Bonum Certa Men Certa

Security Problems in iOS and Windows

Utah State Prison Wasatch Facility with Apple



Summary: Ways in which proprietary operating systems (even with excessive restrictions) get exploited and therefore cannot be kept under control by their users

SOFTWARE that contains code which cannot be audited is less likely to be secure. Many security folks agree on this point. Well, rather than use Linux as Apple engineers were about to do (Steve Jobs reportedly vetoed), Apple chose to pick code it need not contribute back to when building iOS, one of the world's most restrictive platforms. Just because iOS is as locked down as a nail on a coffin does not make it secure, either. Appleʼs iOS dials calls without warning, researcher asserts" and an original post says:



I feel the risk posed by how URL Schemes are handled in iOS is significant because it allows external sources to launch applications without user interaction and perform registered transactions. Third party developers, including developers who create custom applications for enterprise use, need to realize their URL handlers can be invoked by a user landing upon a malicious website and not assume that the user authorized it. Apple also needs to step up and allow the registration of URL Schemes that can instruct Safari to throw an authorization request prior to yanking the user away into the application.


Apple has not managed to make the platform secure by expelling everything from it (except the list of "apps" that Apple approves). Kevin Lynch has just alleged that Apple is lying about its reasons for blocking Adobe Trash (Flash):

Last week, critics hammered Adobe over a report showing that Flash drained the new MacBook Air's battery life by several hours. It's not the first time Adobe has been in fisticuffs with Apple: the companies have been duking it out ever since Steve Jobs began ridiculing Flash and touting its alleged-killer, HTML5. Today, in an interview with Fast Company, Adobe CTO Kevin Lynch answered critics who might say HTML5 is somehow more efficient than Flash.


Irrespective of whether Apple is lying or not, Adobe Trash needs to go away. It's a sore spot and it does not belong on the Web. But the point to be made here is that Safari is not secure, with or without Trash. Apple just cannot really use "security" as an excuse for blocking potentially millions of applications (or "apps" as Apple likes to call them, as if "applications" is too big a word for its clients to memorise).

Over at Microsoft's side of things, "Stuxnet attack unleashes a torrent of SCADA hacks":

Intelligence agencies and private cybersecurity companies worldwide are scrambling to reinforce online defenses against a tsunami of malware directed at online industrial control systems in the wake of a successful attack on Iran’s uranium enrichment plants by the Stuxnet worm.

Demand for experienced Supervisory Control and Data Acquisition software experts in the IT security marketplace now has reached record levels, according to various sources.

The sophistication and apparent effectiveness of the Stuxnet worm served as a reminder that national intelligence agencies can deploy formidable attacks when they focus their energies on a single target and do so knowing that their assaults probably will be traced back to their source.


More links about Stuxnet can be found in the links below.

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It's So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
  18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
  19. Security Propaganda From Microsoft: Villains Become Heroes

Recent Techrights' Posts

Expose Corrupt Insurance Companies, Don't Kill People
Murder gives them sympathy, makes the raiders seem like the victims
[Meme] Write Code, Not Social Control Media
don't forget to 'like'
Site in Support of Richard Stallman Reminds People of the FSF's and Stallman's Support of Women
new updates
 
Links 10/12/2024: Health, Politics, Economics, and More
Links for the day
Gemini Links 10/12/2024: LLM Plagiarism and "Flow" Review
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 09, 2024
IRC logs for Monday, December 09, 2024
EPO Salaries Reduced: EPO's “Sustainability” Clause "Cuts the Average Overall Adjustment for Staff by –41,8%."
What does this all mean for staff?
Google is Nuking Remaining Invidious Instances Again, Hoping to Force Everyone to Use Proprietary Spyware With DRM
This issue started a few hours ago
Microsoft's Grip on Armenia is Slipping, According to New Data From statCounter
Notice what happened to Windows - an all-time low
[Meme] Sloppy Plagiarism Full of Errors, Lacking Actual Comprehension
LLMs are not "AI"
More LLM Spam/Slop About LLM Spam/Slop
This is what the Web will become unless we expose those who contribute to the problem
Reforming Versus Rebooting Versus Destroying Institutions
At the moment we strive to expose the truth or shine light on pertinent facts
Microsoft's Windows is Pretty Much Dead in Haiti
Android has eaten Microsoft's lunch, Microsoft can't even eat crow
[Teaser] EPO Management Thinks Inflation in Europe is 0.2% Per Annum
Taming inflation by entirely ignoring it is like wrongly assuming that climate change (caused by human activity) can be overcome by not studying the effect of 8+ billion humans on this finite planet
Corporate Media Will Be Discarded and Eventually Die If It Keeps Doing "Bill Gates Sez" (or Similar) Pieces Instead of Journalism
"Superintelligence" does not even mean anything!
This Week We Focus Again on European Patent Office (EPO) Scandals
Nothing can stop us, not even a party or SLAPP
Links 09/12/2024: Health Care Anger and Power Vacuum in Syria
Links for the day
Links 09/12/2024: Burned, Uncertain Future, and Failure
Links for the day
Links 09/12/2024: UnitedHealthcare C.E.O.'s Killer Still Unknown, Syrian Regime Change Completed
Links for the day
Microsoft: Target the Young (Get 'Em While They're Young)
Then they say Free software advocates are "extremists" and "rude"...
As of December 8th (23 Days Remaining), the FSF (Free Software Foundation, Inc.) Already a Third of the Way Toward Ambitious Funding Goal
FSF's memberships (or donations) drive is going a lot better than we anticipated
Why Mike Magee Created and Was Involved in So Many News Sites About Technology
British legend
In Memory of Mike Magee (1949-2024) and Our Best Wishes to The Register, Which He Founded in the 1990s
Months have passed since Magee died
Tunisia is Android, Windows is Waning There
Windows was measured below 20% in Tunisia
[Meme] Jeff Bezos Working From Home
"B**** please, publish articles in Washington Post about how working from home sucks"
'Remote' (From Home) Tech Workers Are More Productive for a Lot of Reasons
The Bezos-owned media should disclose its conflict of interest here
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 08, 2024
IRC logs for Sunday, December 08, 2024
No Wonder Microsoft's LinkedIn and Github Have So Many Layoffs, Permanent Office Closures
Traffic down, losses, probably never going to profit
Microsoft Ends Support for Vista 10, So Relative Share of Vista 10 Goes Up, Vista 11 is Down
For 2 months in a row already
When Python is Basically Run by a 'Microsoft-Friendly' Mole Who Ousts People That Actually Contributed a Lot to Python for Many Years
Removing some of the best people
Microsoft's Latest 'Novel' Approach, Trying to Prevent People Moving Away From Microsoft and From Windows
ads say a lot about their business strategy
Syria: Microsoft Windows Down to 8% "Market Share" (It Was 99% Just 15 Years Ago)
it was even measured at less than 5% earlier this year
Microsoft-sponsored "The New Stack" Publishing Microsoft Windows Articles in "Linux" Clothing
Just sayin'...
Links 08/12/2024: Boeing Leaks and Bluesky’s Business Model Dilemma
Links for the day
Gemini Links 08/12/2024: UK Winds and Ultraviolet Grasslands (UVG)
Links for the day
Links 08/12/2024: Conflicts, Misinformation, and Gutting of the Media
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 07, 2024
IRC logs for Saturday, December 07, 2024