time, always a non-IE browser, and very strict on what I run as .exe and where I download them, ad-aware just found some wind32 trojan.

Also, people forget this is supposed to be a portable device, even a phone sometimes. Remember what most A/V does to your desktop? I don't run A/V on my notebook, and I actually do want a decent battery life on my phone, as hard as that is to believe.

However, I know there will be problems with the iPhone. I do wish its safari had the option of "noscript" and stronger adblock plus than its own system among other things. And that when you do use it for the first time, it would have a video on safe usage. You can't upgrade or improve the user, the weakest link, but at least you can try to lead that horse to water that is education.

Re:It's closed so it's perfect (1)

LordLimecat (1103839) | more than 4 years ago | (#30245632)

non-administrative account 99.999% time

always a non-IE browser

Not sure how important this is with IE8 and Win7-- IEs protected mode vs Chrome's sandbox vs whatever firefox has may be a wash. Chrome and IE may even have a leg up on firefox.

and very strict on what I run as .exe and where I download them....ad-aware just found some wind32 trojan

If you start downloading unsigned executables from untrusted sources this will always be a risk. You may want to make sure that A) youre not relying on ad-aware as your primary AV (as it isnt an AV! might as well use clamwin if you dont want active scanning) and B) your plugins (im looking at you, adobe reader!) are up to date-- that seems like a VERY common attack vector these days.

Re:It's closed so it's perfect (1)

Kaboom13 (235759) | more than 4 years ago | (#30245834)

I deal with malware quite a bit. The most common infection source I have seen lately has been unpatched adobe reader, java, or flash plugins. That and people who click those "Your computer has registry error" banners and install whatever it asks them too. WSUS makes keeping all the systems on a network updated with Windows updates very simple, but unless you have a tightly controlled environment keeping all the plug-ins and such updated automatically is much more difficult. Home users can use the excellent Secunia PSI for free to make sure they are keeping on top of updates, as it scans all the programs and warns you if any are out of date.

Re:It's closed so it's perfect (1)

L4t3r4lu5 (1216702) | more than 4 years ago | (#30245702)

You're running V1.0 software. Of course it is going to have holes!

By god, man, where have you been?! XP was rooted before it was released.

Come back when SP1 is out.

Re:It's closed so it's perfect (0)

Anonymous Coward | more than 4 years ago | (#30247120)

Even running Windows 7, with UAC on, non-administrative account 99.999% time, always a non-IE browser, and very strict on what I run as .exe and where I download them, ad-aware just found some wind32 trojan.

Funnily enough the band-aid that is supposed to fix the broken system* isn't mentioned in your little line-up. If only you had used that band-aid *before* very strictly running things...

Maybe you can do us all a favor and backtrack what, exactly, you ran that got you that supposed malware, so the rest of us can stay the hell away from it.. instead of karmawhoring with the usual "anti-virus is a flawed concept" and anti-Windows rhetoric.

* tip: the part of the system that is broken is not your computer with Windows 7, UAC on, non-admin account with non-IE browser.

Re:It's closed so it's perfect (2, Insightful)

flanders123 (871781) | more than 4 years ago | (#30245160)

Wake me when a security problem surfaces on a non-jail broken iPhone.

The mac OS is not as closed as the iPhone, which is why it is more vulnerable.

...Still waiting.

Re:It's closed so it's perfect (0, Troll)

mdwh2 (535323) | more than 4 years ago | (#30245428)

Everytime someone wants to do something all other phones can do (run any app, or use as a modem), it's: "Doesn't matter, you can just jailbreak it".

Everytime someone points out a gaping security issue, it's: "Who cares, only applies to jailbroken phones".

Which is it?

Re:It's closed so it's perfect (4, Insightful)

Anonymous Coward | more than 4 years ago | (#30245536)

It's false for anyone to claim that there are any active worms or viruses on iPhone. The reported worms don't target the OS but rather the fact that users are (1) explicitly installing OpenSSH and (2) not changing their default passwords. Any machine at all that is on the internet with a known root password is vulnerable. It's similar to buying a router and leaving the password at "password." Is this a flaw in the router or the user?

Re:It's closed so it's perfect (0)

Anonymous Coward | more than 4 years ago | (#30245634)

While what you said about putting machines on the internet with a known password and all is completely true, you are wrong about there not being any active worms. There are two of them. Just because they exploit improper configuration doesn't make them "not worms" even if you really really want it to. Many worms target things other than the OS (for example Apache web server, Oracle, MySQL, etc.)

Re:It's closed so it's perfect (1)

jedidiah (1196) | more than 4 years ago | (#30245732)

They seem to be entirely self inflicted. So you're smart enough to manually install an ssh daemon but not smart enough to set a password.

How is ANY commercial AV solution supposed to protect against the user being a total idiot?

Adding so more kludges to the system is really not the solution.

Re:It's closed so it's perfect (1)

bertoelcon (1557907) | more than 4 years ago | (#30247678)

How is ANY commercial AV solution supposed to protect against the user being a total idiot?

They could lock down the system until the user passes a basic security exam. Then force a retake of the exam on every reboot, standby, etc.

Re:It's closed so it's perfect (1)

flanders123 (871781) | more than 4 years ago | (#30245988)

That is exactly it... It is a trade-off. It's not really a question of whether the device/os is bad or great.. its the trade-off of having a completely closed system vs an open one. It's security and stability (and for Apple, profitability) vs flexibility. IMHO Flexibility is less important to mass consumers than most here think.

