Security Market Segment LS
Sunday, 24 October 2010 16:37

Australia's questions over iPhone security: justified?

By

John Lawler, the CEO of the Australian Crime Commission, has spoken about the serious threat of online crime in today's highly tech-savvy world, something that extends all the way to the iPhone.

At the International Serious and Organised Crime 2010 event, the Australian Crime Commission's (ACC) CEO, John Lawler, gave an excellent address on the topic of cyber security in today's world and the many and varied threats affecting us all that are all too real.

The entire talk called "The Fifth Estate: Organised Crime Goes Virtual" is available to read at the ACC's website and makes for fascinating and sobering reading, delving into the deeply reaching tendrils of cloud computing which unify all kinds of information, the threat from mobile devices, new ways to police online crime, the sophistication of malware, the underground economy and much more.

In the course of the address, Mr Lawler talked about threats from the mobile world, noting a Sydney Morning Herald article which 'reported on the massive uptake of the iPhone particularly in the business market where it is the third most used system in the world and is being deployed or piloted by more than 70 per cent of Fortune 100 companies', and followed this up by saying 'Yet IT managers are swimming against the phone's tide of popularity because they can't centralise installation and security updates as with other software.'

It's true that phones such as the BlackBerry and those running Windows Mobile 6.5 have been much easier for IT admins to administer, but it has to be said that Apple has been dramatically improving enterprise support and interoperability with each version and must continue doing so to remain competitive and secure in a business environment.

Mr Lawler continues: 'This overwhelming desire for instant services at the expense of security safeguards is something I'll return to in a moment.

'But aside from the potential to facilitate traditional crimes using these devices, for example, by spreading spam, there is a growing criminal movement targeting such devices directly.

'In May this year Italian customs agents broke up a phony iPhone ring selling fake Chinese-made iPhones having correctly predicted that organised crime groups would invest in such activities as a less risky way than drug trafficking to reap big revenues.

'In August this year, London police arrested nine people and seized one thousand iPhones as they uncovered a criminal network that was using premium phone lines to launder profits and hide identities.'

Continued on page two, please read on!


Mr Lawler makes a comment on the iMob game and what might be inspiring the game and who might be behind it.

He then says: 'So with the explosive uptake of personal communication devices, there are certainly already opportunities that appeal to organised criminals.

'The future will undoubtedly bring even more opportunities, particularly as the buzzword is convergence and strategists predict that so much of our information, entertainment and even our body data, our emotions and senses could be streamed through one, individual and embedded device.

'What will organised crime make of that?'

There's much, much more to John Lawler's article, and it's definitely worth reading.

However it must be said that iPhone security should be much stronger than that of most competing devices.

Unless an unpatched vulnerability is discovered and withheld so it can be used en masse against anyone online criminals want to target, as was possible with the iPad OS 3.2.1 and iPhone OS 4.0.x versions through a PDF vulnerability that could be exploited from a web page, unmodified iPhones only run software available from the Apple store, and not unknown third party sources.

Unknown and unpatched vulnerabilities are popping up all the time in software, fixed through updates, so the chance that online criminals are finding these and exploiting them before they are patched is not only very high, it already happens - zero day threats are real, after all.

There could be DNS cache poisoning to capture some information from iPhones connected to rogue Wi-Fi hotspots, but then any device could be vulnerable to such an attack, especially if VPN software isn't being used on such a connection.

After all, if a thief wants to break into your house, most fancy door locks won't stand up to being ramraided with a 4WD car, even if they will stop a boot. But we can all still do things to have as much security as possible, such as not jailbreaking your iDevice, being aware of phishing and other social engineering tricks and running the latest Internet security software on platforms that need it. 

Jailbroken iPhones have been vulnerable in the past when default passwords weren't changed, and there could easily be malicious unauthorised iPhone software out there targeting jailbroken devices, but these are not the majority of devices that are used in an unmodified fashion.

So'¦ online security is something that has not only become extremely important, but a vastly profitable battlefield for online criminals, and one that countries around the world are having to take extremely seriously.

It's not your phone, but every aspect of your digital life that you have to think of, because it's not just governments and corporations that want to track you, but online criminals too, who can do a much better job of ripping you off and screwing around with your life than the various governments and corporations in our lives already do!

 


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Alex Zaharov-Reutt

Alex Zaharov-Reutt is iTWire's Technology Editor is one of Australia’s best-known technology journalists and consumer tech experts, Alex has appeared in his capacity as technology expert on all of Australia’s free-to-air and pay TV networks on all the major news and current affairs programs, on commercial and public radio, and technology, lifestyle and reality TV shows. Visit Alex at Twitter here.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments