Another day, another CEO from a "security software" company pens a "guest editorial" saying Apple needs to open up to — guess what? — "security software".
Just like the last time, the premise is self-serving, the headline spit-take inducing, and it's absolutely not worth rewarding negative attention seeking with attention. But because every time something like this posted, we get contacted by concerned readers, some of the fear-mongering needs to once again be addressed.
The CEO starts off by saying iPhone and iPad owners aren't concerned enough about the safety of their devices, despite the "constant news" of hacks and online security breaches. That might be because almost all of the "constant news" pertains not at all to the vast majority of iOS customers — the ones who don't jailbreak, use pirated app stores, or accept untrusted apps.
Ludicrously, the CEO claims to see the same trend in mobile — though not specifically iOS — as plagued PCs during the 90s and 00s. App Store review gets blamed for being to "human", customers get blamed for being too dumb to tell cracked apps and clones from the real thing, and Apple and developers get blamed for failing to prevent apps from running on insecure jailbroken devices which are, apparently, popular with users.
And that's when the punchline for all the fear-mongering hits — Apple isn't up to the job of protecting us from all this scary stuff, so they need to open up and allow third-part security solutions on iOS to protect us for them.
It's blatantly self-serving misinformation that should never be published in a legitimate context without a giant "THIS IS ADVERTISING" sign on top of it. In Neon.
iOS devices represent a huge untapped market for "security vendors", though, and some of them will likely do anything they can, including trying to scare Apple's customers, in an attempt to pressure Apple into opening up the platform for unnecessary "security software" that may just as likely make us all less secure. Doors open both ways, after all.
All the sensationalism and all the noise also creates another problem — it distracts from the real security issues facing iOS and other mobile platforms. These include everything from finding and patching exploits to figuring out how to stop enterprise certificate abuse to helping customers use things like Touch ID and avoid social engineering attacks that seek to strip them of the built-in security Apple provides.
Apple knows all this, of course, and has made both security and privacy a top-down, top-tied, competitive feature for its platform.
Publications can help, but not through 'advertorial' fear-mongering. They can help by informing and empowering readers with real information that lets them better use all the existing security features at their disposal and avoid the pirate app sites and other vectors for attack.
That might not sell third party "security software", but it will legitimately make everyone safer.
Reader comments
iOS apps are secure — it's 'security' advertorials that remain a threat
I consider iOS very secure operating system.
Sent from the iMore App
So do I. I don’t however, consider it invincible.
Unfortunately, the people from a "security software" company already won the fear game with lies and misinformations to sell their unneeded "security software" on Android....
Now we even get antivirus ads in browsers like we do with WIndows.... it is freaking nasty!
Android never needed third party antivirus, but they spread lies after lies and won.... and now they want to repeat the formula with iOS.
Speaking of... Rene, which apps can iMore recommend for ad-blocking while browsing the web on iOS? More and more sites rely on ads that force the App Store to open and that is not cool.
Weblock just got an update. Costs $1.99 USD. Works well, but there are some privacy concerns (despite the developer's assurances) and only works wifi.
If you don't mind alternative browsers, try Mercury Pro or Dolphin, though in my experience Mercury's built-in adblock doesn't quite catch all those pop-ups.
The best protection from "malvertising" on iOS probably Disconnect, but they've switched to a $50 yearly subscription model, which is a bit much compared to their previous one-time $10 IAP upgrade. Other downside is that it runs a VPN setup, hence (in my experience) eats your battery-life a bit.
xAgent and MadCap are two of the most recent Malware apps to affect iOS, (7, not 8) and while they aren't directly from the app store, it does show that malware exists in the Apple system. Locking out a users choice to run additional software for piece of mind isn't right regardless of the results.
Posted via s6Edge
There are actually (afaik) three variants of xAgent malware out there. One of them - the less dangerous one - was rendered useless upon upgrading to iOS8. The second variant could only do it's mojo on jailbroken devices - technically, the evil-doers used a "tap here to install awesomesauce app" pop-up that redirected to a page hosting software signed using Apple's ad-hoc provisioning, which Apple revoked within days. The third one seems to come via hooking up the iOS device to a compromised USB device of some sort, which would mean someone having physical access to your device, in which case I'd say you've got bigger things to worry about.
