14 DAY TRIAL // Kaspersky's "Malware evolution: January - March 2008", among other things, talks a bit about mobile threats. Among those, the iPhone is mentioned as a once-thought-to-be desirable platform for hacking. That was until Apple rolled out their SDK in March, this year, which actually proved to be "very limited," the security company reckons, thus impeding Kaspersky from rolling out antivirus software for the device.
"We had believed that the release of the SDK would lead to the appearance of a multitude of malicious programs for iPhone," Alexander Gostev, Senior Virus Analyst at Kaspersky Lab says. "However, what the open Apple SDK provides is actually very limited," the man notes.
"Apple has followed Symbian's lead," Alexander reveals, which means that "the model for creating and distributing programs for the iPhone is based on the idea of 'signed' applications. The main restrictions are laid out in the agreement for use for the iPhone SDK," he explains, quoting Apple too: "No interpreted code may be downloaded and used in an application except for code that is interpreted and run by Apple's published APIS and built in interpreter(s). An application may not itself install or launch other executable code by any means, including without limitation through the use of a plug-in architecture, calling other frameworks, other APIs or otherwise."
But Apple's long list of restrictions is only just beginning. Applications created using the iPhone SDK can only be distributed via the App Store, which, in Alexander's opinion, "creates a large number of additional barriers, ranging from the number of 'vendors' [developers] allowed, to geographical restrictions..."
"These restrictions do not only make life more difficult for virus writers," he explains, "but they also effectively rule out such applications as Firefox, Opera, many games, IM clients and much other useful software: applications which could be extremely popular among iPhone users and which could extend the device's capability." These and many other restrictions make it "impossible to launch an antivirus product for the iPhone," Kaspersky's Virus Analyst concludes.
Adding (the estimation) that 50% of all devices sold have been unlocked, "all of these devices are potentially vulnerable to infection by any malicious program for iPhone," the same post reads, "as the user will be downloading files from many different unofficial sources to his/ her device." The Kaspersky analyst notes that there is no way this can be controlled and that the number of people using hacked iPhones will equal the number of Symbian smartphone users from back in 2004 - the year that Cabir appeared.
Cabir is a computer worm developed in 2004 that is designed to infect mobile phones running Symbian OS. It is believed to be the first computer worm that can infect mobile phones. When a phone is infected with Cabir, the message "Caribe" appears on the phone's display, and is displayed every time the phone is turned on. The worm then attempts to spread to other phones in the area using wireless Bluetooth signals.