Security guru: iPhone malware highly likely
updated 11:20 am EST, Wed November 14, 2007
iPhone malware guaranteed?
A malware attack against iPhone users is almost guaranteed, says Patrik Runald, the security response manager for F-Secure Security Labs. An attack is "80-90 percent likely," he comments, simply by virtue of how easily the iPhone can be hacked. "The 1.1.2 firmware was released last week and was supposed to prevent people from running third-party software," he adds, "but it took only a few hours for the hacking community to break so they could run their third party applications again."
While most hackers have had only positive intentions, such as wanting to install applications or unlock the phone for other carriers, Runald points out that the common technique of "jailbreaking" an iPhone is also what could allow serious damage. "What they're doing is they're breaking out of the iPhone's secure mode, [which] is that you're not allowed to venture outside of the UI." Once this stage is reached, Runald says, "you're out of the shield, you can do anything."
The decision to open up the iPhone to third-party applications in February may have both negative and positive ramifications, Runald observes. Distributing the SDK could in theory make it simpler to develop malware, but at the same time, it could make it possible to install security software, countering the threat. The principal advantage the iPhone will retain is that because it uses a stripped-down version of Mac OS X, there are still fewer avenues of attack than on a desktop system.



Fresh-Faced Recruit
Joined: Dec 2002
I smell an idiot
Right. Just because one is able to "hack" into THEIR OWN iPhone is absolutely no reason to proclaim that someone else can do it remotely. This statement by F-Secure just made me shake my head is disbelief. And these guys are security experts? Or are they trying to sell me something?