• Your favorite

    Apple

    ,

    iPhone

    ,

    iPad

    ,

    iOS

    ,
    Jailbreak
    , and
    Cydia
    site.
  • iOS More Secure Than Android Says Symantec
    by
    Joshua Tucker
    Published on 06-28-2011 04:37 PM
    11 Comments Comments


    Mobile security is a hot issue these days as phones become increasingly more connected to the internet, social networks, and file-sharing protocol. One can argue about the resistance of certain mobile platforms but do we truly know how secure our phones are? A recent 23-page document by Symantec titled "A Window Into Mobile Device Security" details how Apple and Google handle security methods for their respective mobile platfroms: iOS and Android. The study concluded that between the two, iOS was much more secure from attack types and had more security implementation build in. Symantec's analysis even made it a point to say that iOS was characterized as "fully protected" while Android has "little protection."

    While conducting this study, the researchers were looking at two components:
    • How well each mobile OS performed against different attack types (e.g. Web-based and Malware attacks
    • What security feature implementations were in place for both mobile OS platforms.

    Below are the results:

    iOS:

    Overall, iOS topped the Android platform in every respect except in the isolation security category. Symantec's belief is that Apple's approach to App Store screening and the inner-workings of its stock applications has made iOS extremely resilient to most attacks prevalent to mobile users. It was dually noted that the platform is well designed in this regard and thus far has proven itself worthy of such praise.

    Although iOS performed well in this study, there were 200 vulnerabilities found that date back all the way to 2007. The concerns found regarded administrator-level access. From the research, Symnantec found that if someone was able to gain this administrator control, almost all the data and services on the device could be accessed and viewed. A public example of an iOS related breach was the iPhoneOS.lkee worm release of 2009. However, only jailbroken devices were affected by this worm.

    Despite the high ratings and praise, Symantec reminded the readers that iOS is not off the hook; there are still places of security concern that can be fixed in order to make it even more secure and less vulnerable to attacks.



    Android:

    As mentioned above, Android only beat the iOS mobile platform in one area: isolation in the security category. It was found that the Android platform was a much better improvement over the traditional desktop operating system security. However, Symantec mentioned that it had two major weaknesses.

    Google's system of application review and distribution gives more freedom for attackers to create and infect mobile users according to the results. Also, because Android's permission system is based upon the user making most of the important security choices and settings changes, this proved to be a problem as many mobile users are unwillingly or skilled enough to understand how to control and monitor these settings.

    Symantec concluded with the fact that mobile devices are somewhat of a mixed bag in terms of security. Although security frameworks are build-in, because their platforms are marketed towards a consumer market, restraints have been more loose to ensure the best usability for any mobile user on their platform.

    Source(s): Symantec, AppleInsider
    This article was originally published in forum thread: iOS More Secure Then Android Says Symantec started by Joshua Tucker View original post
    Categories:
    1. iPhone,
    2. iPad,
    3. iOS,
    4. Apple,
    5. AppStore,
    6. Software
    Comments 11 Comments
    1. Colper's Avatar
      Colper - 06-28-2011, 08:02 PM
      I was going to post this if I didn't already see someone do so.

      I'm curious to know if this is a scare from Symantec targeted towards the average electronic consumer? So that they can start selling their platform on Mobile devices, since they have lost a good amount of their market share to the free Antivirus softwares'. I wonder if this is all part of their new business plan, or if there is some worry-some truth to this?

      Any programmers able to answer this?
    1. Joshua Tucker's Avatar
      Joshua Tucker - 06-28-2011, 08:08 PM
      Quote Originally Posted by Colper View Post
      I was going to post this if I didn't already see someone do so.

      I'm curious to know if this is a scare from Symantec targeted towards the average electronic consumer? So that they can start selling their platform on Mobile devices, since they have lost a good amount of their market share to the free Antivirus softwares'. I wonder if this is all part of their new business plan, or if there is some worry-some truth to this?

