toggle

AAPL Stock: 502.21 ( 0 )

MacNN News

Security guru: iPhone malware highly likely

updated 11:20 am EST, Wed November 14, 2007

iPhone malware guaranteed?

A malware attack against iPhone users is almost guaranteed, says Patrik Runald, the security response manager for F-Secure Security Labs. An attack is "80-90 percent likely," he comments, simply by virtue of how easily the iPhone can be hacked. "The 1.1.2 firmware was released last week and was supposed to prevent people from running third-party software," he adds, "but it took only a few hours for the hacking community to break so they could run their third party applications again."

While most hackers have had only positive intentions, such as wanting to install applications or unlock the phone for other carriers, Runald points out that the common technique of "jailbreaking" an iPhone is also what could allow serious damage. "What they're doing is they're breaking out of the iPhone's secure mode, [which] is that you're not allowed to venture outside of the UI." Once this stage is reached, Runald says, "you're out of the shield, you can do anything."

The decision to open up the iPhone to third-party applications in February may have both negative and positive ramifications, Runald observes. Distributing the SDK could in theory make it simpler to develop malware, but at the same time, it could make it possible to install security software, countering the threat. The principal advantage the iPhone will retain is that because it uses a stripped-down version of Mac OS X, there are still fewer avenues of attack than on a desktop system.

by MacNN Staff

(16)

TAGS :

Apple

Share the Article

Facebook Twitter Delious Slash Dot Digg

toggle

Comments

wings_rfs
Fresh-Faced Recruit

Joined: Dec 2002

0

11/14, 11:38am | report spam | close Reply |
I smell an idiot

Right. Just because one is able to "hack" into THEIR OWN iPhone is absolutely no reason to proclaim that someone else can do it remotely. This statement by F-Secure just made me shake my head is disbelief. And these guys are security experts? Or are they trying to sell me something?

njfuzzy
Fresh-Faced Recruit

Joined: Apr 2001

0

11/14, 11:48am | report spam | close Reply |
Alas, no...

I'd like to agree with wings_rfs, but the truth is that the last round of jailbreaking relied on the TIFF overflow vulnerability-- The code was run over the web in a way that any malicious hacker could have exploited as well.

Johnny Niles
Fresh-Faced Recruit

Joined: Jun 2007

0

11/14, 11:54am | report spam | close Reply |
Um

That vulnerability was fixed with 1.1.2. So unless you're aware of another vulnerability like that, then wings_rfs is exactly right. Patrik Runald is spreading FUD, because he has no proof that there's a vulnerability on the iPhone (updated to 1.1.2) that would allow malware to run.

He's speculating, nothing more, and it's not even informed speculation, apparently. If he had even a sliver of proof that such a vulnerability existed on the iPhone (again, updated to 1.1.2), I'm sure he would have shared it with us. Right?

phillymjs
Fresh-Faced Recruit

Joined: Jun 2000

0

11/14, 11:55am | report spam | close Reply |
fud fud fud fud

Wake me when this opinion comes from an -independent researcher-, not someone with an agenda or something to sell.

ViktorCode
Fresh-Faced Recruit

Joined: Jan 2006

0

11/14, 12:25pm | report spam | close Reply |
Malware? Where?

We had iPhone since end of June. Early versions of firmware were plagued with bugs, as we know from many security experts. TIFF bug was known to everyone and hasn't been patched until this week. The question: where's malware on this highly insecure device, mr. Runald? Perhaps mr. Runald knows any secure device that can't be hacked, so he could point Apple where to direct their security efforts? I highly doubt that. Or maybe even better, mr Runald knows a solution for doomed iPhone? Of course! He hints at it: there will be security software that will negate negative SDK impact on security. We are saved!

I wonder, who will provide us this can't-live-without-it kind of software. Maybe some capable company called F-Secure? After all, they are experts...

ZinkDifferent
Fresh-Faced Recruit

Joined: Jan 2005

0

11/14, 12:43pm | report spam | close Reply |
he has a point...

yes, 1.1.2 fixed the tiff exploit, which was an incredibly open and exploitable vulnerability - and *could* have been exploited for planting malware.

It didn't and hopefully most phones upgrade to 1.1.2 -though bear in mind that many, many unlocked phones will continue running 1.1.1, and a great many if those are not fixed with jailbreakme.com - so they remain potentially vulnerable. Also, those improperly jailbroken and with ssh left on could potentially get hacked in over the air/wifi. Newer methods close these openings, but those running earlier hacks could pose (an ever shrinking) target.

Now, if nothing changed, and Apple would not work towards securing the phone more, he may have more of a point - but I have a feeling that by the time the SDK ships, the iPhone will be a h*** of a lot more secure - I would hope that at one point it would stop operating everything in root mode.

ttrostel
Fresh-Faced Recruit

Joined: Jul 2007

0

11/14, 12:46pm | report spam | close Reply |
Downgrade first

Please note that in order to jailbreak your iPhone you must DOWNGRADE it to version 1.1.1 which had the TIFF bug.

Since this individual works for a company that sells anti-virus software, it is possible that his statements are biased. It is 80-90% sure that when third party apps are allowed for the iPhone, F-Secure will want to sell you their software for $$$.

ZinkDifferent
Fresh-Faced Recruit

Joined: Jan 2005

0

11/14, 01:19pm | report spam | close Reply |
not really...

ttrostel claims: "Please note that in order to jailbreak your iPhone you must DOWNGRADE it to version 1.1.1 which had the TIFF bug. "

Not really, it is also enough to *NOT UPGRADE* from 1.1.1, seeing as how plenty of phones will remain in the channel that come with 1.1.1 out of the box, and many phones that won't upgrade because they are unlocked one way or another.

These will remain vulnerable, though obviously their numbers are decreasing as more updates become available.

hswartjes
Fresh-Faced Recruit

Joined: Nov 2007

0

11/14, 01:36pm | report spam | close Reply |
Scary

This is scary. I never realized the danger. If I consider the ease with which I can install programs on my Mac, then it is a miracle it still works. Does the same also apply to other devices. My DVD player gets infected with movies almost on a daily basis, and not only DRM movies but sometimes with movies that have no protection at all...

Seriously, what a piece of nonsense. If Mr. Runald knew how difficult the jailbreaking process on the iPhone really is, I'm sure he would realize that such an "infection" would hardly go unnoticed.

Pennywigeon
Fresh-Faced Recruit

Joined: Oct 2007

0

11/14, 02:04pm | report spam | close Reply |
OMGWTFBBQ -FUD

What Patrik Runald was really trying to say.

" LOK!11!1!!1 LOL WE R HOPNG TAHT W3 CAN R ENOUGH PEOPL3 IN2 THINKNG THEY MAY B AT RISK SO WA CAN ACTUALY HAEV SOME NU WORK OUT TH3RE!!11! OMG WTF WUT I DIDNT EXPLANE SI TEH SITUATION SI SO HIGHLEY UNLIEKLEY TAHT ONLEY A FOL WUD DO TH3M AND NO SACURITY R CAN PROTECT A COMPLATE IDIOT!!11!!1 OMG ALSO FOR THOS3 TAHT UESD HAX 2 UNLOK THEYRE PHONE MAY B VULN3RABLA BUT OF COURSA THEY R VULNERABL3 B/C THAY HAEVNT UPDAETD 2 DA MOST RECENT SACURITY PATCH NOR HAEV TH3Y MAED SUR3 TEH HAK TH3Y UESD DIDNT COMPROMIES DA SECURITY OF DA DEVIEC IN TEH FIRST PLAEC!111!1!!1 WTF BUT I HAEV A QUOTA 2 MET AND INSTEAD OF ACTUALY HAVNG 2 WORK FOR MAH PAYCHEK AND 3ARN IT I WUD RATH3R DRUM UP FUD F3AR AND SE IF TEH DROVES OF MINDLES GULIBL3 IDIOTS WIL COMA 2 M3 FOR TEH SOLUTION!1!!!!111 LOL "

Ironic that one that works for an "antivirus" company would make an announcement of the likes of this one. Lets see.

(1) Feed people useless fear. (2) Let the paranoia build. (3) Release a "security software app" in February. (4) Profit.

F-U-D

dogzilla
Grizzled Veteran

Joined: Sep 1999

0

11/14, 02:15pm | report spam | close Reply |
A Village of Idiots

Reading a thread like this is incredibly disheartening. You have a bunch of people who know nothing about the security issues commenting on an absurd post by an alarmist with an axe to grind and a product to sell. Truly representative of the Internet at its worst.

First - the iPhone is incredibly insecure to a determined, knowledgeable hacker. It would be incredibly easy to trick a large number of users with jailbroken phones into downloading a "program" via Installer.app that would immediately own their iPhones. A bit more work could do the same via a webpage. Once the code is on the phone, it runs as root (unlike on your Mac) with full privileges to the entire phone. Any number of Really Bad Things(tm) could then be done to the phone, to the wireless network, to the owner's contact list, etc.

On the other hand, let's face facts. This is a tiny minority of the phone-using population. Why would anyone spend *any* effort on this? For what gain? Especially when there's a huge market of wide-open Windows PCs out there, ripe for the picking? Not to mention that the jailbroken community has been living with this since June and it gets harder to spread viruses with each rev. Common sense indicates that anyone wanting to crack the iPhone would do so sooner rather than later - more visibility and easier to do.

It's called common sense, people. Have you frickin heard of it?

ttrostel
Fresh-Faced Recruit

Joined: Jul 2007

0

11/14, 03:39pm | report spam | close Reply |
Proof by Inference

Hmm ... there were a few key assumptions which foster an unfair characterization of the iPhone 1.1.2 firmware. For those who are not familiar I will go through it and explain why a stock 1.1.2 iPhone is fairly secure. The statements made in the article, while they do not explicitly state the fact, do imply that a stock unmodified iPhone running firmware 1.1.2 is somehow a magnet for malware.

First off Apple closed the TIFF bug which allowed an outside agent to gain access to the iPhone protected areas. If your phone has been upgraded to 1.1.2 or came that way to start with *and is unmodified* then that avenue is closed.

If you install third party software on your iPhone you must downgrade the firmware. Once that is done you have in effect bypassed the patch. One the phone is downgraded you can alter it in such a way that when it is upgraded again, the base filesystem is changed and will allow an external agent to gain access to the protected areas again.

If you install third party software on your iPhone it will currently run as root. One should always be careful installing software and make sure you trust the source. Obviously, should you choose to give your house keys to someone , you should trust them not to steal your valuables. One should treat their phone the same way. Getting into the phone that way is a conscious decision, and while it can be labeled "malware", its extremely easy to avoid.

Lastly, it may not be a huge priority for Apple to "lock out" all of the third party applications. It *is* a priority for Apple to protect the iPhone from external programs for which the user does not explicitely grant access. In this case, closing the TIFF loophole certainly is a major step in the right direction.

You won't downgrade your iPhone by accident. Nobody currently can send you to a web page or send you e-mail which will magically take over your iPhone if you are running version 1.1.2 that I know of. Lastly, the speed by which a group can gain access to a device through authorized channels (asking the user to explicitly follow manual steps) is considered social engineering and not part of hardware/software security although it *definitely* is part of a total security solution.

Now ... if the author has an example of malware which can be installed remotely on a stock 1.1.2 iPhone that would be a much more interesting article. Until that time has arrived, definitely upgrade your iPhone to 1.1.2 to fix the TIFF exploit. It is clear that Apple will continue to create and supply patches to its devices for known and documented security issues. I'm not sure that one could ask anything more from them.

hswartjes
Fresh-Faced Recruit

Joined: Nov 2007

0

11/14, 05:14pm | report spam | close Reply |
Re: a village of idiots

> You have a bunch of people who know nothing > about the security issues commenting on an absurd > post by an alarmist with an axe to grind and a > product to sell.

Mr. dogzilla, you are assuming a lot about your fellow readers. But let us have a closer look at what this F-Secure employee really says, according to the original article. He claims that 1.1.2 is a security risk because it could be so easily hacked. I fact the only known way of "hacking" 1.1.2 at this moment is to COMPLETELY erase the OS partition and COMPLETELY replace it by a different one (namely 1.1.1). The analogy is not too far fetched to say that an Intel Mac is inherently insecure because you can install Windows on it. Yes, that would be a security risk but it is hardly a thing that would happen casually.

Johnny Niles
Fresh-Faced Recruit

Joined: Jun 2007

0

11/14, 05:43pm | report spam | close Reply |
Dogzilla

"First - the iPhone is incredibly insecure to a determined, knowledgeable hacker. It would be incredibly easy to trick a large number of users with jailbroken phones"

So let me get this straight. You're calling us all idiots for debunking the F-secure guy because it's all FUD - and then your only argument to "prove" the iPhone is still vulnerable involves reverting it to 1.1.1?

