Who Said iOS Is 'Invulnerable'?
I've studied Apple device security for 12 years and donated my time to write about it for 10. I have never run across anyone saying iOS is Invulnerable to malware. Instead, what I occasionally come across are headline and article claims, such as those found here, slamming unspecified people who were ignorant enough to make such a claim. I find that approach to tech journalism to be silly.
For those interested, here is some helpful information for iOS users provided as an addendum to that provided by the article:
• The best way to keep your iOS device safe is to never jailbreak it. This will keep your device clear of the majority of iOS malware. Apple's walled garden of vetted apps is renowned for its safety.
• Back up your iOS device regularly. You should keep two backups. One should be local and easily accessible, as is provided in iTunes. Another should be away from your locale, such as in the cloud, again provided in iTunes. Encrypting your backups provides further safety.
• There have occasionally been malware apps that have been approved into Apple App Store. Typically, they have been proof-of-concept malware used to entice Apple to improve its App Store security, Considering the vast number of apps available in the App Store, the number that have been malware approaches statistical insignificance.
• In 2015, Apple became confident enough in the quality of its app vetting process that it removed all anti-malware apps from the App Store. If you perform a search, you'll find that none are available.
(See - https://9to5mac.com/2015/03/19/apple-app-store-antivirus/ )
• The Apple developer security certificate system, which prevents the installation and running of malware on iOS, has been by and large a success. However, there have been breaches in that system specific to enterprise developer security certificates whereby a developer has gone rogue or their certificate was stolen and inserted into malware. In 2016, this became the single greatest security threat against iOS. However, no similar certificate breaches have occurred thus far in 2017.
From my point of view, we still remain in what I call The Dark Age of Computing. We expect every software program and operating system has the potential of containing significant security flaws. The more elaborate the software, the more frequent the security flaws. By far, the most common security flaw is a variety of buffer overflow in device memory. The main cause of this problem is our continued reliance upon relatively poor coding tools, including coding languages. It is hoped that with time we will leave behind these tools and progress onto superior coding tools that, by design, will not allow for coding error security flaws. One improved coding language is Swift, an open source project supported by Apple, applicable to any computing platform.
Also note: USB port security problems are primarily due to Intel's faulty USB standards. This problem is not isolated to any particular hardware or operating system. For those concerned, there are now USB port protection adapters available which act as a safety intermediary between the device and anything connected to its USB ports. An example is the PortaPow USB Adapter, available at the usual sources.