Apple Blocking iPhone Security Software

Barence writes "Speaking exclusively to PC Pro, Eugene Kaspersky has claimed Apple has repeatedly refused to deliver the software development kit necessary to design security software for the phone. 'We have been in contact for two years with Apple to develop our anti-theft software, [but] still we do not have permission,' said Kaspersky. Although he admits the risk of viruses infecting the iPhone is 'almost zero,' he claims that securing the data on the handset is critical, especially as iPhones are increasingly being used for business purposes. 'I don't want to say Apple's is the wrong way of behaving, or the right way,' Kaspersky added. 'It's just a corporate culture — it wants to control everything.'"

Nothing to see here folks

iphone don't need no security software

Re:Nothing to see here folks

[Pojut]

This is more about the closed nature of the App Store more than the necessity (or lack thereof) for a security app. In fact, the sporadic and seemingly hypocritical nature of Apple's approval process alone is reason enough for me to not get an iPhone (being stuck on AT&T and having no hardware keyboard are the other two reasons...although I could look past those two if it meant anyone could had an app put up for download.)

Granted, you can jailbreak an iPhone and install whatever you want, but I shouldn't have to hack a phone just so I can use whatever program I want on it. Being held to Apple's decision on what I can or can't use on there is a deal breaker for me.

Re:Nothing to see here folks

[peragrin]

While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.

To date the spyware and hacks that have been succesful only target jail broken phones. Why because people are stupid and install things wrong.

With apples current approach the buck stops with apple. If an approved app or other malicous software does hit the mass iPhone population apple becomes the only company to blame. Unlike the recent windows virus found on HTC models where HTC can blame any one else. I am waiting for apples tight control to bite them back.

Re:Nothing to see here folks

[AndrewNeo]

While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.

You say that with no context as to where you live, which is very important. Because where I am, AT&T just turned on 3G less than six months ago, and it's slower than Verizon's which has been on for two years, and hasn't slowed down a bit since I got my Droid.

Re:Nothing to see here folks

[Pojut]

AT&T speeds are generally faster than Verizon in my area, but the reception of AT&T phones around where I live is absolutely horrendous...based on what friends who have the iPhone have told me, there are TONS of dead spots around here (Montgomery County, Maryland...hardly the boonies.)

I will gladly take a slow network over spotty network coverage.

Re:Nothing to see here folks

Join T-Mobile! With them, the speed of the 3G network is a non-issue since, since you won't have one! :D

(Their 3G network is actually growing pretty fast, but still tiny. It's ten miles from my house and getting closer!)

Re:Nothing to see here folks

No, see, they just redefine malware. Even if it looks like malware, walks like malware, and quacks like malware, if Apple allows it, it's clearly not malware.

Re:Nothing to see here folks

[Bakkster]

While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.

You trade speed for coverage between AT&T and Verizon. Just like there are tradeoffs between an iPhone or an Android phone or Blackberry. Decide based on the features you want which is best for you personally.

To date the spyware and hacks that have been succesful only target jail broken phones. Why because people are stupid and install things wrong.

But this isn't an anti-hacking application, so that doesn't apply. This is an anti-theft applications. You know, in case your phone is stolen.

So why not approve it? I can think of two reasons:
1) Does things beyond the API or agreement allows, particularly with encryption.
2) Apple provides an anti-theft service, which this application would compete with.

Re:Nothing to see here folks

[cinderblock]

Granted, you can jailbreak an iPhone and install whatever you want, but I shouldn't have to hack a phone just so I can use whatever program I want on it. Being held to Apple's decision on what I can or can't use on there is a deal breaker for me.

Apple controls the available software for (among other reasons) their image. If they let people develop security software, people would start to not trust Apple as much, hurting their image and thus sales. They also intentionally keep everything "simple" for their average/target user. Apple's products and philosophy appeal to people that don't understand computers as well as the /. crowd. That being said, if you know how, you can still customize it, but it usually takes getting your hands dirty. I might not have bought an iPhone if I couldn't jailbreak it.

Re:Nothing to see here folks

[Fnord666]

So why not approve it? I can think of two reasons:
1) Does things beyond the API or agreement allows, particularly with encryption.
2) Apple provides an anti-theft service, which this application would compete with.

But this isn't an application that was submitted to Apple and denied, so these don't apply either. Kaspersky never claimed that they ever wrote or submitted an application. All they have said is that Apple has not provided them with an SDK. Now this might be because

1. They want a custom SDK with special calls that do what they need, or
2. They are in a country that is not allowed to legally download the SDK.

Re:Nothing to see here folks

[PopeRatzo]

Apple has already gone through at least one cycle of making desirable, well-made products to nearly getting out of the hardware business altogether because their stuff was crappy and then back again to making decent goods. At the moment, they rushing headlong into territory that Sony has staked out, of being a company that makes some decent products that discerning people won't touch.

I don't think it will surprise anyone if they have to go through the cycle again.

Re:Nothing to see here folks

[node+3]

While AT&T are bad verizon is just as bad if not worse. Ihave watched verizons 3G network slow to a crawl.

You say that with no context as to where you live, which is very important. Because where I am, AT&T just turned on 3G less than six months ago, and it's slower than Verizon's which has been on for two years, and hasn't slowed down a bit since I got my Droid.

Says the guy who didn't post where he lives...

Overall, AT&T's 3G coverage is faster than Verizon's. In specific places, such as where AT&T *doesn't* have 3G coverage, or where coverage isn't terribly good, then Verizon's may be faster. But all told, AT&T takes the 3G speed crown in the US.

Re:Nothing to see here folks

[node+3]

Wow, the worst "malware" for the Mac can email you and call you! If that was the worst thing that PC malware did, companies like Norton and McAfee would be out of business overnight.

I can't seem to find a link to it now (so maybe I'm wrong), but I thought Apple blocked at least one of the apps where the developer actually called someone. I know the storm8 example you listed has been fixed.

if Apple allows it, it's clearly not malware.

That's absurd. Apple has a process in place to both remove from the store, and if the app is truly egregious, remove remotely from people's phones, any malware that slips past them.

Re:Nothing to see here folks

[Ihmhi]

Well, I'm sure in due time we'll have iNorton and all of the iPhones will be safe from this kinda stuff.

Re:Nothing to see here folks

[Khyber]

"With apples current approach the buck stops with apple."

No, it actually stops with ME. I can exploit the iPhone OS software and all it takes is you connecting to my Wireless AP. Already having fun pissing off people that come to my house and realize their iPhone QUIT WORKING.

Apple better let those guys get security software made, or Apple is not going to be happy when I sell my exploit.

