Researchers Worry Latest iOS 8 Features Will Open New Security Gaps
Apple is allowing more access to system functions in iOS 8, but security experts worry that the additional functionality will add more security vulnerabilities.When Apple announced iOS 8, the latest version of its mobile operating system in early June, developers welcomed the company's pledge to allow more access to system features. Soon after, however, security experts warned that with greater functionality typically comes greater risk. While Apple will allow applications, for example, to communicate with one another through a messaging "broker," such communications could weaken the security sandbox model, antivirus firm Symantec stated in an analysis. In addition, the company's move to create repositories for cloud, health and home data could entice attackers to target those valuable vaults. While Apple efforts to vet programs before allowing them in the App Store will likely continue to limit attacker's opportunity to steal data, a significant portion of the company’s security model relies on a gated ecosystem and opening up that system could weaken defenses in unforeseen ways, Candid Wueest, a Symantec threat researcher, told eWEEK. "These changes have a lot of potential to be beneficial, but they have risks," he said. "I don't suspect that we will see a hoard of trojanized apps appearing, but you are still increasing the number of attack vectors for the whole system."
On June 2, Apple announced both iOS 8 and the latest version of its Mac OS X operating system, Yosemite. The company added a number of security enhancements including more consistent virtual private networks, anti-tracking technology to hide device identifiers and a new programming language, called Swift that includes more secure coding features. The company also stated that 83 percent of owners use the iPhone's fingerprint technology, TouchID, to secure their phone, compared to less than half that had set a passcode on previous devices.