Slashdot Mirror
How Apple's iOS Went From Insecure To Most Secure
GMGruman writes "There's no such thing as a perfectly secure operating system, but security experts agree — somewhat grudgingly in some cases — that iOS, Apple's mobile operating system, is the most secure commercial OS today, mobile or desktop. It didn't start that way of course, and Robert Lemos explains what Apple did to go from insecure to most secure."
Wait... aren't we talking about the same iOS that gets jailbroken like clockwork still?
An ultimately secure OS would be the one that does not do anything at all. No inputs and no outputs. Perhaps iOS is closer to that ideal than any other.
So much mobile fanboy trollbait on the 'dot this morning.
Don't blame me, I voted for Baltar.
Most Secure? And the security is in the App Store? I don't know why the author's trying so hard to bullshit his way through. Sensationalist headlines just to get a few more ad impressions, eh.
A casual stroll through the lunatic asylum shows that faith does not prove anything.
1. Forbid legitimate purchasers and owners of the device from doing ANYTHING you don't homogenize, pre-approve, pre-chew, and charge for.
2. Apply Steve Jobs pixie dust.
3. Profit.
Sent from your iPhone.
http://arstechnica.com/security/news/2011/03/pwn2own-day-2-iphone-blackberry-beaten-chrome-firefox-no-shows.ars
[url=http://en.wikipedia.org/wiki/Argument_from_authority]Argument from Authority[/url] is a fallacy of defective induction, where it is argued that a statement is correct because the statement is made by a person or source that is commonly regarded as authoritative.
1. Source A says that p is true.
2. Source A is authoritative.
3. Therefore, p is true.
-----
1. "Security experts" says that "iOS, Apple's mobile operating system, is the most secure commercial OS today"
2. "Security experts" are authoritative.
3. Therefore, "iOS, Apple's mobile operating system, is the most secure commercial OS today" is true.
-----
Note: This doesn't mean that iOS isn't the most secure commercial OS today; it might be. It just means that the article is trying to an argument made of 100% pure USDA Grade A Bovine Excrement in order to show it.
Either this is a blob of useless marketing-speak and BS (dnrtfa), OpenBSD and SELinux aren't considered "commercial" for the purposes of the article, or this is a really sad commentary on the state of commercial software.
I figure it's just a matter of time before someone finds a way to exploit Mobile Safari or the web-view API, in whatever version of iOS is considered current, for the purposes of malware installation or remote control, assuming that hasn't already been done.
prisoner in solitary confinement
Any expert that holds a grudge like that is no expert I ever care to hear from.
"In America, first you get the sugar, then you get the power, then you get the women..." -H. Simpson
Apple is going after the market of users who are sick of dealing with security issues/malware/etc. They've done it by created a closed system. And while us geeks hate that, it has a strong appeal to most people. When they go to a closed system on Mac's (and they will), that's who they're going to be appealing to. "Buy a computer where all your software is pre-screened through our App Store and you don't have to worry about viruses" is a powerful (and potentially very profitable) message in a time when malware and assorted hacks have become so common.
SJW: Someone who has run out of real oppression, and has to fake it.
I'm less likely to tolerate security risks on a phone...a device I have with me at all times...that I want to use without thinking that much.
I'm willing to put more resources into my PC/Mac to keep it up and running and secure.
My God can beat up your God. Just kidding...don't take offense. I know there's no God.
More people need to pay attention to http://slashdot.org/firehose.pl and mod stories like this into oblivion.
Learning HOW to think is more important than learning WHAT to think.
The less an OS does the more secure it is. Of course I have a few helpful tips to make iOS even more secure.
1) Remove ability to launch apps
2) Remove the networking stack
3) Remove the battery
Success! Your iBrick is now ready for that bus ride to work, or that mochachinno down at Starbucks.
The MOST secure mobile "operating system" is a phone that's turned off as it's extremely challenging to crack into something that's not running. From there, in general, the less restrictions on the technology, the less secure and more functional the technology becomes. iOS owes a good deal of its "security" to the fact that it is such a controlled platform, but this comes with the disadvantage of being more limited. the result of this is saying that iOS is the "most secure" mobile os, even if true, is an apples to oranges comparison with less restrictive OSes.
Could we stop with the Apple shashvertisements, or at least label them as such? Thanks.
Great. A sandboxed environment with limited functionality and a vendor stranglehold on apps is "more secure" than a fully functional PC OS where the use can run any app (or even another OS) that they desire.
Big fricking whoop.
