Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

312 comments

Frist to get jailbroken... (5, Insightful)

Anonymous Coward | more than 3 years ago | (#36365382)

Wait... aren't we talking about the same iOS that gets jailbroken like clockwork still?

Re:Frist to get jailbroken... (1)

DarkAnt (760333) | more than 3 years ago | (#36365412)

On the same page no less.

Re:Frist to get jailbroken... (4, Informative)

poetmatt (793785) | more than 3 years ago | (#36365438)

not only that, but the comments are hilarious as are the arguments:

* A sandbox isolates programs, and iOS's memory organization makes exploitation more difficult.
        * Applications that run on the iOS are vetted by Apple and can be removed if found to be malicious.
        * Patches can be quickly applied to the iPhone and iPad to close security holes in the operating system.
        * The software is regularly reviewed, especially its open source components.
        * The platform has the advantage of attacker psychology -- attackers still target smartphones far less than desktop systems.

This is hilarious, considering that the sandbox is the only true thing. Patching is known to break things continually (and done to break things - hello anti-jailbreak?), apple doesn't vet third party apps - you think they vet the browsers or MS office on mac? Said things are open and known security breaches. Same argument can be made for microsoft and google's first party apps being vetted (no shit) on that, and I'm not even a microsoft fan.
Attacker psychology? What joke of a phrase is that? That's as anecdotal as it gets.

So in summary, the thing apple does right is put things in a sandbox. that is all. Infoworld sure does have a hardon for apple sometimes.

Re:Frist to get jailbroken... (1)

Anonymous Coward | more than 3 years ago | (#36365762)

Umm... Dalvik VM is completely sandboxed in every instance, which means every "app" has its own sandbox, which means 6+ running at once vs ... 1 for iOS... does that mean Android is 6x more secure? lol... ugh... seriously though... this is a bad article

Re:Frist to get jailbroken... (3, Insightful)

EraserMouseMan (847479) | more than 3 years ago | (#36365852)

It's amazing how people lose all objectivity when they've fallen for Apple. Love is blind. The fact is that they love their Apple gear so much they love it and discount all flaws and shortcomings and never stop begging for more.

Re:Frist to get jailbroken... (0, Offtopic)

ZackSchil (560462) | more than 3 years ago | (#36365948)

That's funny, I was about to say the same exact thing about the way people decide that they hate Apple and tie thier personal identity to that hatred and attack everything the company does with a bizarre fervor.

Re:Frist to get jailbroken... (2)

scot4875 (542869) | more than 3 years ago | (#36366070)

It only looks like blind attacks to people who have bought into the hype.

Believe it or not, when someone tells you that your shit stinks, it's not that they're "hating" you -- it's just that they're tired of smelling your shit.

--Jeremy

Re:Frist to get jailbroken... (1)

Nerdfest (867930) | more than 3 years ago | (#36366288)

There's reasons for both points of view; the trouble comes when can can't see at least a little of both.

Re:Frist to get jailbroken... (1)

Anonymous Coward | more than 3 years ago | (#36366008)

They certainly do vet 3rd party apps on iOS. Are you thinking of OS X?

It's pwned before you get it out of the box.. (2, Insightful)

sqldr (838964) | more than 3 years ago | (#36366382)

It updates without asking people..  it disables things without asking people...  certain types of useful software are internally prevented from ever running on it..  it steals information about me - such as my geographical location and uploads it to a server without me asking..  it won't work unless it has my credit card number..

if a hacker did that to my laptop, I'd hunt him down and punch his fucking head in.

Re:Frist to get jailbroken... (0, Troll)

NetNed (955141) | more than 3 years ago | (#36365474)

The ability to jailbreak a device has little to do with it's security.

Re:Frist to get jailbroken... (5, Interesting)

MrCrassic (994046) | more than 3 years ago | (#36365546)

Considering that the last major jailbreak used a PDF rendering exploit in Safari to allow users to jailbreak their devices online, which requires modifications to files in system directories, I'd highly beg to differ.

And while jailbreaks for iOS happen for almost every point release, they are getting tougher and tougher to find (as in it takes the dev-team more and more time to find a patch).

