Tuesday, August 21, 2007

The vulnerabilities of iPone -> Fact or Fiction?

Apple inc. has launched iPhones to the market since 29 June 2007 in the United States from Apple retail and online stores, and from AT&T Mobility. On September 18, 2007, Apple announced in a special event that the iPhone will be available on November 9, 2007 on the carrier O2 in the United Kingdom; on 19 September 2007, Apple and Deutsche Telekom's T-Mobile announced the iPhone would go on sale 9 November 2007 throughout Germany; on 20 September 2007, France Télécom also announced they would be selling the iPhone in France (Wikimedia Foundation, Inc., 2007). However, there is the rise of concern about the security of iPhone in the IT industry (Wikimedia Foundation, Inc., 2007). By the way, I would like to introduce you a video clip about iPhone that may cheer you up.

First of all, we need to understand the security issues of iPhone in general. Keizer (2007) has consolidated different views from the IT security specialists. Some really worries if one uses iPhone to connect to the corporate network, it will cause the vulnerabilities the network as Apple in the first place did not design iPhone for the enterprise use.

Secondly, it runs Mac OS X means that there is a good possibility that vulnerabilities found on the OS will also affect the iPhone. Hackers may be able to port the hacks they find on one to the other. Especially, recently all the press around the iPhone makes it a very enticing target for hackers.

Thirdly, Lemon (2007) reports that ‘hackers may successfully unlock an iPhone in as soon as three to seven days, according to a representative of one effort that aims to unlock Apple Inc.'s new handset’. They actually crack the activation process of iPhone so that users do not need to use iTunes to carry out the process and hence, no need to pay to AT&T.

Fourthly, Reed (2007) reports that Apple’s CEO Steve Jobs has declared war on iPhone hackers and Apple’s option is to stop hackers from creating new open source programs for its iPhone. It does indicate that the actions of hackers have really created a threat to Apple.
Apart from the above factors, do we really see that iPhone is in particular an unsafe mobile device which will do harm more that other thing else to the enterprise security. Many IT security specialists have the similar view as I have.

Neel Mehta, team lead for Internet Security Systems Inc.'s advanced research group, claims that ‘the iPhone poses the same risks as any other device connected to the network. It's going to be very hard to control who uses it, so the best thing to do is take the defense-in-depth approach’ (Keizer 2007).

Damoulakis (2007) also reports that ‘the boundaries of where data actually resides within an organization now extend well beyond the data centre to desktop computers, remote offices, employees' homes and laptops, USB drives, and, yes, phones. The problem that I have with some of the iPhone alarmism is that it leaves an impression that enterprise data is highly secure and that there aren't lots of other potentially much larger holes on which to focus’.

Finally, the question I post to you again, ‘Is the data protection and security of corporate laptops more akin to the BlackBerry or the iPhone?’ (ibid 2007).
References

Damoulakis J 2007, ‘Is your iPhone more secure than your laptop?’, ComputerWorld Hong Kong Daily, posted 5 July, viewed 6 August 2007, <http://www.cw.com.hk/computerworldhk/article/articleDetail.jsp?id=439492>.

Keizer G 2007, ‘iPhone security: Nightmare for IT or no big deal?’, ComputerWorld Hong Kong Daily, posted 27 June, viewed 6 August 2007, <http://www.cw.com.hk/computerworldhk/article/articleDetail.jsp?id=438058>.

Lemon S 2007, ‘Unlocked iPhones coming in one week or less, hacker says’, ComputerWorld Hong Kong Daily, posted 7 July, viewed 23 August 2007, <http://www.cw.com.hk/computerworldhk/article/articleDetail.jsp?id=439427>.

McMillan R 2007,'With Black Hat approaching, a rush to patch iPhone', ComputerWorld Hong Kong Daily, posted 27 July, viewed 3 August 2007, <http://www.cw.com.hk/computerworldhk/article/articleDetail.jsp?id=444882>.

Wikimedia Foundation, Inc., 2007, iPhone, Wikipedia, The free encyclopedia, last modified 22:00, 25 September 2007, Wikimedia Foundation, Inc., US, viewed 25 September, <http://en.wikipedia.org/wiki/IPhone>.

Reed B 2007, ‘Apple’s options for stopping open source iPhone use‘, NetworkWorld.com, posted 20 September, viewed 22 September, <
http://www.networkworld.com/news/2007/092007-apple-stop-open-source-iphone.html?page=1>.

No comments: