News
News
6/21/2007
04:53 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

iPhone Frenzy Will Tempt Hackers To Break Apple's Security

Security researchers at IBM admire the iPhone's apparent security but note it will suffer from its fair share of attacks.

With so many people anxiously holding their breath while simultaneously counting their pennies till Apple's iPhone ships next week, some researchers -- and probably many IT managers -- are wondering how secure this latest smart phone is going to be.

Well, according to IBM's security division, Internet Security Systems, the iPhone will have one thing going for it, at the same time it has one thing going against it, making for what should be an interesting product to track. The plus side is that it should take a pretty sophisticated hacker to break into the phone's system, but the negative is that all the frenzy that has been building up around the iPhone's release means many hackers will be inspired to try.

"We've been following it since it was announced," said Neel Mehta, the team lead of advance research group at ISS, in an exclusive interview with InformationWeek. "It's going to be challenging for the bad guys to exploit them like they do other [smart phones] but there will be a lot of individuals willing to try because of the amount of buzz around it... We've seen some very determined attacks on other mobile phone platforms, like the Symbian platform. A lot of these attacks are going to be very hard to launch against the iPhone."

A spokesperson with Apple declined to comment on the iPhone's security features.

Since Apple has been holding any prototypes of the iPhone extremely close to the vest, IBM's security researchers analyzed whatever information they could glean about the new phone that is a three-way combination of wide-screen iPod, cell phone, and Internet communications device. Mehta said they know the phone will run on Apple's OS X operating system, will use its Safari browser, and won't come with a software developer's kit. Researchers also evaluated how Apple deals with security updates and patches for its other products, like the Mac and the popular iPod.

Until Mehta and his researchers can get their hands on an actual iPhone, they're going on what they do know about the machine.

And one major thing they've been focusing on is that the iPhone won't have a software developer's kit. While that makes it harder for third-party vendors to make software for the phone, it's also going to make it a lot harder for hackers and malware writers to take advantage of it.

"They're not telling anyone how to write applications that run on the iPhone," said Mehta. "It's going to be much harder to write worms or viruses for that platform. Most malware written today for mobile platforms has been developed using software developer kits from the manufacturers. The lack of that on the iPhone will make it harder for people to develop malware for it."

He said another positive is that Apple historically has made it pretty easy to update their products. "That's relatively good news for the iPhone," he added. "We suspect the ability to update the phone will be relatively painless and robust. That's been a major problem with other smart phones. Many people will buy a smart phone and never update the firmware on it... Computers that run OS X have automated update mechanisms and looked at how easy it is to update firmware on iPods. It's very painless. It's just one click within the iTunes software."

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.