That's like saying that a car that spent the entirety of it's life parked in a little old lady's garage was safer to drive than another car that has spent the last 10-15 years as someone's daily driver.
Chas - The one, the only.
THANK GOD!!!
iOS 4 [8], the latest version of iOS, includes ASLR, DEP, a sandbox, and code signing
Having never used IOS long enough to compare with other systems, it might impress on the phone front, but I am unconvinced its really competing against the Desktop. In fact, its an apples and oranges comparison anyway.
Firstly, having read the article - its incredibly lacking in exposure to many operating systems. After this, the technologies quoted are all available in most modern distros of Linux, plus more including resource limitations to prevent abusing memory or CPU and mandatory access control mechanisms.
From a security perspective seeing as with a smart phone you are carrying your online persona outside with you its at much greater risk of data theft than with a fixed desktop.
Why grudgingly? It either is or it isn't. If you have to begrudge the truth, go find something else to do.
Sensationalist, baseless claim? Check.
Short article "sourced" entirely off in-house artices? Check.
Forces to use print version to avoid ad overload? Check.
Yep, it's InfoWorld alright.
Let me save you 5 minutes of your time. This bit from TFA is really all there is to it:
The security is in the app store.
It's not surprising, then, that security professionals pointed not to Apple's design but to the company's gated App Store [11] and its required code review before publishing as a major security advantage. "The closed ecosystem makes the model pretty safe," says Trend Micro's Genes. "It is not because the iOS is completely safe. From a system design standpoint, Android is safer."
Are iOS devices equipped with an unbreakable "restore from ROM and only install cryptographically signed patches" functionality, like the Google Chromebook are?
I like the idea that apps should only be installable from the AppStore (makes it easy to pull the plug on rogue apps) but there *are* going to be exploits.
The only foolproof method for an OS is, upon reboot, to check (from ROM) if the OS has been tampered and, if needed, to re-install itself from ROM. Then to look for cryptographically signed critical updates.
That plus an AppStore would certainly be more problematic to own than Windows XP ; )
Although iOS has a lot of security going on underneath the hood, its safety could be due in large part to the fact that attackers have not focused on compromising the devices because there is no economic incentive to attack them, says Lookout's Mahaffey.
Really? No economic incentive?
Unlike PCs and Macs, every cell phone is directly associated with a credit card. Essentially a cell phone IS money. Bad actors can - and do - monetize this with malware that places calls to sketchy and high-cost phone numbers, or send texts to subscribe to "information services," resulting in (fraudulent) charges showing up each month. And good luck trying to dispute charges with your cellular provider on those. They will just tell you that their hands are tied by federal law and that they can't help you, but nonetheless will turn around and threaten you with collection if you don't pay.
There's definitely economic incentive to attack mobile phones.
Hey, Windows users, there is no such thing as "forward" slash, there is only slash and backslash.
OpenBSD has been at it a lot longer. Even as a Linux Zealot, I would choose OpenBSD for security. IOS is a closed Black-Box that nobody but Stevie knows what's inside. Historically we tend to find *cough*siemens*cough* that closed source, proprietary *cough*secureid*cough* offerings do not necessarily equate to a trustworthy or "secure" system. What seems to happen is closed source options provide a layer of obscurity which allow the governing company *cough*dropbox*cough* to take inexcusable risks with customers assets because, basically, they don't need to show anybody. As long as they never get caught, they save a lot of money not having to implement a system to keep them honest.
Join the Slashcott! Feb 10 thru Feb 17!
I think apple iOS is the most secure (tehehe) because of all the people searching for flaws to Jailbreak it with. Its like free security testing.
Read an apple fanboi's distorted view of the world. Period.
As we speak comments from the Apple Lovers and Haters are filling up comment sections everywhere. Also bloggers are coming up with more flametastic headlines to lure your eyeball to their website.
Enjoy it while you can since it lasts... well... Never mind it's a regular occurrence here on Slashdot :P
These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
Any OS will be more secure simply by virtue of locking it down that much more, thus restricting the people who use it to do less with it.
Gentoo Linux - another day, another USE flag.
What about openbsd.org? I thought they were supposed to be the security king.
I am not a person who breaks laws (well, I may speed a little), but I will never buy a product from a company that keeps a log of my phone calls on the product and doesn't openly warn me about it. That got hacked and yet Apple is the most secure??? Most secure what? Most secure company whose name begins with "Apple"? (There are obviously companies whose names begin with "Appl" that are more secure.)
