Slashdot Mirror

← Back to Stories (view on slashdot.org)

Advertising Malware Affects Non-Jailbroken iOS Devices

Posted by Soulskill on from the there's-an-app-for-that dept.

An anonymous reader writes: Malware called YiSpecter is infecting iOS devices belonging to Chinese and Taiwanese users, and is the first piece of malware that successfully targets both jailbroken and non-jailbroken devices, Palo Alto Networks researchers warn. What's more, the techniques it uses for hiding are making it difficult to squash the infection. YiSpecter's malicious apps were signed with three iOS enterprise certificates issued by Apple so that they can be installed as enterprise apps on non-jailbroken iOS devices via in-house distribution. Through this kind of distribution, an iOS app can bypass Apple's strict code review procedures and can invoke iOS private APIs to perform sensitive operations.

69 comments

  1. Opening Ceremonies by eedwardsjr · · Score: 2, Insightful

    Let the griping begin. Queue the fanboys from both sides.

    1. Re:Opening Ceremonies by Anonymous Coward · · Score: 0

      You mean from three sides.You forgot Winduhs.Also, fanboys are for crows.Crows cawwww!!cawwwwww!!cawwwww crows cawwww!!!you all fanboy crows.

    2. Re:Opening Ceremonies by Anonymous Coward · · Score: 1

      Also, cue the drooling morons who don't know the difference between "queue" and "cue."

    3. Re:Opening Ceremonies by amicusNYCL · · Score: 0

      How about this: the next time there's an article where advertisers or so-called "content providers" bitch and moan about people blocking ads, we can use this story as more evidence to show that malware authors are the colleagues of advertisers. Advertisers might not like that fact, but it's a fact. Ad blocking is akin to malware blocking.

      There you go, there's the anti-advertising gripe for your "both sides".

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    4. Re:Opening Ceremonies by EXrider · · Score: 3, Interesting

      I thought the same thing, until I RTFA and realized that the attack vector (there isn't one really) wasn't through ads. You have to be tricked into installing some sketchy 3rd party Enterprise app distribution certificate before you can install the malware on your non-jailbroken device. Play stupid games, win stupid prizes.

      --
      grep -iw skynet /etc/services
    5. Re:Opening Ceremonies by Anonymous Coward · · Score: 0

      Also, cue the drooling morons who don't know the difference between "queue" and "cue."

      Well, why not have them snark at each other sequentially, one-on-one.
      The sentence makes perfect sense.

    6. Re:Opening Ceremonies by macs4all · · Score: 1

      Also, cue the drooling morons who don't know the difference between "queue" and "cue."

      Well, you can CUE someone to stand in a QUEUE; so, it is POSSIBLE that the person meant that there would be a line of posters waiting to post on the subject...

    7. Re:Opening Ceremonies by Anonymous Coward · · Score: 0

      And by making that comment, you're part of the problem. Fuckwit.

    8. Re:Opening Ceremonies by Anonymous Coward · · Score: 0

      They could be expecting the fanboys to line up.

    9. Re:Opening Ceremonies by amicusNYCL · · Score: 1

      I understand that. But what are the people who are abusing this technology doing? They're showing ads. Like any other technology that comes along, sure enough there's an advertiser trying to use it to show people stuff that they don't want to see. This is the reason why we need ad-blockers, and it's something that advertisers arguing against blocking don't seem to want to admit.

      --
      "Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
    10. Re: Opening Ceremonies by Anonymous Coward · · Score: 0

      *line up and bend over.

      There, FTFY.

    11. Re:Opening Ceremonies by BasilBrush · · Score: 1

      The sentence wouldn't be formed that way.

    12. Re:Opening Ceremonies by macs4all · · Score: 1

      The sentence wouldn't be formed that way.

      C'mon, lighten up! I mean, if a song can have the lyric "Outside in the cold distance, a wildcat did growl;" then I submit that I should be allowed the construction I used, too. Especially on the spur of the moment!

