10 Things the iPhone Worm Teaches Us About Mobile Security

10 Things the iPhone Worm Teaches Us About Mobile Security

By: Don Reisinger

2009-11-09

10 Things the iPhone Worm Teaches Us About Mobile Security ( Page 1 of 2 )

News Analysis: The iPhone is under attack by a relatively inconsequential worm that has found its way onto jailbroken iPhones in Australia. It might not affect too many users, but it does underscore the fact that the iPhone isn't as secure as people like to think.

A new worm has affected some Australian iPhones. The worm gains root access to a user's jailbroken phone and installs an image of Rick Astley (of Rickrolling fame) as the default wallpaper. Security company Sophos said removing the Ikee worm is extremely difficult, but it doesn't appear to do much more than annoy the user who owns the affected device. It should also be noted that so far the worm has only impacted folks in Australia.

But the iPhone worm says quite a bit about the nature of mobile security. It also teaches some valuable lessons to those who might believe that mobile phones are secure. Reality dictates that no one is absolutely secure at any point. And although Apple does its best to safeguard the security of its users, not even the iPhone, jailbroken or not, can keep them entirely safe.

That's precisely why this small outbreak can teach any mobile phone user a lot about mobile security and what kinds of dangers exist.

  1. One point against jailbreaking

Once Apple responds to the news about this worm, you can bet that the company will make it abundantly clear that those who jailbreak their phones are putting themselves at unnecessary risk. That's partly true. An iPhone that hasn't been jailbroken by its user has all the security features in place, potentially decreasing the chances of malicious hackers gaining access. Jailbreaking might not be the best move.

  1. Trust is a problem

Too often, users open files from others without considering the ramifications. Whether an e-mail comes from a trusted source or from someone a user doesn't know, caution must always be used when opening attachments. Does that attachment relate to a prior discussion? Is it coming from a trusted source? Answering those questions (and others) is important before opening an attachment.

  1. False sense of security

Unfortunately, too many people believe that because they're using an iPhone and not a Windows PC, they are more likely to be secure. That's not necessarily true. Although Apple has done a fine job of securing the iPhone and few issues ever arise, that's far from an absolute guarantee. Users who feel that they can do anything without worrying about the consequences could put themselves in danger.

  1. Mobile breaches are still bad

When users considers the potential security issues that could arise on a mobile phone, some believe that the result won't be bad even if malware manages to latch on to the device. After all, they reason, all the really sensitive information is on a PC. Think again. If a user has his or her work e-mail account tied to an iPhone, any and all messages will be sent to that device. If malicious hackers find their way into the software, it won't take long for them to access that sensitive data.

Next: Taking iPhone Security Seriously >>

Reply to
News
Loading thread data ...

News wrote in news:JuednehRvJgEg2HXnZ2dnUVZ snipped-for-privacy@speakeasy.net:

Take one of these:

formatting link
nearly anyone's cellular USB modem and plug it into one of these:
formatting link
Connect via wifi to your INTERNET SAFE wireless router...just like sane people do at home! It's completely firewalled that's configurable!

Buy 4 of these monster D cells, 12AH:

formatting link
tabs on them so you can solder them in series. The router doesn't need regulated power input. Close to 5V is fine. Charge them off 12V by simply putting a 20W 10 ohm power resistor in series, which will limit their current to a safe overcharge. Any voltage over 6V will charge them this way. When the batteries in series get warm, they're charged, unplug them, don't cook them. From dead, takes about 18 hours. Slow charging them will not hurt them as Ni-Mh cells have an oxygen recombiner in them that just makes them hot on overcharge BELOW 1C RATE, which is 1.2A for these cells. Over that current, they'll be ruined if you overcharge them. The Cricket modem and really nice netsafe router run about 30 hours before recharge. Just charge them when you get home and unplug before you go to bed after a hard day of cruising...or just leave them charging if you're going to leave the router/modem running constantly at home. The router/modem use about 350ma idle, 600ma transmitting full power. The 10 ohm/12V charge will power and very slowly, safely, charge the cells without overheating them left plugged in constantly....battery backed if the lights go out....and ready to cruise when you leave home. I never cut mine off, leaving my Linux tablets on Cricket, reducing the load on my cable downloading. Works great....SAFE! My hotspot fits in the netbook carry case side pocket.

I made a flat pocket powerpack out 4 of these 6AH C cells:

formatting link
power it when I'm walking around. Fits your jeans back pocket and will run the router/modem about 15 hours continuously streaming anything. I charge it slower off 12V with an incandescent big 12V pilot light that gives me about .8A when the cells get charged. Same thing, when they get warm, they're charged and ready to ride! The pocket portable powers the N800 Linux tablets and wifi Skype phone even walking the mall. Because both the tablets and the Skype phone run off 5V, I can also use either of these battery pack beasts to recharge them both, right in my pocket if I want....with a little cable construction.

The CTR-350 will run 16 devices on the modem, simultaneously, sharing the cellular bandwidth. Its range sitting atop a car dashboard parked in front of a restaurant is about 100 feet, inside the restaurant to my netbook or Nokia N800 tablet. Password protect it as others seeing it will always try to steal your bandwidth. You can even password protect the internet connection separately from the router access. Connected to your own pocket LAN, you can share data/files/disks with others allowed to connect to your LAN, just like at home. Plug an Ethernet network drive into its WAN port and your iPhone has access to massive hard drive shared storage. That works fine as the WAN port can be switched in firmware.

Almost anyone's cellular modem will now work with the Cradlepoint portable wifi routers. The Cradlepoint handles all the connection and authorizations very nicely. Give your girlfriend the password...(c;]

Any wifi telephone, like my Netgear Skype Phone, also work within 100 ft of it over the cellular data network. Talk to anyone on the planet.

Reply to
Larry

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.