I was just reading a recent entry on 80beatsthat talks about the sudden appearance of malicious worms for the iPhone. It’s crazy to think that someones phone could give out such information, but it’s foolish to think that they couldn’t, and in theory it would be easy as hell to do. Personally, I don’t have an iPhone. I’m not against them, but when I went to buy my latest phone, they were not yet available on my cell provider’s network, so I got myself a BlackBerry instead. But the same holes are presumably open.
The other day, a friend of mine had a newer BlackBerry and was stunned when simply passing her phone over mine didn’t suck up my BBM PIN. The joys of Bluetooth open up so many doors. Why couldn’t I write a tool that sits on my phone and looks for other Bluetooth enabled phones and either transmits them malicious code or sees what it can snoop from them? I’ve never looked into the Bluetooth technology from a development perspective and presumably there are some checks and balances involved, but a dedicated hacker eats checks and balances for breakfast. I’m not suggesting everyone go back to the days of analog Nokia flip phones, or worse, those heavy-as-a-brick Motorolla gray jobbies, I’m just saying that like all other communications devices, we need to be aware that they are not guaranteed to be secure. Use your heads, people!
On a similar note, I’ve talked about the¬†Mac virus threat¬†at great length in the past, though never on this blog. Most of my Macintrash friends live under the magical umbrella of Security Through Obscurity. Because Mac has a much smaller market share than Windows, any virus writer is presented with a decision to make. Do you write¬†malicious code¬†that attacks Macintosh, or do you aim at the much larger Microsoft Windows base? I can’t say what goes on in the minds of virus writers, but I can tell you that I’d want more bang for my buck. I’d target the massive corporation with the huge market penetration.¬†And it’s certainly true that¬†most viruses attack the Windows market instead.
That does not make you safe if you own a Mac. There are still viruses out there pleased as punch to take you down a peg. But the incidents are much more uncommon. But as the repugnant Mac Vs. PC ads with their shiny Macs and total lies about the difference between the two computers inspires more and more people to go the way of pretty plastic cool, the numbers begin to shift.
Now obviously, the iPhone isn’t a Mac per se, and represents a huge target in terms of handheld owners. I’m not sure what kind of market penetration they have over other phones, but I’m sure they’re doing pretty good in that field. And that makes them a rich target.
When I was researching this piece, I did a quick search on Macintosh virus and found some great information. I’d recommend reading this about.com FAQ about the topic, as well as this great article from Parameter Security’s The Hacker Diaries entitled The Myth Of The Virus Free Mac.
Jim