  2. Not really a flaw... by rgbscan · · Score: 5, Informative

    So this doesn't work for apps downloaded from the iOS app store. For the vulnerability to work, you first have to download and install an Enterprise certificate, then you have to download and install an infected app from a specific third party website signed with that Enterprise certificate. This isn't really a vulnerability, this is the specific application path for installing custom enterprise apps at your private business. Don't go around installing unknown junk and you'll be fine.

    1. Re: Not really a flaw... by Anonymous Coward · · Score: 1

      Where on earth did you get that idea from what GP said?

    2. Re: Not really a flaw... by Anonymous Coward · · Score: 1

      He's a troll. Everybody who argues for microsoft products on slashdot is a troll. Even if windows is miles better than Loonix or OS X "El Crapitan".

      As somebody who sees the truth, you either have to live with the extremely biased modder situation on this stupid site, or leave it forever.

    3. Re: Not really a flaw... by Anonymous Coward · · Score: 1, Insightful

      The app was "signed" and it didn't matter. Malware leaked in. Apple's method of securing appspace for the enterprise failed.

    4. Re:Not really a flaw... by Anonymous Coward · · Score: 0

      What's more, they are obviously breaking the iOS Enterprise developers TOS so Apple should be able to revoke those enterprise certs which will kill the apps. They will stop working within three days assuming that a user has connectivity at some point in that time frame.

    5. Re:Not really a flaw... by Anonymous Coward · · Score: 0

      This isn't really a vulnerability, this is the specific application path for installing custom enterprise apps at your private business. Don't go around installing unknown junk and you'll be fine.

      No this isn't a vulnerability, although it is still an issue (just not an Apple issue.)

      One method to install/use pirated apps with certain sites is the site generates an enterprise cert to install, thus letting you "side load" all apps on the site that were auto-signed with that cert.

      So you signup as a user and install their enterprise cert, and a kracker uploads a kracked app that gets signed with said cert, with which user can then install and pirate without the need to jailbreak.

      Obviously pirating is illegal and enterprise certs were never intended to be used this way, nor am I justifying/judging the users that partake in this sort of thing, I'm just attempting to explain why this seemingly non-issue affects so many people so easily.

    6. Re: Not really a flaw... by Anonymous Coward · · Score: 1

      As someone who develops iOS apps for an enterprise I agree with this. Distributing/maintaining enterprise apps for iOS is kind of painful. The things that make it painful are the things that make it safer for the end user so can't really come to this guys conclusion from the article.

    7. Re:Not really a flaw... by UnknowingFool · · Score: 1

      It is a vulnerability; it is one that may not hit everyone. It also seems to require the user interaction to actively install the malware unlike other malware which can be installed by visiting a website, etc.

      --
      Well, there's spam egg sausage and spam, that's not got much spam in it.
    8. Re: Not really a flaw... by Anonymous Coward · · Score: 0

      Uhm, waht? Their system works as good as any system does. You install a certificate from a known trusted source (like your employer, or hopefully you trust them enough to install their cert), then any apps signed by that trusted source can run. In this case, idiots are installing certs from unknown sources, and are getting unknown results.

      Film at 11.

      I could trivially reproduce the same results on Windows or Android without asking an end-user to install a certificate. How is this even news?

    9. Re: Not really a flaw... by Anonymous Coward · · Score: 0

      Apple doesn't secure the enterprise space, that responsibility falls on the enterprise.

    10. Re: Not really a flaw... by tlhIngan · · Score: 5, Informative

      Apple's method of securing appspace for the enterprise failed.

      Actually, this is by design

      One of the reasons for having the Enterprise certificate is to distribute apps without Apple approval. Because Apple can't really test, and enterprises really don't want to go through the hassle of having every line of business app approved.

      So Apple always has offered an "out" - a way to get non-Apple-approved apps onto devices. Apple calls it their Enterprise program, where you guy a $500 (yearly) certificate from Apple, and that will let you self-sign apps and install them on devices that install the appropriate provisioning file.

      So first, the provisioning file is installed (which also lets enterprises set key rules like lock screen password or PIN security and other policies). Then you can install apps signed by the same certificate.

      It's not a big surprise that malware authors would use it, but for most normal users, such certificates often come by if you want to use pirated apps (there are plenty of sites out there selling you "re-signing" services for like $25 a year - they will sign cracked apps for you to install on your device).

      In short, to install this malware - 1) You need to install the mobile provisioning certificate - a web page cannot do it, as the user must tap "OK" to actually install it. A user can list and view such provisioning certificates at will. They self-expire after a year.

      2) You need to download the affected app, that's signed with the same certificate as the provisioning file. (So one company's apps cannot be installed via some other company's certificate).

      3) The certificate hasn't been revoked.

      The enterprise system is working exactly as designed

    11. Re: Not really a flaw... by Threni · · Score: 1

      Same as Android malware then!

    12. Re: Not really a flaw... by macs4all · · Score: 2

      How is this even news?

      Because haters gotta hate, and Ol' Slashdot needs the Clicks.

      Next question?

    13. Re:Not really a flaw... by Plumpaquatsch · · Score: 1

      It is a vulnerability; it is one that may not hit everyone.

      Well, yeah. It's a vulnerability that effects all OS, because VEBTSAC.

      --
      Of course news about a fake are Fake News.
    14. Re: Not really a flaw... by Karlt1 · · Score: 2

      In short, to install this malware - 1) You need to install the mobile provisioning certificate - a web page cannot do it, as the user must tap "OK" to actually install it. A user can list and view such provisioning certificates at will. They self-expire after a year.

      It's even harder to accidentally install enterprise certificates in iOS 9.

      http://researchcenter.paloalto...

      "(As noted above, the new iOS 9 requires users to manually set related provisioning profile as trusted in Settings before they can install Enterprise provisioned apps. This new feature is also helpful for preventing some security incidents caused by abusing enterprise certificates.)"

      Any device that is compatible with iOS 8 is also compatible with iOS 9.

    15. Re:Not really a flaw... by Anubis+IV · · Score: 1

      Exactly. Apple has released an official response to the issue already as well:

      This issue only impacts users on older versions of iOS who have also downloaded malware from untrusted sources. We addressed this specific issue in iOS 8.4 and we have also blocked the identified apps that distribute this malware. We encourage customers to stay current with the latest version of iOS for the latest security updates. We also encourage them to only download from trusted sources like the App Store and pay attention to any warnings as they download apps.

      So, basically, to be impacted by this, a user would have avoided the freely available OS updates for the last four months (despite the OS prompting them to update periodically), opted-in to trusting an enterprise certificate that isn't associated with where they work (despite the OS' dire warnings about trusting enterprise certificates in general), and would have then needed to separately download the untrustworthy apps (again, despite the OS' warnings). And even if they managed to do all of that, Apple is now saving their collective butts by revoking the certs for the apps.

      It's hard to even make the case that older devices may be significantly affected by this, since the latest iOS device that can't run iOS 9 (and by extension, iOS 8.4) was released way back in late 2010.

    16. Re:Not really a flaw... by Anonymous Coward · · Score: 0

      So this doesn't work for apps downloaded from the iOS app store. For the vulnerability to work, you first have to download and install an Enterprise certificate, then you have to download and install an infected app from a specific third party website signed with that Enterprise certificate. This isn't really a vulnerability, this is the specific application path for installing custom enterprise apps at your private business. Don't go around installing unknown junk and you'll be fine.

      translation:
      "On Apple, this is not a big deal and here's some Rationalization about how it's all the User's fault. If this same exact situation was on Windows, it would be the Worst Thing in the World, and a bunch of blather about how Apple's OS would protect the User even from himself."

