Alastair’s Place

Software development, Cocoa, Objective-C, life. Stuff like that.

iPhone Security Potentially “an Interesting Problem”

MacWorld UK are running a quote from F-Secure’s Jarno Neimela, who says:

“The amount of technical information [available about the iPhone] makes it likely that sooner or later someone will create a worm or some other malware… This will create an interesting problem for the security field as the iPhone is currently a closed system and it’s not feasible to provide anti-virus or other third-party security solutions for it.”

Excuse me for pointing this out, but there is absolutely nothing to stop Apple from dealing with such a problem themselves, if they so desire, including—if necessary—providing their own anti-virus technology. There is simply no need for “third-party security solutions”.

My guess is that in such a circumstance Apple would simply push out updates via iTunes that removed the virus from phones and patched the vulnerability that it used to install itself. Even if an update has to wipe the phone completely to get rid of a virus, since users’ data is stored on their Macs or PCs, it only has to synchronise to return things to the way they were before.1

Moreover, the same reasoning (about the amount of technical information) could be used about the Mac. Where are the hordes of Mac viruses? Oh, that’s right, there aren’t any.

Sure, some jerk will probably write one sooner or later, but the status quo is that there are none2. Zip. Zilch. Nada. And there’s much more technical information available about the Mac than there is about the iPhone.

1 I should say that I don’t have an iPhone at present—I’m in the U.K., and unlike Stephen Fry I don’t have U.S. citizenship or a U.S. billing address, so I will have to wait until at least November 4th. Most likely I’ll wait a few generations of iPhones before I buy one anyway. Anyway, the point is that it’s possible that there are things that wouldn’t be saved, but even so it isn’t like wiping a computer and re-installing. 2 Sure, I know some anti-virus vendors have breathlessly proclaimed that they have found “the first Mac OS X virus”. But I’m talking a real, in-the-wild virus with some sort of actual payload (i.e. not Leap.A, Inqtana.A or OSX.Macarena). And yes, I know that some Office viruses can run on Mac Office (though many of them fail because Mac OS X is not Windows).