Something I don't get is that I've still never had a virus with Android or Windows. I know they're not as secure and I'm not saying they are, but I do wonder how all of you manage to get bug ridden devices and I haven't had the issue and I'm not huge on cleaning out my computer. It's a once a month thing. Set up all the scans, go sleep the apartment, come back and forth do nothing. Defrag, reoprimize, manually clear out files I don't need, backup everything else. So I spend one day a month cleaning out my computers and that's all it really takes to keep Windows running well.
Oh yeah,,these guys are as bad as the people that offer hardware warranties.
"I'm da Blur boys!" - Me with 1200 ping. Fiber in Nashville? Save me based Google.
Well, your regime is actually pretty diligent, so that's probably why. Most folks don't do any of that stuff.
Probably you use Windows because you need it for some specific thing or application, but if you ever tire of doing all that every month, you could get a Mac and not have to do any of it. Macs are Unix systems of course and use daemons that run in the background to do all that. You don't have to defrag the hard drive for one. You don't have to manually backup for another.
I manually backup because I don't trust using third party options, I have a plans to build my own "cloud" for all my stuff at home. What's the proper term? A media server? I just need to build a cheap pc to manage it, or grab a Mac mini. I don't see how it's that hard to clean out your computer every month. I just made it part of my monthly apartment cleaning since that takes about a day.
"I'm da Blur boys!" - Me with 1200 ping. Fiber in Nashville? Save me based Google.
For starters, you don't seem like the type of person who'd download and install any random browser toolbar "plug-in" on "media library". In my experience troubleshooting other people's Windows installs, those alone make up probably 90% of the problems I've seen.
Oh, and while I don't use Windows, I'm pretty sure you could automate most (or all) of you cleaning/maintenance regime, regardless of operating system. You probably know this too and maybe just prefer the manual approach.
Also, a personal cloud and media server are quite different, though either can theoretically do the other's job. Many ways to go about it (and imho the most viable options don't require any Apple hardware at all), but we're already way off topic here.
That is true, most Windows issues I've seen from helping other people is something that piggybacked off a legit download and they didn't uncheck a box.
I'm not actually sure what is needed for a server and what not, it's going to be a learning experience more than anything else.
I'll figure out how to automate the process later. I'd do it now, but I use a laptop not a desktop, so on the off chance I wasn't hooked up to me backup disk, nothing would go through. Hence the desire for a private secure server.
"I'm da Blur boys!" - Me with 1200 ping. Fiber in Nashville? Save me based Google.
I’m the same. Use windows for gaming and some light browsing. I don’t up back the Win partition up at the mo, use Steam so my game saves will be safe. I’ve never yet defragged it or anything like that as far as maintenance goes.
I’ll start backing up religiously when M$ make something as staright forward as Disk Utility, or when Apple support NTFS fully.
That said, without anti virus I suppose there is a case to say that I can’t be sure I’m clean.
Nope don't do it Apple, stick to what you do. This is why I prefer Ios > android because of its Security. Apple should do what they did with Ios 8 open up its software the way they want to do it while maintaining tight security. I heard from developers working with Apple that they're going to enhance ios 8 features in ios 9 to make them better with a few new features.
Sent from the iMore App
I'm always in favour of security and secure platforms, but the *other* thing that Apple finds almost as important (censorship) bothers me no end. It's one thing to say "let's keep all the bad apps out of the store," but completely another to say "BTW girls in swimsuits are indecent and we won't allow them."
Especially because Apple is based in one of the most religious, socially backward countries, it's especially important that they tread carefully there, but in fact, they don't. They ban anything they don't like, they ban nudity even though it often has little to do with sex or "porn," and they ban anything that anyone could possibly construe as anti-religious.
To the modern, world-travelling person this is all pure bullshit of course, but we mustn't upset the US "bible belt" must we?
Yeah, let the mafia put up shop on your street in order to protect you. That worked soooo well in the past.
I normally find Rene Ritchie articles to be a complete waste of time, but this one hits the nail on the head. Couldn't agree more.
Always trying to take down Apple it seems. I have 3 malware or viruses attacks our only windows laptop in 4 months. The 2 macs have run for years with no walware or av software even installed.
Just curious on how you know they aren't there?
Posted via s6Edge
Because there are no viruses that run on a Mac, and because the malware has to be explicitly installed by the user. If you don't install anything from some untrusted source you are always 100% safe on a Mac.
Agreed but can be true for other platforms as well.
Posted via the iMore App for Android
False.
Worked in IT exclusively on Macs for decades dude. There are no viruses for Macs. Period.
This is the most ridiculous short sighted statement I have ever heard.
You could say the exact same thing about Windows, it's not like you turn on a computer and viruses are like "Wut up m8?"
"I'm da Blur boys!" - Me with 1200 ping. Fiber in Nashville? Save me based Google.
Yup same here! Even my Ubuntu Linux computer is still running after having it for years my windows computers crashed twice. This article is Baloney
Sent from the iMore App
It always comes down to money. . . . They see an opportunity to take advantage of individuals that don't understand OS security but are aware of "threats."
And after reading his editorial, it's pretty clear his only concern is selling more "security" software--regardless of the truth. In other words, he's a snake oil salesman looking for additional victims.
Exactly
Sent from the iMore App
On my Macs I run Virus Scanner Plus from the App Store in order to catch windows crap so I don't pass it along. When I first ran it my mailbox turned out to be riddled with all sorts of WinAbuse stuff. Clean now ;-).
iOS? No need for a scanner, Apple has that locked down.
Here you go... But clearly the author isn't as educated as Rene on mobile security so you should just disregard. http://venturebeat.com/2015/04/11/ios-apps-arent-secure-what-apple-needs...
Posted via the iMore App for Android
Thanks for the link, but if you read it, it totally makes Rene's case for him. He didn't "hide" it to obfuscate things, he did it as he said in the article, so as not to give them the publicity that they don't deserve.
The article reads like an advertisement, it's only superficially logical, but most of all, the conclusion is completely unrelated to the main argument. It goes through a long boring history of how things used to be and offers three minor "solutions" to the problem. The first, code obfuscation, is to fight the fact that anyone can read the code if they download bunch of nefarious tools and guides, but he never actually presents us with a scenario where knowing what the developer wrote actually gives the bad guys an advantage beyond cracking the app. The second, denying jailbroken phones from the app store, would be a publicity nightmare and wouldn't do anything to make the platform actually more secure. The third, automated testing of app store submissions, is already done by Apple and was announced at least a year or two ago.
Then there is a giant paragraph pasted on the end, sort of the big conclusion of the piece, that security firms should be allowed to offer anti-virus for iOS. This is completely unconnected logically from the rest of the article. No reasons are given, and nothing in the previous arguments actually support this conclusion.
In other words it's just a lot of blabby-blab with a completely unrelated "commercial" at the end. He doesn't even bother to provide a case or an argument for his request.
If anything, he is *more* educated than Rene. He is not writing this stuff out of ignorance - he is writing it because he has a clear vested interest in a specific narrative.
It is better to examine incentives before writing people off as stupid, because motivated smart people can cause a lot more harm than the simply ignorant.
Sent from the iMore App
Thanks, I do agree with the story. I just find it hard to get a balanced view when I don't know the full story.
Good to be able to read this other point of view (the venturebeat article), but surprised how very self serving it is.
I appreciate the sentiment, but not linking to the 'editorial' makes it hard to judge what this is about.
You do say that "it's absolutely not worth rewarding negative attention seeking with attention." which I get.
But please either reply to people in the forums where they bring it up, or write this like a story and reference what you are talking about.
Otherwise this reads like one of those annoying cryptic passive aggressive facebook posts; "People need to stop saying things they don't know about....".
I meant to put it in the comments, apologies.
I hate all third party "antivirus' software. All a bunch if baloney.
Posted via the iMore App for Android