Petronella Blog Archive

Visit our New Blog

Does Apple’s Security Have a Kryptonite?

Blog Post

While Apple’s reputation for secure technology is currently held in high regard, it may not be as invincible as people often think. How is this so? It all begins with a server’s “daemon,” which is a program that functions in the background of software instead of being under the direct control of software users. Hackers often target these through reverse engineering the daemon and locating edge cases that developers may not have fully protected. This is not a new technique by any means, but it has remained an effective one to this day because it is impossible for developers to detect and protect every edge case in their software.

The problem today is that many iOS app developers fail to account for this method of hacking, leaving their products vulnerable to a serious form of attack. But this isn’t the only method of hacking that iOS apps are susceptible to. Due to hackers, many apps are offered in a “cracked” format, meaning that you can download the app for free and then use a randomly generated key code to access the software. Searching hacker forums (hyperlink to quickly reveals that cracked iOS apps are in neither short demand nor supply.

Another issue with the iOS app system is that it relies on human reviews. This makes the app store seem very user friendly, but doesn’t fare so well for authentic app developers. Because humans can only review so many apps, it is nearly impossible to find apps that are simply clones of other apps- especially those that are lesser known. This doesn’t necessarily place iOS device users in harm’s way, but it is certainly a flaw in the system that needs addressed.

A more serious iOS security threat comes in the form of the double-edged sword we call “jailbroken devices.” Hackers using jailbroken devices can easily utilize reverse engineering and malware to break encryptions on iOS app binaries. From there, if they so desire, they can use malware to find valuable information such as Apple ID’s and passwords. This is hugely problematic, but the real problem is that jailbroken devices are popular among iPhone users. This means that if security measures were taken to make jailbroken devices incapable of using certain apps, many people would consider switching to a different type of device, such as an Android.

While these certainly aren’t reasons to avoid iOS apps altogether, they are risks that users should consider. More importantly, they are risks that Apple should consider. In order to be the virus-resistant company that it claims to be, measures should certainly be taken to factor out these weaknesses.