back to article iPhone anti-malware stuck in state of denial

The blaze of publicity that accompanied the release of the first iPhone worms this month has sparked interest in selling anti-malware products for the device. However no such security products currently exist and Apple shows little inclination in licensing any that do get developed. Antivirus products for Symbian smartphones …

COMMENTS

This topic is closed for new posts.

Sensible

I can sort of see where Apple are coming from here - until a virus appears that can spread on an unjailbroken phone, why change the rules?

7
0
Silver badge

Sensible?

Because if they get the malware detection BEFORE there is a problem, they can deal with it faster.

Apple's attitude. There is no countermeasure, because there is no malware, so no problem. Not too bright.

0
0

Huh?

"The only alternative - ironically - would be for us to make it available as an unauthorised app, meaning that iPhone users would have to jailbreak their iPhones to scan them for security problems. This is obviously not ideal," he added.

No they wouldn't, stupid. If the need this crap, the phone has been jailbroken already!

3
3

Completely reasonable

1: no background apps.

2: no apps not associated with icons.

3: all iPhone binaries are backed by checksums at boot, can't infect those...

4: It;s OS X (stripped). There has never been a confirmed ITW virus for OS X (trojan yes, worm yes, hack yes, but not one virus).

5: it requires SSH to be installed, and the password left to a default...

5
0
Anonymous Coward

@Michael C

"Completely reasonable

1: no background apps."

But there are background apps, eg the alarmclock.

If someone works out how to run their work the same way...

0
0
Flame

Wake me when there is an actual threat

McAfee Anti-Virus makes my work computer run like a narcoleptic terrier with amnesia. I'd like to keep my phone usable thanks.

The Trend Micro SmartSurf for iPhone is not a browser add-on, its a replacement browser app. No thanks!

2
0

Why "ironic"?

Why would it be "ironic" for the security folks to release their anti-malware tools only for jailbroken iPhones? Those are the only ones susceptible to these viruses, so it actually seems very appropriate! There hasn't even been a proof-of-concept virus/trojan that works against an un-jailbroken iPhone, so any "security" software for such a device seems like just a scam.

1
0
Grenade

This is why "ironic"

Mostly because anti-malware software can't seem to exist without a need to *market* said anti-malware software. And tech-adverse fools are very easily security-scared. (We can't say exactly "security-conscious", though.) The number of "Click here for a free security scan!" banner ads that work is staggering. So, the people who are most likely to want anti-malware software and haphazardly follow instructions to install it are precisely the people whom probably shouldn't be breaking open their iPhones to begin with, and not even trying to get anti-malware is likely to keep them MORE secure on average than otherwise.

Basically, there's three classes of people with iPhones: those that haven't jailbroken their phones and probably don't need anti-malware software because of that fact, those that have broken their phones and done it properly with secure passwords on their ssh installations and thus probably don't need anti-malware software because of that fact, and those that have no business breaking their iPhones because they're going to foul it up and expose themselves to malware. Marketing malware *only* increases the number of people in that third group.

0
0

Snake-oil

So the anti-malware companies are basically complaining that they're not allowed to sell snake-oil? There are no known viruses or worms for unlocked phones, so what exactly - at this stage - would an anti-malware product detect? I hear I can't get anti-malware software for my fridge either -maybe they should explore that market.

4
0
Flame

Applause to Apple

Bolting down what a system can run is one of the most reliable approaches to malware prevention. If Windows was running only signed apps only a very small fraction of viruses known to date would have been able to exist. Unfortunately the signing checks in Windows at present are predominantly at installation and even at that point Joe Average User is allowed to bypass them with flying colours.

4
0
Gold badge
Troll

"Applause to Apple" - do what ??

Anton Ivanov said:

"Bolting down what a system can run is one of the most reliable approaches to malware prevention. If Windows was running only signed apps only a very small fraction of viruses known to date would have been able to exist."

