updated 02:00 pm EDT, Tue July 3, 2007
iPhone more secure
Errata, a well-known security consultation firm that provided in-depth analysis of the first Month of Apple Bugs (MoAB) project and has independently identified a number of device and OS flaws, thinks that the iPhone is inherently more secure than competing smartphones (such as those based on Windows Mobile or Symbian). Chief among the factors behind this claim is Apple's reluctance to put its iPhone software update mechanism in the hands of a wireless carrier, instead distributing patches through iTunes. Errata says "We've reported a (vulnerability) in a another smartphone 6 months ago that still hasn't gotten patched, mostly because that carrier doesn't want to. If Apple can push a fix for one of our bugs before this carrier fixes their bug, that might convince Wall Street that their strategy is better."
Still, because the iPhone runs OS X, Errata claims that would-be hackers have a head-start. The accumulated knowledge about the OS, gleaned from desktop operation, theoretically makes for a bigger target than Windows Mobile or Symbian. There are also some lingering questions about the iPhone that could have a significant impact on security: What ports are listening on the device? Does everything run with root access? What services will the device automatically connect to?