iPhone Security, Part 2

My friend and colleague Adjunct Professor Richard Steinberger from the MSIA Program at Norwich University continues his analysis of Apple iPhone security. Everything that follows is entirely Ric’s work with minor edits.

* * *

iPhone apps are, with a few limited exceptions, available to iPhone owners only via Apple’s iTunes store and only if iTunes has been installed on the computer accessing the store. Users cannot, in general, download apps from any other source, or share their apps (even free apps) with other iPhone owners. This distribution architecture allows Apple to vet every app that iPhone users install on their phones. In emergencies, Apple may also remotely remove or disable dangerous apps that have been installed on iPhones.

Based on my personal observation and analysis, the main security constraints imposed by the iPhone Operating System are as follows:

• No app may access any iPhone OS files.
• No app may access any other app’s files (with a few exceptions). Any files created by an app must remain local to that app. For example, an app designed to edit Java files could only edit Java files created within that app (or downloaded to that app). Primary exceptions include: Third-party apps may access and modify stored photos and phone contacts.
• No app may alter any system settings. For example, a precise, NTP-enabled clock may not set the iPhone’s clock.
• If an app crashes, then in theory, only that app crashes, and the OS is unaffected. In practice, a crashed app may hang a system, requiring a restart.
• An iPhone app may sync with a PC- or Mac-based application to exchange or update the app’s data. But the syncing must be done by a wireless LAN connection and cannot be carried out using the cable that connects the iPhone to the computer; i.e., synchronization via an iTunes conduit to a PC or Mac application is not permitted.
• Apps are allowed to communicate with the Internet using the iPhone’s network connection. Thus, any data files present within an app may, in theory, be sent to an unauthorized destination without the iPhone owner’s knowledge. This transfer would be an example of an app Trojan horse program. Although such programs may escape Apple’s initial vetting, the author knows of no cases where such an app has actually been distributed via iTunes.

In other words, apps are islands unto themselves. Although a rogue employee may use a mobile phone to help steal or distribute confidential information, it remains far less likely that a trustworthy iPhone owner’s use of downloadable apps presents any major new security risk. As mentioned in the introduction, the primary risk of mobile phones remains their theft or loss. Organizations need to be prepared for the loss of confidential information when staff member phones are misplaced or stolen unless the iPhones are equipped with encryption software. In addition to using a password or personal identification number (PIN) to protect the phone itself from unauthorized access, some useful encryption and data protection apps for the iPhone are:

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services and teaching. He is Chief Technical Officer of Adaptive Cyber Security Instruments, Inc. and Associate Professor of Information Assurance in the School of Business and Management at Norwich University. Visit his Web site for white papers and course materials.