Re:Nothing to see here folks

[Khyber]

"Overall, AT&T's 3G coverage is faster than Verizon's."

Really? I doubt that, considering AT&T's network has been clogged and hasn't expanded much for the past decade while Verizon has been constantly expanding.

Oh, and I never got more than 50K/s in NY on AT&T 3G network - never under 122K/s with Verizon 3G. Here in California, it's almost the exact same issue.

Re:Nothing to see here folks

[Totenglocke]

AT&T's network is only clogged in a few overpopulated cities. The other 95% of the country isn't clogged in the slightest. I have an iPhone 3GS and my friend has a Droid - we both get between 120 KB/sec to 350 KB/sec downloads, typically around the 200-250 KB/sec point. If you want to live in an overpopulated area (NYC, LA, San Fran), then just like how you have massive congestion when trying to travel, you're going to get massive congestion on cell networks too.

Re:Nothing to see here folks

[Mr.+Freeman]

YES, it DOES apply. The reason the won't release the necessary SDK is because anything made with it would likely compete with services that Apple offers.

Re:Nothing to see here folks

it's not exactly sporadic or hypocritical - the terms are well established and they occasionally don't catch you when you break them or the reviewer isn't always thorough.

Re:Nothing to see here folks

[RogerWilco]

Which is probably the exact reason why Apple is both controlling the App Store and making it hard to jailbreak iPhones. Their image is everything, their primary mission is to avoid bad PR.

Re:Nothing to see here folks

[StuartHankins]

It's all location, location, location. I get 1.7Mb/s down and 400+Kb/s up in most places using the SpeedTest app. Then when I walk to the back of the house sometimes I'm on the EDGE (or whatever) network and it's slow as molasses. This is the Palm Beach / Martin County / Broward county area in SE Florida.

Re:Nothing to see here folks

[stummies]

Not where I live and work, just outside of Boston. My co-workers and I repeatedly run Speed Test against each other. I have a Droid on Verizon, one has an iPhone on AT+T, one has a G1 on T-Mobile. Verizon is usually fastest by a wide margin, followed by T-Mobile and then AT&T. I'm a former AT+T customer and have been more than happy after switching to Verizon.

Re:Nothing to see here folks

[Me!+Me!+42]

"Well, I'm sure in due time we'll have iNorton and all of the iPhones will be safe from this kinda stuff."
Exactly, safe just like Windows PCs are!

Re:Nothing to see here folks

[JobyOne]

That's the reason I don't have an i-Anything. I refuse to play the walled garden game.

Re:Nothing to see here folks

[Khyber]

Ah, but I don't live in LA, I live an hour and a half away, out in the boonies/desert. Maybe 50K population, if that. Overpopulated is a huge misstatement for this area.

At least good news !

[Yvanhoe]

Leaving Kaspersky out is the first interesting feature I see in this whole Apple App Store scheme !

Re:At least good news !

[Ethanol-fueled]

If there's anything we learned from the PC universe, it's that many people would rather have viruses run transparently in the background than have their machines slow to a crawl because of overbearing security suites that often don't even identify proper threats.

Having tried the iPhone, I think it's a decent gadget, but it's not fast enough to be able to take performance hits from inefficient security suites.

Re:At least good news !

[Yvanhoe]

If there's anything we learned from the PC universe, it's that many people would rather have viruses run transparently in the background than have their machines slow to a crawl because of overbearing security suites that often don't even identify proper threats.

That's a very interesting point. Virus used to wreak havoc on the targeted computer and destroy files, reboot the machine, etc... Nowadays, all that they hope for is to be able to steal stealthily a few percent of resources and bandwidth. About the same as the antivirus except he is not very stealthy about it.

Re:At least good news !

Why? Kaspersky has some of the best products.

Re:At least good news !

[thePowerOfGrayskull]

f there's anything we learned from the PC universe, it's that many people would rather have viruses run transparently in the background than have their machines slow to a crawl because of overbearing security suites that often don't even identify proper threats.

I'm not sure what PC universe you spend time in, but in mine most users prefer both. They love to run the overbearing security suites because then they *know* they're secure, and don't have to worry about all those weird other things running transparently in the background.

Re:At least good news !

..meanwhile, in the real world (yknow, that big one *out there* where most users could not give a toss what runs on their computers, just so long as it runs), Kaspersky is still the first thing I would recommend any average PC user installs.

I would also happily admit that the "enhanced" versions are full of overblown, overboard BS, however, anyone wants to name me a better PC AV solution than Kaspersky, the floor, as they say, is yours?

- Nope, thought not ;-)

Re:At least good news !

[CharlyFoxtrot]

Why? Kaspersky has some of the best products.

Eugene, is that you ?

Re:At least good news !

[WrongSizeGlass]

Leaving Kaspersky out is the first interesting feature I see in this whole Apple App Store scheme !

Kaspersky has to wait in line with the rest of us to get at portions of the iPhone API's that aren't "public" or blessed by Apple. Their situation isn't even remotely unique.

Re:At least good news !

[InsertWittyNameHere]

Antivirus XP 2010

Re:At least good news !

Being the best of shit still makes you shit.

Re:At least good news !

[mellon]

That's not even the worst of it. The worst of it is that in order for Kaspersky's suite to do anything useful, you'd have to give it full access to the machine. If you give it full access to the machine, suddenly you're *less* secure, because you installed a "security app." So not only do your batteries last a quarter as long, you'll probably get a virus you couldn't have got otherwise.

Re:At least good news !

[Khyber]

NOD32.

Owns Kaspersky in every test i try.

Re:At least good news !

ok, cheers! for a sensible answer - had the idea (for some unknown reason) NOD was probably aimed at "more experienced" users (usability/configuration issues? - dunno, as said, received opinion), but, I'll get round to checking it out.

Unlikely to change however as KAV has more or less done what it needed to for longer than I care to remember, and I buy bulk licenses. Was more pissed at the inferenece that KAV is a pile o crap (which it definitely aint..) than shopping, alternatives always good to know tho..

Re:At least good news !

Yup, youve rumbled those craazzzy Russians, Kaspersky is *actually a virus*

And it *eats your batteries*

And, And.. oh FFS, I cant be bothered.

Re:At least good news !

[Yvanhoe]

It just doesn't release those to the public.

Re:At least good news !

Einstein! - is that you?

We already have an anti-virus

[omgarthas]

It's called Apple App Store, they control absolutely every piece of software that can be installed in your Iphone, I can't see the need for any anti-virus solution...

Re:We already have an anti-virus

[Dancindan84]

We have been in contact for two years with Apple to develop our anti-theft software...

