By: Don Reisinger
2009-11-09
10 Things the iPhone Worm Teaches Us About Mobile Security
( Page 1 of 2 )
News Analysis: The iPhone is under attack by a relatively
inconsequential worm that has found its way onto jailbroken iPhones in
Australia. It might not affect too many users, but it does underscore
the fact that the iPhone isn't as secure as people like to think.
A new worm has affected some Australian iPhones. The worm gains root
access to a user's jailbroken phone and installs an image of Rick Astley
(of Rickrolling fame) as the default wallpaper. Security company Sophos
said removing the Ikee worm is extremely difficult, but it doesn't
appear to do much more than annoy the user who owns the affected device.
It should also be noted that so far the worm has only impacted folks in
Australia.
But the iPhone worm says quite a bit about the nature of mobile
security. It also teaches some valuable lessons to those who might
believe that mobile phones are secure. Reality dictates that no one is
absolutely secure at any point. And although Apple does its best to
safeguard the security of its users, not even the iPhone, jailbroken or
not, can keep them entirely safe.
That's precisely why this small outbreak can teach any mobile phone user
a lot about mobile security and what kinds of dangers exist.
1. One point against jailbreaking
Once Apple responds to the news about this worm, you can bet that the
company will make it abundantly clear that those who jailbreak their
phones are putting themselves at unnecessary risk. That's partly true.
An iPhone that hasn't been jailbroken by its user has all the security
features in place, potentially decreasing the chances of malicious
hackers gaining access. Jailbreaking might not be the best move.
2. Trust is a problem
Too often, users open files from others without considering the
ramifications. Whether an e-mail comes from a trusted source or from
someone a user doesn't know, caution must always be used when opening
attachments. Does that attachment relate to a prior discussion? Is it
coming from a trusted source? Answering those questions (and others) is
important before opening an attachment.
3. False sense of security
Unfortunately, too many people believe that because they're using an
iPhone and not a Windows PC, they are more likely to be secure. That's
not necessarily true. Although Apple has done a fine job of securing the
iPhone and few issues ever arise, that's far from an absolute guarantee.
Users who feel that they can do anything without worrying about the
consequences could put themselves in danger.
4. Mobile breaches are still bad
When users considers the potential security issues that could arise on a
mobile phone, some believe that the result won't be bad even if malware
manages to latch on to the device. After all, they reason, all the
really sensitive information is on a PC. Think again. If a user has his
or her work e-mail account tied to an iPhone, any and all messages will
be sent to that device. If malicious hackers find their way into the
software, it won't take long for them to access that sensitive data.
Next: Taking iPhone Security Seriously >>
> Next: Taking iPhone Security Seriously >>
>
>
Take one of these:
http://www.mycricket.com/broadband
or nearly anyone's cellular USB modem
and plug it into one of these:
http://3gstore.com/index.php?main_page=product_info&cPath=35
&products_id=610
Connect via wifi to your INTERNET SAFE wireless router...just like sane
people do at home! It's completely firewalled that's configurable!
Buy 4 of these monster D cells, 12AH:
http://www.batteryjunction.com/tpeh-td-12000.html
with tabs on them so you can solder them in series. The router doesn't
need regulated power input. Close to 5V is fine. Charge them off 12V
by simply putting a 20W 10 ohm power resistor in series, which will
limit their current to a safe overcharge. Any voltage over 6V will
charge them this way. When the batteries in series get warm, they're
charged, unplug them, don't cook them. From dead, takes about 18 hours.
Slow charging them will not hurt them as Ni-Mh cells have an oxygen
recombiner in them that just makes them hot on overcharge BELOW 1C RATE,
which is 1.2A for these cells. Over that current, they'll be ruined if
you overcharge them. The Cricket modem and really nice netsafe router
run about 30 hours before recharge. Just charge them when you get home
and unplug before you go to bed after a hard day of cruising...or just
leave them charging if you're going to leave the router/modem running
constantly at home. The router/modem use about 350ma idle, 600ma
transmitting full power. The 10 ohm/12V charge will power and very
slowly, safely, charge the cells without overheating them left plugged
in constantly....battery backed if the lights go out....and ready to
cruise when you leave home. I never cut mine off, leaving my Linux
tablets on Cricket, reducing the load on my cable downloading. Works
great....SAFE! My hotspot fits in the netbook carry case side pocket.
I made a flat pocket powerpack out 4 of these 6AH C cells:
http://www.batteryjunction.com/tpeh-tc6000.html
to power it when I'm walking around. Fits your jeans back pocket and
will run the router/modem about 15 hours continuously streaming
anything. I charge it slower off 12V with an incandescent big 12V pilot
light that gives me about .8A when the cells get charged. Same thing,
when they get warm, they're charged and ready to ride! The pocket
portable powers the N800 Linux tablets and wifi Skype phone even walking
the mall. Because both the tablets and the Skype phone run off 5V, I
can also use either of these battery pack beasts to recharge them both,
right in my pocket if I want....with a little cable construction.
The CTR-350 will run 16 devices on the modem, simultaneously, sharing
the cellular bandwidth. Its range sitting atop a car dashboard parked
in front of a restaurant is about 100 feet, inside the restaurant to my
netbook or Nokia N800 tablet. Password protect it as others seeing it
will always try to steal your bandwidth. You can even password protect
the internet connection separately from the router access. Connected to
your own pocket LAN, you can share data/files/disks with others allowed
to connect to your LAN, just like at home. Plug an Ethernet network
drive into its WAN port and your iPhone has access to massive hard drive
shared storage. That works fine as the WAN port can be switched in
firmware.
Almost anyone's cellular modem will now work with the Cradlepoint
portable wifi routers. The Cradlepoint handles all the connection and
authorizations very nicely. Give your girlfriend the password...(c;]
Any wifi telephone, like my Netgear Skype Phone, also work within 100 ft
of it over the cellular data network. Talk to anyone on the planet.
--
Larry
Come on, DAMMIT! WHEN is my WIMAX USB modem going to be available!
.....(c;]