    17. Re:Not really a flaw... by Anonymous Coward · · Score: 0

      So this doesn't work for apps downloaded from the iOS app store. For the vulnerability to work, you first have to download and install an Enterprise certificate, then you have to download and install an infected app from a specific third party website signed with that Enterprise certificate. This isn't really a vulnerability, this is the specific application path for installing custom enterprise apps at your private business. Don't go around installing unknown junk and you'll be fine.

      translation: "On Apple, this is not a big deal and here's some Rationalization about how it's all the User's fault. If this same exact situation was on Windows, it would be the Worst Thing in the World, and a bunch of blather about how Apple's OS would protect the User even from himself."

      Could be worse, one could have an Android phone and not even be able to get recent OS updates that would stop an exploit vector.

  3. Revoke the certificate by sjbe · · Score: 4, Insightful

    YiSpecter's malicious apps were signed with three iOS enterprise certificates issued by Apple so that they can be installed as enterprise apps on non-jailbroken iOS devices via in-house distribution.

    So Apple should revoke the certificate. Why is this a problem? What makes this newsworthy? What am I missing?

    It should surprise nobody that malware makers find security holes. Apple is no exception. But the entire point of certificates is that they can be revoked in the event there is a problem. Revoke the certificate which should then disable the app. If it doesn't work this way then something is wrong and the certificate is pointless.

    1. Re:Revoke the certificate by aslagle · · Score: 4, Informative

      So Apple should revoke the certificate. Why is this a problem? What makes this newsworthy? What am I missing?

      That even though this is still just someone running an untrusted binary, let's put that it affects unjailbroken iphones so people who just read the title will be scared and move to android?

    2. Re:Revoke the certificate by BigBuckHunter · · Score: 1

      I wholeheartedly agree with the certificate revocation solution. I would take it a step further and charge penalties to the enterprises whose compromised certificate was used to sign the app. Make Beijing Yingmob Interaction Technology Co., Ltd. Pay for the mess.

      Also note that iOS 9 requires the user to authorize the installation.

    3. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      let's put that it affects unjailbroken iphones so people who just read the title will be scared and move to android?

      Oh no, these walls failed to protect us from that well-spoken pickpocket who we invited inside, let's go somewhere without any walls, that's sure to be safer!

    4. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      Except it doesn't.

      See, this just "infects jail broken and non jail broken" devices which basically mean every single I device out there, which is tens or hundreds of millions of devices.

      Android? "1 BILLION ANDROID DEVICES AFFFECTED BY MALWARE"

      Tell me which sounds more scary?

    5. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      So does every other platform.

      For Android, you must click accept.
      For Windows, you have to doubleclick the EXE or click RUN.

      Why did you even mention "user to authorize the installation" even mentioned? That has not been an acceptable excuse for those platforms, why change now?

    6. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      "It should surprise nobody that malware makers find security holes."

      You're new here, aren't you? You know how many threads there are defending / promoting the notion that i devices are impervious to malware / viruses?

      Also, it's possible once the malware gets a hold of the system, it might block actions. It's an enterprise certificate, so those companies want more control over what goes in and out -- they don't want mission critical software to be suddenly removed because someone at APL bungled something. Perhaps the malware modifies the Hosts file to block remote cleanup attempts?

    7. Re:Revoke the certificate by Coditor · · Score: 1

      Also in iOS 9 you have to approve running an app the first time signed with an Enterprise cert.

    8. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      Certificates can blow me. The fucktards who issue them can stand in line to blow me. Half of the random websites I go to tell me there is a cert problem. I couldn't give a ff. One more security hole I could stick my dick in. Problem solved.

    9. Re:Revoke the certificate by cant_get_a_good_nick · · Score: 1

      I didn't see, where did the certificate come from in the first place?

    10. Re:Revoke the certificate by radarskiy · · Score: 1

      "You know how many threads there are defending / promoting the notion that i devices are impervious to malware / viruses?"

      None. It is a strawman invoked here on /. only by Apple detractors.

    11. Re:Revoke the certificate by macs4all · · Score: 1

      You know how many threads there are defending / promoting the notion that i devices are impervious to malware / viruses?

      ...of which, 99% of them are sarcastic allusions to that "Assertion" posted by Apple Haters, NOT by Apple Users.

      Prove me wrong.

    12. Re:Revoke the certificate by BigBuckHunter · · Score: 1

      Why did you even mention "user to authorize the installation" even mentioned? That has not been an acceptable excuse for those platforms, why change now?

      The user needs to authorize the installation (of an enterprise certificate into the iOS devices certificate trust store). I mention it because the article mentions it, and it is pretty much counter to what the Slashdot summary implies.

      It almost looks like everyone's so hot for a real exploit that these 'rogue certified applications' and their developers are getting overblown.

      Ultimately, the solution is al the same. Apple adds the rogue cert(s) to their CRL. Done.

    13. Re:Revoke the certificate by Anonymous Coward · · Score: 0

      They were revoked in June.

    14. Re:Revoke the certificate by Rosyna · · Score: 1

      They were revoked quite a while ago. The malware hails from 2014.

  4. Nah.... by Anonymous Coward · · Score: 0

    IOS is for Sheeps.You are all sheeps. sheeps say Mehhhhh. Mehhhhh! Mehhhhh sheeps Mehhhhhh!!!!Mehhhh say the sheeps. YOU NON-JAILBROKEN SHEEPS!!!

    1. Re:Nah.... by Anonymous Coward · · Score: 0

      No, IOS is for Phones. Phones say Riiiiing. RIIIIIING! RIIIIIIIIIIIING phones RIIIIIIIIIIIIIIIIIING! RIIIIIIIIIIIIIIIIIING say the phones. YOU NON-JAILBROKEN PHONES!!!

  5. Re:The walls of the garden are not high enough! by Dunbal · · Score: 1

    You're praying to me wrong --- Steve J

    --
    Seven puppies were harmed during the making of this post.
  6. Selling sand to Arabs by pigsycyberbully · · Score: 0

    Those people better all go and rush to buy a Windows anti malware program from some virus signature company who uses the same signature scanner as the majority of malware signature scanning companies. Selling sand to Arabs. Thank goodness that these signature scanning companies don't sell incontinent pads or else half of them would be pre-moist with shit stains.

  7. Uh oh by Anonymous Coward · · Score: 0

    Looks like we might have a Ferguson chimpout right in Cupertino. Apple had better comply with All Sharptons demands for more social justice and diversity in the ranks. Let's also squander billions of dollars on STEM and "everyone should code" crapola in the inner city where kids are more interested in dealing drugs and spray painting walls. Yes we need more do gooder liberal SJW bull shit.

  8. A certificate that isn't used is pointless by sjbe · · Score: 0

    You're new here, aren't you?

    Check my userid. Some have been here longer but unless you are being ironic the answer is no I'm not new here.

    You know how many threads there are defending / promoting the notion that i devices are impervious to malware / viruses?

    Yes I am aware. Yes their arguments are generally idiotic.

    Also, it's possible once the malware gets a hold of the system, it might block actions.

    If that it is true then that is a huge flaw in the system which Apple needs to correct as soon as possible. I understand that such a scenario is possible but I also understand that it is correctable. If some software needs to break to improve security then so be it.

    It's an enterprise certificate, so those companies want more control over what goes in and out -- they don't want mission critical software to be suddenly removed because someone at APL bungled something.

    Doesn't matter. If there is a security flaw where a certificate has been compromised then the only correct response it revoke the certificate. Yes this could be highly inconvenient but the danger of not revoking the certificate and disabling the vulnerability is worse. A certificate that isn't revoked when necessary is worse than useless. If the danger does not justify a certificate then what is the point of issuing one in the first place?

