One of the most controversial debates in the security world has long been the role of market share. Are Macs safer because there are fewer users, making them less attractive to serious cyber-criminals? Although Mac market share continues to increase slowly, the answer remains elusive. But it’s more likely that we’ll see the answer in our pockets, not on our desktops.
The iPhone is arguably the most popular phone series on the face of the planet. Include the other iOS devices – the iPad and iPod touch – and Apple becomes one of the most powerful mobile device manufacturers, with over 100 million devices sold so far. Since there are vastly more mobile phones in the world than computers, and since that disparity continues to grow, iOS devices become far more significant in the big security picture than Macs.
As reported in this CNET article, the iPhone (and by extension, other iOS devices) is already seeing greater scrutiny by the security research community. I can personally attest to the fact that many of my security research associates are gaining interest in mobile devices of all types, but especially iOS- and Android-based devices. And if the number of mobile banking and retail apps in the App Store is any indication, there is now broad use of these devices for significant financial transactions (beyond teenagers’ massive texting bills).
Smartphones Change the Security Game — While mobile phones may never have been the most secure gadgets, their security issues were limited until wide adoption of smartphones. The worst you had to worry about was someone cloning your phone and running up your bill with international calls. Even early smartphones were fairly limited due to their clunky interfaces, terrible browsers, minimal penetration outside of the enterprise, and lack of consistency. But the iPhone ushered in a new age of popular and extensible smartphones. The combination of popularity and functionality changes the mobile security landscape in a number of fundamental ways:
- iOS devices are based on a general-purpose operating system with a larger attack surface than less-sophisticated “feature” phones.
- iOS is widely deployed in three major product lines. While the operating system versions aren’t fully aligned, they are extremely close, rely on the same code base, and are likely to converge more soon.
Consumers increasingly use their mobile phones for sensitive transactions – mobile banking, shopping, and confidential communications. Bad guys accessing a device have far more to gain than in the past, when the worst they could do was steal your contacts and make phone calls.
Email and Web browsing are the top two vectors for attacking personal computers… and they are also the two most popular non-phone functions on iOS devices.
The good news is that although Apple faces new security challenges with their mobile devices, they have already laid a strong security foundation with the potential for far greater security than we will ever see on general-purpose computing platforms like the Mac.
Since I prefer to end on a high note, let’s start with some of Apple’s security challenges, and close with the company’s potential advantages.
Apple’s Mobile Security Challenges — The primary problems Apple faces with the iPhone aren’t the hardware, or even the software, but their internal processes and the difficulties of maintaining security on multiple platforms (mobile or otherwise) with a common code base.
First, Apple is historically slow to offer patches for known vulnerabilities fixed in the open source components used in OS X. For example, one of the first exploits used to enable jailbreaking was a known flaw in a common software library used for displaying TIFF images. Since this flaw was patched for other platforms long before the iPhone, it provided attackers a direct road map into the iPhone. While Apple has skated by with these sorts of exposures in Mac OS X (including flaws for the Apache Web server, Samba for Windows-compatible file sharing, and the MDNS service that underpins Bonjour), the increasing scrutiny on the iPhone shortens the time between when a component is patched for other platforms, and when an iOS user is at risk.
Second, Apple also patches their own software flaws on different schedules for different platforms, potentially exposing users to more risks. For example, Apple sometimes patches security flaws for the Mac version of Safari before fixing the same flaws for Mobile Safari. iOS is a version of OS X, and thus it’s only to be expected that some security flaws will carry through to both platforms. Apple has even patched the open source version of the WebKit code that underlies Safari (which they manage) before bringing the same fixes back into Safari itself.
These process-related issues likely represent the single greatest combined security risk for iOS devices. Every time some vulnerability is patched on another platform, either an open source component or a piece of Apple’s proprietary software, it may give attackers another way to exploit iOS devices.
Apple faces several additional security challenges. Most notably, since jailbreaking relies on the exploitation of security vulnerabilities, any time a new jailbreak is released, it may provide attackers with yet another way to attack iOS devices.
In some cases this isn’t a major concern, since jailbreaking relies on physical control of the device. But as the jailbreakme.com site shows, these exploits can sometimes be activated simply by browsing a Web page. Think of it this way – even if cyber-criminals aren’t willing to put in the hard work to break into iOS devices, jailbreakers are. And once a jailbreak is released, the bad guys are free to turn it into an offensive weapon. (And yes, for the record, every jailbreak is a security exploit.)
Finally, while iOS has significantly better security than Mac OS X, there is still major room for improvement, especially in the sandboxing of some of the native Apple applications, such as Safari. Of all the iOS security risks, these are the easiest for Apple to address.
Apple’s iOS Security Advantages — Although the security of iOS devices is under greater scrutiny than that of nearly any other mobile device (the possible exception being RIM’s BlackBerry, and with Google’s Android undoubtedly receiving an increasing amount of attention), iOS devices also come with some significant security advantages:
- No other mobile device is as easy to patch and update. Before the iPhone, the only way to patch the majority of phones on the market was to take the device into a retail store and beg for an update, or hack it yourself through a Byzantine process that frequently involved illegally downloading carrier software. For the first time we have a popular, widely deployed, mobile device that is as easy to update as any other software on your computer.
iOS devices are difficult to hack. Apple has combined the hardware and software to lock down the platform in ways that aren’t possible on a general purpose computer without severely restricting the user experience. While some users complain about Apple’s rigid control, it does provide some extremely important security advantages. For instance, all applications are cryptographically signed with digital certificates tied to the device’s hardware, making it extremely difficult to install malicious software. Yes, we’ve seen exploits that circumvent these controls, but creating such exploits tends to require a high degree of skill.
The iOS is a closed system. All apps are vetted and distributed by Apple, with the exception of enterprise-specific apps that are managed by internal IT departments and that have limited distribution. Although we are sure to see malicious apps sneak through the App Store eventually, Apple can quickly remove these when identified. This has already happened on the open Android Marketplace, where a malicious wallpaper app was downloaded by millions before being identified and removed. We’re trading a closed system and some freedom for increased security (something I worry about in society in general, but I’m okay with when it comes to a phone… as long as they don’t listen to my calls).
Greater market share and public scrutiny means that Apple faces considerable public pressure to keep the platform secure. As Microsoft learned in the late 1990s, security failures directly translate to material market risk when you’re the big dog in the industry. When a minor antenna problem appears on the front page of every major newspaper, it’s clear that a major security breach could cause much worse problems for Apple.
Security Wins, For Now — In the overall calculation of security challenges versus advantages, Apple’s iOS devices are in a strong position. The fundamental security of the platform is well designed, even if there is room for improvement. The skill level required to create significant exploits for the platform is much higher than that needed to attack the Mac, even though there is more motivation for the bad guys.
Although there have been some calls to open up the platform to additional security software like antivirus tools (mostly from antivirus vendors), I’d rather see Apple continue to tighten down the screws and rely more on a closed system, faster patching rate, and more sandboxing. Their greatest opportunities for improvement lie in increased awareness, faster response processes, and greater realization of the potential implications of security exposures.
And even if Apple doesn’t get the message now, they certainly will the first time there is a widespread attack.