Feeds

Apple's iPhone: theoretical risks of unreleased handset

Symantec stokes Apple hype engine

The Essential Guide to IT Transformation

Apple's iPhone is unlikely to become a gateway device for mobile malware, Symantec says. The handset will run an operating system based on Mac OS X, thus opening the possibility that the small number of viruse targeting the platform might be re-purposed to infect iPhone.

However, Concerns about possible mobile infestation of iPhones are "premature" at worst according to Eric Chien, an anti-virus researcher at Symantec.

For one thing the iPhone will be locked down so that consumers will be able to install only selected third party applications. While not dismissing the possibility that iPhone-specific malware could be created, Chien reckons it won't reach the levels currently seen with smart phones running Symbian OS. Nonetheless, vulnerabilities in Mac OS X could create future problems, he warns.

"The likely vectors of infection will be via any vulnerabilities on the device that allow code to execute. Unfortunately, just a single malware writer taking advantage of a single vulnerability could cause havoc, but for the most part such attacks will be limited," he writes.

"If the iPhone remains a closed device with not even Java applications or widgets let alone native code, the risk of infection becomes orders of magnitude lower."

Even though the iPhone is "locked down", interest in the technology is likely to spur the creation of home-brew hacks. The motives of these users is simply to run their own code on the phone, but the techniques pioneered by tech enthusiasts might be re-purposed for more malign purposes.

"Once they install and execute unknown code on their device, there is always a chance of executing malicious code. This scenario happened in the past with the Sony PSP and PSPBrick Trojan," Chien notes.

A mono-culture of devices running the same OS, knowledge among hackers about how software on the device works have been factors driving the creation of numerous items of malware on Windows PCs and the reason why mobile malware, despite considerable hype from some quarters, has been mercifully rare. Chien concludes that this is unlikely to change much with the arrival of iPhones later this year.

His analysis is published on Symantec's security blog here. ®

Boost IT visibility and business value

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.