The year ahead
At the turn of the year, it’s practically a tradition that security and anti-malware vendors make their prognostications for what lies ahead for us over the next 12 months. Most of the predictions are, as it were, predictable. More malware, more Stuxnet-like cyberwar disguised as malware, more targeted phishing and a greater focus on mobile and Apple platforms as they become increasingly pervasive.
Don’t ask anyone to put numbers against these predictions – that would be too hard. But it seems they are on fairly safe ground.
The Apple angle is interesting in light of the firm’s newly launched Mac App Store for OS X and the immediate backlash it seems to have provoked. More than one security researcher has warned that the Digital Rights Management (DRM) capabilities of the App Store are flawed, and a group calling itself Hackulous claims to have a tool – Kickback – that breaks the DRM protections.
In theory, when you obtain a program from the new App Store, it is registered to the machine you used to download it. You can run it on other machines, but only by registering those machines for use with the app with your App Store login details. But some apps haven’t properly implemented these ‘receipt’ protections, Apple seems to have forgotten to apply it to some and they can be subverted on others. This means apps can be pirated – which returns us to the situation existing before the advent of the App Store. I mean, pirated software isn’t exactly new, is it? One researcher warned that such pirated software might contain malware, which is true. In fact, this has happened in the past with software shared via Bittorrent. So that’s not exactly new, either.
At least Apple is making some effort to ensure that the software people buy is trustworthy. The new App Store is modelled on the one that Apple uses for distributing iPhone and iPad apps. All apps in that store must be digitally signed by the developer and Apple. On iOS platforms, the only simple way to be infected with a rogue app is to jailbreak your device.
Apple is often criticised for its tight (some say oppressive) control over what gets distributed through the iOS App Store. But compare this with what’s happening on Android. Even before it overtook iOS in the smartphone popularity stakes, it was being hit with more malware threats and vulnerabilities than ever plagued the iPhone. Part of the reason is lack of control over software distribution. There are devices out there from multiple vendors, with several versions of the OS in use at any one time and numerous sources of software. Amazon is just the latest entry into the Android app store market.
Android is becoming sophisticated, too. The Geinimi trojan – found in some Chinese games – not only steals personal data but is also capable of responding to command and control channels. This botnet-like behaviour could be used, for example, to download more malware on to the device.
It seems that 2011 will be the year of the tablet wars. The iPad has created a market that most pundits said didn’t exist. Now every electronic device vendor in the world, it seems, is pushing a tablet device on to the market. A minority will be Windows-based but the vast majority will be built around mobile platforms – iOS and Android. And with the smartphone market so huge now, it seems a given that malware writers will have these platforms in their sights over the coming year. You don’t need to be clairvoyant to see that.
[This is the editorial from the January 2011 issue of Computer Fraud & Security]