    1. Re:A certificate that isn't used is pointless by BigBuckHunter · · Score: 2

      Doesn't matter. If there is a security flaw where a certificate has been compromised then the only correct response it revoke the certificate. Yes this could be highly inconvenient but the danger of not revoking the certificate and disabling the vulnerability is worse. A certificate that isn't revoked when necessary is worse than useless. If the danger does not justify a certificate then what is the point of issuing one in the first place?

      Indeed. In this case, it appears that the owner of the certificate (Yingmob Interaction Technology Co) is the author of the malware. Apple will likely revoke the certificate, revoke their developer credentials, blacklist/flag the developers that are on the corporate account, and seek civil penalties.

      If the cert belonged to a big enterprise company like HP/IBM, you're still absolutely correct. Apple would revoke the certificate, and HP/IBM would thank them and apologize for their ineptitude at keeping their PrivKey safe.

  9. Jailbreak == security vulnerability by zarmanto · · Score: 4, Insightful

    Every now and then, I read a comment from someone about how Apple must "hate" the jailbreakers, because they keep closing off the flaws which make jailbreaks possible. The reality -- as effectively demonstrated in this instance -- is that the flaws which allow jailbreaks also just happen to open your phone up to malware. Apple is far more concerned with what a malicious entity might do to their customer base through these flaws, then with what the jailbreakers are doing to their own phones. Would, that more people understood this.

    1. Re:Jailbreak == security vulnerability by macs4all · · Score: 1

      Every now and then, I read a comment from someone about how Apple must "hate" the jailbreakers, because they keep closing off the flaws which make jailbreaks possible. The reality -- as effectively demonstrated in this instance -- is that the flaws which allow jailbreaks also just happen to open your phone up to malware. Apple is far more concerned with what a malicious entity might do to their customer base through these flaws, then with what the jailbreakers are doing to their own phones. Would, that more people understood this.

      Precisely!

    2. Re:Jailbreak == security vulnerability by Anonymous Coward · · Score: 0

      Good point, except this malware does not require jail-breaking...

    3. Re:Jailbreak == security vulnerability by mattventura · · Score: 1

      Except this particular vulnerability has precisely nothing to do with jailbreaking. To the contrary, it's a flaw with Apple's own way for enterprise customers to install unapproved apps. They hate jailbreaking because it's a stepping stone to enabling piracy (thus slightly reducing app store revenue and causing app publishers to start breathing down their neck), a stepping stone to enabling non-carrier-sanctioned tethering (thus making carriers breathe down their neck), and other things that all either reduce Apple's profit or reduce someone else's profit, causing them to complain to Apple. It's basically the same reasons a game console manufacturer doesn't want people cracking their console.

    4. Re:Jailbreak == security vulnerability by Anonymous Coward · · Score: 0

      Nothing to do with protecting customers. It IS about limiting their liability as much as locking out jailbreaks, but consumer safety? Get real, This is the same company that told its reps to bald-face lie to users about the existence of malware on their (OSX) machines.

    5. Re:Jailbreak == security vulnerability by zarmanto · · Score: 1

      Except this particular vulnerability has precisely nothing to do with jailbreaking. To the contrary, it's a flaw with Apple's own way for enterprise customers to install unapproved apps. ...

      While your first sentence is reasonable, (but strictly speaking, does not actually negate anything I said, aside from implying a minimization of the relevancy of my comment) your second sentence is technically incorrect: The enterprise certs are working exactly as they were intended. The real issue is that a malicious entity happened to obtain access to such certs. So the questions are: How did they obtain the certs? And how can Apple prevent future compromises of this nature?

      If we apply Hanlon's Razor, I'd think it's a pretty good bet that the malicious entity simply signed up for the developer program, themselves. Thus, the easiest way that Apple could stop that from happening in the future is to increase developer fees, which would unfortunately also have the negative side effect of locking out smaller iOS developers entirely. Finding the threshold at which malicious entity interest is minimized, while also minimizing the discouragement of legitimate small developers, is obviously a calculated balancing act... but will never be entirely foolproof. The fact that this kind of malicious act has only been reported this once suggests that Apple has a pretty clear idea of what they're doing.