Yea, so the logs are encrypted and hidden now. How long till the Nazi SS regime we live under starts routinely collecting iDevices to get the iPhone iLogs off of iThem, at gunpoint and without a warrent, and Apple graciously rolls over and gives them the keys without a legal reason like ATT did with the internet backbone tap?
http://miami.cbslocal.com/2011/06/07/witness-claims-police-tried-to-destroy-sobe-shooting-video/
Let them believe this and become complacent with it is all i can say.
Feeling secure in the knowledge that Apple always knows where I am, even when I don't. But then so does Google, nice.
InfoWorld is offline, for "scheduled maintenance"... right
Until the entire iPhone or iPod Touch is by default fully encrypted based upon the user-supplied key so that an application as DiskAid can't bypass the lock screen, then iPhone security is only epsilon better than nothing.
And don't get me started on the limitations on the escrow keybag, vis a vis law enforcement, Apple corporate, and third party access. And of course closed source means that the security is faulty from the original specification to each and every implementation.
Somehow I think Theo will disagree with this article, though Netcraft confirms he is dead.
It updates without asking people.. it disables things without asking people... certain types of useful software are internally prevented from ever running on it.. it steals information about me - such as my geographical location and uploads it to a server without me asking.. it won't work unless it has my credit card number..
if a hacker did that to my laptop, I'd hunt him down and punch his fucking head in.
I wrote my first program at the age of six, and I still can't work out how this website works.
If you need address space randomization, you're already broken. It just makes the dumber stack overflow exploits crash more.
The real question is "how much can an application do?". You have to assume that applications are hostile. Some of them will be. Some of them will have back doors. Some of them will have adware, spyware, remote updating, and similar attack vectors.
You need an OS that can reliably say no to an application. Apparently by "sandbox" the original author means "protected-mode operating system". Actually, what Apple does is to limit the privileges of each application when they sign it.
Apple's real security measure is developer intimidation. Because Apple can at will kick applications off the platform, smaller developers live in fear of being caught with a security hole.
Apple always knows where you are and what you are doing?
Just because you are wrong and I called you out on it doesn't mean I am a Troll.
Data sent to/from iCloud is encrypted, but data is not stored encrypted in the iCloud. That leaves consumer data open via hacking and social engineering of Apple targets.
Blackberry OS is the only secure mobile OS
Snowden and Manning are heroes.
...some of these /. headlines only make it through the firehose so that we can all get a good laugh out of them? Also, "security experts agree" needs a big fat [citation needed]. TFA got like 2 or 3 "experts" that didn't even strongly agree with their conclusions.
FTA: By comparison, Mac OS X has limited application-dependent sandboxing and no code signing, and it only partially implements ASLR.
I was under the impression OS X has had code signing since Leopard, though it's voluntary and not heavily adopted by third parties so far from the looks of it. Also, I noticed a slide in the WWDC 2011 keynote where application sandboxing was listed as a feature of Lion.
Wow, all of a suddent iOS is the best of the best.... "There are no PCs, only devices." (thus spake Mr. Jobs) -- and they all run iOS, or will do so. And they all will be connected to the iCloud and all user data is will belong to Apple (pun intended). And whatever reaches the Device will be subject to the Apple tax (30%). If only iCould believe the future is that. Did I hear the word "monopoly"? No? Nobody? Ok, sold.
See subject-line!
APK
P.S.=> However, to get "on topic"? I don't like the whole "phone style shell/user interface" for a PC - for a mobile phone though?? Sure, makes sense (limited screen real estate)...
FOR EXAMPLE?
Well - I don't like the "looks" of Windows 8 for instance, I really don't (& I am a HUGE "Windows fan" here).
Out of me? This is going to sound "weird" though, but... I hope Apple doesn't go "in that direction" though, because I have to admit:
MacOS X has the slickest shell/user interface there is, very attractive & useable. I have to "give it that", as it's only truth (as I see it @ least).
Perhaps, & I've been reading this idea here too from others here, & that's the "why" of WHY I do forums? Different outlooks/ideas!
So, that said??
Perhaps Apple KNOWS that MacDefender's only a "portent of things to come" really, & their whole T.V. ad campaigns were truckloads of bullshit really (ala e.g. their implications of "PC's are virus-ridden horrors, Macs are NOT" crap)... perhaps it's as folks here have been insinuating & stating:
Apple knows they're going to be exposed as NOT "totally secure" now that they have more market share, & thus, being attacked/abused more because of it!
(This much I DO know about - that malware makers for the last decade? Not your "Daddy's Oldsmobile" variety of the 80's & 90's, out to just raise hell - they want YOUR MONEY or DATA!)
