Friday, March 29, 2013

iPhone more vulnerable than Android, BB, and WP combined


from phonearena.com
Security is always a hot topic with mobile platforms, but most of the time the focus is on Android and the malware issues that exist for the platform if you don't use the Google Play Store. But, a new study shows that maybe we should pay more attention to the iPhone's security issues, because the study claims that the iPhone has more security vulnerabilities than Android, BlackBerry, and Windows Phone combined.

The study was conducted by SourceFire, which analyzed vulnerabilities from the Common Vulnerabilities and Exposures (CVE) data and National Vulnerability Database (NVD) over the past 25 years. Yves Younan, senior research engineer at SourceFire's Vulnerabilities Research Team and author of the report, said that the results were "surprising", especially since despite Apple constantly releasing security fixes with each update, CVE continue to grow year over year.

According to the study, the iPhone has 210 vulnerabilities, which adds up to 81% of mobile phone platform vulnerabilities in the four platforms studied. Android has just 24 known vulnerabilities, Windows has 14, and BlackBerry has 11, which combined rounds out the remaining 19%. The study didn't extend to fringe systems like Symbian, bada, and the rest. To be fair, these numbers are a cumulative total since 2007, but even removing 2007 from the mix, iPhone still has 205 vulnerabilities to Android's 24.

Younan's theory to explain the results is that cybercriminals can't get at users through the iTunes App Store, and have to work harder to find iPhone vulnerabilities, so more are found. Whereas, because Android is an open platform, that makes it easier for criminals to attack the platform.

Of course, he doesn't mention that only 0.5% of malware comes through the Google Play Store, so criminals still have to find ways to get Android users to sideload infected apps. It is still very possible that Android simply has fewer vulnerabilities because it is open-source (which tends to be more secure), and the only real serious vulnerability with Android is that users are allowed to screw things up if they aren't careful.

16 comments:

  1. Lies are not more true than their graphs...

    ReplyDelete
  2. Glad someone finally brought this to light

    ReplyDelete
  3. "Android, with only 13 vulnerabilities reported last year, leads all mobile operating systems in malware being written. Apple’s iOS, on the other hand, accounted for the lion’s share of vulnerabilities during the year but was targeted by only one family of malware."

    http://gcn.com/articles/2013/04/19/iphone-vulnerabilities-android-most-attacked.aspx

    ReplyDelete
  4. http://arstechnica.com/security/2013/04/more-badnews-for-android-new-malicious-apps-found-in-google-play/

    ReplyDelete
    Replies
    1. You obviously aren't a computer guy, are you?

      Delete
  5. That guy Brett seems to have very little technical knowledge. That's probably why he uses Apple products. They are generally made for the less competent users with money to waste. It sounds like he's jealous that Android is bigger and better than iOS will ever be. Why is he on this site anyway if he's not a "hater"?

    ReplyDelete
    Replies
    1. It's so easy to tell isn't it? Computer illiterates just stand out.

      Delete
  6. And today another…

    http://arstechnica.com/security/2013/04/crital-app-flaw-bypasses-screen-lock-on-up-to-100-million-android-phones/

    Call me a computer illiterate if it helps distract you from the sad truth about Android. Brag about Android's superior unit sales and "openness" as if they were a good thing, but know that those same attributes encourage and enable malware.

    It's interesting that there is a class of Applehater who thinks it is acceptable for consumer devices to be difficult to learn and use, requiring a certain level of "literacy" or "competency", and that any frustration that results is the fault of the user, not the designer.

    I'll let you in on a secret: The vast majority of cellphone owners are not "computer guys". That's why despite all the competing phone's gimmicks, the Apple iPhone has ranked number one in user satisfaction year after year.

    http://news.cnet.com/8301-13579_3-57575557-37/the-iphone-tops-j.d-power-satisfaction-rankings-again/

    ReplyDelete
  7. Oh you and your fake reports. All of the non "computer-guys" you speak of will choose Android once they are shown how much more it can do. I've seen it several times myself. And I'll let you in on a little secret as well: Android is not difficult to use right out of the box. Apple can keep it's blissfully ignorant and shrinking customer-base while the grown-ups with Android take over.

    ReplyDelete
  8. "Android's malware threat has now grown to nearly the level of compromised Windows systems, and taken over entirely from the previous riskiest mobile OS, the now-discontinued Symbian. Other platforms, such as iOS and Windows Phone, remain essentially threat-free."

    99.9 percent of mobile threats on Android
    http://www.electronista.com/articles/13/05/30/trojan.horse.attacks.most.likely.avenue.of.infection/

    ReplyDelete
  9. But dude it's just like with Windows. Android is bigger and better so, naturally, it is likely to be a bigger target. I have read in several other articles that the percentage wasn't nearly that high. More like 50-55% or so. Also, most of the malware is easily stopped by the various free software available and the usually smart Android users. No worries in our camp mate.

    ReplyDelete
  10. Glenn, I'm glad that having to install security software on your freakin' phone doesn't seem like a problem to you. But it still sounds to me a lot like a battered housewife making excuses for their husband.: "It was my fault. He can't help himself. I shouldn't have made him angry".

    Some Windows and Android fans have such lowered expectations that they are blind to the flaws in their chosen platforms. Fine. But then to have the nerve to criticize Apple when it comes to malware just boggles the mind.

    ReplyDelete
  11. Wow, you seriously used the "battered wife" analogy? That BELONGS to Apple users. They are famous for consistently making excuses for Apple's tight-ass rules and regulations. When another phone or OS gets a cool feature the Apple fanboys that don't have it say "I'm sure Apple has it's reasons." I guess your OK with Apple telling you when you can wipe your ass too. If you think installing free software on my device that helps protect it is a "problem" than you're more of a f'in retard than I thought.

    ReplyDelete
  12. http://gizmodo.com/an-insane-john-mcafee-teaches-you-how-to-uninstall-his-514247598

    ReplyDelete
  13. It's a good thing that Android owners are trained to install security software. They are primed and ready to fall for this:

    http://arstechnica.com/security/2013/06/device-disabling-fake-av-migrates-to-android-phones-demands-ransom/

    ReplyDelete
  14. Ooooh, it's on a whopping 100 devices. What a devastating blow to the Android community. Fortunately, as you've pointed out, Android users are tech savvy and more intelligent. I'm not terribly worried.

    ReplyDelete