Scribd Logo
Importer

Bienvenue sur Scribd !

  • Nimalan Paul, Intelligence Communications 14 January 2010

    Transféré par

    nimalan_dj
    434 vues3 pages
    The document summarizes that Apple's iPhone operating system is unlikely to be vulnerable to hacking attempts in the next 12 months. This is due to the inherent design of the iPhone, which restricts third-party applications and runs them in a sandbox environment. While some vulnerabilities have been found, they are unlikely to be useful to hackers due to the restrictions on third-party applications. Even if malicious code gets in, Apple has the ability to remotely delete applications, so the iPhone OS is considered secure in the near future.

    Description originale:

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    DOCX, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    The document summarizes that Apple's iPhone operating system is unlikely to be vulnerable to hacking attempts in the next 12 months. This is due to the inherent design of the iPhone, which restricts third-party applications and runs them in a sandbox environment. While some vulnerabilities have been found, they are unlikely to be useful to hackers due to the restrictions on third-party applications. Even if malicious code gets in, Apple has the ability to remotely delete applications, so the iPhone OS is considered secure in the near future.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    434 vues3 pages

    Nimalan Paul, Intelligence Communications 14 January 2010

    Transféré par

    nimalan_dj
    The document summarizes that Apple's iPhone operating system is unlikely to be vulnerable to hacking attempts in the next 12 months. This is due to the inherent design of the iPhone, which restricts third-party applications and runs them in a sandbox environment. While some vulnerabilities have been found, they are unlikely to be useful to hackers due to the restrictions on third-party applications. Even if malicious code gets in, Apple has the ability to remotely delete applications, so the iPhone OS is considered secure in the near future.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 3

    Nimalan Paul, Intelligence Communications

    14 January 2010

    Apple’s iPhone Operating System Unlikely To Be Vulnerable To


    Hacking Attempts In Next 12 Months

    Executive Summary:
    Apple’s iPhone Operating System (OS) is unlikely to be vulnerable to malicious
    hacking attempts in the next 12 months. This is mainly due to the inherent design of the
    iPhone which reduces the attack surface thus preventing malicious attacks. Despite the
    occasional discovery of vulnerabilities in the iPhone OS and Apple’s growing inability
    to thoroughly review the increasing number of iPhone applications, the in-built
    restrictions on running third party and background applications is likely to ensure its
    security.

    Discussion:
    The iPhone is designed in such a way that there are numerous restrictions on running
    third party applications. Apple does not allow users to download many file types and
    all code is executed in a tightly controlled “sandbox” environment 1. The iPhone OS
    also does not allow any third party applications to run in the background which
    reduces the effectiveness of any malicious code should it somehow get in2.

    Given its restrictive design, the iPhone OS does have its vulnerabilities but are
    unlikely to be of much use to hackers if exploited 3. Security groups and companies
    have discovered vulnerabilities in the iPhone OS as early as 2007 when Apple first
    launched the phone4. Independent security researchers recently demonstrated a
    potential vulnerability at the 2009 Black Hat Conference in Las Vegas5. Application
    developers have also bypassed the App Store’s strict approval process with Easter
    eggs – a secret feature hidden in the code6. Though it is possible to sneak in
    unapproved code into the device, it is likely to be only temporary before Apple
    discovers it. Even if within the iPhone system, the code is not of much use due to the
    restrictions on running third party and background programs7.

    Over and above these in-built security features, Apple also has a remote kill switch
    for the iPhone8. So if a malicious application manages to circumvent all these
    restrictions Apple still has the option to remotely trigger a command and delete it.
    Therefore in the near to medium term, there does not seem to be any likely possibility
    to effectively hack into the iPhone OS.
    Analytic Confidence:
    Analytic confidence in the estimative statements in this report is moderate due to the
    relatively low level of technical expertise in mobile operating systems and conflicting
    evidence from sources of equal reliability.

    For questions or comments, please contact the author:

    Email: npaul36@mercyhurst.edu
    Tel. #: 814-824-3158

    Annexure: Analysis Of Competing Hypothesis Matrix (Sorted By


    Diagnosticity)
    1
    Endnotes

    http://securityevaluators.com/files/papers/exploitingiphone.pdf (Low – 22.65)


    2 http://www.theregister.co.uk/2009/11/25/iphone_anti_malware/ (High – 56.20)
    3 http://www.wired.com/gadgetlab/2009/05/appstoreeasteregg/ (High – 52.88)
    4 http://apcmag.com/7544/iphone_virus_or_spyware_80_90_likely_says_security_expert (High – 52.88)
    5 http://www.forbes.com/2009/07/28/hackers-iphone-apple-technology-security-hackers.html (High – 52.88)
    6 http://www.wired.com/gadgetlab/2009/05/appstoreeasteregg/ (High – 52.88)
    7 http://www.theregister.co.uk/2009/11/25/iphone_anti_malware/ (High – 56.20)
    8 http://www.wired.com/gadgetlab/2009/07/iphone-encryption/ (High – 52.88)

    Vous aimerez peut-être aussi