back to article Eugene Kaspersky frustrated by Apple’s iOS AV ban

Eugene Kaspersky is “a little bit disappointed … Apple won’t let us” develop antivirus software for iOS devices, as he feels it is only a matter of time before criminals target the operating system. “We as a security company are not able to develop true endpoint security for iOS,” Kaspersky told The Register in Sydney today. “ …

COMMENTS

This topic is closed for new posts.

Page:

FAIL

What, you mean Apple won't let him push his scareware on a platform with no legitimate security threat (well, other than from Apple itself)? They won't let him browbeat people into buying something which is functionally useless?

Shame on them.

37
35
Silver badge
FAIL

Yes, because Security purely by obscurity always works, doesn't it.

NOT!

While I'm no fan of Kaspersky, Apple really need to take their head out of the sand and decide how they are going to approach threats. The threats are there, and there are vulnerabilities is iOS. It is only a matter of time ...

29
17
Thumb Down

Don't feed the troll...

3
2

Someone doesn't understand what security by obscurity is,

So how precisely is Apple's current policy security through obscurity? And how does unlocking iOS' security to the extent needed for a virus scanner to get access to the OS innards actually help?

8
5
WTF?

Obscurity? What obscurity?

iOS is everywhere. Especially in the enterprise where no one trusts Android.

6
4
Silver badge
FAIL

Re: Obscurity? What obscurity?

@Maliciously Crafted Packet

I hope you're not joking. Otherwise I suggest you go read Bruce Schneier or on security via obscurity and find out what the term means.

5
1
Bronze badge
Boffin

Re: Someone doesn't understand what security by obscurity is,

At a guess, a scanner/shield system would need to check specific system locations where malware would graft itself, which would normally be forbidden to normal user applications.

The best illustration of why this is needed: Several versions of the iPhone were jailbroken by visiting a specifc site with safari and opening a link that from what I understood got safari to execute, via a buffer overflow, code in a privileged context that allowed you to spring the phone. Apple sealed that fault with progressive upgrades of the OS, but what other internet connected system features could be exploited?

Another couple of problems : malicious code in a user app. Apple's screening process still allows things to get through from time to time (like the banned app a while back that contained a hidden [forth?] interpreter), and malicious use of personal data, like when social networking apps suck data from your contacts, and of course, all the recent hubub about apple storing data in plain text on the phone...

So yes, there are problems, but would opening up the platform and allowing a third party app access to the OS cause more problems than it could prevent?

5
0
Bronze badge
Meh

Neat, don't think I've seen an OP get 22 up / 22 down votes (at time of writing) before. You, Sir, have devised the...

Perfectly Polarising Post!

Icon: what it averages out to

3
0
Silver badge

Security by Obscurity??

IOS isn't security by obscurity - its Security by Gatekeeper. Want your code on the phone, you have to go through the gatekeeper - Apple.

Ergo, Scareware is right,.

5
2

er

you mean, they should do something like develop a pretty secure core OS and then severely lock down the vectors for third party software to be delivered, and institute a strict review policy for those vectors? come up with an approach like that?

oh...wait.

I'm no-one's idea of an Apple fan, but let's face it, the model they've come up with is more or less a closed implementation of the system that F/OSS operating systems have been using for decades, and it's worked pretty well there. If everyone (give or take) gets their software from the same places, and there's a solid review process in place, it makes it quite hard to infiltrate really bad stuff without getting detected quite quickly. Not impossible. But hard. And it definitely qualifies as an 'approach'. And it's not particularly clear how 'anti-virus software' can possibly make things any better.

4
1
Anonymous Coward

Yeah because viruses are a massive problem on iOS right?

Sell your crapware to someone else Eugene.

17
22
Silver badge
FAIL

I'll leave this here.

http://www.huffingtonpost.com/2012/04/24/mac-malware_n_1448561.html

http://www.techweekeurope.co.uk/news/mac-flashback-600000-infected-apple-71604

And you just belive what the nice man on the adverts tells you.

17
8
Anonymous Coward

Yes

That's why people buy Apple devices, because Apple say that they're totally secure and don't suffer viruses, although recent news seems to contradict them. Sticking their corporate head in the sand and protesting that there is nothing wrong with their software doesn't help, because it ends up in a "we're secure, so we don't have any problems to address" mindset.

9
8

Re: I'll leave this here.