I just don't think a manufacture can be held responsible for unintended and unsupported use of their products. For example, good luck getting warranty support on your Ford Taurus when you blow the engine after mounting a nitrous kit.

Re:It's closed so it's perfect (1)

globaljustin (574257) | more than 4 years ago | (#30247622)

Parent is making a false dichotomy.
 
 

Everytime someone points out a gaping security issue

This statement implies that the iPhone is rife with security issues. What are the security issues of the iPhone? What are the proven threats?

Re:It's closed so it's perfect (1)

mdwh2 (535323) | more than 4 years ago | (#30245446)

PS - as for your other comment, I remember on other stories how people were insisting that Iphones ran OS X... Obviously it does when it's something to brag about, and it doesn't when it's a problem, I guess.

Re:It's closed so it's perfect (1)

crmarvin42 (652893) | more than 4 years ago | (#30245680)

AFAIK, the iPhone OS was originally based on Mac OS 10.4. It contained the same basic kernel but a lot of the main OS files were removed because they weren't used. It also, contained iPhone specific code that prevents unsigned code from executing.

Consequently the iPhone inherits much of the stability and security baked into the desktop OS plus the iPhone specific security features minus those insecurities based on the code from the desktop OS that was axes to make the iPhone OS.

Re:It's closed so it's perfect (4, Insightful)

plover (150551) | more than 4 years ago | (#30245212)

Look at it the other way: it's perfect, until it's not closed.

What I mean is that Apple is doing the right thing. They should continue to deny anti-virus vendors from selling their warez, at least until there's a proven threat. And so far, there are none. From Apple's viewpoint, it's a great marketing tool to be so confident in their security that they won't compromise it by letting AV software on the platform. And for everyone who knows just how crappy AV software usually is (and how bad it drags down performance) it really is good news.

Seriously. As long as Apple keeps patching the holes the jail breakers use (which they seem to do within days) there simply are no credible threats. Oddly enough, this means the jail breakers are actually their best allies, in that they absolutely have the strongest motivations to hack the iPhone; and since their jailbreaks must necessarily be public to be useful, Apple can keep in lockstep with them.

That also means Apple must continue to keep it tightly closed, and never permit leaky crapware like Flash to run on it. Which indirectly benefits the rest of us, as that means sites that want to play nice with iPhones may provide usable Flash-free alternatives. We can hope, anyway.

Re:It's closed so it's perfect (1)

pureevilmatt (711216) | more than 4 years ago | (#30246276)

I think you have that backwards. Apple releases the new update, which often re-jails the phone... and within days the hackers have another jailbreak. It's usually months in between when the jailbreak is released and when apple has the patch that fixes the hole.

Re:It's closed so it's perfect (2, Interesting)

john82 (68332) | more than 4 years ago | (#30245248)

RTFA.

If you don't void the user agreement by jailbreaking your iPhone, you don't have this problem. Apple set up the environment. As it's designed, users are protected. If you choose to negate that design, you may have problems.

Where is Apple's liability if you don't use it as designed (or as dictated in the UA)?

Re:It's closed so it's perfect (1)

Plunky (929104) | more than 4 years ago | (#30245550)

If you don't void the user agreement by jailbreaking your iPhone, you don't have this problem. Apple set up the environment. As it's designed, users are protected. If you choose to negate that design, you may have problems.

Also, if you jailbreak (and thereby opt out of Apples managed environment) - you can run an anti-virus if you want, if you can find it, right?

Re:It's closed so it's perfect (1)

loutr (626763) | more than 4 years ago | (#30246274)

Yes you could. But right now it would be useless, because so far viruses gain access to the phone through SSH using the default root password, which can be changed using the standard unix program passwd.

Re:It's closed so it's perfect (0)

Anonymous Coward | more than 4 years ago | (#30245488)

The security risk reported until now is only on jailbroken iphones.

The anti-virus companies are saying they can't run on the iphone. Not true, they can run on the jailbroken phones whenever they want. Now do they want to do that? I don't think so.

What they really want is that the normal iphones become insecure, and then they can scam money from the masses!

Re:It's closed so it's perfect (2, Insightful)

SilverJets (131916) | more than 4 years ago | (#30245596)

If Apple opens up the iPhone to allow third-party anti-virus programs to run, guess what will happen? All of a sudden there will be viruses for the iPhone. Gee, I wonder why Apple doesn't want to do that?

No sympathy from me for people using hacked iPhones and getting trojans since they knew the risks when they hacked it.

Re:It's closed so it's perfect (1)

AmberBlackCat (829689) | more than 4 years ago | (#30246804)

Maybe the best way to shut the security companies up is to allow McAfee and Symantec to make antivirus software for the iPhone and let their customers see what that software does to iPhone performance. You know, let the customers decide between (being protected from possible viruses) and (being able to run any other app besides the antivirus)...

Re:It's closed so it's perfect,Christmas gift, (0, Troll)

coolforsale1214 (1688170) | more than 4 years ago | (#30245762)

http://www.coolforsale.com/ [coolforsale.com] Dear ladies and gentlemen Hello, In order to meet Christmas, Site launched Christmas spree, welcome new and old customers come to participate in the there are unexpected surprises, look forward to your arrival. Only this site have this treatmentOur goal is "Best quality, Best reputation , Best services". Your satisfaction is our main pursue. You can find the best products from us, meeting your different needs. Ladies and Gentlemen weicome to my coolforsale.com.Here,there are the most fashion products . Pass by but don't miss it.Select your favorite clothing! Welcome to come next time ! Thank you! http://www.coolforsale.com/productlist.asp?id=s76 [coolforsale.com] (Tracksuit w) ugg boot,POLO hoody,Jacket, Air jordan(1-24)shoes $33 Nike shox(R4,NZ,OZ,TL1,TL2,TL3) $35 Handbags(Coach lv fendi d&g) $35 Tshirts (Polo ,ed hardy,lacoste) $16 free shipping Thanks!!! Advance wish you a merry Christmas.

better for apple (0)

sopssa (1498795) | more than 4 years ago | (#30244994)

At the moment, the only worms faced by the iPhone have targeted unlocked, jailbroken devices — so Apple's not too bothered protecting users of such phones.

Of course, it's just better for Apple if the viruses do go around in jailbroken devices.

And how would iphone support antivirus anyway? It can only run one program at a time.

Re:better for apple (1)

Fred_A (10934) | more than 4 years ago | (#30245014)

And how would iphone support antivirus anyway? It can only run one program at a time.

Apparently it can only present one UI, but can presumably run several things. Hence the required help from Apple that the security firms asked for.
And if there are farting apps, there's no reason why there shouldn't be an icondom (or whatever).

Re:better for apple (2, Funny)

MrMr (219533) | more than 4 years ago | (#30245018)

Don't you get it: Running the antivirus software keeps all other programs including the malware from running.
Sure sounds familiar...

Re:better for apple (0)

Anonymous Coward | more than 4 years ago | (#30245092)

Technically, the iPhone is running OS X, so it can run as many processes as the hardware will allow. It is the fact that apps are run under heavy restrictions which prevent multiple apps from running on a pristine iPhone.

Re:better for apple (2, Informative)

Duradin (1261418) | more than 4 years ago | (#30245190)

Only third party apps are barred from running in the background.

Apple apps can and do run in the background which is why any AV company would have to work with Apple.

F-Secure smells money (5, Interesting)

cerberusss (660701) | more than 4 years ago | (#30245012)

From the summary, F-Secure: "'Apple hasn't been too interested in developing antivirus solutions for the iPhone, because there are no viruses, which of course, isn't exactly true.' .

No, indeed, only jailbroken phones were infected. Thus the obvious solution for F-Secure would be to bring out an app in Cydia or other app stores for jailbroken devices.

Of course, rather than do something, their execs prefer to spend their time whining.

Re:F-Secure smells money (2, Insightful)

sopssa (1498795) | more than 4 years ago | (#30245054)

Yep, if they are worried, just push it out to Cydia. Of course most (before someone comes whining, I did not say all!) of the users with jailbroken phones use pirated software, so there's no money in that.

Re:F-Secure smells money (1)

loutr (626763) | more than 4 years ago | (#30245112)

I buy software from Cydia you insensitive clod !

But I wouldn't buy an AV, I already have one. It's called passwd.

Re:F-Secure smells money (1)

mysidia (191772) | more than 4 years ago | (#30245198)

Except requiring a username, password, and registered device id# combination to download updates...

If more devices than purchases try to login to a specified username, then next update send their AV a code that says "Banned" instead of giving access to files, and the program deactivates itself one detecting it's pirated, and has no access to download updates.

Proxying the updates (1)

tepples (727027) | more than 4 years ago | (#30245490)

Except requiring a username, password, and registered device id# combination to download updates

Then one hacked version of the antivirus app would upload the updates to a pirate server, and the publicly available hacked version of the antivirus app would download the updates from that server.

Re:F-Secure smells money (1)

dtml-try MyNick (453562) | more than 4 years ago | (#30245416)

Apart from the fact that it's a very unstable environment to develop in, both in a end-user as technical way.

*If* a company like AV would choose to sell a app purely targeted at jailbroken phones and distribute that app via other sources than the Apple Appstore.

Would apple have any legal ground to stop that distribution?

I'm glad they can't make anti-virus for iphone. (2, Informative)

stevens (84346) | more than 4 years ago | (#30245058)

If it's like desktop anti-virus, it will have its own vulnerabilities, take up more resources than I'd like, cause buggy behaviour or incompatibilities with other apps, and feed me false positives too often.

I don't need that on my phone. Since the only real malware we've seen for the iphone involves jailbreaking and then not properly managing your phone, I can do without.

Re:I'm glad they can't make anti-virus for iphone. (1)

cerberusss (660701) | more than 4 years ago | (#30245884)

Exactly, and that's why F-Secure says "well the iPhone is not exactly invulnerable" but then forgets to put their software on Cydia.

Re:F-Secure smells money (4, Funny)

purpledinoz (573045) | more than 4 years ago | (#30245074)

I can imagine what Norton Antivirus will look like on the iPhone. First, everything would run slower, battery life would be cut in half, and a huge yellow annoying banner would attach itself to the browser reminding you that you are "PROTECTED BY NORTON ANTIVIRUS".

Re:F-Secure smells money (3, Funny)

sopssa (1498795) | more than 4 years ago | (#30245088)

But it does protect you, because after the resources Norton Antivirus takes, there's none left to actually run anything!

Re:F-Secure smells money (2, Funny)

cerberusss (660701) | more than 4 years ago | (#30245908)

I can imagine what Norton Antivirus will look like on the iPhone. [...] battery life would be cut in half [...]

Cutting my current iPhone its batterylife in half would mean that I need a USB connection in the toilet. Just to be able to browse Slashdot while taking a dump.

Re:F-Secure smells money (4, Insightful)

wickerprints (1094741) | more than 4 years ago | (#30245138)

What I think is most telling about that quote is how an AV company has blurred the distinction between a "virus" and what basically amounts to a default password security hole. Sorry, but how does that make me want to trust you to run software on my device if you don't care to demonstrate you know the difference between these two types of attack?

The only reason why the jailbroken phones were vulnerable was because the default SSH password was not changed. No amount of AV is going to protect against a user's stupidity. This statement by F-Secure is about the money-making opportunity they're dying to exploit, and they're clearly riding the wave of negative publicity surrounding the closed platform nature of the iPhone.

Re:F-Secure smells money (2, Insightful)

NoOneInParticular (221808) | more than 4 years ago | (#30247644)

No amount of AV is going to protect against a user's stupidity.

And no amount of AV is going to protect against vendor/distributor stupidity either. Here we have a program, running on a non-firewalled device, which on install, instead of being non-functional, opens up to the whole world with a default password. This is not the 1990's people! In this day and age, I expect a program to be secure by default... whatever it takes, even if it means it is non-functional at install.

I actually have a jailbroken iphone on which I installed openssh. When I logged in I immediately realized the risk I was running and changed the password. However, between the time of installing openssh on my iPhone and the moment I changed the password there was at least a period of 5 minutes in which people could have hijacked the machine. Unforgivable. This distributor should be ashamed of himself.

Re:F-Secure smells money (0)

Anonymous Coward | more than 4 years ago | (#30245388)

> rather than do something, their execs prefer to spend their time whining.

If you have an :insert_proprietary_os/hardware_here: you need to accept the fact that the vendor lock-in, closed-source nature of the product
is going to severely limit your options when it comes to solving a problem or implementing a solution other than what has been dictated to
you. This isn't whining, it's citing reality.

Re:F-Secure smells money (1)

tepples (727027) | more than 4 years ago | (#30245524)

If you have an :insert_proprietary_os/hardware_here:

Every modern CPU is patented and uses a copyrighted microcode, and every mass market PC uses a BIOS other than coreboot.

you need to accept the fact that the vendor lock-in, closed-source nature of the product is going to severely limit your options when it comes to solving a problem

Then should one do without devices entirely if no non-proprietary device is available? True, there are Android-based phones (e.g. Motorola Droid) and portable media players (e.g. Archos 5), but what about DVRs that work with CableCARD or switched video? Or what about set-top video game players (very few PC games are optimized for TVs because very few PC gamers use TVs because very few PC games are optimized for TVs, etc.)?

Re:F-Secure smells money (3, Insightful)

marcansoft (727665) | more than 4 years ago | (#30245560)

I love how everyone pretends that recent trojan targeted "jailbroken" iPhones.

It didn't. It targeted stupid users who happened to have a jailbroken iPhone. Specifically, it targeted users who install OpenSSH without changing the default password (ignoring warnings to the effect). There's no vulnerability here, and a stock jailbroken iPhone is not vulnerable. The same exact kind of malware can affect every poorly configured UNIX system out there - for example, that router-based botnet that infected routers with default SSH passwords running Linux. There are tons of Linux rootkits out there too, and servers with poor passwords are rooted all the time. Does that mean we urgently need craptacular AV software on all Linux boxes?

On the other hand, it is true that a non-jailbroken iPhone has an extra layer of protection in the form of compulsive executable signing. Apple ostensibly has superior security (in non-jailbroken devices), but that's just because they lock down the device tight. It's "good" old Trusted Computing, the kind that does not trust the user. By jailbreaking the device, you're freeing yourself from nanny Apple's oversight. If it turns out you were better off with it, well, that's your own fault.

Re:F-Secure smells money (1)

gyrogeerloose (849181) | more than 4 years ago | (#30247202)

It's "good" old Trusted Computing, the kind that does not trust the user.

And judging by the latest iPhone trojan, which only works if a user is dumb enough to jailbreak their phone then leave the default ssh password (which is "alpine", btw) in place, it would appear that Apple is right not to trust them.

"Jailbreaking your iPhone is bad!", quoth newssite (0)

Anonymous Coward | more than 4 years ago | (#30247206)

I love how everyone pretends that recent trojan targeted "jailbroken" iPhones.

If you don't think that this is an orchestrated effort, wake up.

Check out the timeline of the vulnerability releases. From the first one that just alerted the user, the next that rick rolled, the next that actually did naughty things.

The very first news snippets fully explained what happened, how it could happen, that the user was at fault, and how users could fix it, along with potential suggestions to providers on how -they- could prevent these attacks across their network.

Then the next few always pointed out that non-jailbroken iPhones would not be at risk because, hey, those users -can't- install OpenSSH anyway.

Lately, news items just mention that jailbroken iphone users are at severe risk.

I'm not claiming Apple is being the grand orchestra conductor - it may very well be self-regulation along news sites who want to continue to paint iPhone in the joyful light so that every small news item on it is bound to get a crapton of page (and thus ad) views, and keep Apple on their good side for potential review items.

Either way, public opinion is being formed by this type of reporting, and it's working. Even on slashdot more and more voices say that jailbreaking your iPhone is something that should not be done - for a variety of reasons.

Re:F-Secure smells money (1)

NoOneInParticular (221808) | more than 4 years ago | (#30247710)

SSH should not install insecurely. Even in the time to log in and change the password, your device could be compromised. Instead of blaming the user (under which is the guy that installed ssh and never looked at it again), blame the distributor. He shipped a product that's insecure on install, and needs to be hardened by hand. That's stupid.

Neither do game consoles! (2, Insightful)

ruiner13 (527499) | more than 4 years ago | (#30245768)

Oh my God! My PS3, 360 and Wii are on the internet and they don't have anti-virus, too! What are we going to do!

Seriously, this is news for nerds? Some morons jailbreak their phones, leaving SSH with a default password, they get hacked, and suddenly A/V firms think they have an "in"? You could install every A/V program on the planet on a windows PC, but if you install SSH with a default password, it will still get hacked.

Re:F-Secure smells money (0)

Anonymous Coward | more than 4 years ago | (#30247856)

Additionally, the injection point for bad code on iPhones is the desktop computer -- so as long as the antivirus solution for the PC hosting iTunes can detect malicious iPhone packages, most of the problem is solved.

Of course, at this point, if a binary is known to be bad than Apple will pull it anyway.

I can protect your pretty iPhones... (2, Funny)

wzzzzrd (886091) | more than 4 years ago | (#30245036)

...all you have to do is to give me some money every week...If I were you, I'd think about what can happen to that pretty phone if it wouldn't be protected...

I see an opening for Android... (2, Interesting)

bogaboga (793279) | more than 4 years ago | (#30245068)

...and here it is:

Some fella develops and distributes some serious virus that "shuts down" a big number of iPhones...

This generates [bad] publicity for the device...

The media pick the story up...(in the meantime, it's "damage control" for Apple)...

Android is touted as the best alternative...

Motorola and Co. jump on the bandwagon...

What next? profits, numbers and market share for the Droid.

Question is: Am I wrong?

Re:I see an opening for Android... (3, Interesting)

nneonneo (911150) | more than 4 years ago | (#30245246)

Except that this scenario is next-to-impossible on stock iPhones, because of the aforementioned code-signing restrictions, sandboxed applications and other mechanisms which prevent this from being a general problem.

Jailbreaking your phone makes all these safety nets go away: the kernel is patched so that it will run anything and applications are permitted to roam free across all of the device. At that point, you are on your own as far as security goes. If you, as a user, willfully ignore the instructions saying "Use 'passwd' to change the default password!!", then the resulting compromise of your iPhone is *entirely* your fault, and Apple doesn't even have to do "damage control". A rooted Android phone would suffer the same problems.

Re:I see an opening for Android... (0)

Anonymous Coward | more than 4 years ago | (#30245506)

The fact that you can jailbreack the phone shows that it is vulnerable. The lock down imposed by Apple is what makes the iPhone less desirable. A jailbroken iPhone is only as vulnerable as the known exploits which may or may not be more than a regular iPhone. The problem right now is the ssh implementation and not that the iPhone has been jailbroken.

Re:I see an opening for Android... (1)

CharlyFoxtrot (1607527) | more than 4 years ago | (#30245982)

The fact that you can jailbreack the phone shows that it is vulnerable. The lock down imposed by Apple is what makes the iPhone less desirable. A jailbroken iPhone is only as vulnerable as the known exploits which may or may not be more than a regular iPhone. The problem right now is the ssh implementation and not that the iPhone has been jailbroken.

The sshd is NOT installed by default and jailbreaking currently involves flashing the phone with a custom generated image after manually putting it in DFU (firmware upgrade) mode. Not exactly something a virus could do.

Re:I see an opening for Android... (1)

CharlyFoxtrot (1607527) | more than 4 years ago | (#30245924)

Except that this scenario is next-to-impossible on stock iPhones, because of the aforementioned code-signing restrictions, sandboxed applications and other mechanisms which prevent this from being a general problem.

Add to that the fact that there are an incredible amount of very smart people actively looking for security flaws in the iphone in order to facilitate jailbreaking and unlocking, holes which are then diligently patched by Apple. The jailbreaking community is actually helping Apple to harden its device.

Re:I see an opening for Android... (1, Insightful)

Darkness404 (1287218) | more than 4 years ago | (#30245462)

The main problems are

A) No real way to get it to work on non-jailbroken iPhones.

B) The fact that every iPhone worm worked because of having SSH running with a default password that is basically equivalent to going to Defcon with a laptop with a stickynote saying "Username is user password is alpine" of course things are going to turn out badly. Everyone knows what the default SSH login is on iPhones (alpine) and when there are thousands of them running with the same password why are people surprised when bad things happen?

C) It is a lot easier to make a virus for Android than the iPhone.

Re:I see an opening for Android... (0)

Anonymous Coward | more than 4 years ago | (#30247676)

Step 6: somebody writes an ACTUAL virus for the Android, since you can install unsigned software. Users everywhere get pwned.

FUD (1, Insightful)

whisper_jeff (680366) | more than 4 years ago | (#30245078)

FUD

For those new to the internet, that would be Fear, Uncertainty, and Doubt. This sort of garbage would be a pretty classic example of it.

Re:FUD (3, Funny)

mdwh2 (535323) | more than 4 years ago | (#30245466)

Be fair now - they couldn't find anything else for today's daily Iphone Slashvertisement, so they had to run with this.

The new logic of security (3, Interesting)

Opportunist (166417) | more than 4 years ago | (#30245086)

I tend to be wary when using my crystal ball, but this time I want to make a prediction: This is an intended development, and we'll see more of it in the future. Jailed devices that are deemed intrinsically secure. People who dare to unlock their device not only open themselves up for infections, they also can't get any help to make their devices secure again because everyone who could or would offer them this help is locked out.

Now add laws that started to creep into our legislative where you're legally responsible for it if your device is insecure and doing something illegal.