I know lots of people never RTFA, but you couldn't even get through the summary? Here's your sign.

Re:We already have an anti-virus

[Cyberax]

Two words: browser exploits.

Re:We already have an anti-virus

[mrsteveman1]

The iPhone has enterprise tools available for anti-theft, too. It can encrypt all data by default and remotely wipe the device, and even end users can get the GPS coordinates of the device if they have MobileMe.

Their control of the App Store is abusing and ridiculous, but i don't see a lack of anti-theft features here.

Re:We already have an anti-virus

[Dancindan84]

Just because the iPhone has similar functionality built in doesn't mean 3rd party vendors shouldn't be able to compete. I happen to be writing this comment with Firefox on a machine that came with IE already...

Also, doesn't change the fact that he was clueless what the article was about.

Re:We already have an anti-virus

Man, you obviously don't deal in the real world or at least in large org.

Google for a couple of mins and you find that the "encryption" on the latest iPhone 3GS has already been broken.

There's no proper central management of the device; the iPhone has to be tethered.

If you set some settings on the device, there's nothing stopping the user from changing configuration again.

So it's fine for you if you want to keep some personal contacts and maybe your shopping list; it's nowhere near the level one would expect it to be used in the financial or government sectors.

That's why RIM and BES reign supreme in that area.
I wish Apple would wise up; lord knows I deal constantly with "senior managers" who want to use their toys at our hospital.

Re:We already have an anti-virus

[Xest]

Another two: SMS exploits

There is also a lot of iPhone software that phones home, and here's the problem, the app store as a security measure is a complete and utter myth. The app store is NOT about security, it does not make you magically protected. It's also worth noting that Apple boasts about having hundreds of thousands applications on it's app store- is anyone really naive enough to believe that Apple is capable of doing a full security audit on each and every one of these applications?

The app store brings convenience, uniformity and ease of use to buying, downloading and installing applications on the iPhone and gives Apple a method of controlling what users can do with their iPhone, and controlling whether developers can produce competing products to those Apple provides or instead block them to retain a monopoly on said application type on their platform.

Re:We already have an anti-virus

[d3ac0n]

Two words: Good Technology.

Works on iPhone, Android and WebOS.

Disclaimer: I do NOT work for Good technology, but was recently asked to research the use of iPhone, WebOS and Droid in my company's enterprise environment and Good is pretty much the very best of the best out there from what I could tell.

Of course, your mileage may vary.

Re:We already have an anti-virus

[CharlyFoxtrot]

Just because the iPhone has similar functionality built in doesn't mean 3rd party vendors shouldn't be able to compete. I happen to be writing this comment with Firefox on a machine that came with IE already....

Apple doesn't want to give developers access to the API's to do things like remote wipe. So they either block everyone from doing it or they make an exception for certain vendors. Apple isn't very big on making exceptions for any external company, even Google gets the choice of doing it the Apple way or hitting the highway. Nobody seems to mind in this case except the anti-virus cartel who are seeing their core market melt way now Windows is becoming secure and they don't have a foothold in this decade's growth market, mobile devices.

Re:We already have an anti-virus

[Abcd1234]

Yes, because none of those apps could possibly have a bug that would allow malicious code to be installed...

Re:We already have an anti-virus

[RulerOf]

It can encrypt all data by default and remotely wipe the device, and even end users can get the GPS coordinates of the device if they have MobileMe.

I know this, because I work for an iPhone nut.

If you're a business user, you're using Exchange 2007 with ActiveSync to remotely manage the iPhone and deliver email. If you've got a wish to drive yourself insane, you're also using MobileMe on that same device.

MobileMe has some neat features, but quite frankly it's complete bullshit that those features (Find my iPhone et. al.) are mutually exclusive from a phone with an ActiveSync binding. MobileMe + ActiveSync is highly discouraged by all of the Apple support reps I've spoken with, and to date, my boss has had nothing but nightmares involving the combination of the two.

Re:We already have an anti-virus

[RulerOf]

The app store is NOT about security, it does not make you magically protected.

The app store is about Apple's guaranteed 30% cut.

Re:We already have an anti-virus

[timeOday]

Just because the iPhone has similar functionality built in doesn't mean 3rd party vendors shouldn't be able to compete.

Apple dosn't see it that way. They openly reject competition with Apple software on the iPhone.

Re:We already have an anti-virus

[rworne]

That's the rub. Why would Apple allow a $5 or $20 app on the AppStore that negates the only other way to remote wipe or track your iPhone?

Here's the answer: $90/year subscriptions to MobileMe

Re:We already have an anti-virus

I have MobileMe and ActiveSync set up with no problems at all. Both accounts push changes in both directions, and Find my iPhone works. We don't have encryption enforced by ActiveSync, and I haven't tried a remote wipe through either service, but all of my day-to-day usage is fine.

Re:We already have an anti-virus

Well, in a way, yes. The same issues that keep Kaspersky's software from operating correctly on an iPhone keep malicious code from running rampant all over your phone.

Now, it IS possible that someone could create an exploit for a known bug in the Safari app that would steal your Safari data, but apps don't have access to much beyond the resources they need to function. Thus, if you exploit an iPhone app, all you have access to is the data/code that app has access to. Also, the exploit would not be persistent; power-cycle the iPhone and the problem is gone until you do whatever you did to be exploited in the first place.

So, none of those apps could possibly have a bug that would allow malicious code to be installed. They MIGHT have bugs that would allow malicious code to be injected into that app during the current app's runtime window.

Now, I guess if you found a bug in the Store software, you might be able to install malicious code. But we usually call that jailbreaking.

Re:We already have an anti-virus

[Lunix+Nutcase]

Boohoo. Apple is running a business not a charity.

Re:We already have an anti-virus

[ldapboy]

You can get an Exchange, or Exchange compatible service for less than $90/yr, and use that for remote wipe. For example NuevaSync is $25/yr.

Re:We already have an anti-virus

[Khyber]

Here's your sign, pal. Software won't stop me from JACKING THE FUCKING PHONE FROM YOUR HANDS (what REAL theft entails) after I pound your face in.

Anti-theft is a misnomer and bullshit - Anti-data breach would be more appropriate.

Hope that sign isn't too heavy around your neck, I know it's a mighty big one.

Re:We already have an anti-virus

[Khyber]

"The iPhone has enterprise tools available for anti-theft, too. "

Every single one of them useless the moment I turn off the phone and clip the antenna wires so it can't get a signal or just add more wire to completely fuck the antenna. Then it's free reign and I can take all the time I want breaking the encryption.