Perhaps Apple's trying to "prime the market" for a better, more secured design, but I'd wager it's one that will probably do less (or @ least, less locally, & more "in the cloud" perhaps (didn't read the article, so pardon me here on that account if that's been shown already guys))... apk
One of the worst attempts at a manipulative article I've seen in a while. From TFA:
"A sandbox isolates programs, and iOS's memory organization makes exploitation more difficult.
Applications that run on the iOS are vetted by Apple and can be removed if found to be malicious.
Patches can be quickly applied to the iPhone and iPad to close security holes in the operating system.
The software is regularly reviewed, especially its open source components.
The platform has the advantage of attacker psychology -- attackers still target smartphones far less than desktop systems."
Point 1: Valid. Sandboxing apps good. Only valid security point
Point 2: Apps are vetted and can be removed by apple if malicious. Which means, you can install malicious apps but when we find out they're bad we will be nice and remove them for you. Oh great, because by that point all my user data is exposed already. Reacting to a vulnerability is a given, as is vetting code on your platform; a 'secure by design' o/s wouldn't require this reactionary approach
Point 3: Patches can be applied. What??? Of course if the o/s is so secure we will never need to send you patches, but just in case - here's a patch for the most recent jailbreak. Sending patches out regularly is good, but again is a reactionary approach, TFA makes these features which every other o/s does, has done for decades, out to be a unique apple specific security feature. "like, service packs are so 1999...."
Point 4: We review some code, but mostly the stuff written by the million or so higher apes who triple check all their commits and get it peer reviewed by the other apes; we don't bother checking our code so much as were all too busy playing angry birds. Puhlease (apologies)
Point 5: And the most contentious. We won't get hacked, because were obscure! As much as I appreciate your fortune telling predictions of your own future popularity apple, this is a form of security be obscurity. You have been hacked, you will be hacked, you will contintue to be hacked. As soon as there is a larger financial incentive for organised crime to target your platform there will be a slew of issues heading your way. c.f. NFC, and I expect lulz or anon will be targeting iTunes soon after they've done pulling sony's pants down
Love,
Anonymous Coward
Sent from my iPhone.
Perfect example of the ignorance of the author: he writes that the BlackBerry OS doesn't use DEP and ASLR. For fuck's sake, it's a Java phone, these don't even make sense in that context!
"Politicians and diapers must be changed often, and for the same reason."
How many minutes did the Mac stuff last? But 'less secure' platforms lasted longer - that's strange.....hmmm, let me think!
I guess for a very specific value of 'secure' (where 'secure' = 'can be compromised by a stoned chimpanzee'), then yes iOS is the most secure platform. I wonder whether this definition is in the official Cupertino data dictionary?
And pigs do fly....
being able to pull software isn't what I call secure, the damage has already been done.. Nah, this is just some fanboy BS article...
To be precise the Mac OS X kernel is XNU, it consists of Mach, BSD and I/O-Kit.
XNU is not based on the FreeBSD kernel, XNU does however contain some FreeBSD code (network stack, FS, etc.).
Sigh... but... uh....
Sigh...
Why is that after more than a decade of fine tuning my âoeI bet that article is gonna suckâ heuristics I still get sucked in by these things? Is it like a car wreck in that you just have to look?
No infoworld is absolutely right, the java code on android is not surrounded by a mechanism to randomize the addresses of key functions and/or data. And I guess it doesn't use the MMU to avoid the execution of stuff in pages marked as data either. Hell I bet there is even more clever âoe90% assedâ* buffer overflow counter measures that are not preventing the java bytecode from jumping to plain machine code shell code or using address cleverness to overwrite data structures that are key to program execution.
Also iPhones, like game consoles, have had code signing allowing only a single publisher from the start. Thats the whole point of jailbreaking. Also âoehavingâ DEP is like âoehavingâ seatbelts, they are no good if you keep a bunch of them in your trunk for marketing reasons. What matters is how much code, really how many data structures are covered by DEP. Also because of the open-source bits Apple bugs are found fast, but android patches are slow... because its open source. The argument is that the patches come from open-source developers and well apparently nobody at google knows C or something.
And a quote about how the android over the air updates are faster than itunes + cable + internet updates goes here asif its totally irrelevant to the previous discussion of âoepatching speedâ.
*) âoe90% assedâ as in âoequite a bit better than half assed but not yet fully assed eitherâ Considering how much medical data is kept in computers and how many worms there are out there ASLR has by now probably saved a life somewhere. That is just pathetically sad considering humanity has known about buffer overflows for, what, three decades now and god know how many compiler and OS versions.