It’s hip2b2

After playing with the Apple iPhone for a bit, I have come to appreciate Apple’s effort in designing this next generation device. All the development towards unleashing the power of the iPhone has left the world with about 200,000 pretty powerful mobile computers (I believe these devices are more powerful than just PDAs and phones).

With great power comes … potential security threats. The mobile phone industry has largely been immune to malware due to the fact that their mobile phone operating systems are either very restricted or very security. Another possibility is that malware authors are not quite interested in writing malware for these devices because of the small number of devices out their in the market with a particular system. A potential malware author would have to crack all of these various systems. It just takes too much work for so little exposure.

However, the Apple iPhone has the potential to sell like iPods. When the numbers get this big, the crackers start paying interest. Here is how I see it happening with the iPhone:

1. Getting Entry. Regular Virii, Trojans and Worms infect millions of unsuspecting computers. These forms of malware can detect the presence of an iPhone.
2. Breaking in. Once an iPhone is detect, the next step will be to jailbreak the iPhone. There are lots of way to do this already. All the tools are also publicly available.
3. Putting a Back Door. Next step would be to install an SSH server on that iPhone and create a compromised backdoor account. Also other necessary software can be installed at this point. Since, most people won’t bother doing this themselves, the attacker can put this in un-noticed.
4. Schedule an awakening job. It would be bad for a piece of malware to be too noisy because it would destroy the ecosystem it needs to survive. The malware can be forced to schedule a crack job much later instead it will focus on spreading far and wide.
5. Join the Collective Mind. Botnet software can then be installed on each infected iPhone. The rest is history.

A simpler way would be to infect an application distributed via in an Installer.app package. Another option would be to entire via a Safari vulnerability. There are even more possibilities. Some where somebody is already writing a proof of concept or the real thing. Finally, mobile security needs more attention.

So whose fault is it? Nobody in particular. Well, things like these come with success.

This entry was posted on Sunday, August 19th, 2007 at 8:00 pm and is filed under Personal. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.