OK, so only a fraction of viruses / worms for windows have got their way in through applications that would've been signed by MS? Like the multiple ports the OS leaves open by default with buggy drivers listening, or the buffer overflows etc. in IE / Outlook Express / Word / Excel / Powerpoint / Outlook proper / Adobe reader / Adobe Flash...

Unless you mean that Windows should also only open files that have been signed by MS (roll up, roll up, get all your files signed so you can open them again after you save them).

What about all those nasty packets that come to Windows from the network? Get MS to inspect them and sign them too?

Apple did not bolt down their phone/ipod for the sake of the user. They did it to control the market (as in take a cut of). Imagine the uproar when Ford announces that all their new cars only run on fuel, tyres, etc. from your local "Ford CarStore"™

0
4

troll.

"Apple did not bolt down their phone/ipod for the sake of the user. They did it to control the market (as in take a cut of). Imagine the uproar when Ford announces that all their new cars only run on fuel, tyres, etc. from your local "Ford CarStore"

You know NOTHING. Apple's OS and store is locked down on concession to the TELCOS. Providing a closed systems does provide a consistant user experience, simplifies app development and API contol, and limits requirements for extensive backward compatabiltiy support in the future, and it does give them some controll of the app revenue, but note this: Apple currently operates the App store at baseline protiability. 30% is not a large cut of the share, and that system, especially all the people reviewing the apps, as well as continued development for the platform, costs tens of millions.

Apple profits from the PHONE sales, not the app sales. The availabiltiy of the app store is a great selling point for the device, but itself it not intended to be a core revenue stream (remember, it wasn't even in existance most of the first year!)

Also, you CAN, legally, unlock the device (subject to you CARRIERS contract, not Apple's). You CAN get other apps. It's less secure, provides no support, and apple is under no obligation to support your device (including potentially voiding the waranty). Since Apple never designed to OS for use with an open market, AV was not cooked in. instead, explicit API controll, signed files, and OS level functions prevent rogue code from running. They never intended a servlet from running on the phone allowing a hacker access through bot networks to your device, since running servers over a cell network is NOT SUPPORTED. The only viruses that can effect phones can't actually get installed INTO your phone, they merely abuse unlocked access of dumb people who don;t change passwords, and I believe fully in social darwinism, so I support Apple's refusal to change their OS to help the people who refuse to accept the OS as it was provided.

0
4

Yeah...

But the problem with the Windows PC is just that it wasn't required in the past, so requiring it now would break backward compatibility (which after all is why people buy Windows PCs - if it weren't for backward compatibility what's wrong with Linux?!).

The iPhone is a different animal entirely, applications have NEVER been allowed onto the platform without Apple's express permission (which is exactly why the iPhone hasn't been infected so far - and there is no evidence that is about to change).

Also imagine the hue and cry if Microsoft started locking down Windows with an iPhone-like AppStore!

The AntiVirus venders are showing their true colours with this - anything to make a buck, no real threat exists, but that doesn't stop them talking one up.

For a phone such an iron fist control is probably a damn good thing, not so sure I want this on my desktop...

1
0
Jobs Horns

@BristolBachelor

C'mon mate, even if a platform becomes more secure as a side-effect of Apple's Big World Domination Scheme of not letting people piss about with low-level APIs (which is one of the reasons people jailbreak iPhones) then it's a good side-effect.

I do fundamentally believe that in today's ultra-infected internet-connected age, it simply makes sense to run an OS which has security built into its' core - wether that's having some form of unix flavour alone, or restricted APIs and only a known (reasonably) safe app store to get approved software from.

Apple's model does make 'em stacks of cash, but it may (even unwittingly) mean their stuff isn't as vulnerable. I'll eat my hat if the non-jailbroken iPhones get some form of worm (not least because I've got one - there, I admitted it!), but do you really think that's going to happen? I think it's a very remote possibility.

