An explosive Spyware report shows the limitations of iOS security
In fact, researchers at the Amnesty Movement said they found it easier to find indicators of commitment and research Apple devices focused on Pegasus malware than those who use Android stock.
“In the Amnesty International experience, the forensic traces available to Apple iOS devices are more pronounced than those available to Android devices, so our methodology is focused on the former,” the team wrote at length. technical analysis With the discoveries made about Pegasus. “As a result, the most recent cases of confirmed Pegasus infections have had iPhones.”
Focusing on Apple also lies in the importance of the company in the design and marketing of its privacy and security product.
“Apple is trying, but the problem is that they’re not trying as hard as their popularity would assume,” says John Green Hopkins University cryptographer Matthew Green.
Despite a more open-minded view, Google makes similar criticisms about the visibility that security researchers can get into their mobile operating system.
“Android and iOS have different types of registries. It’s very difficult to compare them, “says Zuk Avraham, CEO of the ZecOps analysis team and a longtime advocate for mobile system information.” Each has an advantage, but both are not enough and allow us to hide the underlying threats. “
Both Apple and Google are hesitant to unveil more digital sausage in the digital court. While most independent security researchers are in favor of the change, some also acknowledge that increasing access to the system’s telemetry will also help bad agents.
“While we understand that permanent records would be more helpful for forensic use, such as those described by Amnesty International investigators, they would be helpful for attackers,” a Google spokesperson said in a statement to WIRED. “We are constantly balancing these different needs.”
Ivan Krstić, head of security engineering and architecture at Apple, said in a statement, “Apple has unequivocally condemned cyberattacks against journalists, human rights activists and others who want to make the world a better place. Apple has been around for more than a decade. k is an industry leader in security innovation and as a result, security researchers agree that the iPhone is the safest and most secure mobile device on the market.Attacks like the ones described above are highly sophisticated, cost millions of dollars to develop, are often short-lived and used to target specific individuals. it means that there are no threats among most of our users, we are constantly working to defend all customers and we are constantly adding new protections to their devices and data. ”
The trick is to achieve the right balance between providing more system indicators without inadvertently making the work of the attackers much easier. “Apple can do a lot of things in a very safe way to allow observation and imaging of iOS devices to capture that kind of bad behavior, but it doesn’t seem to be treated as a priority,” says iOS security researcher Will Strafach. “I’m sure they have reasonable political reasons for that, but I don’t agree and I’d like to see changes in that thinking.”
Thomas Reed, director of Mac and mobile platforms at anti-virus manufacturer Malwarebytes, said he agreed that using more information about iOS would benefit user defenses. But he added that accepting special and reliable monitoring software would pose real risks. He pointed out that there are already suspicious and unwanted programs on MacOS that cannot completely remove antivirus programs because the operating system provides them with this particular type of system trust, which can be a bug. The same problem with malicious system analysis tools would almost inevitably arise in iOS as well.