The fact that Flashback hit the news is evidence of how rare Mac trojans and viruses are..

Also, your second article points out that a lot of those 1 in 5 macs that are infected, are actually just harbouring a Windows virus that probably won't infect them, and only spreads if the user is stupid enough to spread it..

However, back to the main point of this article. While I like Macs, I always run AV (and other security software) because I don't like to risk being infected. Why? Basically, no system on Earth is entirely secure, and I'd like at least a chance of some warning.

But,while I respect Kaspersky, it's worth remembering that they have a vested interest in scaring people about Malware, and it's not in their interest to ignore any system that should prevent Malware being installed (as Apple's should).

6
1
Anonymous Coward

Re: I'll leave this here.

@Stuart - That's exactly my point - It has been proved that macs have been successfully targeted by malware, if Apple have any sense they'll sort out their security response and do what it took MS far too long to do and become far more open about and serious about security and fixes. If they stick their head in the sand, or continue their famous Apple secrecy, they could end up with a very serious problem on their hands.

5
2
FAIL

Re: I'll leave this here.

So which one of the links is concerning iOS?

4
1

Re: I'll leave this here.

You realize that you're linking to articles about a completely different OS, right? You realize that the security company in question has actually deleted info from systems they were suppose to protect, right? And most importantly, you realize you have no idea what you're talking about, right? A little research before posting nonsense would go a long way.

6
0

Re: I'll leave this here.

Because Mac OS isn't iOS, you have no point.

4
0

Methinks he doth protest too much...

This couldn't possibly be an attempt to boost his AV business, could it?

Frankly, as a Mac user I have utterly given up using AV software - in practice it causes far more problems (slowing down machines, causing incompatibilities) than it is ever likely to solve. In all my 25 years of MAc computing I have never had a major virus, and only a couple of times had any malware at all. Unlike my ex, who was often reduced to tears by the logjam of viruses and (mostly) AV warnings that popped up all the time on her Windows machine.

That said, Apple is extremely slow at responding to genuine problems - but to assert that Apple's inaccurately-labelled Walled Garden* approach makes it less secure than the "install what the heck you like" approach of Android is disingenuous to say the least.

* It's a pretty rubbish walled garden that is open to the internet, surely?

10
16
Anonymous Coward

Re: Methinks he doth protest too much...

> (slowing down machines, causing incompatibilities)

Indeed, no need for AV, I find that Quark Xpress and Adobe Creative Suite are quite effective at doing just that.

6
0
Devil

Re: Methinks he doth protest too much...

Same here on every Windows machine I've had over the past 10 years or so.

Only numpties get viruses and indeed - AV software is often just as bad as having the virus.

As for your ex - she'd probably been looking at porn and downloaded "codec packs" :P

On a related note - I think that a common attack vector (and cause of badly performing Windows machines) is all the nasty software that comes with off the shelf PCs (stupid mac style application launcher bars, HP drivers and all that rubbish). Its always SO error prone (and users always think that error messages are viruses) so it gives the whole platform a bad name.

5
4

Re: Methinks he doth protest too much...

"In all my 25 years of MAc computing I have never had a major virus, and only a couple of times had any malware at all. Unlike my ex, who was often reduced to tears by the logjam of viruses and (mostly) AV warnings that popped up all the time on her Windows machine."

If you have given up on AV how do you know you don't have a virus right now?

Dunno what your ex was doing - I get maybe 1 virus a year on my windows machine, and its always when I've downloaded something from a dodgy site.

This is being typed on OSX so I'm no fanboi, not sure I can say the same about you...

4
0

Re: Methinks he doth protest too much...

This couldn't possibly be an attempt to boost his AV business, could it?

However that does not mean that what Kaspersky is saying is wrong, a little bit of critical thinking about this subject would go a long way.

3
1
Silver badge

Re: Methinks he doth protest too much...

Good luck with that. OSX viruses do exist and they're getting more prevelant.

The only time I had a virus infection on Windows it was the Chernobyl virus. The year was 1999 and a mate gave me a CD of software and MP3s he'd got from another mate. We had no AV so unfortunately the entire flat network caught it before we found out and we had to fix the master boot record on 5 machines. I still have a copy of it on a floppy somewhere.

Since then I've always used AV. If you choose a decent solution (not Norton or McAfee) you don't get slow downs, incompatibilities or the other FUD you're spreading. The VB100 list is a good place to start making that choice.

