“Unhackable” iOS nears decade with no significant malware outbreaks

“Unhackable” iOS nears decade with no significant malware outbreaks - Lovefone, London

Yes, there is a reason “unhackable” is in quotes. Nothing is unhackable from a technological perspective. You just need either thousands of years for brute force methods or a really good exploit!

Compare this to Android. Based on a Linux kernel, they are not entirely unsecure devices. The distinction in security between the Android and iOS operating system has less to do with the trivialities of their OS, and more to do with how the companies approach their software and security itself.

Malwarebytes senior analyst Nathan Collier explains this “walled garden” approach Apple takes. “[Apple] can vet, deny and remove any apps they feel do not meet their developer's license agreement," he said. "By requiring all apps come from their App Store—which is locked down at device level—it makes it much harder for developers to submit malicious apps.”

This does not mean it is impossible to get malware onto an iPhone. But between his approach and the difficulty of downloading something from the internet with iOS compared to an Android mobile device, you have to really be trying to play fast and loose with your iPhone to risk it becoming vulnerable or infected with malware. 

“A customer can 'jailbreak' their device, giving them escalated privileges,” warns Collier, “but then Apple will say 'you're on your own any malicious apps encountered are your own fault'.” He also goes on to say that Android’s appeal is its openness, so it is really a trade-off, more so than the iPhone being an objectively “better” device.

And let’s not forget about the $1 million dollar security hole found in iOS 9.1. Last year, a challenge was presented to hackers: $1 million would be rewarded to whoever could remotely jailbreak and control an iPhone running the latest iOS. Well, anonymous hackers did it, and security start-up Zerodium awarded them the $1 million prize.

Don’t worry, your device is safe. This was a demonstration done as a security measure. If anything, you’re safer now, after it has been achieved, than before.

If these extreme bounties aren’t enough to convince you Apple takes your security seriously, they even said no to the FBI when asked to provide them with a “backdoor” or “master key” of sorts to hack into Apple devices. User security is Apple’s top priority, and this fight with the FBI has even sparked Apple’s efforts to make a truly unhackable iPhone.

So what about open source platforms like what the Google Ara will be using, versus closed platforms like Apple? Are open source platforms more susceptible? There is actually a strong argument for open source protections actually being far more secure than hole-ridden security through obscurity methods. iPhone’s astonishing security record is really much more a testament to the Apple engineers than a criticism of Android, to be sure.

But while their OS might be the most unbreakable on the market, their actual phones… aren’t. Some care has to be taken on your part. You should know the importance of a smartphone case by now, and if you don’t, R.I.P. your phone. And you should probably learn at least the basics of how to prevent malware, loss of content, at how to prolong your smartphone’s life overall.

The iPhone is 9 years old this year—almost a decade. With the announcement of the upcoming iOS 10 at this year’s WWDC, we can expect Apple wants more than anyone to make it to 10 full years with no significant malware outbreaks.

July 12, 2016
Andrew Hendricks