Dr. Charlie Miller is a former hacker who has become an information security consultant and analyst with Accuvant LABS which is a research driven IT company dealing with computer security challenges. In this interview, he is going to speak on the issue of iOS and Android operating systems comparison in terms of the security aspect.
– Alright, so we got Dr. Charlie Miller here with Accuvant and just wanna talk about some cool stuff, so whatcha got Dr. Miller?
I guess I just could talk a little bit about Android and iOS and sorta compare them. I get asked this question a lot about what’s the most secure mobile Operating System. Basically, I’d have to say between those two, iOS is quite a bit more secure, even though I pick on it a lot and I broke into it. It’s not invincible by any means but it’s better. And so if you look at the way that there’s basically two ways a code gets on to a system: one is through malware (so it’s the stuff you download and run), compared to when you have iOS – to have all the programs, you have to go to the App Store and just look at ‘em. So when malware could go through there it’s most likely because you did something really obvious that they wouldn’t approve. And of course once it gets on your phone, if they find out that’s bad they can remotely remove it. And then on the Android side, there is no sort of an App Store. There’s Android Market Place but there, anyone could put it in and it doesn’t get checked like that. So it’s sort of a more open environment, but problem with that is it’s easy for malware there and people can download it. We’ve seen that too, so we’ve seen cases of Android malware. And not so much (maybe one or two) iOS ones, and even those were sort of hard to declare as malware. So, on malware arena iOS has big advantages because it’s so much more controlled by Apple there, so with control comes security I guess, like everything else.
– So are you seeing more malware on the jailbroken phones when people are pulling it from unauthorized stores?Right, so once you jailbreak your phone then everything’s out the door, so you can pick programs that aren’t App Store. So you could see a lot more malware there but we haven’t seen that. The other way that you could get code on to your phone is bad guy to just have an exploit, so it’s what some people call ‘drive-by downloads’. And there again, iOS is much stronger, so the big protection is there due to memory optimization and differentiating between code and data. Android doesn’t do that at all, so it’s a lot harder to run exploits for iOS than Android.
And finally the sandboxing. They both have sandbox models, they are different: in iOS one, there’s one sandbox for all the apps in the App Store. They all have the same sandbox. On the Android side, they have the custom sandboxes where each app has to ask what permission it needs and you have to approve that, and so there you get sandboxes that are a lot tighter because it’s per app. The bad news is then you back to a situation where users are sort of in charge of their own security, and we’ve seen that that doesn’t really work very well. If a user really wants to download some stupid app and it says it needs the Internet and sending text messages, a lot of times they’re gonna say ‘Yes’ because they really want the app, even though it’s not good security. So Android relies a lot on the user and the community to enforce their security, and Apple goes like from the top down, smashing down security, so it’s less open but the good thing is you get more security from it.
– Cool. Alright, Dr. Miller, we are really appreciated.