This article was published on November 25, 2011

iPhone will not be safe from malware, even with Apple’s rigid policies, expert says


iPhone will not be safe from malware, even with Apple’s rigid policies, expert says

One of the world’s most recognised security pioneers believes Apple’s mobile devices will still be susceptible to malware attacks, even though the company employs a strict approval system on its application marketplace.

With millions of mobile owners switching in increasing numbers from their basic mobile phones to powerful new smartphones, the number of reported mobile malware instances has continued to rise and is posing significant risks to device owners.

Renowned cryptographer and security researcher Bruce Schneier is in full agreement that as more companies make their products and services available via mobile devices, the medium will become the primary platform of attack for the world’s cybercriminals.

He writes:

I believe that smart phones are going to become the primary platform of attack for cybercriminals in the coming years. As the phones become more integrated into people’s lives — smart phone banking, electronic wallets — they’re simply going to become the most valuable device for criminals to go after.

Google’s Android operating system has seen the biggest rise in instances of mobile malware, posting more than a 472% increase in malware samples since July 2011. With a low barrier to entry — a developer account and a license to publish applications on the Android Market — developers are able to submit potentially dangerous apps on a marketplace that sees millions of downloads a day.

However, Schneier believes that Apple, even with its stringent approval policy for apps on its marketplace, will not be immune from the rise in malware samples on its platform:

I don’t believe the iPhone will be more secure because of Apple’s rigid policies for the app store.

iOS devices, like their Android and Windows Phone counterparts, provide apps and services with connections to the Internet, ensuring there is more than one attack vector for would-be malware distributors. Developers are still able to launch offensives via smartphone apps including the browser, embedded email client or via an instant messaging service – to name a few.

Apple might be able to restrict the level of malware within apps on the App Store but it is powerless to stop users interacting with services outside of its ecosystem. That isn’t to say that both Google and Apple will adapt their platforms to be more aware of potential attacks in the future, requiring malware distributors to find alternative ways to secure private data from their targets.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top