Been there, done that, give me something that's actually new and interesting. I have many friends with iPhones and they're always bringing them to me. Anything Apple can do I've already got circumventions around. Until they physically make the inside of the case inaccessible, their software is totally fucking useless.

Re:We already have an anti-virus

[Khyber]

"MobileMe + ActiveSync is highly discouraged by all of the Apple support reps I've spoken with, and to date, my boss has had nothing but nightmares involving the combination of the two."

Getting those two to work together is as easy as controlling two computers with Synergy.

Boss needs to be fired if he's not that competent.

Re:We already have an anti-virus

Ah but here is the rub.

Lets use a physical world analog to this. A store. You sell things in a town. There is only 1 store. That store doesnt own anything they just rent out space at a 30% markup. They also sell a nice line of coffee makers which they conveniently sell at the store. You also want to sell a coffee maker. Suddenly your coffee maker has all sorts of 'issues' and they cant sell it they only sell 'high quality stuff'.

I know you say I will open my own store. Except the people who own the store own the town and the area around it. Crazy? It has happened here in the united states. The apple store is the same thing. Just a different tech...

Re:We already have an anti-virus

[RulerOf]

Getting those two to work together is as easy as controlling two computers with Synergy.

It's interesting that you chose Synergy as your example. Synergy is a royal pain in the ass to configure for all but the most logical and technical minded people.

For a user who doesn't understand how contacts are stored, where they come from, or why they end up getting duplicated (or at least appear to be that way) without making a really stupid car analogy that won't actually transfer back to referenced analogous use of the device... I'll presume you get the idea.

It just doesn't work or behave the way it should.

Re:We already have an anti-virus

[Lunix+Nutcase]

Except that the iPhone isn't the only phone you can buy and thus you don't have to put up with the rules Apple sets for it's App store unless you choose to buy an iPhone. Thus your analogy falls completely apart.

Re:We already have an anti-virus

bad khyber no mis-mod karma for you. Calm down and try growing something other then strawberry's in that DWC of yours.

Re:We already have an anti-virus

[RogerWilco]

Their control of the App Store and anti-jailbreaking measures are because of one reason: Apple wants to avoid bad publicity.
When there was this rash of rickrolled iPhones a few months back, most media reported it, but very few mentioned that it only affected jail broken phones. Apple wants to avoid getting into the news like that, because their brand is the most important asset they have.

Re:We already have an anti-virus

No, ignorant apple-hater. The iPhone has kernel level jailing on all your appstore purchased apps. They will not be able to break out of their EUID of 501. Surely a kernel local exploit may exist, but as of right now the jailing works quite well to prevent malicious code installation...

Re:We already have an anti-virus

[Abcd1234]

Let me introduce you to three words: Local privilege exploit.

And by the way, Mr. Jobs fellater, someone who suggests the possibility that a virus could infect an iPhone isn't an "apple-hater". It's called being "realistic".

Re:We already have an anti-virus

[paskal]

I have both with the contacts turned off for my Exchange ActiveSync account - works fine. As a bonus, it will still pull contacts from Exchange while you're composing emails.

Having contacts on for both I imagine would end up a nightmare.

Re:We already have an anti-virus

[smitty97]

Ditto on Exchange + Mobileme being very easy to manage together. I even have a couple of CalDAVs in there.

Work stuff goes into Exchange, personal stuff into Mobileme, nothing stored locally. Don't put your personal contacts into Outlook and all will be well.

Re:We already have an anti-virus

[RulerOf]

That may sound easy (and I agree with you, I think it is) but people who don't understand how the abstraction works can't use that kind of setup correctly.

It just doesn't fall into the "ZOMG I'm a moron and this iPhone is just so intuitive" setup that the phone generally has.

Re:We already have an anti-virus

[mjwx]

Apple isn't very big on making exceptions for any external company

Ahhh, so that's why all the bikini applications got pulled from the App Store(TM) but Playboy and Sports illustrated are still in there.

However Spyware on the iPhone is rife

[sh0rtie]

this guy created a whole site because of the problem and the iPhones inability to block/stop such behaviour
http://i-phone-home.blogspot.com/

Re:However Spyware on the iPhone is rife

[whisper_jeff]

I didn't read the whole site but, from what I read, this guy is bitching about "such behaviour" on his jailbroken iPhone. And this is relevant how? He made a choice - one that many people make - and that choice has consequences. Play within the walled garden and you have some restrictions but considerable protection. Abandon the walled garden and you have near-total choice but your protections are discarded.

Seriously, I could care less about someone's opinion when they're basing it on their jailbroken device. They made a choice. Deal with the consequences of that choice.

Re:However Spyware on the iPhone is rife

[clone53421]

The reason he had to jailbreak his iPhone, no doubt, is because otherwise it would have been completely impossible to write a firewall for it, or to hide the phone’s UDID.

How about you actually read his blog? The apps he was testing are from the AppStore...

Top Gun from the iPhone AppStore is currently number 24 on the AppStore paid applications list.

Another accelerometer game, this time a Top Gun remake.

Version tested: 1.2 (current as of writing)

This iPhone app is Pinchmedia enabled, it tracks and reports the following:
- iPhone UDID
- iPhone model & firmware version
- application code
- application version
- iPhone jailbreak status
- if app is pirated/cracked
- application startup & exit times
- has an entry for lat/lon but its not used

Max Injury from the iPhone AppStore is currently number 11 on the AppStore paid applications list.

A mini-game where you have to maximize the damage to a dummy via various challenges.

Version tested: 1.0.2 (current as of writing)

This application is flurry enabled, if you have PrivaCy 0.9.3037-2 or above the metrics will be blocked. This app tracks:

- application ID & version
- iPhone model, firmware
- iPhone UDID

Or how about this one, which not only reports your UDID but also your phone number:

iMobsters from the iPhone AppStore is currently number 14 on the AppStore free applications list

Lets cut to the chase on this one, this is another Storm8 iPhone app the same as Vampires Live.

During use, the application tracks and reports:
- your mobile phone number
- application version, number
- unique ID of your iPhone
- points (if applicable)
- iPhone model
- firmware version

Re:However Spyware on the iPhone is rife

[dotgain]

You'd better read it again (like I just did). To me, the site is quite agnostic toward jail-breaking, and is no less useful to someone with a non-jailbroken device. I believe I feel the same way about jailbreaking as you do (currently not considering jailbreaking my device, fairly sure I'll never do it), but as another poster has said: There's not a chance in hell that Apple have properly audited all the application for security, and it's flat out impossible they'd be able to do so adequately anyway (they don't audit the source). The App Store is not about that at all.

