Revisiting iOS Security as Apple Cracks Down on Antimalware Apps

24 de marzo de 2015

In an effort to prevent users from thinking that the 6-month-old iOS 8, dubbed the “biggest iOS release ever,” has exploitable flaws, Apple is reportedly cracking down on antimalware products in the iOS App Store.

[Read: The New Security Features of iOS 8]

Recently, a known email and cloud scanner app for iOS was taken down from the App Store, disrupting a niche of users who were using it to ensure that files forwarded to non-iOS users were free from malware. Apple reasoned that the app’s App Store description was misleading and could lead customers to think that iOS 8 products can be exploited. The app’s representative then reported that Apple may have plans to completely remove the antivirus and antimalware category in its iOS App Store.

We have yet to see threats successfully attack the iOS 8 platform, but that doesn't mean it can be assumed that it can't be attacked or compromised in the future. iOS device users need to be constantly on-guard for the following reasons:

A closed ecosystem may not ensure app security

Last year, millions of iOS device users fell victim to Masque and Wirelurker, which affected both jailbroken and nonjailbroken devices. Notably, Masque and Wirelurker used enterprise provisioning to attack non-jailbroken iOS devices.

“Provisioning allows enterprises to install “homegrown” apps on iOS devices without the need to be reviewed by Apple. They can then distribute these apps to their employees through iTunes (via USB) or via wireless transfer through the company’s app store, “ reported Trend Micro mobile threats response engineer Brooks Hong.

Timeline of iOS Threats, 2009 to 2014

Looking back, a number of iOS threats have managed to crack Apple’s "walled garden", despite the platform's closed ecosystem.

[Read: Before Masque and WireLurker: iOS Threats That Cracked the Walled Garden]

2 out of 10 iOS devices are still running on older versions

Fragmentation also remains an issue in the iOS landscape. As of March 16, 2015, 23% of iOS devices are still running on versions older than iOS 8. Device users unable to or are unwilling to upgrade to iOS 8 may be unable to protect themselves should Apple finally decide to eliminate antimalware apps as a category.

$iOS 8 TouchID$

More than just developing user interface and the overall mobile experience, Apple has also improved the security of iOS devices through the years. In iOS 8, upgrades included the revamped TouchID feature as well as more options for allowing which apps track your location. Evidently, companies like Apple are showing the ways by which they protect their platform's users. It is always a best practice for consumers, however, to exert personal effort in protecting their own data.

Apart from trusting the security that platforms deliver, consumers can also layer security via solutions meant to protect data that goes through mobile and cloud channels. Should Apple finally stop offering all antimalware products on its App Store, device users may find themselves unable to protect mobile data. As such, it pays to take action now by continually watching out on how this issue will progress and providing smart protection for iOS devices.

HIDE

Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.

Publicado en Mobile Safety, iOS, Mobile, Mobile Malware