Feeds

Apple's iPhone: theoretical risks of unreleased handset

Symantec stokes Apple hype engine

Boost IT visibility and business value

Apple's iPhone is unlikely to become a gateway device for mobile malware, Symantec says. The handset will run an operating system based on Mac OS X, thus opening the possibility that the small number of viruse targeting the platform might be re-purposed to infect iPhone.

However, Concerns about possible mobile infestation of iPhones are "premature" at worst according to Eric Chien, an anti-virus researcher at Symantec.

For one thing the iPhone will be locked down so that consumers will be able to install only selected third party applications. While not dismissing the possibility that iPhone-specific malware could be created, Chien reckons it won't reach the levels currently seen with smart phones running Symbian OS. Nonetheless, vulnerabilities in Mac OS X could create future problems, he warns.

"The likely vectors of infection will be via any vulnerabilities on the device that allow code to execute. Unfortunately, just a single malware writer taking advantage of a single vulnerability could cause havoc, but for the most part such attacks will be limited," he writes.

"If the iPhone remains a closed device with not even Java applications or widgets let alone native code, the risk of infection becomes orders of magnitude lower."

Even though the iPhone is "locked down", interest in the technology is likely to spur the creation of home-brew hacks. The motives of these users is simply to run their own code on the phone, but the techniques pioneered by tech enthusiasts might be re-purposed for more malign purposes.

"Once they install and execute unknown code on their device, there is always a chance of executing malicious code. This scenario happened in the past with the Sony PSP and PSPBrick Trojan," Chien notes.

A mono-culture of devices running the same OS, knowledge among hackers about how software on the device works have been factors driving the creation of numerous items of malware on Windows PCs and the reason why mobile malware, despite considerable hype from some quarters, has been mercifully rare. Chien concludes that this is unlikely to change much with the arrival of iPhones later this year.

His analysis is published on Symantec's security blog here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
Three floats Jolla in Hong Kong: Says Sailfish is '3rd option'
Network throws hat into ring with Linux-powered handsets
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
Fifteen zero days found in hacker router comp romp
Four routers rooted in SOHOpelessly Broken challenge
EE: STILL Blighty's best mobe network, says 'Frappucino' Moore
Fresh round of network stats fisticuffs possibly on the cards here
New Sprint CEO says he will lower axe on staff – but prices come first
'Very disruptive' new rates to be revealed next week
US TV stations bowl sueball directly at FCC's spectrum mega-sale
Broadcasters upset about coverage and cost as they shift up and down the dials
Tech city types developing 'Google Glass for the blind' app
An app and service where other people 'see' for you
Canadian ISP Shaw falls over with 'routing' sickness
How sure are you of cloud computing now?
UK mobile coverage is BETTER than EVER, networks tell Ofcom
Regulator swallows this line and parrots it back out at us. What are they playing at?
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.