In the long run, you will only be secure and not responsible for anything your device does if you don't mind not owning it.

Re:The new logic of security (1)

Locutus (9039) | more than 4 years ago | (#30245308)

one problem with that, do you really know that the anti-virus vendors are blocked from providing anti-virus software for jail broken devices? It looks to me that because their industry was created by having a seriously flawed OS, Microsoft Windows, they think and want other markets and OS vendors to allow them to exist on their platforms. They have no given right to exist outside of the flawed Windows ecosystem no matter how much they whine.

We are likely to start seeing more and more of this kind of whining too. As Windows vendors see their market platform shrinking, they'll be looking else where for places to put their wares only to find out that those platforms don't need their products or services at all or hardly at all. There's a huge sector of the Windows PC market which exists because Windows is flawed and all those products, services, and jobs are getting hit. Finally. What that also means is that users and customers won't be dealing with all the support and junk they've had to put up with over the last 20 years. Devices which just work. What a concept.

LoB

Re:The new logic of security (1)

Opportunist (166417) | more than 4 years ago | (#30245530)

Well, I don't know what the legal situation is for providing software for a product that is allegedly illegal, i.e. av soft for a jailbroken device. Probably the train of thought is that people who break copy restrictions on their device will not bother to buy software but rather just use it "illegally" too. I guess it's not a whine for a lost platform and wanting other platforms to be as flawed and insecure, I think it's more a want of a stable legal situation.

And, personally, I think a jailed device is not just working. It's not working at all. A device that does not run what I tell it to run is flawed, broken and simply not usable.

Re:The new logic of security (1)

spearway (169040) | more than 4 years ago | (#30246360)

Why do you say that a jailbroken phone is illegal? The device is yours you bought it. As far as I know Apple only says that it voids the warranty not that their users are criminals...

Jailbreaking is not breaking copy restriction, at least not directly. Some people may use it for that purpose but most of them don't. In my experience iPhones are jailbroken to be unlocked. All of the jailbroken iPhone that I know of only run UltraSn0w and are not vulnerable. All of those people buy software at teh App store because it is more convenient and their iPhone is as stable as any other iPhone. After all what do you do with a second hand iPhone?

Re:The new logic of security (1)

aristotle-dude (626586) | more than 4 years ago | (#30247786)

Any jailbroken device is still vulnerable to potential malware on a repository. I remember back in the 1.x days, there was some malware that was masquerading as an update to Customize for Winterboard. Since the BSD jails security is gone, any application can infect the entire system.

Re:The new logic of security (0)

Anonymous Coward | more than 4 years ago | (#30245822)

Why do you think Microsoft has been reluctant to bite the bullet and secure Windows? They could do it. But they won't. Somebody would sue over it.

Anti-trust all over again.

And that's even with it being a stronger cause for doing it than they had with IE. ----------

Apps run in a sandbox (2, Interesting)

Negatyfus (602326) | more than 4 years ago | (#30245106)

Apple isn't too concerned because all Apps run in a sandbox. There would have to be a very glaring hole in iPhoneOS would an attacker be able to take over an iPhone in this way. I remember a vulnerability that allowed exploitation through doctored SMS packets somehow, but I'm not sure how serious it was. At any rate, that's fixed now as far as I remember. Really, this is just about anti-virus companies trying to instill fear in the hearts of ignorant users. iPhone users that have jailbroken their iPhone have made it their own responsibility to look after security and I don't believe for a second that F-Secure is targeting *them* (SDK limitations wouldn't be a roadblock in that case). I see very little opportunity for a hacker to invade an iPhone, and thus it's not a huge priority to install any security software on the iPhone.

So no low level kernel hooks... (1)

Viol8 (599362) | more than 4 years ago | (#30245126)

... that be used by any tom , dick or harry and screw up or silently alter the functioning of the kernel?

Oh , shame. I guess they'd better stick to using Windows if that's the sort of enviroment these antivirus writers are happy working in.

No mechanism for transmission (5, Interesting)

argent (18001) | more than 4 years ago | (#30245128)

This is even more stupid than their attempt to sell antivirus for Palm OS.

There is no mechanism for transmission between one iPhone and another UNLESS the iPhone is jailbroken.

So Symantec only needs to write antivirus for jailbroken iPhones. And Apple would have no way to prevent them. So what's their problem?

Re:No mechanism for transmission (2, Insightful)

Locutus (9039) | more than 4 years ago | (#30245352)

wow, they were really trying to sell anti-virus software for the PalmOS devices? There's a saying about having a hammer and everything looks like a nail and these anti-virus people sound like they've got the hammer. Windows was the perfect nail because it constantly needed pounding on to fix this or that flaw or breach. But when new products enter the market without the flawed security system of Windows, what's a lonely Windows security company to do? Make stuff up I guess.

LoB

News at 11 (3, Insightful)

damaki (997243) | more than 4 years ago | (#30245194)

F-Secure cannot get money out of iPhone users, therefore whines and tries to scare executives.

Security Through Obscurity Never Works (2, Insightful)

SwashbucklingCowboy (727629) | more than 4 years ago | (#30245300)

"While Apple claims that the iPhone's closed nature offers protection to its users"

Re:Security Through Obscurity Never Works (2, Informative)

sznupi (719324) | more than 4 years ago | (#30245422)

It's NOT obscurity in this case! "Closed" here describes sandboxing/etc. mechanisms, which might just as well be OSS (AppArmour, SELinux)

Re:Security Through Obscurity Never Works (0)

Anonymous Coward | more than 4 years ago | (#30245586)

"While Apple claims that the iPhone's closed nature offers protection to its users"

Way to screw up the quote. It's not secure because it's closed and thus nobody knows how it works, it's secure because it's a closed platform where you can't even run a virus without getting it signed by Apple. (And no matter what your opinion is about Apple, that's not really in their self-interest.)