Re:However Spyware on the iPhone is rife

[TubeSteak]

However Spyware on the iPhone is rife

That's not a bug, that's a feature.
The whole point of locking down hardware (at least on a mobile platform) is to create a captive audience.

Re:However Spyware on the iPhone is rife

[CharlyFoxtrot]

You'd better read it again (like I just did). To me, the site is quite agnostic toward jail-breaking, and is no less useful to someone with a non-jailbroken device. I believe I feel the same way about jailbreaking as you do (currently not considering jailbreaking my device, fairly sure I'll never do it), but as another poster has said: There's not a chance in hell that Apple have properly audited all the application for security, and it's flat out impossible they'd be able to do so adequately anyway (they don't audit the source). The App Store is not about that at all.

Apple may not audit the source but they do have analysis tools to scan for the use of non-public APIs. This provides some security but everything you can do with the public API's will not get checked, unfortunately this includes phoning home some information (because there are times when this behavior is wanted.) So this guy should be applauded for taking the time to check a lot of applications for this kind of behavior and shaming the ones that do.

Re:However Spyware on the iPhone is rife

application ID, UDID, firmware version? so what? show me what a malicious user can do with this information. prove to me that this is a potential nasty exposure. Just because you say its "spyware" doesn't make it a relevant, probable or impactful threat where someone can essentially ruin me or cause me harm. this blog is FULL of all these other apps that provide security...but from what? What harm, what risk, what exposure, what consequence? You know who else has your phone number? EVERYONE. If you don't want to use a device that has an 'always' on feature, then don't use it. AT&T has your phone number too...where is the uproar?

None of true risk data exists in his blog...just "your version numbers are leaked, you need a firewall!"

Re:However Spyware on the iPhone is rife

[clone53421]

User tracking, targeted advertisements, etc.

Just recently, the EFF showed that seemingly-innocuous information is probably enough to uniquely identify you from the hundreds of thousands or millions of visitors to a particular site. And that’s not even on the same playing field as a vendor-assigned unique device ID.

You know who else has your phone number? EVERYONE.

No. Nobody has my phone number except the people I’ve given it to.

AT&T has your phone number too...where is the uproar?

And I’m pretty sure they can’t sell it to 3rd parties without my consent.

Re:However Spyware on the iPhone is rife

[tlhIngan]

The reason he had to jailbreak his iPhone, no doubt, is because otherwise it would have been completely impossible to write a firewall for it, or to hide the phone's UDID.

How about you actually read his blog? The apps he was testing are from the AppStore...

And not unique to the iPhone, since there are APIs to get the same thing off of every other phone out there - Android, Blackberry, Symbian, Windows Mobile, and probably Windows Phone as well. APIs like getting the phone number and/or IMEI, software versions and other things. Android is probably the best at it since you can't get the phone number without permission, but unless there's a way to say yes to some and no to other permissions...

Of course, the real question is why no one's done it on other platforms - the iPhone wasn't the first to have practically an always-on connection to the Internet.

Re:However Spyware on the iPhone is rife

[dotgain]

That's not security, that's policy. The iPhoneOS Public API provides you with all the power you need make a 'nasty' application with underlying behaviour that completely eludes these scans.

No shock

[kennedy]

Why would apple want to allow someone to create and market direct competition for it's own anti-theft service (MobileMe)?

Re:No shock

[ircmaxell]

Very simple. Liability. I would think it would be possible for a lawyer to make the claim that if Apple's product broke causing the loss, AND that Apple actively blocked --potentially-- better products from working, that they then assumed liability for any damage their original product failed to protect. Right now, liability limitations exist because the user has a choice. "We deny all liability, because you read this and still chose to use our product". But with ACTIVELY suppressing competition, aren't they removing that choice, and hence opening themselves up to liability (Since you had no choice in the first place)?

Note: IANAL

Re:No shock

[jellomizer]

I thought only hardcore fanboys use MobileMe. Everyone else realized Hundred Bucks per year is a bit steep. Especially with other companies offering similar services for less or free.

Re:No shock

[shutdown+-p+now]

Why would apple want to allow someone to create and market direct competition for it's own anti-theft service (MobileMe)?

Why doesn't Microsoft forbid Firefox and OO.org teams from using Windows SDK?

Re:No shock

[vijayiyer]

Why would they want another app in the background using the phone's resources to duplicate the functionality of MobileMe? Good question.
It's not like this app would be functional if it only ran in the foreground.
Yet another guy whining because he has a shitty concept for an app with no user benefit that has been rejected. That there exist other shitty apps on the app store doesn't make his any better or warrant an exception by Apple.

Re:No shock

[ilsaloving]

Actually, for the feature set that you get with MobileMe, $100 per year isn't at all unreasonable. My problem with Mobile Me is that Apple's track record for uptime with MobileMe is too spotty. When they migrated from .Mac to MobileMe, the mess that resulted was so incredible that it took them several weeks to get it properly sorted out.

Re:No shock

[CharlyFoxtrot]

Why doesn't Microsoft forbid Firefox and OO.org teams from using Windows SDK?

Kaspersky's not blocked from using the SDK, he can use the same one all other developers are using and can use the same APIs. He could even call private APIs and run his software on his own device, it would just mean he couldn't sell it through the appstore.

Re:No shock

[shutdown+-p+now]

I fully understand Apple's stance here - Microsoft has a similar one with respect to internal Windows kernel functions that are exposed to outside callers for some technical reasons.

I was, rather, replying specifically to GGP's claim that Apple is morally in the right to forcibly prevent third-party development for its platform if it competes with its own services.

Re:No shock

[Lunix+Nutcase]

I would think it would be possible for a lawyer to make the claim that if Apple's product broke causing the loss, AND that Apple actively blocked --potentially-- better products from working, that they then assumed liability for any damage their original product failed to protect.

Based on exactly what statutory or case law do you base this assertion on?

Re:No shock

[Lunix+Nutcase]

Everyone else realized Hundred Bucks per year is a bit steep.

If $8.50 a month is a steep expense for you then maybe you should stop living off the allowance from your parents and get a real job.

Re:No shock

[Lunix+Nutcase]

To add context to my statement, a person who has an iPhone is paying at minimum $70 dollars a month. If you can't afford $8.50 a month for MobileME then I'd question why you're buying an iPhone to begin with.

Re:No shock

[Lunix+Nutcase]

Where in this story is it mentioned that anyone is forbidden from using an SDK? Kaspersky was whining that there was no SDK delivered that would aid in developing 3rd party security software. Not that he was forbidden from using some existing SDK. Maybe next time you should read the summary more than once in order to actual comprehend it?

