Slashdot Mirror
Apple Blocking iPhone Security Software
Barence writes "Speaking exclusively to PC Pro, Eugene Kaspersky has claimed Apple has repeatedly refused to deliver the software development kit necessary to design security software for the phone. 'We have been in contact for two years with Apple to develop our anti-theft software, [but] still we do not have permission,' said Kaspersky. Although he admits the risk of viruses infecting the iPhone is 'almost zero,' he claims that securing the data on the handset is critical, especially as iPhones are increasingly being used for business purposes. 'I don't want to say Apple's is the wrong way of behaving, or the right way,' Kaspersky added. 'It's just a corporate culture — it wants to control everything.'"
Leaving Kaspersky out is the first interesting feature I see in this whole Apple App Store scheme !
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
It's called Apple App Store, they control absolutely every piece of software that can be installed in your Iphone, I can't see the need for any anti-virus solution...
this guy created a whole site because of the problem and the iPhones inability to block/stop such behaviour
http://i-phone-home.blogspot.com/
Why would apple want to allow someone to create and market direct competition for it's own anti-theft service (MobileMe)?
This is more about the closed nature of the App Store more than the necessity (or lack thereof) for a security app. In fact, the sporadic and seemingly hypocritical nature of Apple's approval process alone is reason enough for me to not get an iPhone (being stuck on AT&T and having no hardware keyboard are the other two reasons...although I could look past those two if it meant anyone could had an app put up for download.)
Granted, you can jailbreak an iPhone and install whatever you want, but I shouldn't have to hack a phone just so I can use whatever program I want on it. Being held to Apple's decision on what I can or can't use on there is a deal breaker for me.
Living With a Nerd
Good Mobile Messaging will do what Kaspersky's trying to do - control the handsets on an administrative level. You lose your iPhone? Administrator remotely wipes your unit.
Mind you, I don't have nor want one of these toys, but it works great across our WinMo and Android fleet...
"it wants to control everything"
...which is one way of preventing malware, it's working pretty well so far for that platform.
Twinstiq, game news
I don't want to say Apple's is the wrong way of behaving
Well, I do. It’s the wrong way of behaving.
Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
I'm not familiar with mac development, but the "SDK" in question would basically be kernel internal functions docs/unreleased API docs, yes? There may be other reasons besides appstore control freakery that they don't want to release and/or license that out? And even if Kaspersky would reverse-engineer the necessary parts of the kernel, which they obviously could (and their employees probably already partially have, unofficially) they would be sued to hell and back if they used that data in a product (which would be obvious, since there's no other way besides the official channels to get at it)?
Emotions! In your brain!
It is almost zero until they enable tethering.
Oh wait, that won't happen either.
*returns ipad
~Mekkah
While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.
To date the spyware and hacks that have been succesful only target jail broken phones. Why because people are stupid and install things wrong.
With apples current approach the buck stops with apple. If an approved app or other malicous software does hit the mass iPhone population apple becomes the only company to blame. Unlike the recent windows virus found on HTC models where HTC can blame any one else. I am waiting for apples tight control to bite them back.
i thought once I was found, but it was only a dream.
The antivirus companies have been pushing antivirus software for handheld devices since 1999.
In the succeeding decade... so far as I'm aware... the damage caused by viruses on handhelds, ALL handhelds, has been less than the damage due to one false positive incident caused by Norton Antivirus shortly after the pointless hubbub over the Palm "Phage" malware.
Antivirus software for handhelds... just say "no".
Niche players to don't sell 50 million+ handsets... I think Apple will continue to do just fine with the closed and controlled approach.
While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.
You say that with no context as to where you live, which is very important. Because where I am, AT&T just turned on 3G less than six months ago, and it's slower than Verizon's which has been on for two years, and hasn't slowed down a bit since I got my Droid.
Kaspersky added. "It's just a corporate culture — it wants to control everything".
AT&T speeds are generally faster than Verizon in my area, but the reception of AT&T phones around where I live is absolutely horrendous...based on what friends who have the iPhone have told me, there are TONS of dead spots around here (Montgomery County, Maryland...hardly the boonies.)
I will gladly take a slow network over spotty network coverage.
Living With a Nerd
My guess it's the simple fact that one program still can't really interact with another program's data.
The likelihood of Apple ever really changing this is probably next to zero, and it's the main reason I have no interest in the iPhone. What use is a computer in my pocket when I either need to use one program that is complex enough to handle every task I could possible need, or I need to make my tasks so simple that no data need ever be shared between two tools?
Join T-Mobile! With them, the speed of the 3G network is a non-issue since, since you won't have one! :D
(Their 3G network is actually growing pretty fast, but still tiny. It's ten miles from my house and getting closer!)
No, see, they just redefine malware. Even if it looks like malware, walks like malware, and quacks like malware, if Apple allows it, it's clearly not malware.
It appears that Kaspersky is butthurt because it sees a potential market for more crap we don't need and the controllers of that market don't want, and have the ability to lock them out of that market.
From Apple's point of view, they have remote wipe on both the corporate and personal levels already. And having somebody inside your shorts providing duplicate functionality is fail from top to bottom. I'm surprised that apple even answered the phone when they saw who was calling.
Also Kaspersky can have the SDK anytime they want, it's free. They will have to pay $99 to actually deploy the apps though. What they want is a super special "inside your shorts" SDK that I'd bet isn't coming anytime soon.
Sheldon
While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.
You trade speed for coverage between AT&T and Verizon. Just like there are tradeoffs between an iPhone or an Android phone or Blackberry. Decide based on the features you want which is best for you personally.
To date the spyware and hacks that have been succesful only target jail broken phones. Why because people are stupid and install things wrong.
But this isn't an anti-hacking application, so that doesn't apply. This is an anti-theft applications. You know, in case your phone is stolen.
So why not approve it? I can think of two reasons:
1) Does things beyond the API or agreement allows, particularly with encryption.
2) Apple provides an anti-theft service, which this application would compete with.
Write your representatives! Repeal the 2nd Law of Thermodynamics!
I'm undecided on whether this particular behavior on Apple's part is a bad thing (as opposed to other cases, like the Google Voice one, where I'm sure it's a bad thing, and the Opera Mini one, where I'm at least leaning that way).
On desktops, it seems to me that various web ads or email messages encouraging users to install some third-party "security tool" are a major infection vector for malware/spyware. Many, many of the sorts of people who buy Apple products -- and I say this as an Apple user myself -- are... not the sorts of people who routinely make informed decisions about computer security.
Certainly, if third parties are permitted to sell iPhone security software, one might reasonably want them to be subject to considerably more oversight than other software, because of the potential for damage. Again, not because the software is "magic" or other software can't behave badly, but because of the particular ways most real-world users brains just shut down when dealing with security issues. Most people really don't have the mindset for this stuff.
This "software" could not be ordinary software but would rather require Apple opening up the OS to third party extensions which ran at a privileged level above the sandboxes. I just don't see that every happening for a couple of reasons.
1. The Kaspersky software itself could have exploitable flaws and given that it would be running at a higher privilege level than regular apps, that opens up a new attack vector for web based exploits to use.
2. Such software would potentially slow the OS down and cause a significant battery drain for no real gain of protection.
Much has been made about FUD articles that say that other apps can access contacts without asking for permission. No shit sherlock. That is a "feature" of the official API and the app approval process is supposed to ferret out nefarious uses of contact lists. I would hate to see UAC style boxes for apps each time I wanted to see a contact list in a third party app.
Jesus was a compassionate social conservative who called individuals to sin no more.
Granted, you can jailbreak an iPhone and install whatever you want, but I shouldn't have to hack a phone just so I can use whatever program I want on it. Being held to Apple's decision on what I can or can't use on there is a deal breaker for me.
Apple controls the available software for (among other reasons) their image. If they let people develop security software, people would start to not trust Apple as much, hurting their image and thus sales. They also intentionally keep everything "simple" for their average/target user. Apple's products and philosophy appeal to people that don't understand computers as well as the /. crowd. That being said, if you know how, you can still customize it, but it usually takes getting your hands dirty. I might not have bought an iPhone if I couldn't jailbreak it.
But this isn't an application that was submitted to Apple and denied, so these don't apply either. Kaspersky never claimed that they ever wrote or submitted an application. All they have said is that Apple has not provided them with an SDK. Now this might be because
'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
On Tom's hardware Jonathan Ian Schwartz gets a career whitewash job.
After Scott McNeally got booted out of Sun's through Steve Ballmer's $ 2 billion
"rescue" job to keep Sun running, which effectively shut McNeally up from
all hostile keynote speech comments about Microsoft, its now Jonathan Schwartz
who gets his hair greased big time at tomshardware.com :
http://www.tomshardware.com/news/Steve-Jobs-Jonathan-Schwartz-Sun,9844.html
Reportedly it was Schwartz who co-founded [b]Lighthouse Design Ltd.[/b] in 1989 and
therefor has supplied Steve Jobs his NeXtStep Software. This sounds rather far-fetched
to me as at the time when Schwartz joined Sun Microsystems nothing of this was mentioned.
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
Apple has already gone through at least one cycle of making desirable, well-made products to nearly getting out of the hardware business altogether because their stuff was crappy and then back again to making decent goods. At the moment, they rushing headlong into territory that Sony has staked out, of being a company that makes some decent products that discerning people won't touch.
I don't think it will surprise anyone if they have to go through the cycle again.
You are welcome on my lawn.
While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.
You say that with no context as to where you live, which is very important. Because where I am, AT&T just turned on 3G less than six months ago, and it's slower than Verizon's which has been on for two years, and hasn't slowed down a bit since I got my Droid.
Says the guy who didn't post where he lives...
Overall, AT&T's 3G coverage is faster than Verizon's. In specific places, such as where AT&T *doesn't* have 3G coverage, or where coverage isn't terribly good, then Verizon's may be faster. But all told, AT&T takes the 3G speed crown in the US.
Wow, the worst "malware" for the Mac can email you and call you! If that was the worst thing that PC malware did, companies like Norton and McAfee would be out of business overnight.
I can't seem to find a link to it now (so maybe I'm wrong), but I thought Apple blocked at least one of the apps where the developer actually called someone. I know the storm8 example you listed has been fixed.
if Apple allows it, it's clearly not malware.
That's absurd. Apple has a process in place to both remove from the store, and if the app is truly egregious, remove remotely from people's phones, any malware that slips past them.
'I don't want to say Apple's is the wrong way of behaving, or the right way,' Kaspersky added. 'It's just a corporate culture -- it wants to control everything.'"
- look who is talking. A guy, whose entire success (his and the wife's) is based on pretty much a monopoly set up in Russia and the rest of the former Soviet block by Microsoft.
You can't handle the truth.
Well, I'm sure in due time we'll have iNorton and all of the iPhones will be safe from this kinda stuff.
Random Thoughts From A Diseased Mind (Not For Dummies)
"With apples current approach the buck stops with apple."
No, it actually stops with ME. I can exploit the iPhone OS software and all it takes is you connecting to my Wireless AP. Already having fun pissing off people that come to my house and realize their iPhone QUIT WORKING.
Apple better let those guys get security software made, or Apple is not going to be happy when I sell my exploit.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
"Overall, AT&T's 3G coverage is faster than Verizon's."
Really? I doubt that, considering AT&T's network has been clogged and hasn't expanded much for the past decade while Verizon has been constantly expanding.
Oh, and I never got more than 50K/s in NY on AT&T 3G network - never under 122K/s with Verizon 3G. Here in California, it's almost the exact same issue.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
AT&T's network is only clogged in a few overpopulated cities. The other 95% of the country isn't clogged in the slightest. I have an iPhone 3GS and my friend has a Droid - we both get between 120 KB/sec to 350 KB/sec downloads, typically around the 200-250 KB/sec point. If you want to live in an overpopulated area (NYC, LA, San Fran), then just like how you have massive congestion when trying to travel, you're going to get massive congestion on cell networks too.
"The tree of liberty must be refreshed from time to time with the blood of patriots and tyrants." ~Thomas Jefferson
I'd like to add that Kaspersky's worthless method of validating their desktop PC client's anti-virus subscription's expiry date is "the wrong way of behaving" too!
We have their corporate AV product where I work, and every few weeks, I get a phone call from at least someone who says their anti-virus stopped updating, and keeps popping up a warning about "black.lst" being missing or corrupt. I wind up forcing a manual refresh from the server console and eventually, it realizes it IS still a legally licensed copy and starts working again.
Nice way to treat your paying customers .... make the product randomly quit on you (with an error message that doesn't at all explain what's really going on, no less).
YES, it DOES apply. The reason the won't release the necessary SDK is because anything made with it would likely compete with services that Apple offers.
-1 disagree is not a modifier for a reason. -1 troll, flaimbait, redundant, overrated are NOT acceptable substitutes.
it's not exactly sporadic or hypocritical - the terms are well established and they occasionally don't catch you when you break them or the reviewer isn't always thorough.
Apple is probably waiting until they implement multitasking in the next OS, so that they can have Kaspersky's software constantly running in the background constantly using 50% of the CPU to block malware.
Kaspersky ascribes it to Apple wanting to "control everything", but Apple already doesn't mind turning over control of about 100,000 apps to other developers already.
I think it's something else. Well, two things, actually:
First, I think that Apple wants to keep the word "virus" and the word "iPhone" from being any more linked in the consumer's mind than they have to be. If a range of anti-virus tools becomes available for the iPhone, then it implicitly says that viruses are something you need to be concerned about if you purchase an iPhone. For example, imagine you went to a singles bar and, right at the door, there were a bunch of dispensers doling out free condoms. That suddenly changes what you think about the moral fortitude of the individuals found within, as well as their venereal state.
Secondly, if anti-virus apps are available for the iPhone, then that adds a layer of protection for people who get their apps from less-reputable sources. I'm speaking, of course, about Cydia and the whole jailbreaking scene. I can only speak for myself, but I can tell you that the primary reason I haven't jailbroken my iPhone and availed myself of all of the Cydia apps is because I can't be assured of their source and that they don't have some "new special ingredient" added by the packager. The money I pay to Apple's app-store is paying for Apple to vet the apps I'm downloading.
Anti-virus tools for the iPhone would tend to "level the playing field", as it were, between the security of using legitimate apps versus using Cydia apps.
Which is probably the exact reason why Apple is both controlling the App Store and making it hard to jailbreak iPhones. Their image is everything, their primary mission is to avoid bad PR.
RogerWilco the Adventurous Janitor
If you're running your iPhone mail with Exchange 2007 on the backend - you can wipe your device if you ever lose it via OWA. Just log in, click on Options, then Mobile Devices on the left side and select "Wipe All Data From Device..." in the main window. Don't worry about testing it - I already did that for y'all a few months ago. Yup, it works.
- Ray, when someone asks you if you're a god, you say "YES"! -
Kaspersky is running into trouble for all sorts of reasons, especially taking a traditional, load up the endpoint with tons of processes and overhead. There is one Apple approved iPhone security product. Just announced a couple of days ago. www.MobileActiveDefense.Com Truth in Advertising: M.A.D. is so good, cool, etc. etc. I signed on as Chairman of the company. First product in 16 years.
Winn Schwartau
It's all location, location, location. I get 1.7Mb/s down and 400+Kb/s up in most places using the SpeedTest app. Then when I walk to the back of the house sometimes I'm on the EDGE (or whatever) network and it's slow as molasses. This is the Palm Beach / Martin County / Broward county area in SE Florida.
I don't want rubbish anti-virus software on a smartphone. They cripple the performance of the device.
I don't care if I get a virus on my phone, I can restore it back to a backup easily. It's not like I'm going to loose valuable work.
Not where I live and work, just outside of Boston. My co-workers and I repeatedly run Speed Test against each other. I have a Droid on Verizon, one has an iPhone on AT+T, one has a G1 on T-Mobile. Verizon is usually fastest by a wide margin, followed by T-Mobile and then AT&T. I'm a former AT+T customer and have been more than happy after switching to Verizon.
Is this the dude who said: "Everyone should and must have an identification, or internet passport,"??? Apple, keep him out of your store.
"Well, I'm sure in due time we'll have iNorton and all of the iPhones will be safe from this kinda stuff."
Exactly, safe just like Windows PCs are!
-- My apologies if the above facts contain any opinions, or vice versa! --
This "software" could not be ordinary software but would rather require Apple opening up the OS to third party extensions which ran at a privileged level above the sandboxes.
In addition, they would want access to other things, if they were to implement their full suite:
http://usa.kaspersky.com/products_services/mobile-security.php
Anti-Theft Protection:Remotely block access to your phone if it is lost or stolen
Requires access to the (separate) baseband firmware: enables malware using the same interfaces
Privacy Protection: Control what others can see and access when they pick up your phone
Requires access to override UI implementation classes, notification services, enables rootkits
Privacy Protection: Keep designated incoming calls and SMS texts completely hidden until you're ready to view them
Requires access to override connection between application processor and baseband, requires access to baseband firmware, enables rootkits
Privacy Protection: Activate "Private" mode manually, automatically or remotely
Requires background application: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets
Anti-Malware Protection: Control who you'll accept calls and SMS texts from
Requires access to baseband firmware: enables malware using the same interfaces
Anti-Malware Protection: Block unwanted calls and texts from unknown numbers
Requires access to baseband firmware: enables malware using the same interfaces
Anti-Malware Protection: Real-time scanning and advanced firewall for 24/7 protection
Requires background application, access to kernel firmware: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets
Advanced Data Encryption: Prevent unauthorized access to your sensitive or confidential files; Password-protect and encrypt multiple folders
Requires access to kernel firmware: interposes storage management; adds overhead; reduces battery life; consumes thermal budget; enables malware using the same interfaces; enables rootkits
Parental Controls for your child's phone: Block outgoing calls or SMS texts to undesirable numbers, including premium rate services
Requires access to override connection between application processor and baseband, requires access to baseband firmware, enables rootkits
Parental Controls for your child's phone: GPS Find and Google Maps allow you to find your child anytime, day or night
Requires background application: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets ...Thanks for playing, Kaspersky!
-AC
Unless you are jailbroken, what's the point of security software? There is one source of infection: App store. However all apps are screened down to source code level. Malware-free is an one of the important user experience. Giving out security SDK only benefit security software vendors in creating a new market but in return it is impossible to protect from SDK leaking out to hacker who will have more information on vulnerabilities. Maybe we can argue that malware can break into iPhone from outside. But firstly it is mostly through buffer overflow which require good understanding of the non-Intel-based iPhone processor. More importantly the limitation on multi-tasking prohibited virus to spread inside the phone. So, only very sophisticated malware can spread and the odd is very very small.
Allowing their software on the iPhone would require destroying the existing security model and it opens up vectors for malware/trojan horses to install at the same privilege level where your iPhone could become a node o a botnet.
Jesus was a compassionate social conservative who called individuals to sin no more.
Microsoft doesn't control everything on its platforms. It wants to, but it doesn't.
That's the reason I don't have an i-Anything. I refuse to play the walled garden game.
Porquoi?
Ah, but I don't live in LA, I live an hour and a half away, out in the boonies/desert. Maybe 50K population, if that. Overpopulated is a huge misstatement for this area.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.