This weekend a Swiss computer security researcher released an application designed to demonstrated the kind of personal information that a malicious iPhone application could potentially harvest personal from unwary users (pdf). The disclosure came just two weeks after the first truly malicious iPhone worm was released for jailbroken iPhones.
So, are we’re on the brink of a mobile malware pandemic?
Not necessarily, says MikkoHypponen, chief research officer for the Internet security company F-Secure, based in Helsinki, Finland. Hypponen has been collecting mobile malware specimens for the past 10 years. His count, so far, is 454 mobile viruses and Trojans since 2004. And, despite many security experts predicting that serious attacks against mobile devices are inevitable, Hypponen has observed the opposite trend. “Instead of getting worse, malware on mobile devices has been slowing down over the past two years,” he says.
The main reason, Hypponen suggests, is that most phone platforms exercise more control over the applications they run than desktop computers do. For example, mandatory application signing for the iPhone means that programs can’t run without authorization from Apple. Android’s open platform doesn’t use mandatory signing, but Google has designed a new security model for the operating system to minimize the damage that can be done by a malicious application.
Hypponen also believes that fragmentation in the phone market has hindered malware writers so far: no single mobile operating system dominates the way Windows does on the desktop, so it’s hard for virus writers to know where to focus their efforts. Furthermore, he says, far fewer people have the sort of low-level knowledge of specific mobile devices that’s needed to create successful malware.
However, Hypponen notes that the malware observed so far requires a user to install something malicious, instead of exploiting a vulnerability in the operating system itself. The real danger, he says, is when malware authors discover ways to attack a mobile device without that level of user participation.
“When that happens,” Hypponen says, “everything we know about mobile malware will have changed.”
Five poems about the mind
Work reinvented: Tech will drive the office evolution
As organizations navigate a new world of hybrid work, tech innovation will be crucial for employee connection and collaboration.
I taught myself to lucid dream. You can too.
We still don’t know much about the experience of being aware that you’re dreaming—but a few researchers think it could help us find out more about how the brain works.
Is everything in the world a little bit conscious?
The idea that consciousness is widespread is attractive to many for intellectual and, perhaps, also emotional
reasons. But can it be tested? Surprisingly, perhaps it can.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.