3
2

Re: Methinks he doth protest too much...

If you are running an AV product, how do you know you don't have a virus right now?

My wife's PC got infected with a trojan. I was the one who found it and deactivated it. I renamed the executable and kept it around to see how long it would take before the AV agreed with my diagnosis. It took several weeks, if not months.

My machine at work has AV, but it never stops anything. Except it once choked on a text-file containing a URL that it felt was risky. Sigh. The AV product we are using (as well as the one we used prior to it) has caused us several concerns. E.g. we spent time diagnosing our software because it was so slow... Turns out our network overlords had activated the AV product's firewall, which included a http scanner. We lost hours on that one.

Looking back at the past 25 years, I can definitively state that AV-products have caused way more problems than they have solved for me.

2
0
Silver badge

Re: Methinks he doth protest too much...

My wife's PC got infected with a trojan. I was the one who found it and deactivated it. I renamed the executable and kept it around to see how long it would take before the AV agreed with my diagnosis. It took several weeks, if not months.

Yes, quite right, sometimes things get past AV. But you know what, without AV everything can get past!

Only an idiot runs without any defences. On access scanners can cause some serious issues performance wise, but where exactly is the harm in running the odd scheduled scan? FFS you don't even need to pay for AV just get ClamAV or similar.

Turns out our network overlords had activated the AV product's firewall, which included a http scanner. We lost hours on that one.

Either it was badly configured, or a shite piece of software, doesn't change the fact that you should be using AV. All it means is that you (or your bosses) need to chose solutions more carefully!

3
1
FAIL

Re: Methinks he doth protest too much...

Only numpties get viruses

No, my son's PC was totally screwed up by a drive-by trojan that he got on a legitimate site. You don't have to be a numptie to get hit by a trojan/virus.

As Rune Moberg has asked, if you are not running any AV product, how do you know you don't have a virus?

I use 2 AV products, only 1 is 'installed' running all the time and I use the other to run occasional scans. Several times in the past year my AV has detected incoming intrusions and blocked them. My firewall log also makes for horrendous reading, and apart from 'blocked intrusions' the number of port scans is also quite high.

Yes, all these AV products slow down the boot time of my PC and they slow down the PC a bit, but I wouldn’t dare go online without them.

4
0

Re: Methinks he doth protest too much...

"If you have given up on AV how do you know you don't have a virus right now?"

And running AV software allows you to know you're virus-free?

1
1
Silver badge
Holmes

Re: Methinks he doth protest too much...

No, but using that as a justification for not using one is not very bright. Consider the following two sentences:

My house has never been broken into so I don't need any locks - they're just a waste of time and money.

My neighbor's house was broken into even though he has locks, which proves that locks are a waste of time and money.

5
0

This post has been deleted by its author

Re: Methinks he doth protest too much...

I wasn't using it as a justification for not using AV. I would however say that AV frequently gives people a false sense of security. It should be a last line of defence, certainly not the first.

0
0
Anonymous Coward

Re: Methinks he doth protest too much...

Having been to several presentations over the years, delivered by Eugene Kaspersky, I have to say he regularly forgot to plug his company's products, and on one occasion only did so, after his employee reminded him.

Hence personally I would be more likely to take his comments at face value, than I would from say marketing muggers like iApple.

1
0
FAIL

Re: Methinks he doth protest too much...

Quote: In all my 25 years of MAc computing I have never had a major virus, and only a couple of times had any malware at all.

In my years a Windows user, I have less then that.

0
0

Re: Methinks he doth protest too much...

And it doesn't mean he's right. So because iOS has had no viruses, and because opening iOS to virus apps would make his company a lot of money, critical thinking shows his opinion is pretty worthless.

You should do some critical thinking yourself, or learn what it means.

0
0

Re: Methinks he doth protest too much...

"If you are running an AV product, how do you know you don't have a virus right now?"

Wow, you are a security companies dream customer.

- why are you chewing bubble gum

- to keep away the elephants

- but there isn't any elephants here.

- see, it works!

Just unbelievably dumb.

0
2

Re: Methinks he doth protest too much...

"As Rune Moberg has asked, if you are not running any AV product, how do you know you don't have a virus?"

Will people quit quoting this nonsense? I don't have a security system in my house. How do I know someone didn't sneak in to day and is living in my basement?

Just an idiotic line of reasoning.

0
2

Re: Methinks he doth protest too much...

