Security firms cannot protect the iPhone from threats

Recent incidents have put the iPhone's security in focus, but firms will not be able to develop anti-virus because of the nature of the system.


The security firm F-Secure has said that it would like to secure the iPhone from mobile security threats, but cannot due to the closed-off nature of the system.

The firm already offers security technology for mobile phones with Symbian and Windows Mobile systems, and in the future will offer protection for Android.

F-Secure chief research officer Mikko Hypponen said that people have asked for iPhone protection before, but it can't be developed.

"None of the existing anti-virus vendors can make one, without help from Apple," he said.

Advertisement - Article continues below
Advertisement - Article continues below

"Apple hasn't been too interested in developing antivirus solutions for the iPhone, because there are no viruses, which of course, isn't exactly true."

He said that recent worm outbreaks targeted jail-broken iPhones, and suggested that Apple wasn't interested in protecting these, as it didn't approve of jail-breaking to begin with.

"So our recommendation is to avoid jail-broken phones, because it will weaken the security of a phone, whether the iPhone or any other device," he said.

Arnoud de Vaal, director solution management at F-Secure's mobile unit, said that the company and its partners would love to offer security for the iPhone as it is growing its market share, but couldn't as its software development kit (SDK) does not allow any programs to run out of its own sandbox.

"Any program can only look at its own files. For instance, if you were using antivirus or something similar, you can look at your own files but what you need to do is to look at files outside of it," he said. "That's not legally allowed with the SDK."

De Vaal's personal opinion was that it would be customers and bigger partners that would force Apple's hand when it came to changing its system to allow security software to run.

Advertisement - Article continues below

"Apple is doing a good job of keeping everything in its own hands, but the fact of the matter is that if you are an end customer who bought an application not from the app store, something could happen," he said.

However, it wasn't just jail-broken phones that could be a problem. Hypponen said that if criminals developed exploits to break into the system - which has already been done by security researchers - then all iPhones would be vulnerable.

"What would really be a turning point would be malware which infected your iPhone through exploits," Hypponen said.

"Even the recent iPhone case wasn't using an exploit, it was using your password because everybody knows the root password for iPhone devices," he said.

"With an exploit where your mobile phone gets infected on its own without you doing anything at all that has never happened and when it will, things will be totally different."

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now


Business strategy

Apple launches new TV, gaming and finance services

25 Mar 2019

Apple MacBook Pro 16in review: A little bigger, a lot better

10 Jan 2020

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

24 Dec 2019

The IT Pro Products of the Year 2019: All the year’s best hardware

24 Dec 2019

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020