16 September 2009

quick thoughts on iPhone security

We've begun recently to see a trickle of iPhone security issues, for example the SMS vulnerability which Apple had to patch. This isn't surprising, of course; every platform has bugs, and many of these bugs can leave holes that attackers can exploit.  The iPhone probably has fewer known vulnerabilities than some other platforms since it's relatively new (and not Windows-based), but it doesn't have the locked-down level of security that, say, BlackBerry has, as others have pointed out recently.

But even if Apple does make strides in protecting its iPhone platform, that platform still presents novel and dangerous security challenges.  Mobile devices -- and the iPhone is today's most ubiquitous and important mobile device -- change the very way we have to think about security.

This different set of security issues arises due the fact that with a very small, very portable device new things can happen to it.  The risk of theft and loss are much higher than a server in a data center or a home computer. The iPhone is designed to be moving all the time, and therefore can’t take advantage of the security of a known physical location, or even a known network connection.  When you're with your iPhone on the bus, you don’t know your neighbors and can’t even see who might be trying to hack you.

If somebody does physically steal a smart phone, it would be great to remotely wipe the data so that no one can use it. But if an attacker just wants the information that’s on the phone, they just remove the SIM card. Then the phone can’t be traced or wiped and the thief can do what they want with your data.

But of course the attacker doesn't need to steal the phone. They just have to wait for you to wander by close enough for them to reach out wirelessly and attack over the ether. And what's even scarier: once they've got a data grip on your mobile device, they've created a channel to get to your home computer and all your web accounts (such as banks) that you access with your iPhone or other device. That's the target today, remember: purely financial.

For all mobile devices, the industry is going to need to include strong, usable encryption so that no one can steal data from a phone, whether on- or off-net .  And in order to do that, all phones are going to need biometric access controls. Password-based encryption on smart phones is just not strong enough.

These issues aren't specific to iPhones, of course, but given the rising popularity of that platform, I believe Apple will need to confront security like it has not had to before on its Mac platform