      In any case, it seems pretty clear that Apple has already revoked the certs and suspended the developer account in question, so this particular hack is effectively in the clean-up phase now.

      (The rest of your response just sounds to me like the usual soapbox "Apple bad! Big business bad! They're all out to get the little guy!" commentary, so I seriously doubt that anything I could say is going to dissuade you from your point of view. Suffice to say, we'll just have to agree to disagree.)

  10. Thank goodness by Anonymous Coward · · Score: 0

    I checked the "Ads Disabled" box here at /.

  11. Diplomatic Immunity by Anonymous Coward · · Score: 0

    ...has just been REVOKED. Seriously, they need to revoke those certs ASAP.

  12. And fixed in recent iOS versions ... by perpenso · · Score: 1

    And the exploit the malware used was fixed in iOS 8.4 or later.

  13. Enterprise users who get patches are just fine by perpenso · · Score: 2

    In other words, Apple products are not well designed for use in the enterprise market.

    Actually if you have a somewhat recent update, iOS 8.4 or 9.0 then the exploit is fixed. So enterprise users who get patches are just fine.

    1. Re:Enterprise users who get patches are just fine by Rosyna · · Score: 2

      To elaborate, iOS 8.3 fixed the silent install issue, iOS 8.4 fixed the other issues, iOS 9 made it significantly more difficult to trick people into approving enterprise certificates.

  14. Hardly any iOS users at risk by Anonymous Coward · · Score: 0

    Except it doesn't. See, this just "infects jail broken and non jail broken" devices which basically mean every single I device out there, which is tens or hundreds of millions of devices.

    Sorry, you fail reading comprehension. Re-read and note that the user has to intentionally manually install certain enterprise certificates and intentionally manually install a malware infected app. Now add to this that the user has had to also decline the last two major iOS updates, 8.4 and 9.0. Hardly any iOS users are at risk.

  15. Protection a different way... apk by Anonymous Coward · · Score: 0

    See subject: Preempting infestation by stopping you from getting it in the 1st place:You can't be burned if you can't touch it & neither it you & most threats today originate online so I built this:

    APK Hosts File Engine 9.0++ SR-2 32/64-bit:

    http://start64.com/index.php?o...

    ---

    Which unlike OTHER "so-called 'security-solutions'" it SPEEDS YOU UP 2 ways:

    1.) Adblocking - A major source of infection by malware ala -> http://apple.slashdot.org/comm... & -> http://apple.slashdot.org/comm... which also gains you tremendous speed back (ads = up to 50% of major websites' pages & blocking ads gets it back)

    &

    2.) Hardcoding favorite websites @ the TOP of a hosts file - that's where you spend MOST OF YOUR TIME ONLINE, like 95++% most likely!

    (Which aids reliability vs. DNS redirect poisoning & being downed which ALSO ADDS SPEED since you do resolutions locally from RAM vs. calling out to remote more-than-potentially bushwhacked slower DNS servers).

    APK

    P.S.=> It gets its data from 10 reputable sources in the security community vs. malicious sites, phish/spam, ads, trackers, etc. which are update frequently!

    You can choose to:

    1.) Use "the latest/greatest data" (smaller dataset & more current, like antivirus "normal settings" work)

    OR

    2.) Build up your custom hosts file data up for PROTECTION LONG-TERM by accumulating it daily adding to previous blocking data vs. threats online (almost like antivirus does "heuristic 'high-power' scanning" when set to do so, with larger & older than most current datasets in use for scanning vs. threats)...

    It works for more speed, security, reliability + anonymity online!

    (... & does FAR MORE for FAR LESS resource consumption from a SINGLE FILE YOU ALREADY NATIVELY HAVE BUILT-IN to your OS & IP stack (it operates in kernelmode, far faster than usermode addons or other solutions there + is 1st resolver queried for speed, operating long before browser addons do) than ANY single browser addon by far)

    ... apk