If I took a Windows PC and placed it in a Faraday cage inside of a bank vault, then that would also be quite a secure system, even though it's still, you know, Windows. Of course, it wouldn't be terribly useful.

The security vulnerability profile of a closed system like the iPhone is similar to that of any other consumer electronics device, not a real computer.

Re:Security Through Obscurity Never Works (1)

neoform (551705) | more than 4 years ago | (#30245850)

They weren't talking about their source code being closed, they were walking about the way apps are loaded onto the iphone. There's no way a regular user can install a virus on their phone since all the installable apps are screened by Apple.

blackberries? (0)

Anonymous Coward | more than 4 years ago | (#30245314)

I don't have a Blackberry, so I don't know the answer. But are there AV programs available for the various Blackberries out there? Or are they just singling out Apple and the iPhone because it's convenient to do so?

Phones must not need anti-virus (5, Insightful)

Kupfernigk (1190345) | more than 4 years ago | (#30245348)

I am being quite serious here. Mobile devices need good battery life, and there is a limit to what can be done with batteries and screens. If you need an anti-virus program, you are using more power and the battery life is shorter: end of story. Forget whether Apple is Gandalf or Sauron, their attitude is 100% correct.

Going further, I have absolutely no patience with people who hack iPhones. A phone is an appliance connected to a public asset - EM bandwidth. People using public assets have a duty of care, and it's the failure of duty of care (tragedy of the Commons) that has done a lot of damage to society.

What I do on my own local network is my affair, but I think increasingly we should have a reasonable expectation that anything connected to a public network is properly secured and maintained, just like (in the UK at least) we test cars annually to check they are safe on the road. I'm afraid that the Wild West days of the Internet are increasingly over - and the excesses of some people is bringing down an overreaction.

Over the next 20 years we have to find a way to put the genie back in the bottle without killing the genie or spoiling the bottle. The politicians will try to screw this up. But the rest of us need to realise that we need to grow up too - we need to understand that if we want a reliable public internet and mobile phone system, we need to stop treating people who act irresponsibly as if their behaviour was acceptable or clever. Otherwise anti-virus and anti-malware software will continue to eat up too many of our CPU cycles, shorten the lives of our hard drives, and cause increasing frustration to those of us who actually need to earn a living, and have to use the Internet and the phone system to do it.

Re:Phones must not need anti-virus (0)

Anonymous Coward | more than 4 years ago | (#30246772)

Going further, I have absolutely no patience with people who hack iPhones. A phone is an appliance connected to a public asset - EM bandwidth. People using public assets have a duty of care, and it's the failure of duty of care (tragedy of the Commons) that has done a lot of damage to society.

why stop at the public asset of EM bandwidth. let's talk about some other
important assets - air and water. should we cut off people from air and water
when they don't do as apple desires?

The iPhone is running windows? (4, Insightful)

denebeim (674459) | more than 4 years ago | (#30245358)

I thought it was running some form of Unix/Linux sort of OS.

I realize these modern day snake oil salesmen have convinced corporate America that their product is effective against all viruses on all platforms. However if you look at the definition file that they install on all the systems you'll see that the signatures list which platform they're for. I was curious so I greped the file. Turns out that while there's hundreds of thousands of windows definitions in the file there's only tens for linux and fewer for sun.

When pressed on this they'll tell you that they look for all those viruses so they arn't passed by the ftp/http/mail server on the unix box. While there's some merit to this position I don't see how it's at all relevant to the iPhone.

Re:The iPhone is running windows? (1)

Akaihiryuu (786040) | more than 4 years ago | (#30245684)

MacOSX (and by extension the iphone OS) is based on FreeBSD. It's more or less a Mach version of the FreeBSD kernel, the closest comparison I can think of is mkLinux, except using the FreeBSD kernel instead. But your other points stand. The only reason to have "antivirus" running on any sort of *nix machine is to protect Windows machines by blocking Windows viruses at points like Samba and on email servers.

Re:The iPhone is running windows? (1)

denebeim (674459) | more than 4 years ago | (#30246092)

I knew it was BSD. I was trying to say *nix.

Unfortunately I see this pandering as being detrimental to real security. What you have is these anti-virus companies marketing a product that purports to plug system's security holes. Instead what they do is they look for vulnerabilities that only exist on one platform and ignore the whole different set of vulnerabilities on the other platforms.

Management finds these 'universal security' products to be irresistible. They can load one product and 'poof' they can tick their check mark on their list and lo and behold all their systems are secure. Meanwhile you have your end users 'jailbreaking' the systems and then not changing the root password.

Unlock != Jailbreak (3, Informative)

netsharc (195805) | more than 4 years ago | (#30245700)

BTW, if the original "anti-virus expert" really put unlock and jailbreak as the same thing, he needs to learn more about iPhones.

Jailbreak is breaking out of the chroot jail. It gives you root access so you can do wonderful things like install an SSH-daemon (which, unfortunately uses a standard password which the worms out there are exploiting now), as well as install apps that you want instead of only those that's passed Apple's draconian approval service.

Unlocking is SIM-unlocking, its purpose is so that an unauthorized SIM card (in the US that means non-AT&T) works on the iPhone. If you're using an AT&T card, you don't need to unlock, but you can still jailbreak. You need to run a software not authorized by Apple to do the unlock, so to unlock you *need* to jailbreak.

As for F-Secure, eh, fuck 'em. Their threat of Symbian viruses is also snake oil, it requires the most idiotic of idiots to see "Hmm someone wants to send me something over BlueTooth. OK I'll accept. Transfer finished. Let's open it. Oh it wants to install an app, should I install or should I deny?" and F-Secure sells you unproven protection if you say "install". Goddamnit, if you are so goddamned dumb, you deserve to get swindled by this company.

get solution here (1)

rs232 (849320) | more than 4 years ago | (#30245740)

"F-Secure researchers are calling attention to the fact that it's impossible to run third-party anti-virus on iPhones, because the SDK doesn't allow for it. It's a problem, as they claim malware will start to target the phone"

Why not use the same method the mawlare writers use. Oh, wait, it isn't possible unless the user explididly jailbreaks the device and uses the default password in SSH ..

Software that destroys your data? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30245746)

There's an app for that!

Anti-virus, Vista and the IPhone (0)

Anonymous Coward | more than 4 years ago | (#30246170)

This smacks to me very similarly to what happened originally with the pre-release Vista. MS was going to lock down the kernel and Norton and the other anti-virus anti-virus companies screeched monopoly and restriction of trade. The result was a weakened model so these parasites could continue to make and sell their products. Apple has never been a target of viruses for reasons that have been debated over and over. Mainly because of the spread of the iPhone, these companies now see a market and want in... even if the product is not really needed. The anti-virus companies characterization of apple as uncaring of their users is a tactic. If I were Apple, I wouldn't care about the anti-virus companies either. Mind you if I was MS, I would have locked the kernel and told the av vendors to screw off. Apple is actually doing the right thing.

Non-jailbroken phones are 99.999 percent safe. (2)

aristotle-dude (626586) | more than 4 years ago | (#30246344)

The reason why hacking the phone is called a jailbreak is because it essentially breaks the security sandbox mechanism called a BSD jail. All apps on the iPhone run inside of these sandboxes which prevent access to other sandboxes where other apps are running. On a non-jailbroken phone, all apps also have to be signed and installed via iTunes so it is basically impossible barring someone at Apple not screening the app first for malware to get onto the device.

In the early days, there were some remote exploits that you could use to jailbreak a device but those remote exploits have now been fixed soon after the jailbreaking community discovered the holes and published their software.

The official firmware from Apple is essentially hardened now against any remote attacks or malware attempting to run so there is no market for anti-virus on the iPhone.

Clearly, all iPhone (1)

Brummund (447393) | more than 4 years ago | (#30247262)

users long for McAfee32.exe eating up 10-15% of CPU time, while intercepting network traffic and checking your mails. Clearly.

Restoring from backup is easy (1)

sockonafish (228678) | more than 4 years ago | (#30247268)

If my phone got exploited I'd just restore from my latest backup, it might take all of twenty minutes.

There are no viruses for OS X, none. (1)

wzinc (612701) | more than 4 years ago | (#30247720)

There are no viruses for OS X, none. Maybe, in the future, there will be, but there are none now. The only reason there are any 'viruses' for the iPhone is b/c jail-broken ones all have the same ssh password. Change it, and the 'virus' can't hurt you.

The best way to get viruses on a Mac is to install Windows on it.

Jail Breaking Makes sense (1)

ironicsky (569792) | more than 4 years ago | (#30247724)

I've had two iPhones, both of which were jailbroken within about 30 seconds of activation through iTunes. Why? Because... If I buy a computer from Dell, HP, Apple, etc I'm free to do as a please, install software as needed, patch stuff that needs patching, etc... When I buy a $700 iPhone(Not on contract, full price) I am essentially buying a tiny ass computer with all the capabilities of my desktop and laptops, just palm sized. So Why shouldn't I be able to develop for it and modify it as I see necessary? I'm not screwing with the Baseband, so I'm not going to take down a cell tower, I simply want to be able to run the apps I want to run.

I run
  • iLocalis - For real time tracking of my iPhones location and state of operation
  • Winterboard - To provide me with a much superior and insanely customizable UI
  • iSSH and openSSH - To allow me to get diagnostic files out of apps, setup firewall rules, etc.. I've actually sent app diagnostic files to developers of iTunes App Store Applications to help them figure out why their app has wierd quirks
  • IntelliScreen - To have a summary of my phone's e-mails, sms, calendar and news without having to unlock my phone
  • MyProfiles - To provide me with greater flexability and automatic profile changing based on time of day and location(Automatically goes in to Vibrate Mode when I enter my office building during work hours, goes to silent mode when I go to bed)
  • Misc tweaks to trick apps in to thinking they are always on WIFI so I'm not limited to the App Stores 10Mb GPRS Download Limits

Jail breaking is obviously not for everyone... IE, those who don't change the root password to their phone as per Rocks, Icy, and Cydia's warning when installing openSSH.

If Apple let people customize their phones like I detailed above, I'd really have no need for Jail Breaking. But I want specific features out of my phone, I'm ready to assume the risks, and lower battery life(which is why I have three chargers, 2 at home, 1 at the office because I only get a day and a half of battery life)

Yes, this is mildly off topic... But no, I do not think an Anti-virus for the iPhone will make things any better... Jailed phones don't need it, most jailbroken users are smart enough to not need it.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...