An explosive spyware report shows the limitations of iOS security


In fact, Amnesty International researchers stated that they are actually easier to find indicators of compromise and investigate Apple devices targeting Pegasus malware than devices running native Android.

“According to the experience of Amnesty International, investigators obtained significantly more forensic traces on Apple iOS devices than stock Android devices, so our approach focuses on the former,” the organization stated in a lengthy report. technical analysis Its discovery on Pegasus. “Therefore, the recently confirmed cases of Pegasus infection all involve the iPhone.”

Some concerns about Apple also stem from the company’s own emphasis on privacy and security in product design and marketing.

“Apple is trying, but the problem is that they are not working as hard as their reputation implies,” said Johns Hopkins University cryptographer Matthew Green.

However, even with a more open approach, Google faces similar criticisms that security researchers have access to the visibility of its mobile operating system.

“Android and iOS have different types of logs. It is difficult to compare them,” said Zuk Avraham, CEO of ZecOps Analytics Group and a long-time advocate of access to mobile system information. “Each has an advantage, but they are equally inadequate and enable threat actors to hide.”

However, Apple and Google seem to be reluctant to reveal more about the production process of digital forensic sausages. Although most independent security researchers support this shift, some also admit that increasing access to system telemetry will also help bad actors.

A Google spokesperson said in a statement to Wired: “Although we know that persistent logs are more helpful for the forensic purposes described by Amnesty International researchers, they are also helpful to attackers.” “

Ivan Krstić, Apple’s head of security engineering and architecture, said in a statement, “Apple clearly condemns cyber attacks against journalists, human rights activists, and others who seek to make the world a better place. For more than a decade, Apple has been innovating in security. As a result, security researchers agree that the iPhone is the safest and most secure consumer mobile device on the market. The described attacks are very complex, cost millions of dollars in development, usually have a short shelf life, and are used for Targeting specific individuals. Although this means that they will not pose a threat to the vast majority of our users, we will continue to work tirelessly to protect all customers and continue to add new protections to their devices and data.”

The trick is to strike the right balance between providing more system indicators without inadvertently making the attacker’s job easier. An iOS security researcher said: “Apple can do many things in a very safe way to allow observation and imaging of iOS devices to detect such bad behavior, but this does not seem to be considered a priority.” Will Stella Fah. “I believe they have reasonable policy reasons for this, but I disagree with this point and hope to see this kind of thinking change.”

Thomas Reed, head of Mac and mobile platforms at antivirus manufacturer Malwarebytes, said he agrees that more knowledge of iOS will benefit users’ defenses. But he added that allowing the use of special, credible monitoring software would bring real risks. He pointed out that suspicious and potentially harmful programs already exist on macOS, and anti-virus software cannot completely delete them because the operating system gives them this special type of system trust, which may cause errors. The same problem with rogue system analysis tools will almost inevitably appear on iOS.

Leave a Reply

Your email address will not be published. Required fields are marked *