Re:Frist to get jailbroken... (1)

ThisIsNotMyHandel (1013943) | more than 3 years ago | (#36365582)

What does a previous version have to do with *this* version mentioned in the article?

Re:Frist to get jailbroken... (1)

Applekid (993327) | more than 3 years ago | (#36365756)

What does a previous version have to do with *this* version mentioned in the article?

Maybe nothing, maybe something. With a closed-source OS, all you have is their word. My personal opinion? I would wager Apple cares more about closing up the "jailbreak" part of it than the "modify files via remote exploit".

Re:Frist to get jailbroken... (1)

CharlyFoxtrot (1607527) | more than 3 years ago | (#36365696)

Actually that was a MINOR jailbreak because it was easily and quickly patched and so didn't last long. The major jailbreaks are the ones that exploit flaws in the bootrom code. Those are at once more difficult for Apple to patch because they require new hardware to be put out there and they are also impossible to exploit remotely, requiring physical access.

Re:Frist to get jailbroken... (2)

jjetson (2041488) | more than 3 years ago | (#36365560)

I'd disagree, the article is claiming iOS is the most secure because of the gated app store. If the device can be jailbroken then the gated app store point is moot. Now any app from nearly anywhere can be installed and ran, so the main point of the article is shot. Therefore I'd say the ability to jailbreak the device has everything to do with security in this context.

Re:Frist to get jailbroken... (3, Insightful)

PopeRatzo (965947) | more than 3 years ago | (#36366142)

the article is claiming iOS is the most secure because of the gated app store.

Ah, there it is. Just a few stories ago, there was the headline about Apple putting some desktop and laptop machines behind the walled garden and maybe phasing out OSX altogether.

And then..."iOS is the most secure".

You can start to see the outline of a marketing campaign that will convince people that they really don't need to have anything on their Mac that didn't come from Apple, one way or another.

As a long-time Mac user and owner of several Mac Pro and MacBook Pro machines, I find this transformation of "machines to make things with" to "machines you can consume content with" quite offensive. It may be good business for Apple, and good for Apple shareholders, but for the future of personal computing for people who don't use Windows or Linux, it kind of sucks.

Re:Frist to get jailbroken... (1)

Luyseyal (3154) | more than 3 years ago | (#36366202)

You can start to see the outline of a marketing campaign that will convince people that they really don't need to have anything on their Mac that didn't come from Apple, one way or another.

I feel that way about Debian. It's an exaggeration, to be sure, but the mindset is the same. If I can't manage it with apt, why bother with it?

-l

Re:Frist to get jailbroken... (2)

Nerdfest (867930) | more than 3 years ago | (#36366326)

If you stick to the stock repositories, it's very similar. One of my main complaints about iOS and the OS X app store is that they limit you to *only* those choices. If they allowed you to install other sources like Apt does it would go a long way to making me (and probably quite a few others) consider using their products.

Re:Frist to get jailbroken... (1)

mblase (200735) | more than 3 years ago | (#36365666)

The ability to jailbreak a device has little to do with it's security.

Agreed. Jailbreaking the OS is like signing a release before you skydive out of an airplane: you're admitting you don't want to play it safe and voluntarily take on all possible risks yourself.

Re:Frist to get jailbroken... (1)

Squiddie (1942230) | more than 3 years ago | (#36365752)

The ability to make a device run unsigned code has everything to do with security, especially considering that jailbreaking relies on exploits found in the software. It's not that hard to imagine using the same exploits to run malicious code.

Re:Frist to get jailbroken... (-1)

Anonymous Coward | more than 3 years ago | (#36366076)

Alot of the previous comments are just plain dumb. But what do you expect from Android users whose devices and OS are riddled with malware.

Re:Frist to get jailbroken... (1)

jjetson (2041488) | more than 3 years ago | (#36365494)

And wasn't the hardware encryption recently cracked.

Re:Frist to get jailbroken... (1)

iluvcapra (782887) | more than 3 years ago | (#36365566)

If you used a four-digit numerical password, somebody sells a program that can brute-force it. That's not really "cracking" it.

Re:Frist to get jailbroken... (1)

Sinthet (2081954) | more than 3 years ago | (#36365748)

I think he's talking about how you couldn't transfer music to iOS devices previously(via programs other than itunes), because iTunes did some funky stuff to it before transferring it to the device (I'm not too sharp on the specifics...). I know for a fact that this protection has been cracked for awhile now.

Re:Frist to get jailbroken... (1)

Doogie5526 (737968) | more than 3 years ago | (#36366218)

Is this the one you type in the lock screen? I just found and read the article and it's unclear. If so, I thought the iPhone makes you wait longer and longer after consecutive failed attempts which would slow down a brute-force attack quite a bit. Also, I can't remember if it was an Exchange policy, a feature on the iPhone (or of Android), but I thought I remember seeing a setting that would wipe the phone after 10 consecutive failed attempts.

Re:Frist to get jailbroken... (2)

gabebear (251933) | more than 3 years ago | (#36365502)

Jailbreaking is not really a security problem. Firstly, because "jailbreaking" just means allowing unsigned code to run. Secondly, I don't think you have ever been able to Jailbreak an iPhone remotely, you have to be in possession of it. If you give a hacker unlimited time with a device, they will find a way to do what they want.

Re:Frist to get jailbroken... (1)

Anonymous Coward | more than 3 years ago | (#36365552)

no there was a website you could got to, I'm not sure if it still works but you just had to hit "jailbreak" and it would do it.

Re:Frist to get jailbroken... (0)

smitty97 (995791) | more than 3 years ago | (#36365826)

That was iOS 1.1.3... In other words, ages ago. And before the app store too.

Re:Frist to get jailbroken... (1)

N0decam (630188) | more than 3 years ago | (#36366004)

Pretty sure I jailbroke my ipod on iOS 4 with a jailbreakme website...

Re:Frist to get jailbroken... (2)

mini me (132455) | more than 3 years ago | (#36365612)

Jailbreaking uses security flaws to run unsigned code. The same flaws can be used for malicious purposes. It is most definitely a security issue.

While most jailbreaking methods do require the phone to be tethered to a computer which greatly reduces the chances of infection in the wild, there have been at least two well known untethered jailbreak methods that could have been used to install malicious code quite easily.

Re:Frist to get jailbroken... (5, Funny)

Enry (630) | more than 3 years ago | (#36365658)

Jailbreaking is not really a security problem. Firstly, because "jailbreaking" just means allowing unsigned code to run.

Why don't you re-read that and tell me where your logic flaw is.

Re:Frist to get jailbroken... (1)

Mister Whirly (964219) | more than 3 years ago | (#36365822)

Beat me to it. First thing I thought when I read it was "how is the ability to run unsigned code in a closed platform not a security problem?"

Re:Frist to get jailbroken... (0)

v1 (525388) | more than 3 years ago | (#36365634)

Wait... aren't we talking about the same iOS that gets jailbroken like clockwork still?

Physical access=owned. If you don't know that, turn over your card.

Jailbreaking requires physical access. (overwriting firmware after booting it into recovery mode)

So how is this possibly a "security problem"? The only time I can recall was that very brief window of time where you could browse to a web page to jailbreak your iphone.

Re:Frist to get jailbroken... (0)

Anonymous Coward | more than 3 years ago | (#36365810)

Ok it's not like online jailbreaking was never possible on iOS...

OpenBSD (-1)

Anonymous Coward | more than 3 years ago | (#36365396)

In case anyone's wondering why they had to say 'commercial' OS.... OpenBSD

An ultimately secure OS (5, Funny)

dmt0 (1295725) | more than 3 years ago | (#36365400)

An ultimately secure OS would be the one that does not do anything at all. No inputs and no outputs. Perhaps iOS is closer to that ideal than any other.

Re:An ultimately secure OS (1)

bhcompy (1877290) | more than 3 years ago | (#36365440)

Truer words have not been said

Re:An ultimately secure OS (3, Funny)

Flyerman (1728812) | more than 3 years ago | (#36365508)

The Ultimate Machine: http://www.youtube.com/watch?v=Gw2Bq0HYu1M [youtube.com]

Re:An ultimately secure OS (-1)

Anonymous Coward | more than 3 years ago | (#36365776)

Omg your like sooooo right, gawd... It's like, different so it's bad /sarcasm

Typed through iOS.

Re:An ultimately secure OS (0)

Anonymous Coward | more than 3 years ago | (#36366192)

Omg your like sooooo right, gawd... It's like, different so it's bad /sarcasm

Typed through iOS.

I thought the stereotype about iOS users being morons was bullshit. Apparently not.

Re:An ultimately secure OS (0)

Anonymous Coward | more than 3 years ago | (#36366328)

I disagree. IOS is more connected and is usually jail broken or modified before the developers even start making apps. It's a good device, but it is not perfect. There is no ultimate OS because "every OS sucks".

Re:An ultimately secure OS (1)

pandrijeczko (588093) | more than 3 years ago | (#36366338)

I find it more amusing that at this very moment in time there are probably several hundred hackers laughing at his statements and thinking about whether or not they should put his iOS device security to the test. :-)

Like living next to a bridge testing ground... (1, Troll)

iluvcapra (782887) | more than 3 years ago | (#36365414)

So much mobile fanboy trollbait on the 'dot this morning.

Most Secure? (2, Insightful)

OKK77 (683209) | more than 3 years ago | (#36365416)

Most Secure? And the security is in the App Store? I don't know why the author's trying so hard to bullshit his way through. Sensationalist headlines just to get a few more ad impressions, eh.

Re:Most Secure? (2, Funny)

jo_ham (604554) | more than 3 years ago | (#36365460)

It's just the reverse of the enormously slanted "Apple is definitely phasing out OS X and locking it down and will force people to only buy from the App Store" article earlier, just with the "anti-Apple" bias changed to "pro-Apple".

There must be balance in the ad-impression linkbait, lest the universe implode.

Re:Most Secure? (0)

Anonymous Coward | more than 3 years ago | (#36365736)

Apple? A secure company? I think that Apple is taking lessons from Microsoft in hiring research teams to come up with company lines.

This could not have come out at a worse time for Apple. Why? Because iTunes has been hacked. Credit cards charged and store credit stolen.

http://www.betanews.com/article/I-got-hacked-on-iTunes/1306964962 [betanews.com]

How to Secure an OS (0)

LordStormes (1749242) | more than 3 years ago | (#36365420)

1. Forbid legitimate purchasers and owners of the device from doing ANYTHING you don't homogenize, pre-approve, pre-chew, and charge for.
2. Apply Steve Jobs pixie dust.
3. Profit.

Re:How to Secure an OS (0)

Anonymous Coward | more than 3 years ago | (#36365454)

Psh... you don't have to do step 1.

Re:How to Secure an OS (1)

pandrijeczko (588093) | more than 3 years ago | (#36366032)

Demonstrate to me that jailbroken iOS devices were included in the research to determine those results, then I will believe you.

Re:How to Secure an OS (1)

ChromeAeonium (1026952) | more than 3 years ago | (#36365532)

1. Forbid legitimate purchasers and owners of the device from doing ANYTHING you don't homogenize, pre-approve, pre-chew, and charge for.

I think this [eatliver.com] is the analogy you're looking for.

Re:How to Secure an OS (1)

MobileTatsu-NJG (946591) | more than 3 years ago | (#36365550)

Sour grapes.

Agreed. (3, Funny)

Anonymous Coward | more than 3 years ago | (#36365422)

Sent from your iPhone.

Re:Agreed. (1)

LordStormes (1749242) | more than 3 years ago | (#36365694)

Original sent from my Windows PC, reply sent from my Android. ;) I own no iPoop.

Fallacy of Argument from Authority (1)

Anonymous Coward | more than 3 years ago | (#36365464)

[url=http://en.wikipedia.org/wiki/Argument_from_authority]Argument from Authority[/url] is a fallacy of defective induction, where it is argued that a statement is correct because the statement is made by a person or source that is commonly regarded as authoritative.

      1. Source A says that p is true.
      2. Source A is authoritative.
      3. Therefore, p is true.
-----

1. "Security experts" says that "iOS, Apple's mobile operating system, is the most secure commercial OS today"
2. "Security experts" are authoritative.
3. Therefore, "iOS, Apple's mobile operating system, is the most secure commercial OS today" is true.

-----
Note: This doesn't mean that iOS isn't the most secure commercial OS today; it might be. It just means that the article is trying to an argument made of 100% pure USDA Grade A Bovine Excrement in order to show it.

O RLY? (0)

Anonymous Coward | more than 3 years ago | (#36365482)

Either this is a blob of useless marketing-speak and BS (dnrtfa), OpenBSD and SELinux aren't considered "commercial" for the purposes of the article, or this is a really sad commentary on the state of commercial software.

I figure it's just a matter of time before someone finds a way to exploit Mobile Safari or the web-view API, in whatever version of iOS is considered current, for the purposes of malware installation or remote control, assuming that hasn't already been done.

as secure as a (0)

Anonymous Coward | more than 3 years ago | (#36365484)

prisoner in solitary confinement

Grudging (4, Insightful)

Altus (1034) | more than 3 years ago | (#36365490)

Any expert that holds a grudge like that is no expert I ever care to hear from.

Security is a big selling point (4, Insightful)

elrous0 (869638) | more than 3 years ago | (#36365492)

Apple is going after the market of users who are sick of dealing with security issues/malware/etc. They've done it by created a closed system. And while us geeks hate that, it has a strong appeal to most people. When they go to a closed system on Mac's (and they will), that's who they're going to be appealing to. "Buy a computer where all your software is pre-screened through our App Store and you don't have to worry about viruses" is a powerful (and potentially very profitable) message in a time when malware and assorted hacks have become so common.

Re:Security is a big selling point (3, Insightful)

kevinmenzel (1403457) | more than 3 years ago | (#36365594)

Agreed - the eventual limited machines... "consoles" essentially, though for 'work' instead of 'games', will be quite popular. Which does kind of suck for geeks, because our specialty hardware will no longer benefit from the economies of scale, at least not to the same degree.

Re:Security is a big selling point (1)

Microlith (54737) | more than 3 years ago | (#36365814)

Nonsense. We don't need coders in the US, that's like manufacturing. We'll just have someone in India or China do it. We're an information economy here in the States, where our information is enforced consumption of music, movies, and Apps (developed in India and China.)

Re:Security is a big selling point (0)

Anonymous Coward | more than 3 years ago | (#36365602)

This is very true. Honestly, I wish most of the people that I know would have something like that. Then they won't call me when they screw it up. I'd hate such a closed system for myself, though.

Re:Security is a big selling point (1)

jedidiah (1196) | more than 3 years ago | (#36365606)

Correction: Apple is going after the market of users who are sick of dealing with security issues and could never be bothered to dump Windows.

PhoneOS is nothing special in terms of security. Although it is pretty fascist and unecessarily so.

Re:Security is a big selling point (1)

pandrijeczko (588093) | more than 3 years ago | (#36366160)

Utter rubbish - and that's coming from a mainly Linux guy.

I haven't gone beyond Windows XP for when I need to run Windows because I've no reason to upgrade to Windows 7 - but I've been using XP since Service Pack 1 and I cannot recall the last time I had any malware on it.

It's precisely BECAUSE I know about security issues that I know what the weaknesses are in Windows (and Linux) that I can counteract those before they have a chance to hit any of my systems.

The fact is that if you keep XP updated, run a good, free virus checker and good, free anti-malware program, don't install warez, don't open email attachments you don't trust and as an extra precaution, run alternatives to Outlook and IE, you probably won't get viruses or malware.

It's the users who know nothing about computers, OSes and the Internet that are the problem - exactly the people whom Apple market their products at and who will be OS X's/iOS's greatest downfall if and when their products have enough penetration for malware authors & hackers to take an interest in them. (God forbid!)

