05-23-2012, 07:04 PM | #1 |
Wizard
Posts: 1,041
Karma: 4694121
Join Date: Apr 2011
Location: Virginia
Device: Pocket Edge X 2 , Edge, gTab, Kindle Fire, Nextbook 7S
|
Eugene Kaspersky frustrated by Apple’s iOS AV ban
Apple may want to heed the warnings:
http://www.theregister.co.uk/2012/05...ios_antivirus/ http://www.crn.com/news/security/240...c2A**.ecappj03 Last edited by obsessed2; 05-23-2012 at 07:13 PM. |
05-23-2012, 07:20 PM | #2 |
Wizard
Posts: 1,358
Karma: 5766642
Join Date: Aug 2010
Device: Nook
|
Someone with a vested financial interest in convincing you that your children will be be eaten by wild dogs if you don't give him money tells you that your children will be eaten by wild dogs if you don't give him money. Go figure.
As he notes, iOS is pretty locked down, and opportunities are almost entirely only in the app store. What he doesn't mention is that the app store is also pretty well locked down. Apple has done a fair job so far of reviewing software for nasty habits before allowing something in the app store, and a better than fair job of pulling stuff out when something nasty slips through. And, here's the important part, if something slips through, they can delete it remotely, which is to say, they have a pretty good anti-virus mechanism in place already. Giving up enough information for outsiders to even try to build anti-virus apps for iOS simply spreads technical detail farther and wider, and honestly, increases the chance someone will find a vulnerability in the os itself. And let's not forget, Kapersky has had their own web site hacked to distibute malware (the same sort of drive-by infection that an iPhone or iPad would most likely be vulnerable to, if someone could get at the internal details). There are those who believe that anti-virus software itself is, basically, a form of grifting. I don't really agree with them (certainly not those who believe that most viruses are made and distributed by anti-virus companies), but I do see their point. If I used Apple products, I'd prefer knowing that Apple kept those os details internal to having other companies making anti-virus apps, especially considering that most anti-virus software is so bloated as to render the system nearly unusuable. Not to mention screwups in updates. One managed to flag all emails with the letter "p" in them as malware, and Avast (I think it was) recently flagged one of its own definition updates as malware. |
05-23-2012, 07:29 PM | #3 | |
Wizard
Posts: 2,888
Karma: 5875940
Join Date: Dec 2007
Device: PRS505, 600, 350, 650, Nexus 7, Note III, iPad 4 etc
|
Quote:
|
|
05-23-2012, 07:58 PM | #4 | ||
Captain Penguin
Posts: 2,947
Karma: 2077653593
Join Date: May 2009
Location: Vancouver, BC
Device: Kobo Libra 2, Nook Glowlight
|
Quote:
Quote:
|
||
05-23-2012, 08:21 PM | #5 |
doofus
Posts: 2,520
Karma: 13036221
Join Date: Sep 2010
Device: Kobo Libra 2, Kindle Voyage
|
The problem is, how would an iOS antivirus app even work? In the sandbox model, it's not allowed to scan the storage and memory space of the system or other apps, right? So what is it doing, declaring ITSELF safe? Unless it's using exploits or private API that get other apps banned.
Now, he could release an AV app on Cydia (jailbreak app store), but he's not interested in that bc it's not nearly as profitable. |
05-24-2012, 06:00 AM | #6 | |
Guru
Posts: 895
Karma: 4383958
Join Date: Nov 2007
Device: na
|
Quote:
AV scanners make a whole lot more sense on Android, not because it's any less secure than iOS, but because it's a lot more open. Users can load unsigned apps if they wish which can come from any source and are an ideal attack vector for malware (much as they are on the Mac/PC). The only place I can think of an AV being of any use on a totally locked down system is to detect known but not yet fixed exploits. Apple have dragged their feet a few times in the past such as with the java/flashback issue, or the iOS PDF exploit. iOS had a PDF exploit a while back that people were using to jailbreak their phones, you could argue an AV scanner might have been able to detect that and protect users between the time the exploit became public knowledge and apple fixed it. That's just about the only use case I can think of where AV might make sense on iOS. However, to do so Apple would need to give anyone writing an AV app complete access to all data on their device or the ability to intercept and stop at any point the download of any data. Technically possible? sure. Likely? not so sure. If Apple can decrease the gap between notification of an iOS exploit and patch roll out, then it should make AV s/w redundant (on iOS anyway, still important on Mac/PC/anything that users can download binaries from arbitrary locations) Last edited by JoeD; 05-24-2012 at 06:04 AM. |
|
05-24-2012, 07:30 AM | #7 | |
Wizard
Posts: 1,041
Karma: 4694121
Join Date: Apr 2011
Location: Virginia
Device: Pocket Edge X 2 , Edge, gTab, Kindle Fire, Nextbook 7S
|
Quote:
Kaspersky isn't the only one sounding the warnings. Juniper Networks also suggests iOS is at risk. The lack of software protection and a competitive security market leaves users with little protection if malware makes its way through Apple's application vetting process. In the long run, this creates a false sense of security for Apple users and may be an even bigger risk than Android's open model. A failure to accept fallibility is the surest predictor of vulnerability. Apple is far from the only offender when it comes to reluctance to admit security bugs. However, a system without bugs is a developer’s dream that will likely remain a fantasy. |
|
05-24-2012, 08:53 AM | #8 |
Professional Contrarian
Posts: 2,045
Karma: 3289631
Join Date: Mar 2009
Device: Kindle 4 No Touchie
|
Yeah, there's a whole strain of "security through obscurity" vs "security through openness" debate that's gone on for a long time.