Neither one makes any sense whatsoever. iOS isn't a house without a lock. It has a better lock than any desktop OS.

So if you have locks on your house, you feel safe, and you've never been broken into, and a traveling security salesman says "you could be broken into" I'm guessing your the sucker that hands over your money.

If you're going to use analogies, please use ones that make sense.

0
1

Re: Methinks he doth protest too much...

Eugene Kaspersky never stops pushing his products, and this is a push for his product.

You seem to hate apple, yet this guy is using unfounded fear to get people to hand over their money. Much worse than anything apple has done. Open your eyes.

0
2
jai
Silver badge

but surely, if Apple open up the SDK to allow Kaspersky and the like to develop AV software, that also means they'll open up access routes that malware/virus writers can exploit too, no?

8
1
Thumb Up

exactly

At last some common sense among all the dross. Thank you.

2
1

Allowing AV products, is like admitting there are virus issues with your platform, which Apple do their very best to prevent.

Maybe Kaspersky should sell a iOS AV product for jailbroken devices, so those that chose to get their apps without using the app store, can have protection against all the dodgy apps that exist outside Apple's walled garden.

Lets be honest, they are the people that need it anyway.

Its a sad day, when we start needing AV software on a mobile!

4
0
Anonymous Coward

9/10 the virus ends up on a machine because of user stupidity. By limiting users to the appstore and only pre-approved apps then this helps eliminate the issue of dodgy code being installed. Still doesn't stop unscrupulous websites in Safari embedding malicious code though

4
4
FAIL

@ AC 08:14 - FAIL

"By limiting users to the appstore and only pre-approved apps then this helps eliminate the issue of dodgy code being installed"

This has already been proved to be incorrect - there was some guy who wrote an app, got it passed the App store detectives. He then (some time later) announced what else the App could do.

6
1
WTF?

Gullibility is not necessarily stupidity

Some virus installers are quite cleverly disguised as genuine security patches from trusted vendors which claim to be making your machine secure whilst, actually, compromising it - I'm thinking of adobe update installers maybe, which can look EXACTLY like the real thing.

I know I'm going to get trolled by some who say "Well I NEVER use any adobe products because of this" - or Java, etc etc - but the fact is that out here in the real world of normal people we need to look at pdf's, ppt's and doc's from work and college and we need OpenOffice or similar with which to author them, and we want to not get viruses, please, while using our simple-to-buy-and-operate wintel & mac computers. Most people don't want to spend hours researching every alternative to adobe & java & windows & OSX and countless hours configuring and reconfiguring systems (even if we could be bothered to learn how) becuase we have real stuff to do (like write this hem-hem).

So it's conceiveable that in the course of a busy day one might be fooled into installing a wrong-un. This is not stupidity.

6
0
Anonymous Coward

I'd go as far as 99/100 actually...

0
0
FAIL

Epic Fail

He admits iOS is extreme difficult to crack unless criminals gain access to someone else's source code, and then get them to submit it and have apple pass it without noticing.

He whinges because he cannot get his CPU/memory/batttery hogging software in that will interfere with every app you have.

And finally backs Android - which is already having major malware issues.

Seriously !!!!

7
8

Re: Epic Fail

"He admits iOS is extreme difficult to crack unless criminals gain access to someone else's source code,"

That's not at all what he said.

A hacker could simply write their own ios application. Plenty of apps have slipped through the net - look at the recent spate of apps that were surreptitiously downloading entire contact lists without Apple knowing.

4
1
Gold badge

Re: Epic Fail

Once they are discovered they can be remotely killed and it is pretty simple to return the phone back to a working state.

0
1
Silver badge

Re: Epic Fail

Before they are discovered, they can wreak absolute havoc on your life, career and finances.

3
1
Silver badge

Re: Epic Fail

@dogged

Quite right. It's too easy to say "Well I can restore", if the apps already made off with the data it was designed to collect then you can restore your phone if you want, hell you can even introduce it to a lump hammer, but the damage is done.

If I release 'Angry Pigs' and code it to start misbehaving 7 days after install (actually that might be a bit obvious), it doesn't matter whether or not it goes through the App police. If they don't notice then it's out in the wild. Sure they can remotely kill it, but if I've already managed to send 1000 texts at £1.50 a pop then I'm laughing all the way to the bank!

4
0

Page:

This topic is closed for new posts.

Forums