June 29, 2011

Apple iOS More Secure Than Android: Symantec

Although we think of our mobile devices as fairly secure, Symantec has released a study suggesting that most of us need to consider implementing more thought into our devices, The Telegraph is reporting.

The publication, "A Window Into Mobile Device Security: Examining the security approaches employed in Apple's iOS and Google's Android," is an in-depth, technical evaluation of the two most popular mobile platforms.

Chief among the findings is that while the most popular mobile operating systems (OS) in use today were designed with security in mind, these provisions are not always sufficient to protect sensitive enterprise assets that regularly find their way onto devices.

Complicating matters, today's mobile devices are increasingly being connected to and synchronized with an entire ecosystem of 3rd-party cloud and desktop-based services outside the enterprise's control, potentially exposing key enterprise assets to increased risk.

Apple's iOS developers pay to register with Apple, which checks and approves their work before it goes on sale in the App Store. Security issues on the Android platform stem from Google's open approach to developing applications which do not undergo such scrutiny.

Creators of malware are increasingly attracted to Android and its lack of controls for stopping malicious software from entering the distribution channel. Hackers have repeatedly sought to take control of Android devices with rogue apps.

In February criminals released apps that stole personal details from hundreds of thousands of users by impersonating 58 legitimate apps on Marketplace. Google has since patched the vulnerability they exploited in Android 2.3.

Meanwhile, the research said that while more than 200 vulnerabilities have been discovered in iOS than in Android's 18 known exploits, Apple's iOS has never been detected to suffer from successful malware.

"While [Apple's] vetting approach is not foolproof, and almost certainly can be circumvented by a determined attacker, it has thus far proved a deterrent against malware attacks data loss attacks, data integrity attacks and denial of service attacks," Symantec reported.

Devices that have been jailbroken, or altered by the owner to run unauthorized apps were not counted in the study. In 2009 an Australian hacker released an iOS virus that affected only jailbroken devices. The code replaced the home screen with a picture of Rick Astley, the 1980s pop star.

While Apple's approach came out as more secure than Google's, Symantec said that using a smartphone or tablet running either operating system was less risky than using a PC.

"These platforms have been designed from the ground up to be more secure - they raise the bar," it said.

RIM's BlackBerry is widely considered the most secure smartphone platform because it can be tightly controlled by corporate IT departments and has received government accreditation.


On the Net: