iPhone Insecurity

With the iPhone's booming success, it's no wonder it is becoming an industry leader in mobile technologies. Apple had one of the first smart phones to market, and the iPhone has dominated since it's inception. Recently though, Steve Job's has taken ill, and will be taking a short leave of absence. This is sad but unsupprising news, the empire Apple has built is far from stable; I think the general populace is ignorant of many flaws in Apple technology. The majority of people are under the impression Apple products are "secure and virus free", from the well built reputation Mac Books earned over the years. This is not true. For a long time, PC's were the standard computing device, and because of their high user base, the viruses targeted PCs. Now, we see iPhones becoming the standard mobile computing device, so lets take a look at where the trend will shift. If you read my "Intrusion Detection (part 2)" post, you will see how Motorola's DroidX uses proper encryption techniques, and appropriate PKI certs with it's bootloader to prevent running unauthorized code. The iPhone uses virtually no bootloader encryption, which is why the jail breaking technique is possible, and has become so popular. This lack of bootloader encryption and other serious insecurities, may put allot more data than you realize at risk. Not only is this data at risk, but if you are running a cracked OS, your application data may be at risk as well from your homebrew OS solution. Or lets say your an application developer, your apps have potential to be abused now, with these open source systems. iPhone user's can now spoof your app, into thinking it has been paid for or hack extra services out of the app. Again, these hacks come from poor PKI implementation. Apple really needs to step their security game up, if they want to be a top mobile competitor. This market is just beginning to boom, and Apple has a solid foothold, but consumers of this generation are likely to be more serious about their information security; this weak implementation of cryptographic techniques will certainly whirlpool back to bite Apple, again and again.