Re:No shock

[CharlyFoxtrot]

I was, rather, replying specifically to GGP's claim that Apple is morally in the right to forcibly prevent third-party development for its platform if it competes with its own services.

I see. That's just Apple's philosophy: the iphone isn't hard- or software to them but a combination of both plus the way the user interacts with its basic functions. You may think it's bullshit but as Kaspersky himself points out there are plenty of people out there willing to sell you a device with a different philosophy. I don't know why people have such a sense of entitlement when it comes to iPhone development. Just move to a different platform, enjoy that luxury that wasn't there for such a long time on the desktop (and even in the mobile space until very recently.)

Re:No shock

[jedidiah]

There's a bit of a difference between having money and being willing to p*ss it away all over the place.

The latter tends to interfere with the former.

Re:No shock

[DaveGod]

But with ACTIVELY suppressing competition, aren't they removing that choice, and hence opening themselves up to liability (Since you had no choice in the first place)?

No, they aren't. You do not assume responsibility for anything just because someone would like you to do something and you choose not to. Apple would have to deliberately or at least constructively assume responsibility for the data. It's plausable a class-action could attempt to claim the product failed to deliver on features the consumer reasonably expected, but there will be a licence agreement taking care of that and anyway at most this is a refund not damages.

Not that it matters, but there is ample choice: non-Apple systems are available on non-Apple phones, or don't use a phone for such purposes.

No I'm not a lawyer either, but this is slashdot/the internet where actual expertise is not required/actively discouraged when speaking as if with authority. The important thing is to come across as authoritative whilst saying something the reader agrees with.

Re:No shock

[Lunix+Nutcase]

There's a bit of a difference between having money and being willing to p*ss it away all over the place.

Maybe, but if you consider 100 dollars a year to be a "steep expense" when you are paying upwards of 800 dollars a year for voice and data service, then your priorities are clearly out of whack.

Re:No shock

[magus_melchior]

IANAL myself, but I can imagine a lawyer smelling a Sherman Act case here. I don't know if that would fly nowadays, since Microsoft got out of their case with a slap on the wrist with a Nerf bat.

Re:No shock

[PPH]

(Since you had no choice in the first place)?

Android?

Re:No shock

[exomondo]

Why would MS allow someone to create and market direct competition for it's own internet browser? Because it's healthy competition, and it's only illegal to prevent that if you're big enough be considered a monopoly, this doesn't mean the practise isn't detrimental to the end user and still bullshit to begin with because if the Apple was considered a monopoly with the iPhone then this exact same behavior would be illegal, but currently Apple is too small for that.

We already have something like that

[BulletMagnet]

Good Mobile Messaging will do what Kaspersky's trying to do - control the handsets on an administrative level. You lose your iPhone? Administrator remotely wipes your unit.

Mind you, I don't have nor want one of these toys, but it works great across our WinMo and Android fleet...

Re:We already have something like that

[strikeleader]

I did not think know you could remotely wipe a Droid. How do you get the finder to say OK when the phone ask to be wiped?

Re:We already have something like that

[tftp]

How do you get the finder to say OK when the phone ask to be wiped?

Create a dialog with two buttons, "YES" and "NO". Wipe the phone regardless of which button is clicked :-)

Re:We already have something like that

[mjwx]

Good Mobile Messaging will do what Kaspersky's trying to do - control the handsets on an administrative level.

And Apple can not allow anyone else to be able to do that. Remember the marketing, it's not "your Iphone" it's "your Apple Iphone", just so you remember who really owns it.

it wants to control everything

[HalAtWork]

"it wants to control everything"

...which is one way of preventing malware, it's working pretty well so far for that platform.

Re:it wants to control everything

[srussia]

"it wants to control everything"

So does Microsoft...

...which is one way of preventing malware, it's working pretty well so far for that platform.

Mmmkay...

Re:it wants to control everything

and when shoe finally drops and self-propogating malware is loose on the iphone network (and it WILL happen) Apple will be screwed. Apple's unproven anti-malware software, whatever it is, has hardly received the stress-testing that Kaspersky has.

Re:it wants to control everything

[prockcore]

.which is one way of preventing malware, it's working pretty well so far for that platform.

Depends on your definition of malware. Spyware is rife on the app store. Pinch Media's analytics tracking is all over the app store.. more than 30 million downloads contained their tracking software... at least according to Pinch Media itself.

Here is everything that apps with pinch media analytics are sending to them:

Your iPhones unique ID, iPhone model and OS version, application info, whether or not the iphone is jailbroken, whether or not the application is pirated, time & date you start and stop the application, your current latitude & longitude, and if facebook is installed on your iphone, your gender and birthday.

Re:it wants to control everything

[Mister+Whirly]

Another would be to allow no software at all to run at all on the device. 100% security from malware. Of course functionality may suffer some...

Re:it wants to control everything

[Infonaut]

So does Microsoft...

Not really. Microsoft in the early days turned a blind eye to rampant piracy of its software in order to gain marketshare. The entire Microsoft model of creating software than runs on everyone else's hardware is not about control, it's about network effects.

Microsoft obviously has bullied hardware OEMs and other companies, engaged in FUD, and so on. But from its sloppy user experience to its "slap this OS on any hardware you can" mentality, Microsoft's idea of control is not the same as Apple's.

Re:it wants to control everything

[exomondo]

So does Microsoft...

How so? Im sure they would like to control which, say browser, runs on their system, but they aren't legally allowed to.

Re:it wants to control everything

Yeah, apple rules! it even has web-filters in place to prevent you from entering any malicious web page!! :)

Wrong way of behaving

[clone53421]

I don't want to say Apple's is the wrong way of behaving

Well, I do. It’s the wrong way of behaving.

Re:Wrong way of behaving

[Locke2005]

When ever my daughter acts like an apple, I tell her, "You're behaving the wrong way! And I'm am NOT Newton!"

Re:Wrong way of behaving

Careful... Apple might sue you for using their name to refer to anything other than Apple Inc.

Re:Wrong way of behaving

No, you misunderstood; he was referring to the grammatical incorrectness of the sentence.

Re:Wrong way of behaving

[dangitman]

Is her name Lisa?

Re:Wrong way of behaving

[Locke2005]

No, her name is iBook... why do you ask?

"Kernel docs", not just a normal SDK?

[Securityemo]

I'm not familiar with mac development, but the "SDK" in question would basically be kernel internal functions docs/unreleased API docs, yes? There may be other reasons besides appstore control freakery that they don't want to release and/or license that out? And even if Kaspersky would reverse-engineer the necessary parts of the kernel, which they obviously could (and their employees probably already partially have, unofficially) they would be sued to hell and back if they used that data in a product (which would be obvious, since there's no other way besides the official channels to get at it)?

until tethering

[Mekkah]

It is almost zero until they enable tethering.

