Malware: iOS devices more resistant than Android

Sections: iPhone Competitors, iPhone OS, SDK and hacks, iPhone/iPod touch/iPad

submit to reddit

McAfee Labs has posted a paper: “Securing Mobile Devices: Present and Future” by Dr. Igor Muttik, Principal Architect for McAfee Labs, examining the current state of smartphones and other mobile devices and the security risks associated with their new capabilities. He predicts near-term future threats for these machines.

Dr. Muttick observes that despite steady progress in securing desktop computers using safer hardware, operating systems, and applications, malware is not going extinct. And with today’s explosive proliferation of smartphones, tablet computers, and other mobile devices, we have to wonder whether our pocket devices can also be secured.

There might be an assumption that with all that has been learned about protecting desktop computers, the new wave of mobile hardware should be relatively secure. In his paper, Dr. Muttick examines and describes in detail why this is unlikely to be the case, noting that while the overall threat of malware might decline, damage to mobile devices is likely to be high because smartphones are always connected, always carry some personal data, and are even equipped with small cameras, microphones, and positioning devices—just like spies carried in old Cold War era movies. The wider choice of built-in devices compared with desktop computers (or laptops and notebooks) makes mobile operating systems and applications more complex, and ultimately increases the attack opportunities.

That said, some platforms are better than others in this context. Dr. Muttick says that with the core of contemporary mobile OSs (such as iOS and Android) being based on Unix/Linux, the systems are reasonably secure, but nearly all types of threats to desktop computers seen in recent years are still possible on mobile devices, with threats readapted to mobile environments and, unfortunately, a likelihood of new kinds of malware that target smartphone capabilities not available on desktops.

Dr. Muttick says Apple’s iOS is currently the biggest rival for Google’s Android, and praises Apple for so far doing an excellent job of securing its devices, with currently no reported cases of malware for iPhones that have not been jailbroken.

On the other hand, with Android, many hardware manufacturers take the open-source core provided by Google and make their own modifications, some of which are security related. This fragments the OS space into many proprietary branches maintained in parallel, and inevitably lengthens the time for OS security updates.


He also observes that the world of mobile software distribution is being dominated by Apples App Store and Googles Android Market, which respectively employ distinctly different policies and apply filtering in separate ways. Apple’s rigidly centralized distribution only permits two ways to receive a new app: 1) from an App Store download; 2) from iOS Mobile Device Management (which requires approval by Apple).

Google runs and controls the content in the Android Market, but any device can also download applications from third-party markets on the Internet or use a browser to download an APK from a URL.


Consequently, Apple’s more tightly controlled store is safer, while Android’s more open software distribution has had malware issues on multiple occasions. Dr. Muttick says Apple’s proactive approach is focused on prevention, while Google’s plan is apparently to encourage creation of apps and deal with the problems as they occur, in reactive mode, which the professor says from a security perspective creates exactly the kind of environment in which malware gangs feel comfortable.

For more on McAfee’s dedication to finding new ways to keep customers safe, visit

Read [Securing Mobile Devices: Present and Future (PDF)]

Print Friendly