Comments on: The iPhone has worms

By: wordpress themes

wordpress themes — Wed, 06 Jan 2010 08:10:33 +0000

r u sure Iphone.. cuz i dont think its safer…

By: Amused

Amused — Wed, 30 Dec 2009 02:54:35 +0000

Fail.

Creating a security risk by deliberately hacking your phone does not equate to a security risk on a standard iPhone.

Similarly it is a erroneous conclusion to state that this therefore means the phone is unsuitable for the “enterprise world” given that in any enterprise environment policies dictate that you are not permitted to hack your devices nor run non-standard operating systems to the corporate standard.

By: iPhone

iPhone — Wed, 23 Dec 2009 06:03:43 +0000

man there is always a default present in the iphone….
no need to worry…
although iphone is nt fully protected but its safer…

By: Other

Other — Sat, 05 Dec 2009 18:46:58 +0000

Worms only happen if there is an access point. THat point of entry is only created by people who bypass Apple’s security and Jailbreak a phone.

If you don’t read the warning to change the default ssh password, which most walkthroughs point out, you are a moron. RTFM as the saying goes.

By: Someone

Someone — Mon, 23 Nov 2009 05:07:31 +0000

@Someone else:

Indeed, the default is always “alpine.” This is a moot point without a remote login exposed, however, and there are no supported (i.e., without jailbreaking) modes of exposing a remote login.

I’m not sure what you mean by three types of them. There are three types of hardware, yes; they all run the same firmware releases. All three can be upgraded directly from Apple without the intermediation of the carrier. (I shouldn’t say OEM, since in the case of the iPhone Apple is both the OS vendor and the OEM, unlike most other phones (WinMo, Android, Symbian).)

By: Rob Sharp

Rob Sharp — Mon, 23 Nov 2009 04:31:02 +0000

The hole only exists if a) you have a jailbroken iphone b) you have installed openssh via Cydia (or other package system) and c) you have not changed the default root password.

If you haven’t jailbroken the phone and have not installed openssh, you have nothing to worry about (so far).

In my experience, enterprise hardware is tightly locked down, and is unlikely to consist of jailbroken handsets loaded with third party packages. YMMV.

By: Someone else

Someone else — Mon, 23 Nov 2009 04:01:49 +0000

Someone: Are you an idiot? The default is always present in the iphone, jailbreaking doesn’t do anything to it.

If the iPhone can be upgraded all the time without OEM changes or anything, why are there 3 types of them?

By: Someone

Someone — Mon, 23 Nov 2009 03:57:26 +0000

This is a pretty poor post. This is a case of the jailbreaking software setting a default root password and users not changing it–it is not at all indicative of Apple’s security savvy or the security of the phone itself.

The iPhone has a less than perfect security track-record, but one advantage it has over many competitors is that it can be upgraded easily (and without a reliance on the OEM or the carrier, unlike most WinMo and Android phones–though not the Droid, interestingly).

I should say that I work in software security for a competitor of Apple’s. And it’s my professional opinion that Apple don’t really get security. Their code quality is probably poorer than that of some of their competitors.

But being able to release software patches for security holes is far, far more important than initial code quality, because everyone ultimately has bugs.

I don’t expect you to know a lot about security. Most people don’t. But it’d be nice if you tried to understand the topic before posting about it.