iPhone Gets Hacked; Mac Fans Still Say Windows Sucks More

Featured Resource:

In addition to death and taxes, we can now add to the list of inevitables the introduction of hyped Apple products and vulnerabilities in complex systems. The New York Times reported on a vulnerability in iPhone that allows attackers to download all the files off an iPhone. An overview is available at http://www.securityevaluators.com/iphone/. Unfortunately, a quote from a researcher alluding to Mac vs. Windows security in the NYT article prompted nonsensical responses that misses the real point of such a major vulnerability.

First, the nonsense. As you have probably already guessed, if you haven't seen it already, some of the response to the Mac vs. Windows comparison drops to the level of "You suck! - No you suck more!" give and take. See http://machinist.salon.com/ for an example. I found the comment:

After all, only the folks at ISE know how to activate it. The iPhone, thus, is still amazingly swell.

somewhat surprising. If the ISE people found it, why wouldn't smart, determined hackers have found it as well? The ISE researchers didn't discover the theory of relativity, it's just a vulnerability in a browser. With all due respect to ISE staff, I'm sure they are very intelligent and good at what they do, but I suspect there are bad guys out there just as capable of finding this hole (and others).

But back to my main point, if your roof is leaking it's time to fix the roof, not put on some smug attitude because you think your neighbor's roof that has an even bigger leak.

The important thing about this vulnerability is that smartphones, like the iPhone, are full blown computers running full blown operating systems and applications. (If you still doubt this, understand that the vulnerabilty with the iPhone applies to Mac users as well.) That means they have valuable data you want to protect and it means they have vulnerabilities that allow bad guys get to the stuff you want to protect.

So what should you do? One, stop saying the other guy's operating system sucks more. Two, get used to thinking defensively about your phone, the same way you think about your desktop, be it Mac or PC. That means being careful about the sites you visit, the Web links you click on, and the applications you install. (Although you can't do that, at least your not supposed to be able to on an iPhone). Third, understand patching is part of your life. I'm sure Apple will patch this vulnerability soon.

Let's not miss the proverbial forest for the trees. This isn't a contest between Apple and Microsoft. Its about all of us understanding that just because we might be better than the other guy, it doesn't mean we're good enough.

Recent Posts

Dan Sullivan's Bio:

Dan Sullivan is a systems architect with 20 years of IT experience that includes engagements in enterprise security, application design, and systems architecture. His experience includes a broad range of industries, including financial services, manufacturing, government, retail, gas and oil production, power generation, and education. Dan’s security-related project work has ranged from requirements analysis for enterprise information security to designing and implementing security for database applications and enterprise portals. Dan has written about information security and other enterprise information management topics for Business Security Advisor, DM Review, Intelligent Enterprise, and E-Business Advisor. You can contact Dan at: dan_sullivan@realtimepublishers.net

Site Sponsor:

Now Available:

Featured Resource:

Realtime Communities

Newsletter

Monthly Archives

RSS

Ask the Expert