Thread: NEWS: iPhone becomes phisherman's friend
View Single Post
  #12 (permalink)  
Old 07-18-2007, 05:13 AM
Todd Allcock
Guest
  
Posts: n/a
Default Re: NEWS: iPhone becomes phisherman's friend
At 17 Jul 2007 23:36:51 +0000 John Navas wrote:

> It's not a "proprietary" OS -- it's a well-understood UNIX-workalike.
> (See below.)


Perhaps, or perhaps it's a lookalike of a well-understood UNIX-workalike.

None of us here really knows what it's running- given the horsepower vs.
the relative snappiness of the device, I assume it's no more running
"OSX" than my WinMo phone is running Vista.

> This is only a simple example. "Where there's smoke there's fire."
> Much more dangerous are the unknown and invisible exploits.

True- yet if they're "unknown" we don't know if they exist or not.
Fortify is a third-party security software company warning us that a
phone that can't run third party apps is insecure. Hmmm... Perhaps they
have it 100% right, but the cynic in me thinks it's a bit like the
National Cattlemens' Association warning me of the health risks involved
in eating chicken...


> Again, much more dangerous are the unknown and invisible exploits. That
> such simple exploits exist should give you pause, not comfort.

Phishing isn't really an exploit as much as it's a confidence game for
the 21st century.


> >I love how every two-bit consulting and/or marketing firm is chafing at
> >the bit to "report" iPhone information and get their name out there!
>
> I'd say it's more a matter of protecting users. This wouldn't be
> happening if Apple had subjected the iPhone to 3r4d-party scrutiny in
> advance. Thus we get it after the fact.


Perhaps. But it smacks of self-serving to me.

> >The iPhone seems no less "secure" than any other smartphone that can
> >execute a system command (like dialing the phone!) from a clickable
link.
>
> Based on what, your guess?


Yes. An edumicated guess based on the fact the thing abhors 3rd-party
software, disallows the saving of e-mail attachments on the device
itself, and lacks java or flash support, minimizing the chance of any
executables sneaking on the device. Even the Weblets or whatever they
call them seem pretty anemic so far.

> > Did "Fortify Software" issue these press releases for Blackberries,
> >Treos and iPaq phones as well?
>
> Why not check that out yourself? ;)

Actually I tried- their press releases didn't turn up anything nor did a
Google search in the amount of time I was willing to give it (very
little.)

> >The Register seems to enjoy "reporting" any anti-iPhone news they can
find.
> > What iPhone-shaped bug crawled up their hindquarters?
>
> Check out how many patches have been rushed out by Apple to deal with
> Mac OS exploits, and then check out what the OS in the iPhone is based
> on. ;)

....or looks like. Windows Mobile has been around for over ten years, is
"based on" a very exploitable OS that's been patched more times than your
great-grandmother's quilt, and yet hasn't had a single exploit launched
against it other than a single proof-of-concept virus that required the
user to actually run the install file . Forgive me for thinking the
iPhone is probably relatively safe for the time-being.



--
Posted via a free Usenet account from http://www.teranews.com


Reply With Quote