“Apple’s reputation for bullet-proof security could soon be blown away, with the most high-profile attack targetting [sic] its coolest device – the iPhone,” David Flynn reports for APC Magazine.
MacDailyNews Take: Ooh, “blown away.” How terrifying. Please. Stop. Too scary.
Flynn continues, “An iPhone virus, spyware or other piece of malicious software is almost inevitable. ‘It’s 80-90% likely that we will see malware targetting the iPhone,’ predicts Patrik Runald, Security Response Manager for F-Secure Security Labs.”
MacDailyNews Take: Never fear, Runald has a potential “solution” to this terrifying threat: When Apple ships the iPhone SDK, anti-virus software peddler F-Secure “might develop anti-virus and security software to protect the iPhone.” No word, yet, on exactly how much they hope to rip-off from iPhone owners for such so-called “protection.”
Full article here.
How on earth is the iphone going to get a virus or malware?
EMAIL:
If you get an email with an attachment from an address you dont know just dont click on it – simple.
BLUETOOTH:
Also, with bluetooth, no one can send you a file without you confirming you want it.
WIFI:
Cant see any iphone getting malware from this – especially if you are on a closed network which is password protected.
This is TOTAL FUD!
The FUD tradition against Apple products continues. (Fear, Uncertainty and Doubt is a prehistoric method of propaganda). You’d think they’d get the clue. Symantec made two anti-Mac security FUD attacks in 2005. Utter failures. McAfee followed with their own FUD attack late that year. Utter failure. Then the CEO of McAfee, in a total turn around, suggested that anyone with brains should dump their Windows box in favor of a Mac simply for the sake of SECURITY. This past year we had a flood of FUD from the hacker community. Thankfully none of them wrote anything malicious and Apple were up to the task of eradicating all the vulnerabilities they found. Then last week we were supposed to be shaking in our well-healed Mac user boots about the porno Trojan out in the wild for Macs. Yeah. I’m scared. But at least this this does help waken people up to the fact that NO operating system is ever invulnerable or perfect.
Here is some FUD: Anti-Mac bigots and marketing morons like F-Secure have an 80-90% chance of making fools of themselves by making stoopid predictions about Apple product security.
I hope I make them wet their pants and shiver in ((((FEAR)))).
;-Derek
An email with malicious jpeg file from one of your Window OS friend.
Through yet security hole in a undocumented bluetooth port.
Closed WiFi network? Why? Closed on WiFi, but open to internet through router.
Not a total FUD. Who would have thought Sidekick can be broken into through the cell phone’s data connection. Someone did. We don’t know if next one will be a worm or a trojan. Just remember, F-security and other anti-virus software makers do not know the answer either. The anti-viurs for most part is reactionary, not proactive. A virus has to hit before they can write the virus definition to stop it. So, the software they are selling today is not likely to stop the virus that comes out tomorrow, at least not for Mac OS X.
“An email with malicious jpeg file …”
Not so far out. The iPhone was “jailbroken” by leveraging a vulnerability in a tiff library. What can be leveraged for “jailbreaking” could also be leveraged for malicious purposes.
There are other possible vectors. Safari on the iPhone was broken days after launch by Dr. Charlie Miller at ISE:
http://blogs.zdnet.com/security/?p=393
That was down to a vulnerability in open-source software that Apple was using. The vulnerability had already been fixed, but Apple was using an old version — not for the first time.
The device is far from invulnerable — nothing is.
However, I think F-Secure is flying a kite. There’s no more reason why the iPhone would be struck by a plague of exploits than any other smartphone. Other phones are probably around in greater numbers, which would make them a broader target. Other phones may be easier to crack, too.
I think F-Secure mentioned the iPhone because they know it’s a hip product and therefore newsworthy. This interview was about bumping-up F-Secure’s profile; that’s all.
If by “malware,” you include “trojan horse” type malware, they might as well say the chances are 100%. You can’t stop the user from being stupid and intentionally agreeing to install evil software. However, if Apple’s method for officially allowing third party apps on iPhone only permits such software from “trusted” sources, the risk will be minimized. Then again, there will be users who choose to bypass such measures, so the chances are sill 100% that iPhone malware will appear.
The only Mallware threat I have to deal with is when my wife looks up gap.com on her iPhone.
Just reformat your hard drive and then you won’t get a virus.