Oh wait, that won't happen either.

*returns ipad

Just say "no".

[argent]

The antivirus companies have been pushing antivirus software for handheld devices since 1999.

In the succeeding decade... so far as I'm aware... the damage caused by viruses on handhelds, ALL handhelds, has been less than the damage due to one false positive incident caused by Norton Antivirus shortly after the pointless hubbub over the Palm "Phage" malware.

Antivirus software for handhelds... just say "no".

Re:Just say "no".

[spottedkangaroo]

False positives suck. Antivirus software is also virtually useless for all but the very oldest viruses. I went through a long process of reporting a virus going to my customers several times per minute. It took 6 months to get the big three I wanted to list the virus to actually list it. 6 months.

This whole signature based BS has got to stop. Frequent false positives (and they happen all the time) aren't even the worst thing about this "technology."

niche player

Niche players to don't sell 50 million+ handsets... I think Apple will continue to do just fine with the closed and controlled approach.

No sh1t statement of the day

Kaspersky added. "It's just a corporate culture — it wants to control everything".

Probably not anti-security as much as SOP

[DarkkOne]

My guess it's the simple fact that one program still can't really interact with another program's data.

The likelihood of Apple ever really changing this is probably next to zero, and it's the main reason I have no interest in the iPhone. What use is a computer in my pocket when I either need to use one program that is complex enough to handle every task I could possible need, or I need to make my tasks so simple that no data need ever be shared between two tools?

butthurt

[stokessd]

It appears that Kaspersky is butthurt because it sees a potential market for more crap we don't need and the controllers of that market don't want, and have the ability to lock them out of that market.

From Apple's point of view, they have remote wipe on both the corporate and personal levels already. And having somebody inside your shorts providing duplicate functionality is fail from top to bottom. I'm surprised that apple even answered the phone when they saw who was calling.

Also Kaspersky can have the SDK anytime they want, it's free. They will have to pay $99 to actually deploy the apps though. What they want is a super special "inside your shorts" SDK that I'd bet isn't coming anytime soon.

Sheldon

Actually, I'm undecided on this.

[DdJ]

I'm undecided on whether this particular behavior on Apple's part is a bad thing (as opposed to other cases, like the Google Voice one, where I'm sure it's a bad thing, and the Opera Mini one, where I'm at least leaning that way).

On desktops, it seems to me that various web ads or email messages encouraging users to install some third-party "security tool" are a major infection vector for malware/spyware. Many, many of the sorts of people who buy Apple products -- and I say this as an Apple user myself -- are... not the sorts of people who routinely make informed decisions about computer security.

Certainly, if third parties are permitted to sell iPhone security software, one might reasonably want them to be subject to considerably more oversight than other software, because of the potential for damage. Again, not because the software is "magic" or other software can't behave badly, but because of the particular ways most real-world users brains just shut down when dealing with security issues. Most people really don't have the mindset for this stuff.

Re:Actually, I'm undecided on this.

[fermion]

On the PC virus scanning software has become a primary problem. It is a problem that PC users must tolerate because of the virus problem on PC. An PC with virus scanning software is only slightly more usable than an infected PC. This is why few people have such software on the Mac, even though there is an equally serious threat.

Spyware and port monitoring software is something different. Programs like Spybot and the like can be implemented without seriously degrading the user experience. My question is if people who load programs on their iPhone have a understand and have real issues with the information exchanged with the vendor. It is like Facebook and Google. Many would agree that the amount of information both have is dangerous, but most seen to have no issue with it.

A solution looking for a problem?

[aristotle-dude]

The iPhone3GS already has built in hardware level encryption of the entire storage device. It also has BSD jails for apps to run inside of and there is the Appstore approval process.

This "software" could not be ordinary software but would rather require Apple opening up the OS to third party extensions which ran at a privileged level above the sandboxes. I just don't see that every happening for a couple of reasons.

1. The Kaspersky software itself could have exploitable flaws and given that it would be running at a higher privilege level than regular apps, that opens up a new attack vector for web based exploits to use.

2. Such software would potentially slow the OS down and cause a significant battery drain for no real gain of protection.

Much has been made about FUD articles that say that other apps can access contacts without asking for permission. No shit sherlock. That is a "feature" of the official API and the app approval process is supposed to ferret out nefarious uses of contact lists. I would hate to see UAC style boxes for apps each time I wanted to see a contact list in a third party app.

Jonathan Schwartz's fake career white wash

[stock]

On Tom's hardware Jonathan Ian Schwartz gets a career whitewash job.
After Scott McNeally got booted out of Sun's through Steve Ballmer's $ 2 billion
"rescue" job to keep Sun running, which effectively shut McNeally up from
all hostile keynote speech comments about Microsoft, its now Jonathan Schwartz
who gets his hair greased big time at tomshardware.com :

http://www.tomshardware.com/news/Steve-Jobs-Jonathan-Schwartz-Sun,9844.html

Reportedly it was Schwartz who co-founded [b]Lighthouse Design Ltd.[/b] in 1989 and
therefor has supplied Steve Jobs his NeXtStep Software. This sounds rather far-fetched
to me as at the time when Schwartz joined Sun Microsystems nothing of this was mentioned.

Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist

3mod dowN

beZ fun. It used

good riddance

[roman_mir]

'I don't want to say Apple's is the wrong way of behaving, or the right way,' Kaspersky added. 'It's just a corporate culture -- it wants to control everything.'"

- look who is talking. A guy, whose entire success (his and the wife's) is based on pretty much a monopoly set up in Russia and the rest of the former Soviet block by Microsoft.

Re:Good riddance

[Winn+Schwartau]

Done correctly, there is NO rubbish on your smartphone. We took an entirely new approach. And it's Apple approved. www.MobileActiveDefense.Com But it's much more than just about viruses. It's about hostile code and compromising networks (non compliant access), creating new bots and being ready for the next mobile OS that will be even MORE like a PC in a pocket.

While we're at it ....

[King_TJ]

I'd like to add that Kaspersky's worthless method of validating their desktop PC client's anti-virus subscription's expiry date is "the wrong way of behaving" too!
We have their corporate AV product where I work, and every few weeks, I get a phone call from at least someone who says their anti-virus stopped updating, and keeps popping up a warning about "black.lst" being missing or corrupt. I wind up forcing a manual refresh from the server console and eventually, it realizes it IS still a legally licensed copy and starts working again.