Are you serious? If you had bothered to read our responses, you would have seen us mentioning iPhones that were on 1.1.2 - NOT 1.1.1. Just like the guy who wrote the article, you have no proof that iPhones on 1.1.2 are vulnerable. Don't tell me that hacked iPhones on 1.1.1 are vulnerable. That's a retarded argument. Prove that iPhones on 1.1.2 are vulnerable, and then we'll have something to talk about.

It's called common sense, Dogzilla. Have you frickin heard of it?

robttwo
Fresh-Faced Recruit

Joined: Nov 2005

0

11/14, 10:21pm | report spam | close Reply |
dogshitta

People - EVERY device in the world is vulnerable. Someone could come in my house and hack my microwave to burn everything. A hacker could re-wire my cable box to only get p***. A malicious sneak could short-sheet my bed.

So, we must buy devices to secure all these things against these horrible attacks.

Geesh.

Doofuses.

Pennywigeon
Fresh-Faced Recruit

Joined: Oct 2007

0

11/15, 11:01am | report spam | close Reply |
I feel vulnerable

Currently I am running Wife 2.0 I do fear that Wife 1.0 could come in proximity of Wife 2.0 and a System crash could occur. I do know that Wife 2.0 has much better coding and will come out on top if this rare occurrence ever happened. But I am afraid because I have NOT upgraded my Water Heater to a secure platform and the Plumber may be part of a social engineering plot to gain access to my Hot water and with the terrible coding of Wife 1.0 a cataclysmic occurrence may occur.

I did upgrade my security program (FRONT DOOR KEY) to 2.0.1 and feel fairly secure but someone may have CROWBAR 1.0 and bypass this first line of defense. Good thing I have ALARM 1.0.2 which is programed to make a system call to the security Program POLICE 7.2

In the end if you text "MRG3, The power to crush all other microprocessors." To a hacked iPhone running 1.1.1 it will cause a system wide meltdown and cause the self destruct mechanism to initiate with a 5 second delay.

I have a foreboding feeling that my DVD player (ENTERTAINMENT APPLIANCE 6.2) may get hacked because I have been renting DVD's without first spraying them anti-bacterial spray thus I could be spreading a virus.

Oh noes........ Any suggestions?

Show More Comments

Login Here

toggle

Network Headlines

02/17	Mountain Lion may drop support for...
02/16	Google, others said bypassing Safari...
02/16	Google now known to be patenting own...
02/16	SumOfUs criticizes FLA head, plans...
02/16	Safari 5.2, Xcode 4.4 seeds reach developers...

Show All

02/17	Mountain Lion may drop support for...
02/16	Google, others said bypassing Safari...
02/16	Google now known to be patenting own...
02/16	Cook sees merging of notebooks, tablets...
02/16	Apple claims backing for rights to...

Show All

02/16	Cook sees merging of notebooks, tablets...
02/15	Apple upgrades iBookstore with screenshots...
02/15	Congress asks Apple to answer questions...
02/14	Apple attempting to disrupt Siri hacks...
02/14	Readability iOS app delayed, Android...

Show All

02/16	Garmin nuvi 4.3-inch Portable GPS Navigator...
02/15	Monster iCarPlay Wireless FM Transmitter...
02/14	Refurb. 16GB iPhone 4, now only $259...
02/13	Refurb. Flip UltraHD Pocket Digital...
02/10	$380 off refurbished 2.8GHz Mac Pro...

Show All

toggle

Security guru: iPhone malware highly likely

updated 11:20 am EST, Wed November 14, 2007

iPhone malware guaranteed?

I smell an idiot

Alas, no...

Um

fud fud fud fud

Malware? Where?

he has a point...

Downgrade first

not really...

Scary

OMGWTFBBQ -FUD

A Village of Idiots

Proof by Inference

Re: a village of idiots

Dogzilla

dogshitta

I feel vulnerable

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace

Security guru: iPhone malware highly likely

updated 11:20 am EST, Wed November 14, 2007

iPhone malware guaranteed?

Related Articles

Recent Articles

I smell an idiot

Alas, no...

Um

fud fud fud fud

Malware? Where?

he has a point...

Downgrade first

not really...

Scary

OMGWTFBBQ -FUD

A Village of Idiots

Proof by Inference

Re: a village of idiots

Dogzilla

dogshitta

I feel vulnerable

Login Here

Register for our weekly email newsletter:

Connect tools:

Subscribe

to our RSS

Follow us

on Twitter

10 Most Read

10 Most Discussed

MacNN Marketplace