View Single Post
Old 05-24-2012, 07:00 AM   #6
JoeD
Guru
JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.JoeD ought to be getting tired of karma fortunes by now.
 
Posts: 889
Karma: 4383958
Join Date: Nov 2007
Device: Hanlin v3, iPad, Kindle 4NT
Quote:
Originally Posted by afv011 View Post
ORLY?



Source
How would an AV app running on iOS have helped though? There's no way for virus scanners to detect custom written exploits, the best they can do is update their scan strings and heuristics when an exploit is finally discovered. In principle, by the time they've updated their AV app, Apple would already know about and have pulled the offending app.

AV scanners make a whole lot more sense on Android, not because it's any less secure than iOS, but because it's a lot more open. Users can load unsigned apps if they wish which can come from any source and are an ideal attack vector for malware (much as they are on the Mac/PC).

The only place I can think of an AV being of any use on a totally locked down system is to detect known but not yet fixed exploits. Apple have dragged their feet a few times in the past such as with the java/flashback issue, or the iOS PDF exploit.

iOS had a PDF exploit a while back that people were using to jailbreak their phones, you could argue an AV scanner might have been able to detect that and protect users between the time the exploit became public knowledge and apple fixed it. That's just about the only use case I can think of where AV might make sense on iOS.

However, to do so Apple would need to give anyone writing an AV app complete access to all data on their device or the ability to intercept and stop at any point the download of any data. Technically possible? sure. Likely? not so sure.

If Apple can decrease the gap between notification of an iOS exploit and patch roll out, then it should make AV s/w redundant (on iOS anyway, still important on Mac/PC/anything that users can download binaries from arbitrary locations)

Last edited by JoeD; 05-24-2012 at 07:04 AM.
JoeD is offline   Reply With Quote