Nice way to treat your paying customers .... make the product randomly quit on you (with an error message that doesn't at all explain what's really going on, no less).

Waiting for multitasking

[noidentity]

Apple is probably waiting until they implement multitasking in the next OS, so that they can have Kaspersky's software constantly running in the background constantly using 50% of the CPU to block malware.

Re:Waiting for multitasking

[aristotle-dude]

Apple is probably waiting until they implement multitasking in the next OS, so that they can have Kaspersky's software constantly running in the background constantly using 50% of the CPU to block malware.

No, see this AC's post for why it will never happen:

http://apple.slashdot.org/comments.pl?sid=1579552&cid=31446920

Opening things up for Kaspersky would cause a need for their software but the current state of lock down means that there is no need for their software on the iPhone platform. I don't want to see kernel level access for third party developers on the iPhone ever.

Re:Waiting for multitasking

[noidentity]

Thanks for the link to that post. I love the catch-22 nature of it. "We can't make our protection software work unless you unprotect large portions of the iPhone, thereby exposing it and thus needing protection." Next they'll be accusing Apple of monopoly practices by making the iPhone OS secure.

Not necessarily "corporate culture"

[jemenake]

Kaspersky ascribes it to Apple wanting to "control everything", but Apple already doesn't mind turning over control of about 100,000 apps to other developers already.

I think it's something else. Well, two things, actually:

First, I think that Apple wants to keep the word "virus" and the word "iPhone" from being any more linked in the consumer's mind than they have to be. If a range of anti-virus tools becomes available for the iPhone, then it implicitly says that viruses are something you need to be concerned about if you purchase an iPhone. For example, imagine you went to a singles bar and, right at the door, there were a bunch of dispensers doling out free condoms. That suddenly changes what you think about the moral fortitude of the individuals found within, as well as their venereal state.

Secondly, if anti-virus apps are available for the iPhone, then that adds a layer of protection for people who get their apps from less-reputable sources. I'm speaking, of course, about Cydia and the whole jailbreaking scene. I can only speak for myself, but I can tell you that the primary reason I haven't jailbroken my iPhone and availed myself of all of the Cydia apps is because I can't be assured of their source and that they don't have some "new special ingredient" added by the packager. The money I pay to Apple's app-store is paying for Apple to vet the apps I'm downloading.

Anti-virus tools for the iPhone would tend to "level the playing field", as it were, between the security of using legitimate apps versus using Cydia apps.

Wipe Your Stolen iPhone with Exchange 07

[aulimbaugh]

If you're running your iPhone mail with Exchange 2007 on the backend - you can wipe your device if you ever lose it via OWA. Just log in, click on Options, then Mobile Devices on the left side and select "Wipe All Data From Device..." in the main window. Don't worry about testing it - I already did that for y'all a few months ago. Yup, it works.

Yes, Virginia, there IS iPhone Security.

[Winn+Schwartau]

Kaspersky is running into trouble for all sorts of reasons, especially taking a traditional, load up the endpoint with tons of processes and overhead. There is one Apple approved iPhone security product. Just announced a couple of days ago. www.MobileActiveDefense.Com Truth in Advertising: M.A.D. is so good, cool, etc. etc. I signed on as Chairman of the company. First product in 16 years.

Good riddance

[gilesjuk]

I don't want rubbish anti-virus software on a smartphone. They cripple the performance of the device.

I don't care if I get a virus on my phone, I can restore it back to a backup easily. It's not like I'm going to loose valuable work.

KGB in Apple Store

[oleop]

Is this the dude who said: "Everyone should and must have an identification, or internet passport,"??? Apple, keep him out of your store.

This is precisely the case

This "software" could not be ordinary software but would rather require Apple opening up the OS to third party extensions which ran at a privileged level above the sandboxes.

In addition, they would want access to other things, if they were to implement their full suite:

        http://usa.kaspersky.com/products_services/mobile-security.php

Anti-Theft Protection:Remotely block access to your phone if it is lost or stolen

Requires access to the (separate) baseband firmware: enables malware using the same interfaces

Privacy Protection: Control what others can see and access when they pick up your phone

Requires access to override UI implementation classes, notification services, enables rootkits

Privacy Protection: Keep designated incoming calls and SMS texts completely hidden until you're ready to view them

Requires access to override connection between application processor and baseband, requires access to baseband firmware, enables rootkits

Privacy Protection: Activate "Private" mode manually, automatically or remotely

Requires background application: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets

Anti-Malware Protection: Control who you'll accept calls and SMS texts from

Requires access to baseband firmware: enables malware using the same interfaces

Anti-Malware Protection: Block unwanted calls and texts from unknown numbers

Requires access to baseband firmware: enables malware using the same interfaces

Anti-Malware Protection: Real-time scanning and advanced firewall for 24/7 protection

Requires background application, access to kernel firmware: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets

Advanced Data Encryption: Prevent unauthorized access to your sensitive or confidential files; Password-protect and encrypt multiple folders

Requires access to kernel firmware: interposes storage management; adds overhead; reduces battery life; consumes thermal budget; enables malware using the same interfaces; enables rootkits

Parental Controls for your child's phone: Block outgoing calls or SMS texts to undesirable numbers, including premium rate services

Requires access to override connection between application processor and baseband, requires access to baseband firmware, enables rootkits

Parental Controls for your child's phone: GPS Find and Google Maps allow you to find your child anytime, day or night

Requires background application: reduces battery life; consumes thermal budget; consumes bandwidth; triggers data roaming; enables botnets ...Thanks for playing, Kaspersky!

-AC

Break the wall for the security expert to fix?

[bonelyfish]

Unless you are jailbroken, what's the point of security software? There is one source of infection: App store. However all apps are screened down to source code level. Malware-free is an one of the important user experience. Giving out security SDK only benefit security software vendors in creating a new market but in return it is impossible to protect from SDK leaking out to hacker who will have more information on vulnerabilities. Maybe we can argue that malware can break into iPhone from outside. But firstly it is mostly through buffer overflow which require good understanding of the non-Intel-based iPhone processor. More importantly the limitation on multi-tasking prohibited virus to spread inside the phone. So, only very sophisticated malware can spread and the odd is very very small.

Mod AC up

[aristotle-dude]

He or she knows their stuff and highlighted all of the major issues an API for software like Kaspersky would create for the iPhone OS.

Allowing their software on the iPhone would require destroying the existing security model and it opens up vectors for malware/trojan horses to install at the same privilege level where your iPhone could become a node o a botnet.

Fail

Microsoft doesn't control everything on its platforms. It wants to, but it doesn't.