Feeds

Apple's iPhone: theoretical risks of unreleased handset

Symantec stokes Apple hype engine

Top 5 reasons to deploy VMware with Tegile

Apple's iPhone is unlikely to become a gateway device for mobile malware, Symantec says. The handset will run an operating system based on Mac OS X, thus opening the possibility that the small number of viruse targeting the platform might be re-purposed to infect iPhone.

However, Concerns about possible mobile infestation of iPhones are "premature" at worst according to Eric Chien, an anti-virus researcher at Symantec.

For one thing the iPhone will be locked down so that consumers will be able to install only selected third party applications. While not dismissing the possibility that iPhone-specific malware could be created, Chien reckons it won't reach the levels currently seen with smart phones running Symbian OS. Nonetheless, vulnerabilities in Mac OS X could create future problems, he warns.

"The likely vectors of infection will be via any vulnerabilities on the device that allow code to execute. Unfortunately, just a single malware writer taking advantage of a single vulnerability could cause havoc, but for the most part such attacks will be limited," he writes.

"If the iPhone remains a closed device with not even Java applications or widgets let alone native code, the risk of infection becomes orders of magnitude lower."

Even though the iPhone is "locked down", interest in the technology is likely to spur the creation of home-brew hacks. The motives of these users is simply to run their own code on the phone, but the techniques pioneered by tech enthusiasts might be re-purposed for more malign purposes.

"Once they install and execute unknown code on their device, there is always a chance of executing malicious code. This scenario happened in the past with the Sony PSP and PSPBrick Trojan," Chien notes.

A mono-culture of devices running the same OS, knowledge among hackers about how software on the device works have been factors driving the creation of numerous items of malware on Windows PCs and the reason why mobile malware, despite considerable hype from some quarters, has been mercifully rare. Chien concludes that this is unlikely to change much with the arrival of iPhones later this year.

His analysis is published on Symantec's security blog here. ®

Top 5 reasons to deploy VMware with Tegile

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.