My guess is that neither works better than the other. If a platform is going to be an attractive vector for malware/viruses, then malware writers will go after it. |
05-24-2012, 09:56 AM | #9 | |
Spork Connoisseur
Posts: 2,355
Karma: 16780603
Join Date: Mar 2011
Device: Nook Color
|
Quote:
|
|
05-24-2012, 10:21 AM | #10 |
Zealot
Posts: 125
Karma: 769546
Join Date: May 2012
Device: none
|
It is a little silly to assume that because a vendor does not choose my particular app or software that they are not taking care of a certain issue.
|
05-24-2012, 11:02 AM | #11 | |
Guru
Posts: 895
Karma: 4383958
Join Date: Nov 2007
Device: na
|
Quote:
It's 6 of one and half a dozen of the other though when it comes to open software that doesn't get many eyes over it, since the few eyes it might get have no intention on reporting flaws they find On the flip side, it's not much harder for people to find potential areas to exploit in closed source apps, they just pound on them until they find a way to crash it then focus on that area to see if it's exploitable. Obscurity may delay things, but when they are found, it's likely they'll be found by those up to no good before a more honest dev happens across it in a general code review (which can't happen in prop software), not always of course, some security researchers focus on closed source software (has a high install base after all) When it comes to security based systems though, anything doing encryption or managing passwords, then imo open source and peer scrutiny is the only way. I'm speculating now, but the reason we may be seeing more malware on android, is that it's currently easier to drop a trojan'd app onto someone's phone via the more open google app store than it is on iOS. That doesn't make iOS more secure, as Apple can and do miss apps that are up to no good in their review process, but maybe there's a perception that you'll get onto more phones via Android before been detected? @RainingLemur, as people start to do banking over their phones and payment processing becomes more common, I expect the number of reported malware attacks on both platforms will increase. There'll be a bigger incentive for phones to be targeted. Last edited by JoeD; 05-24-2012 at 11:08 AM. |
|
05-24-2012, 11:29 AM | #12 | |
Wizard
Posts: 1,041
Karma: 4694121
Join Date: Apr 2011
Location: Virginia
Device: Pocket Edge X 2 , Edge, gTab, Kindle Fire, Nextbook 7S
|
Quote:
It's even sillier to assume they are taking care of the issue given their track record. Let's hope following two previous major security incidents Apple will be more proactive instead of delayed reactive. Mene, Mene, Tekel, Upharsin. An example of Apple’s nonchalant approach to security is the 2009 OS X Java vulnerability that allowed for remote code execution simply by visiting a webpage. This bug was promptly fixed by Java's creator, Sun Microsystems, but Apple left the vulnerability unpatched for more than six months. http://www.computerworld.com/s/artic...va_attack_code This incident prompted Ira Winkler, CISSP and president of the Internet Security Advisors Group, who is considered one of the world's most influential security professionals, to write an opinion piece in Computerworld saying the FTC should investigate MAC security. http://www.computerworld.com/s/artic...ource=rss_news Apple's response to the 2012 OS X Flashback Trojan was essentially the same as the Java incident in 2009. Immediately as Apple came to know about this malware attack it should have informed its users and sent out some important directives to be followed for the user’s security, but it did not. Instead of hiding the security flaw, Apple should have informed owners on how to disable Java which could have lessened the outbreak until a patch was released. In fact, this outbreak was even preventable because Oracle issued a patch for the vulnerabilities used by Flashback on February 17, but updates weren’t made available to Mac users until April 2. http://www.forbes.com/sites/adrianki...ware-outbreak/ Last edited by obsessed2; 05-24-2012 at 01:58 PM. |
|
05-24-2012, 11:35 AM | #13 | |
Award-Winning Participant
Posts: 7,316
Karma: 67862884
Join Date: Feb 2010
Location: NJ, USA
Device: Kindle
|
Quote:
The former is a REALLY bad idea, and what most security types warn about, the latter is a philosophical debate. |
|
05-24-2012, 11:49 AM | #14 | |
Captain Penguin
Posts: 2,947
Karma: 2077653593
Join Date: May 2009
Location: Vancouver, BC
Device: Kobo Libra 2, Nook Glowlight
|
Quote:
|
|
05-24-2012, 11:59 AM | #15 |
Wizard
Posts: 1,041
Karma: 4694121
Join Date: Apr 2011
Location: Virginia
Device: Pocket Edge X 2 , Edge, gTab, Kindle Fire, Nextbook 7S
|
Your comment is dead on. Windows 3.0 started out as an obscure operating system and was very secure. Obscurity is lost with popularity.
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
iPhone AllThingsD: Apple Confirms iOS 5 Bugs Causing Battery Issues for Some iPhones | kjk | Apple Devices | 2 | 11-03-2011 01:37 AM |
Kaspersky Internet Security 2011 causing massive slowdown in loading | oldbwl | Calibre | 13 | 04-11-2011 02:48 PM |
Install fails with Kaspersky Internet Security 2011? | khismet | Calibre | 5 | 02-28-2011 09:30 AM |