I do believe that Windows has had its' day as an environment to do anything sensitive like online banking, for this very reason - it's too vulnerable. I'm sick of running an OS which needs to be loaded with bloatware which examines every bloody file I use, and reduces good hardware to an expensive doorstop... how long before Windows Mobile 6.5 has some kind of trojan / worm / virus and McAfee and the rest queue up to take cash and slow mobile devices down until they're unusable?

Oh - and El Reg - deleting my last post was a little harsh!

Evil Steve, cos I'm sure he is.

2
0

No2AV

AV would just eat CPU cycles and battery life. Plus, as has already been stated, there has been no actual malware for standard iPhones, so what need is there?

I'm not saying the iPhone is immune to malware (I don't know enough about the intricacies of it) but the fact it's so darned popular and has yet to succumb suggests it's at least highly resilient. I'd say cost-benefit would show more grief ensues by having AV than not.

PS - @BristolBatchelor - ummm, no, he's on about signing bins, not data files. It wouldn't solve every issue (the numerous flaws in every single Adobe produt spring to mind) but it would make it much more difficult to install bots after a successful exploitation. You'd need to re-exploit boxes after each reboot.

0
0
WTF?

iPhone users need protection

They are not always the brightest bulbs in any given pack. ;)

Take a gander at

http://www.icanhasdevjob.com/2009/11/plz-to-rate-my-incompetence-kthxbye.html

for a good example of what the lower limits of iPhone user intelligence can be... /grin/

0
1
WTF?

How will they sell these?

Sorry for my ignorance, but I believe one of the reasons for jail-breaking is to allow you run any software, including knocked off iPhone apps? So if you're into ripping stuff off already, are you likely to pay for any apps like this?

0
0
Gates Horns

Only Jailbreakers

Anti-malware would only be useful for dumb jailbreakers not smart enough to change a password, and they won't pay for it anyway. Let 'em lose their bank account details.

0
0
Paris Hilton

no malware?

funny, but isnt there a class action lawsuit about data gathering from app store signed apps going on?

All fully approved by Apple if I recall.

As for Michael C's comment about the App store not making money at 30%. You have to wonder what it would have cost apple if they employed there own devs to populate the store. Of course they make money from it, either directly or indirectly through unit sales.

That is the only reason to lock down apps to the store only, it has nothing to do with the user experience and all to do with controlling the revenue stream.

The hackers and phishers will be working hard to get into the Iphone world now that it has major market penetration, the exact same reason that Windows has been targetted, when you have enough users you have more chance of people doing stupid stuff and installing your viruses or malware.

The loss of "niche" status just makes Apple items a target.

Paris - infinetely more appealling that the apple PR trolls on this thread, dont you agree Michael?

0
0
Silver badge
Stop

Apple is taking the malware issue proactively

Apple are taking the malware issue proactively. If you havent made unauthorised changes to your phone, all your software is installed via the app store, which is reviewed and malware rejected.

If you have made unauthorised changes to your phone, well that's not apple's fault.

If you use the device, as directed, no anti malware program required!

1
0
Silver badge
WTF?

At the risk of restating the obvious...

...what's the point of developing security software for a device which has to be *manually* hacked, then SSH installed and left in an unsafe default mode for either of the two existing pieces of malware to run?

And who in hell would *pay* for it?

Removing the two pieces of malware from a jailbroken, default-password+SSH-laden iPhone is already a piece of cake: restore factory settings. The End.

Apple is *already* being "pro-active" about security on the iPhone. Or has someone produced some genuinely dangerous malware for it which doesn't require jailbreaking and other folderol?

0
0
Alert

Quote

"Mikko Hypponen, chief research officer at F-Secure, criticised Apple for..."

...not allowing his company to make lots of money by scaring iPhone users into buying his products.

2
0

Soln

I have a solution. Don't jailbreak your phone.

0
0
Thumb Up

Shocking.

That's twice in one week I've found myself agreeing with apple's corporate policy. (This and the smoking / warranty article.)

Also I was reminded of this: http://xkcd.com/463/

0
0
FAIL

??? non-story FAIL

Look, the recent attempts to "sex up" (excuse me) the iPhone worm story have to end somewhere. This is one extension too far.

Antivirus software can be a right pain in the arse, especially on restricted resource platforms like smartphones.

I know Apple missed the games company who were scabbing mobile numbers, but you'd hope they're doing their best to stop any malware from getting through to the app store, and in any case, haxx0r emptor if you jailbreak your iPhone.

These bits of info together == non-story.

0
0
Paris Hilton

Jobsian cult overload!

"I know Apple missed the games company who were scabbing mobile numbers, but you'd hope they're doing their best to stop any malware from getting through to the app store, and in any case, haxx0r emptor if you jailbreak your iPhone."

"hope" thare doing there "best" to stop other malware and phishing apps getting into the app store, now thats faith for you.

The malware exists, its already been in the app store and people "hope" it will get sorted.

If they missed one company how many others have they missed?

The app store clearly gives you a false sense of security, after all, its apple approved malware so it must be ok.

I am not defending the AV companies who are simply out to make a quick buck but I am always amazed at the divine faith shown to the Cupertion massive.

0
0
Thumb Down

This is a nonsense

"The only alternative - ironically - would be for us to make it available as an unauthorised app, meaning that iPhone users would have to jailbreak their iPhones to scan them for security problems. This is obviously not ideal,."

Er, hello? Since the only users at any risk of malware and possibly interested in such an app anyway are already jailbroken, what's their problem - just sell the app through jailbreak channels.

It seems the only real quandary here is for the anti-virus people - there's no point getting snooty about dealing directly with jailbroken phones when those jailbreakers are, in reality, your only prospective customers.

Am I, as happy unjailbroken user using only Apple-sanctioned apps, desperate to buy an anti-virus app from the appstore? What do you think?

0
0
Paris Hilton

Same problem the pope has

How can his Holiness tell everyone to use condoms to protect against the STDs that you wouldn't get if you only had sex within wedlock - the Pope's line on that matter.

Paris - guess why?

0
0
Black Helicopters

begs the question: would Apple approve malware on the AppStore

which begs the answer: "As long as they don't then there isn't any malware on iPhone."

Sounds like a non-issue (with head in sand).

Taking one's head from out of that sand-pit, one can see that people do jailbreak their iPhones and thus allow unsigned apps to execute ... including malware.

But it is in Apple's interest to ignore the 'problem', in order to dissuade people from jail-breaking.

0
0
Stop

Oh, come on...

What are you lot smoking today?

Yes, although F-Secure have been pushing their anti-virus product for Symbian for years, it's not necessary because the security model used by Symbian is so much better than Windows. Similarly, the iPhone doesn't need it in its locked-down state.

No, the interesting part of this question , which you've missed, is the marketing decision whether to take the Symbian route, with developers waiting years in some cases to get Symbian Signed approval, or to take the Apple route of not allowing developers access to the device's deeper functionality. (Of course, whether Apple are culpable by making the device so useless in its locked-down state that people HAVE to hack it, is a matter that would have to be tested in court.)

0
1
Anonymous Coward

AV is a Sticking-Plaster

...and is only necessary when you have a wound - thus there is no need for it yet on standard iPhones.

0
0
Boffin

i've written my own

sudo passwd root

0
0
Unhappy

boo hoo

'People who jailbreak their phones deserve all they get'. The only people that buy into this sad state of mind are either those too poor to be able to afford an iphone or those that are too scared to run non-appstore approved code (not just half-inched stuff tyvm). The only reason you give grief to iphone users is become you want something that you can never have.

0
0
WTF?

Screw personal firewalls..

Who says a "personal firewall" needs to be a userland application running in the background...

Being based on OSX, the kernel should have support for ipfilter (or apple could compile it in if not there in current versions), then the only userland application you need is one to configure the underlying kernel packet filtering.

0
0
This topic is closed for new posts.

Forums