The global nightmare of computer insecurity owes much to the fact that Windows remained insecure for such a long time and that the IT industry adopted the wrong technology (Anti-Virus) rather than the right technology (Whitelisting) in its efforts to deal with it.

The Failure of AV

As a technology AV was hopeless for two reasons. First it was forever vulnerable to zero-day threats. Virus writers would naturally own copies of every AV product that sold well and would test their viruses on these products before releasing them. Of course they did. That’s why the viruses never stopped coming and the AV products failed to defend the user. Their primary strategy was to blacklist (to try to identify the bad) rather than to whitelist (to only allow the good).

Secondly the bad guys built up huge resources (botnets and libraries of open source malware code) that targeted Windows. AV did nothing meaningful to discourage either of those things. Microsoft moved far too slowly, although to its credit, with Vista and then Windows 7, it decreased the level of vulnerability significantly. Technically, Windows is probably more secure than the Mac (it has more defenses in place), but in practice it’s still more vulnerable. It is still the primary target and the black hats have so much invested in attacking it.

As Mac market share grows, it may become a primary target, and I have little doubt that Apple will adopt a whitelisting approach to meet the threat if it emerges, because…

The  Mobile Market

Because whitelisting is the security approach that Apple has taken with the iPhone, iPod and iPad. The only apps that run on your Apple device (unless you jailbreak it) is software that came through the Apple store, which has been subject to some vetting. Admittedly the vetting process is not perfect. For example, recently, Apple let through a $0.99 app called Handy Light which only claimed to turn the iPhone into a flashlight with different color setting. But actually it allowed you to tether a laptop to your iPhone and use it as a Myfi type device.

Apple never noticed the rogue application until a YouTube video appeared giving instructions on how to use it for tethering. If the rogue app had been stealing data, it would have been a serious security breach. But then Apple would have had the details of the person who submitted the app.

Chinese Takeaway

Nevertheless, a compromise is possible as Google discovered when its Android App Store was fooled. The problem was an app called Jackeey Wallpaper, which provided a wide variety of attractive wallpaper – so much so that it was downloaded over a million times (possibly as many as 4 million times). Under the hood it was also stealing phone data: browser history, texts, SIM card numbers, subscriber IDs and voicemail passwords. It sent all the data to www.imnet.us, a domain registered in Shenzhen, China.

Apple could have been caught by the same ploy, but Apple spends more time vetting apps, so it might have blocked the rogue app. Who can tell? Recently Apple banned apps from accessing data for advertising or analytics purposes, but prior to that there was no overt control on what data could be accessed.

Ostensibly the iPhone looks slightly more secure, but the reality is that both app stores will in time make it pretty much impossible for rogue apps to get through. It’s possible to fool a whitelisting system for a short period of time, but eventually rogue apps get discovered.

So let’s look at this in perspective. This is just one piece of malware, whereas in the PC market a thousand new peices of malware can emerge in a single day. The sorry security malaise that hit the PC industry so badly will not recur on mobile devices. There will be occasional breaches, but they will be few and far between.