The iPhone at 10: Still No Major Malware

Posted on by

The iPhone at 10: Still No Major Malware

Many people are writing about the success of the iPhone, and how ten years on, we can clearly see how it changed personal computing. As the fastest-selling consumer electronic device ever, this pocket computer has swept across the globe like a tsunami, selling hundreds of millions of units. In the past year alone, Apple has sold more than 200 million iPhones.

One of the biggest successes of the iPhone is its security. In a time when surfing the web has its dangers, there has been no serious malware in the ten years of its existence. Computer users have long been used to needing anti-virus software on their devices, especially on Windows PCs. Generally speaking, this software can slow down computers, isn’t totally reliable, and may be costly. (Free anti-virus software exists, but paid software is always better and more efficient.) Yet we simply don’t need this on the iPhone.

There has been malware found on iOS devices, but in limited circumstances, such as on Jailbroken iPhones. When users install a hacked version of iOS onto their phone, called “jailbreaking,” it allows the users to install apps that Apple doesn’t sell in its App Store; as a result, these phones are susceptible to malware, since these “hacked” versions of iOS don’t have the same protection as the real thing.

The occasional malware that surfaces targeting iOS devices, including non-jailbroken iPhones, have thus far required users to perform a number of steps in order to get infected. For example, one malware, dubbed AceDeceiver, would only infect devices if users install an infected app on their Windows PCs. The Windows app managed to get around Apple’s FairPlay DRM system to install malicious apps on the device.

In other cases, apps may be installed via enterprise provisioning, a system that allows companies to install apps they’ve developed, for their employees only, and not sold on the App Store. If someone manages to hack one of these apps, they can infect devices. However, this malware can’t spread beyond the pool of iPhones that use the company’s provisioning profile, and their effect on an iPhone is very limited.

In total, only a few dozen malicious apps or exploits have been discovered, most of which require jailbroken iPhones, can only target specific people, or only work on older versions of iOS.

So, how has Apple managed to create a mobile platform with no major malware in its first 10 years of existence? Here are five ways Apple’s iOS protects you from major malware.

1. The App Store

Apple’s first line of defense is its App Store. Every app is reviewed, and, while it’s possible that the occasional app can sneak through the review process, this is rare. Since you can only install software from the App Store — with the exception of jailbroken devices, where you know you are taking a risk, and the limited case of enterprise provisioning — you’re much safer than on other platforms.

It’s not possible to install an app on an iOS device from, say, a web page, so you won’t encounter “drive-by downloads,” which you may see on the desktop. These are apps that are downloaded automatically when you visit malicious web pages, and that, in some cases, according to your computer’s settings, may install surreptitiously.

2. Code Signing

Code signing is something used with the App Store, but also with apps that one may design and install oneself, such as through enterprise provisioning. Each app developer has a certificate provided by Apple, and these certificates — think of them as a sort of key — ensure that an app is validated. Apps cannot masquerade as other apps. If you’re of a technical bent, and want to learn more (a lot more) about iOS security, you can read Apple’s iOS Security Guide.

3. Sandboxing

With sandboxing, each app or process than runs is isolated from the rest of the operating system, from apps, and from your personal files, with the exception of those files that it is intended to work with. This is one of the most powerful tools that prevents malware from accessing data or infecting other apps, as well as ensuring that your data is safe.

4. Privileges

As part of sandboxing, each app runs in a “container,” which limits its access to other apps, files, and data. An app asks for “entitlements,” which are the system resources it needs to use, and cannot access any other part of the operating system, or any other data.

5. iOS Updates

Apple’s iOS is updated regularly, both in incremental releases, which include security fixes, and in major versions, such as iOS 9, iOS 10, etc. The fact that these are free and available to most operating iOS devices means that the majority of users upgrade. They are therefore protected through new security mechanisms, and this also limits older potential malware from affecting devices.

As of writing this article, 86% of iOS devices run iOS 10. Compare this to Android, where, because of the way updates are distributed, only a few percent of users are running the most up to date version of the operating system.

Bottom Line

No operating system is 100% secure, but Apple has done a great job of protecting iOS users, and their data. The most serious threats on iOS devices come from websites that may look legitimate and ask users to enter their user name and password. But in 10 years of the iPhone, there has not been a single case of malware that was more than just a flash in the pan. With Apple’s stringent security on the platform, it’s safe to assume that this will continue.

Have something to say about this story? Share your comments below!

About Kirk McElhearn

Kirk McElhearn writes about Apple products and more on his blog Kirkville. He is co-host of the Intego Mac Podcast, as well as several other podcasts, and is a regular contributor to The Mac Security Blog, TidBITS, and several other websites and publications. Kirk has written more than two dozen books, including Take Control books about Apple's media apps, Scrivener, and LaunchBar. Follow him on Twitter at @mcelhearn. View all posts by Kirk McElhearn →