Re:Security is a big selling point (1)

chemosh6969 (632048) | more than 3 years ago | (#36365858)

The problem is the illusion of no malware/etc., which leads people to not protect themselves because they can't get infections. Then you have the current issue where it does happen and people click on anything because, in their minds, they're completely safe. It's fine from a sales perspective from Apple but then when current issues do arise, that can also take a bite out of Apple(do you see what I did there) when they refuse to acknowledge anything wrong.

Re:Security is a big selling point (1)

pandrijeczko (588093) | more than 3 years ago | (#36366240)

Potentially OS X & IOS are huge security minefields anyway.

One reasons why viruses spread very quickly is that you have almost identical computer platforms for them to spread across - that's what Windows PC were and Apple OS X / iOS devices will be if and when they have enough of a user base for hackers to target them.

Additionally, OS X is UNIX-like so it is also susceptible to buffer overflow & brute force access attempts as in any other UNIX-like OS X if you don't have the knowledge to lock it down properly and take countermeasures.

That is what really scares me about the fanbois who crow about OS X being UNIX - because the majority of them wouldn't understand the core operation of a UNIX OS if it hit them in the face.

Believe me, OS X provides a very large number of potential security attack vectors to be exploited in the future.

less likely to tolerate security risk on a phone (1)

schlachter (862210) | more than 3 years ago | (#36365514)

I'm less likely to tolerate security risks on a phone...a device I have with me at all times...that I want to use without thinking that much.

I'm willing to put more resources into my PC/Mac to keep it up and running and secure.

Easily Fixable (3, Interesting)

chill (34294) | more than 3 years ago | (#36365524)

More people need to pay attention to http://slashdot.org/firehose.pl [slashdot.org] and mod stories like this into oblivion.

Re:Easily Fixable (1)

jo_ham (604554) | more than 3 years ago | (#36365708)

Cool, can we mod the "Apple is definitely phasing out OS X" stories too?

Re:Easily Fixable (0)

Anonymous Coward | more than 3 years ago | (#36366228)

Please don't mod it away. I like to read this garbage so I know what my friends, family, customers, whatever might be reading or hearing about later and probably believing. It gives me time to preemptively strike to keep a few from those groups aware of facts and make them use their mind instead of being led by a carrot.

The less an OS does... (0)

Anonymous Coward | more than 3 years ago | (#36365564)

The less an OS does the more secure it is. Of course I have a few helpful tips to make iOS even more secure.
1) Remove ability to launch apps
2) Remove the networking stack
3) Remove the battery

Success! Your iBrick is now ready for that bus ride to work, or that mochachinno down at Starbucks.

Most Secure = Turned Off (0)

Anonymous Coward | more than 3 years ago | (#36365660)

The MOST secure mobile "operating system" is a phone that's turned off as it's extremely challenging to crack into something that's not running. From there, in general, the less restrictions on the technology, the less secure and more functional the technology becomes. iOS owes a good deal of its "security" to the fact that it is such a controlled platform, but this comes with the disadvantage of being more limited. the result of this is saying that iOS is the "most secure" mobile os, even if true, is an apples to oranges comparison with less restrictive OSes.

Is Apple paying for this drivel? (0)

Anonymous Coward | more than 3 years ago | (#36365682)

Could we stop with the Apple shashvertisements, or at least label them as such? Thanks.

Completely useless (1)

Chas (5144) | more than 3 years ago | (#36365734)

Great. A sandboxed environment with limited functionality and a vendor stranglehold on apps is "more secure" than a fully functional PC OS where the use can run any app (or even another OS) that they desire.

Big fricking whoop.

That's like saying that a car that spent the entirety of it's life parked in a little old lady's garage was safer to drive than another car that has spent the last 10-15 years as someone's daily driver.

Re:Completely useless (1)

paanta (640245) | more than 3 years ago | (#36365984)

iOS doesn't have any less functionality than any other operating system. Security *is* functionality. A single managed source for new applications *is* functionality. It's functionality that, like all functionality, comes with huge tradeoffs.

Re:Completely useless (2)

Chas (5144) | more than 3 years ago | (#36366176)

functionality

You keep saying that word. But I do not think it means what you think it means. -- Inigo Montoya

Re:Completely useless (0)

revlayle (964221) | more than 3 years ago | (#36366304)

functionality

You keep saying that word. But I do not think it means what you think it means. -- Inigo Montoya

You keep saying that phrase. But I do not think it applies to jack squat what you think it applies to jack squat.

Re:Completely useless (3, Interesting)

pandrijeczko (588093) | more than 3 years ago | (#36366306)

Oh, so you can run emulator software on it now, can you?

Or compile source code into packages that you can install onto it?

Or go into the boot up processes and turn off or configure any services that you don't want or want to run differently?

Or create a specific account to run the OS will much fewer permissions so that you're more secure due to the tighter restrictions you've placed yourself under?

Re:Completely useless (1)

Haedrian (1676506) | more than 3 years ago | (#36366370)

And here I was thinking that "Functionality" meant being able to do something useful.

Using a solid lead window makes it a very secure window, but you're not going to say its 'functional' are you?

Badly written comparison (1)

Deleriux (709637) | more than 3 years ago | (#36365754)

iOS 4 [8], the latest version of iOS, includes ASLR, DEP, a sandbox, and code signing

Having never used IOS long enough to compare with other systems, it might impress on the phone front, but I am unconvinced its really competing against the Desktop. In fact, its an apples and oranges comparison anyway.

Firstly, having read the article - its incredibly lacking in exposure to many operating systems. After this, the technologies quoted are all available in most modern distros of Linux, plus more including resource limitations to prevent abusing memory or CPU and mandatory access control mechanisms.

From a security perspective seeing as with a smart phone you are carrying your online persona outside with you its at much greater risk of data theft than with a fixed desktop.

Huh? (1)

Quiet_Desperation (858215) | more than 3 years ago | (#36365768)

Why grudgingly? It either is or it isn't. If you have to begrudge the truth, go find something else to do.

Sigh. (2)

Nemyst (1383049) | more than 3 years ago | (#36365772)

Sensationalist, baseless claim? Check.
Short article "sourced" entirely off in-house artices? Check.
Forces to use print version to avoid ad overload? Check.

Yep, it's InfoWorld alright.

Short answer: walled garden (1)

shutdown -p now (807394) | more than 3 years ago | (#36365784)

Let me save you 5 minutes of your time. This bit from TFA is really all there is to it:

The security is in the app store.
It's not surprising, then, that security professionals pointed not to Apple's design but to the company's gated App Store [11] and its required code review before publishing as a major security advantage. "The closed ecosystem makes the model pretty safe," says Trend Micro's Genes. "It is not because the iOS is completely safe. From a system design standpoint, Android is safer."

Is there a self-restoring from ROM functionality? (1)

Anonymous Coward | more than 3 years ago | (#36365818)

Are iOS devices equipped with an unbreakable "restore from ROM and only install cryptographically signed patches" functionality, like the Google Chromebook are?

I like the idea that apps should only be installable from the AppStore (makes it easy to pull the plug on rogue apps) but there *are* going to be exploits.

The only foolproof method for an OS is, upon reboot, to check (from ROM) if the OS has been tampered and, if needed, to re-install itself from ROM. Then to look for cryptographically signed critical updates.

That plus an AppStore would certainly be more problematic to own than Windows XP ; )

 

"no economic incentive to attack" iPhones? (4, Insightful)

mccrew (62494) | more than 3 years ago | (#36365840)

from TFA:

Although iOS has a lot of security going on underneath the hood, its safety could be due in large part to the fact that attackers have not focused on compromising the devices because there is no economic incentive to attack them, says Lookout's Mahaffey.

Really? No economic incentive?

Unlike PCs and Macs, every cell phone is directly associated with a credit card. Essentially a cell phone IS money. Bad actors can - and do - monetize this with malware that places calls to sketchy and high-cost phone numbers, or send texts to subscribe to "information services," resulting in (fraudulent) charges showing up each month. And good luck trying to dispute charges with your cellular provider on those. They will just tell you that their hands are tied by federal law and that they can't help you, but nonetheless will turn around and threaten you with collection if you don't pay.

There's definitely economic incentive to attack mobile phones.

Um.. No (5, Insightful)

sl4shd0rk (755837) | more than 3 years ago | (#36365848)

OpenBSD has been at it a lot longer. Even as a Linux Zealot, I would choose OpenBSD for security. IOS is a closed Black-Box that nobody but Stevie knows what's inside. Historically we tend to find *cough*siemens*cough* that closed source, proprietary *cough*secureid*cough* offerings do not necessarily equate to a trustworthy or "secure" system. What seems to happen is closed source options provide a layer of obscurity which allow the governing company *cough*dropbox*cough* to take inexcusable risks with customers assets because, basically, they don't need to show anybody. As long as they never get caught, they save a lot of money not having to implement a system to keep them honest.

Re:Um.. No (1)

LoganDzwon (1170459) | more than 3 years ago | (#36366294)

iOS is not a blackbox in regards to whats in it. With a jailbreak you can get a secure shell on it and see whatever you want to see. Hell, the majority of the OS is actually open source. It is a blackbox in that you can not access any of the underlying parts in any officially supported way.

I disagree (2)

Haedrian (1676506) | more than 3 years ago | (#36365864)

I think apple iOS is the most secure (tehehe) because of all the people searching for flaws to Jailbreak it with. Its like free security testing.

Title should be... (1)

thesh0ck (1983948) | more than 3 years ago | (#36365914)

Read an apple fanboi's distorted view of the world. Period.

It's the annual WWDC click bait fest! (1)

Bill_the_Engineer (772575) | more than 3 years ago | (#36365966)

As we speak comments from the Apple Lovers and Haters are filling up comment sections everywhere. Also bloggers are coming up with more flametastic headlines to lure your eyeball to their website.

Enjoy it while you can since it lasts... well... Never mind it's a regular occurrence here on Slashdot :P

Move Along, Nothing To See Here (1)

pandrijeczko (588093) | more than 3 years ago | (#36366014)

Any OS will be more secure simply by virtue of locking it down that much more, thus restricting the people who use it to do less with it.

Most secure OS? (0)

Anonymous Coward | more than 3 years ago | (#36366128)

What about openbsd.org? I thought they were supposed to be the security king.

iPhone logs that track you getting hacked (0)

Anonymous Coward | more than 3 years ago | (#36366162)

I am not a person who breaks laws (well, I may speed a little), but I will never buy a product from a company that keeps a log of my phone calls on the product and doesn't openly warn me about it. That got hacked and yet Apple is the most secure??? Most secure what? Most secure company whose name begins with "Apple"? (There are obviously companies whose names begin with "Appl" that are more secure.)

Yea, so the logs are encrypted and hidden now. How long till the Nazi SS regime we live under starts routinely collecting iDevices to get the iPhone iLogs off of iThem, at gunpoint and without a warrent, and Apple graciously rolls over and gives them the keys without a legal reason like ATT did with the internet backbone tap?

http://miami.cbslocal.com/2011/06/07/witness-claims-police-tried-to-destroy-sobe-shooting-video/ [cbslocal.com]

Let them believe (0)

Anonymous Coward | more than 3 years ago | (#36366222)

Let them believe this and become complacent with it is all i can say.

follow you everywhere (1)

BrokenRecord (2242276) | more than 3 years ago | (#36366262)

Feeling secure in the knowledge that Apple always knows where I am, even when I don't. But then so does Google, nice.

InfoWorld is offline..... (1)

kwmbt (1871132) | more than 3 years ago | (#36366268)

InfoWorld is offline, for "scheduled maintenance"... right

Doesn't DiskAid bypass the user supplied key? (1)

h1q (2042122) | more than 3 years ago | (#36366312)

Until the entire iPhone or iPod Touch is by default fully encrypted based upon the user-supplied key so that an application as DiskAid can't bypass the lock screen, then iPhone security is only epsilon better than nothing.

And don't get me started on the limitations on the escrow keybag, vis a vis law enforcement, Apple corporate, and third party access. And of course closed source means that the security is faulty from the original specification to each and every implementation.

Theo (1)

Lawrence_Bird (67278) | more than 3 years ago | (#36366316)

Somehow I think Theo will disagree with this article, though Netcraft confirms he is dead.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...