The iPhone is nine years old - and still no significant malware outbreaks

Apple started selling the Apple iPhone nine years ago today.

Here is what Apple's press release had to say:

iPhone introduces an entirely new user interface based on a revolutionary multi-touch display and pioneering new software that allows users to control iPhone with just a tap, flick or pinch of their fingers. iPhone combines three products into one small and lightweight handheld device - a revolutionary mobile phone, a widescreen iPod, and the Internet in your pocket with best-ever applications on a mobile phone for email, web browsing and maps. iPhone ushers in an era of software power and sophistication never before seen in a mobile device, which completely redefines what users can do on their mobile phones.

Apple was right to describe the iPhone as revolutionary. It changed the world.

But what I find particularly remarkable is that despite Apple selling such a popular mobile computing device for nine years, there has still been no major outbreak of malware on the platform.

The attacks we have seen on iOS have either been against vulnerable jailbroken iPhones (a state which Apple has made harder to achieve with successive generations of the iOS operating system) or through sophisticated targeted attacks such as exploiting enterprise provisioning features, or infecting iOS devices through Mac OS X via a USB cable.

The fact that hackers had to go to the effort of publishing a tampered version of Apple's XCode library on third-party sites in the hope that iOS developers would download and use it to compile their code is testament to just how hard criminals have found it to sneak malware into the official App Store.

These factors have meant that if your iPhone ever gets infected by malware at all, there's a good chance that a state-sponsored attacker is responsible.

So, happy birthday iPhone. Yes, you have had your fair share of vulnerabilities, lock screen bypasses and poorly-coded third-party apps... but you have done a remarkable job of fending off major malware attacks.

Tags: , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, ,

3 Responses

  1. Don

    June 29, 2016 at 4:24 pm #

    A comparison with Android would have been nice

    • Damien in reply to Don.

      June 30, 2016 at 4:02 am #

      Not enough space to do even a token summary of Android's vulnerabilities and the multitude of exploits of them, Don.

  2. nick ioannou

    June 30, 2016 at 3:51 pm #

    At work I manage 12 different security solutions, to give a layered approached. On my iPad and iPhone, I have 2, a VPN and a secure browser.

Leave a Reply