Apple advocates against downloading apps by comparing iPhone security to Android malware statistics

Of the two major mobile operating system vendors, Apple has a reputation for being the more private and secure option. The company attributes the security of the iPhone to its “walled garden” approach, limiting app downloads and making the App Store the only straightforward and straightforward way to install software on its devices.

Faced with court rulings that could ultimately force it to relax that policy, Apple is embarking on a public relations campaign that has commissioned research to connect Android’s more open architecture to increased malware risk. Among other claims, Apple claims that an Android device is up to 47 times more likely to contract malware and that allowing apps to be sideloaded would attract a wave of cybercrime to the iOS platform.

Apple touts iPhone security ahead of regulatory decisions

Apple’s latest research-driven brochure touts the ‘critical importance’ of iPhone security, arguing that a smartphone tends to be the type of device that holds the most personal information sensitive. The central theme is that sideloading applications would cripple its carefully structured security protections and expose users to attacks.

The statistics it presents certainly cast a bad light on Android. Apple says its rival mobile operating system experiences 15 to 47 times as many malware infections, totaling six million attacks per month and around 230,000 new malware infections per day.

Apple also claims that allowing apps to be downloaded would be detrimental to its users in several ways. Cupertino predicts a wave of cybercrime to come into its ecosystem, even though app downloading was limited to approved third-party app stores, as well as reduced control over apps for users and the removal of “critical components of the computer.” iPhone ‘security from iOS due to the requirements created by some offloading initiatives. Apple also predicts that users will be tricked by fake third-party app stores and forced to download apps by employers and schools.

While it’s in Apple’s financial best interests to paint as grim a picture as possible, the company is right on the facts about some of its core claims. However, he can also exaggerate the case. As the Pegasus spyware recently demonstrated, iOS is just as susceptible to high-level zero-day attacks that can give a malicious actor complete control of the device. Additionally, while Apple’s iPhone security approach may offer users superior protection against lower-level malware attempts, recent research shows that it doesn’t necessarily offer better protection from lower-level malware. privacy in terms of tracking by advertisers. All of this also examines the issue through the prism of app usage; Apple users can still be phished by text or email in the same way as Android users.

Apple’s own pamphlet also admits that there are still ways for bad actors to bypass iPhone security and enter the App Store without loading apps; mainly, by purchasing approved company certificates on the black market and sneaking through the Developer Enterprise Program.

Apple on PR offensive ahead of potential app download requirements

The app download issue arose as Apple faced regulatory and legal scrutiny from multiple sources, both from government agencies and in the form of private lawsuits. A recent real development has been the decision taken in Apple’s long legal battle against Epic Games. While the move was primarily in Apple’s favor in terms of demonstrating monopoly power, it also paved the way for the end of Apple’s ban on third-party payment systems in App Store products. . That, in turn, could create a legal basis for the challenges of Apple’s control over app delivery and a tight grip on iPhone security. The case is still pending as Epic is working on the appeal process.

Apple has also been the subject of an antitrust review by the Federal Trade Commission and the Department of Justice for years, and Congress is considering several bills that could impact App Store operations. . It could bring the world of alternative iOS app stores out of the shadows. There was a time when iOS allowed alternative purchasing systems, in the early days of the iPhone. It only introduced its own in-app shopping system in 2009 (roughly two years after the launch of the first iPhone) and didn’t start banning third-party apps for using their own systems until 2011. Since then, an underground ecosystem has emerged for the relatively small percentage of Apple users who choose to jailbreak their devices. Unofficial third-party app stores, such as AppCake and AltStore, allow these users to install untrusted apps (at their own risk).

Apple’s white paper argument on iPhone security practices doesn’t really take into account that the App Store (and its verification process) would continue to be available in any of these scenarios. Some argue that Apple is restricting “power users” and those who are more technologically sophisticated in the name of protecting its most naïve device owners, leaving neither group a hands-free way to use the hardware. ‘they own (and probably paid extra).

Apple claims that an Android device is up to 47 times more likely to contract #malware and that allowing apps to be sideloaded would attract a wave of # cybercrime to the iOS platform. # cybersecurity #respectdataClick to Tweet

Ilia Koloshenko, founder / CEO and chief architect of ImmuniWeb, observes that this approach reduces the exploitation of malware by the most vulnerable users, but can never eliminate it entirely: “Security through obscurity is here. one of the main pillars of Apple’s mobile security model which performs quite well compared to Android. By keeping its source code private and preserving its mobile ecosystem closed to any third party, Apple effectively prevents countless mobile attacks. In fact, full control over the hardware, operating system, and application layers of iOS devices greatly simplifies security compared to a complicated patchwork of Android security, especially for devices running older versions of Android. … Nevertheless, almost every month a new critical vulnerability is discovered in iOS that allows remote code execution, sometimes even without interaction with the victim. Some malicious iOS apps also manage to bypass Apple Store’s multi-layered checks and get installed by unintentional users. The chances of getting a malicious app on your iOS device, however, are significantly lower than that of an Android device. That being said, while obfuscation security is clearly not a panacea, opening up Apple’s ecosystem to third parties will undoubtedly lead to a tenfold increase in malware targeting iOS devices and undermine the model of. Apple security.

About Donald J. Beadle

Check Also

Gallagher announces opening of Congressional App Challenge 2022

GREEN BAY, Wis. – Rep. Mike Gallagher (R-WI) today announced that the Congressional App Challenge …

Leave a Reply

Your email address will not be published.