Claim: Bug Reduces The Security of iOS to That of Android
Does that headline imply that there is something wrong inside the Apple walled garden that is the perfection that is the iPhone and all things mobile for those that are, well, the coolest of them all?
To a degree, yes. One of the biggest selling points that Apple has always had over any other competitor is the virtual non-existence of malware and viruses. Most of that can be contributed to Microsoft hate and Android openness as well as the desire by those who create these kinds of things to take down larger numbers of devices. Well, now that Apple’s mobile platform is so widespread it is being exploited for real.
According to Forbes:
Apple’s iPhones and iPads have remained malware-free thanks mostly to the company’s puritanical attitude toward its App Store: Nothing even vaguely sinful gets in, and nothing from outside the App Store gets downloaded to an iOS gadget. Now serial Mac hacker Charlie Miller has found a way to sneak a fully-evil app onto your phone or tablet, right under Apple’s nose.
For his efforts, Miller has had his Apple developer license terminated but he continues on undaunted.
Using his method–and Miller has already planted a sleeper app in Apple’s App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user’s photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.
“Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” says Miller. “With this bug, you can’t be assured of anything you download from the App Store behaving nicely.”
For marketers this is something to be concerned about for sure. One thing that has always been assumed (never assume right?) is that Apple apps and products don’t, and likely never will, suffer from the malady that is malware. Until now it’s been a pretty safe bet.
Will Miller’s holes lead to more Apple hackers who want to make their mark? If history is any lesson then it is likely since these folks like a good challenge. While it may seem crass, now that Steve Jobs is gone Apple may be more of a target especially if there are perceived vulnerabilities in the tech world’s darling. Miller, however, has been a fly in the Apple ointment for a while now. Whether he inspires others remains to be seen.
Here is a video of Miller talking about his efforts (note the sign in the background paying homage to Notre Dame. Very funny.)
So is nothing sacred now that there is someone seemingly intent on making Apple’s fortress a little less safe?
Hey it’s the Internet. Did you really expect that Apple was that perfect? Really? Now that Apple is becoming as dominant as it is in the mobile space this type of thing shouldn’t be a shock. What it does do though is create some caution on the side of those creating apps that wasn’t there before, at least not in the front of their mind. Of course, Apple will close this hole at some point but so we really think this is the only one and only this gentleman is smart enough to figure this out? Doubtful.
Oh and the claim from the headline? That was Miller’s.
“Android has been like the Wild West,” says Miller. “And this bug basically reduces the security of iOS to that of Android.”