- A sandbox isolates programs, and iOS's memory organization makes exploitation more difficult.
- Applications that run on the iOS are vetted by Apple and can be removed if found to be malicious.
- Patches can be quickly applied to the iPhone and iPad to close security holes in the operating system.
- The software is regularly reviewed, especially its open source components.
- The platform has the advantage of attacker psychology -- attackers still target smartphones far less than desktop systems.
Better security with every version
Although iOS had a rocky start in terms of software security, the platform quickly gained a rounded set of security features.
iOS 4, the latest version of iOS, includes ASLR, DEP, a sandbox, and code signing. By comparison, Mac OS X has limited application-dependent sandboxing and no code signing, and it only partially implements ASLR. Microsoft's Windows 7 has DEP and ASLR, but code signing is limited to drivers and sandboxing is dependent on the application.
iOS also compares well against its competitors in the mobile space. Google's Android does not have DEP or ASLR, but it does have a strong sandbox and code signing, says Kevin Mahaffey, CTO for mobile security firm Lookout. Research in Motion's BlackBerry OS lacks all but sandboxing. "They all have really good sandboxes in terms on what limits are put on what code can do," Mahaffey says.
Although the inclusion of ASLR and DEP seemingly puts Apple ahead in design, it lacks an advanced feature that helps lock down both Google's Android and RIM's BlackBerry: granular privilege controls. Requiring applications to get specific permissions to access data on the phone can bolster security significantly, Mahaffey says.
The security is in the app store
It's not surprising, then, that security professionals pointed not to Apple's design but to the company's gated App Store and its required code review before publishing as a major security advantage. "The closed ecosystem makes the model pretty safe," says Trend Micro's Genes. "It is not because the iOS is completely safe. From a system design standpoint, Android is safer."
Although security experts question the quality of the review performed by Apple's team -- the company is not transparent about its process -- Apple does seem to catch most of the bad actors, says Accuvant's Miller. "If you are completely security-clueless, you can still download every app out there and be fairly safe," he says.
But Apple doesn't catch all the bad apps. Lookout's Mahaffey points to the Handy Light incident as an example of the ability of applications to slip by Apple's review. In 2010, Apple pulled the flashlight app after it was discovered that hidden features allowed tethering, where a user could connect to the Internet through the phone's network. While the hidden functionality was not malicious for the user, it did undermine AT&T's own service for allowing network access and underscored that hidden, and potentially malicious, functions could get by Apple's review.
"The review process is great, but it is a reminder that we should not treat any one thing as a silver bullet," Mahaffey says.