This article was published on May 22, 2012

Kaspersky co-founder resorts to scaremongering over Apple’s iOS antivirus ban


Kaspersky co-founder resorts to scaremongering over Apple’s iOS antivirus ban

Kaspersky co-founder Eugene Kaspersky, has launched a bizarre attack on Apple over its ban on iOS antivirus app, predicting that it will ultimately “mean disaster” for the company as malware developers target the mobile operating system.

Speaking with The Register in Sydney, Kaspersky described his disappointment that Apple wouldn’t let the company develop software for iOS smartphones and tablets, to develop a “true endpoint security” for the operating system.

Then things get curious.

Kaspersky states that iOS infections won’t be introduced via iOS (which “by design is more secure”) but instead it will force developers to develop malware that uses vulnerabilities, with the only way to infect devices by ‘inject[ing] it into the source code of legal software.”

He adds: “It will take place in a marketplace and then there will be millions or tens of millions of devices.”

How Apple planned it.

Well, not exactly. No company wants people to attack its operating systems. However, Apple has systems in place to attempt to deal with such an attack vector.

Kaspersky says malware writers and ‘criminals’ have not chosen such a route previously because it’s “more complicated” than other attacks. By default, Apple places each app (including its preferences and data) in a sandbox when it is installed. This only permits the app to access files, preferences, resources and hardware that are permitted by the OS.

Not to mention the ASLR, DEP and code signing features that Apple uses to protect its operating system and user data.

Malware writers have to circumvent these in-built protections to access the more important parts of the filesystem and kernel, proving more difficult for would-be attackers.

No security measure is 100% secure but Kaspersky’s comments stating that attackers will resort to introducing new vulnerabilities appears to be nothing more than scaremongering. Apple’s protections are probed every day and are often broken (take the Jailbreaking scene as one example).

By not allowing Kaspersky to release an antivirus app, its co-founder believes that device owners will be left with no protection, resulting in (wait for it) a boost for Android, a platform that he recognises is less secure but allows his company to provide security software for.

The Register writes:

A severe attack, Kaspersky argues, therefore has the potential to highlight the problems of a closed ecosystem and damage Apple permanently.

Apple has bargained on attackers trying to side-load malware via an approved App Store app. The company has end-to-end security that can remotely remove installed applications, it can send over-the-air updates to fix vulnerabilities and the company also employs its own App Store approval teams to vet submissions to its marketplace.

Thom Shannon, app developer with Glow New Media, told The Next Web:

Apple has gone back to basics in iOS and built an operating system from the ground up to be secure. There isn’t much a third-party antivirus program could add to it. The only areas for improvement would possibly be anti-phishing measures built into Mail or Safari.

It must also be noted that antivirus apps utilise a lot of resources on a mobile OS and various reports have confirmed that existing Android security apps fail to detect some of the most common forms of malware (although Kaspersky does rank higher than most in the test).

In April, Kaspersky ruffled feathers when he made the comment that Apple is “ten years behind Microsoft in terms of security.”

He added:

For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms.

Mac security was recently thrust into the public discourse as security issues turned into real stories. The Flashback malware hit a huge number of machines, with some 650,000 Mac machines still running the affected code.

At last year’s MWC, Eugene Kaspersky predicted Android will end up with an 80 percent share of the smartphone market in 2015, with Apple’s iPhone and RIM’s BlackBerry splitting the resulting share with 10 percent each.

Gartner’s most recent research report suggests Google’s mobile OS holds 56% of the smartphone market in the first quarter of this year, more than double Apple’s 23% share.

Kaspersky believes that this will only rise, helped by Apple’s lack of focus on antivirus solutions. Android will almost certainly continue to thrive, thanks to its heavy backing from Samsung, HTC and other vendors, but security oversights on Apple’s part are highly unlikely to play a part in the growth of its rival ecosystem.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with