      Any programmers able to answer this?
      I can't imagine Symantec would do anything of that nature. They are known for having comprehensive security research and development. If the information was either beefed up or non-legitimate, someone would have written something about it.
    1. jose060789's Avatar
      jose060789 - 06-28-2011, 08:42 PM
      Why am I not surprised? (FACEPALM)
    1. Joshua Tucker's Avatar
      Joshua Tucker - 06-28-2011, 08:46 PM
      Quote Originally Posted by jose060789 View Post
      Why am I not surprised? (FACEPALM)
      In some respects, I agree with you. That's why I think jailbreaking your device to get more features is a much better idea then the Android platform. Due to the open-framework and open-source nature of Android, it is more prone to attacks and security issues. Stock iOS however is very secure and requires little configuration in regards to security. Android, as mentioned in this article, does need a little more attention to customize security. When you jailbreak however, you ultimately choose what features, applications, tweaks, etc., that you put on your device thus allowing you to customize if you're experienced enough.
    1. Colper's Avatar
      Colper - 06-28-2011, 08:51 PM
      Quote Originally Posted by Joshua Tucker View Post
      I can't imagine Symantec would do anything of that nature. They are known for having comprehensive security research and development. If the information was either beefed up or non-legitimate, someone would have written something about it.
      I agree, I just wonder if this is something thats out of proportion so that they can start their scare tactic to promote their mobile software. From what I know (not all that much in regards to mobile virus's), there haven't been many worms etc targeted towards ios and android. I'm sure they will come further down the line, but should we be concerned at this point in the game?
    1. Joshua Tucker's Avatar
      Joshua Tucker - 06-28-2011, 09:09 PM
      Quote Originally Posted by Colper View Post
      I agree, I just wonder if this is something thats out of proportion so that they can start their scare tactic to promote their mobile software. From what I know (not all that much in regards to mobile virus's), there haven't been many worms etc targeted towards ios and android. I'm sure they will come further down the line, but should we be concerned at this point in the game?
      However, relatively speaking, mobile platforms being so interconnected with the internet and other outside sources is somewhat new in the technology scheme. Think about it; applications, social networks, and other similar features have just gotten big within the last four years or so. With that said, it would make sense that not a lot of attacks or attempts to do so have been made. Not to mention, it is much more difficult to steal person information on a cellular connection (back in the days where phones just connected to cell towers) then it is to attack phones that now connect to internet through cellular service, WiFi, and other similar computer protocol.
    1. sknet's Avatar
      sknet - 06-28-2011, 10:55 PM
      do we have antivirus app for our iOS?
    1. Joshua Tucker's Avatar
      Joshua Tucker - 06-28-2011, 11:16 PM
      Quote Originally Posted by sknet View Post
      do we have antivirus app for our iOS?
      I can't think of any specific applications however I know people in the jailbreak community such as i0n1c (@i0n1c) have been working on applications/implementations of this nature.

      EDIT: I just spoke with i0n1c and I was incorrect; got mixed up. He actually posted a tweet though that kind of sums up my feelings on iOS anti-virus also:

      https://twitter.com/#!/i0n1c/status/85941461715132416
    1. GmAz's Avatar
      GmAz - 06-29-2011, 08:24 AM
      Quote Originally Posted by Joshua Tucker View Post
      In some respects, I agree with you. That's why I think jailbreaking your device to get more features is a much better idea then the Android platform. Due to the open-framework and open-source nature of Android, it is more prone to attacks and security issues. Stock iOS however is very secure and requires little configuration in regards to security. Android, as mentioned in this article, does need a little more attention to customize security. When you jailbreak however, you ultimately choose what features, applications, tweaks, etc., that you put on your device thus allowing you to customize if you're experienced enough.
      And stock Android is very secure too. The ability to install unknown apps is turned off. USB Debugging (which is needed for most of the bad stuff out there) is also turned off.

      Rooted Android and jailbroken iPhones are unsecure on pretty much the same level. How about all those people using the default alpine password for SSH. Ya, thats real secure. Symantec lost my respect many years ago and stuff like this is no more than a sales ad for some upcoming 'antivirus' software for phones.
    1. Joshua Tucker's Avatar
      Joshua Tucker - 06-29-2011, 08:29 AM
      Quote Originally Posted by GmAz View Post
      And stock Android is very secure too. The ability to install unknown apps is turned off. USB Debugging (which is needed for most of the bad stuff out there) is also turned off.

      Rooted Android and jailbroken iPhones are unsecure on pretty much the same level. How about all those people using the default alpine password for SSH. Ya, thats real secure. Symantec lost my respect many years ago and stuff like this is no more than a sales ad for some upcoming 'antivirus' software for phones.
      I never mentioned that the iOS was perfect, but generally speaking it is more secure. And why would you believe that Symantec is trying to push anti-virus to mobile phones? Their entire press release was extremely thorough and well done; there was no indication of exaggeration or any wording that would trigger someone to think that they're making a sales pitch. Not to mention, as i0n1c said in the tweet I posted, anti-virus would be so battery draining and just another confusing component for people to have to deal with.
    1. zoso10's Avatar
      zoso10 - 06-29-2011, 09:48 AM
      i0n1c's Twitter post about antivirus is so true! On a computer it can lay low and not take too much memory without affecting performance, but for an iPhone it would be a pain and kill the battery and performance.
  • We're now on Google+!