10 Things the iPhone Worm Teaches Us About Mobile Security

By Don Reisinger  |  Posted 2009-11-09 Print this article Print

News Analysis: The iPhone is under attack by a relatively inconsequential worm that has found its way onto jailbroken iPhones in Australia. It might not affect too many users, but it does underscore the fact that the iPhone isn't as secure as people like to think.

A new worm has affected some Australian iPhones. The worm gains root access to a user's jailbroken phone and installs an image of Rick Astley (of Rickrolling fame) as the default wallpaper. Security company Sophos said removing the Ikee worm is extremely difficult, but it doesn't appear to do much more than annoy the user who owns the affected device. It should also be noted that so far the worm has only impacted folks in Australia.

But the iPhone worm says quite a bit about the nature of mobile security. It also teaches some valuable lessons to those who might believe that mobile phones are secure. Reality dictates that no one is absolutely secure at any point. And although Apple does its best to safeguard the security of its users, not even the iPhone, jailbroken or not, can keep them entirely safe.

That's precisely why this small outbreak can teach any mobile phone user a lot about mobile security and what kinds of dangers exist.

1. One point against jailbreaking

Once Apple responds to the news about this worm, you can bet that the company will make it abundantly clear that those who jailbreak their phones are putting themselves at unnecessary risk. That's partly true. An iPhone that hasn't been jailbroken by its user has all the security features in place, potentially decreasing the chances of malicious hackers gaining access. Jailbreaking might not be the best move.

2. Trust is a problem

Too often, users open files from others without considering the ramifications. Whether an e-mail comes from a trusted source or from someone a user doesn't know, caution must always be used when opening attachments. Does that attachment relate to a prior discussion? Is it coming from a trusted source? Answering those questions (and others) is important before opening an attachment.

3. False sense of security

Unfortunately, too many people believe that because they're using an iPhone and not a Windows PC, they are more likely to be secure. That's not necessarily true. Although Apple has done a fine job of securing the iPhone and few issues ever arise, that's far from an absolute guarantee. Users who feel that they can do anything without worrying about the consequences could put themselves in danger.

4. Mobile breaches are still bad

When users considers the potential security issues that could arise on a mobile phone, some believe that the result won't be bad even if malware manages to latch on to the device. After all, they reason, all the really sensitive information is on a PC. Think again. If a user has his or her work e-mail account tied to an iPhone, any and all messages will be sent to that device. If malicious hackers find their way into the software, it won't take long for them to access that sensitive data.

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel