FinSpy Meets the Rival: iOS Declared the Most Secure Mobile OS
Apple’s iOS has always been praised for being secure, but then how secure is anything? With Android being a constant victim of cyberbullies, we all at one point in our lives have reconsidered iOS’s credibility.
However, a leaked document from Gamma Group has declared iOS as the most spyware-proof mobile operating system in a test conducted by surveillance software.
The software in question is FinSpy, “designed to help Law Enforcement and Intelligence Agencies to remotely monitor mobile phones and tablet devices,” according to Cult of Mac.
FinSpy is a notorious yet powerful tool which can gain full access to:
- Communication: Calls, SMS, MMS and more
- Stored Data: Address Book from Phone and SIM
- Surveillance Devices: Make silent Calls to remotely listen to the Microphone.
It can furthermore trace a device and determine its location. Used by government agencies, FinSpy is the hub of controversy for sneaking into mobile devices. And that is why iOS’s ranking in the document from Gamma Group is a thumb’s up to Apple’s security.
The document mentioned all of the major mobile operating systems and platforms, which sadly were all susceptible to FinSpy. The spyware was able to intelligently fight its way into:
- Android (all versions from 2.x.x to 4.4.x)
- BlackBerry (versions 5.x, 6.x., and 7.x)
- Windows Mobile 6.1 and 6.5 (Windows Phone 8 is not yet supported by the software).
No Apple? Here’s the catch – Apple’s iOS did make the list, but only in jailbroken mode.
According to Gamma team, iOS versions 4.3.x, 5.x, 6.x, and 7.0.x are defenseless against FinSpy but require an untethered jailbreak – jailbreaking without the use of a computer. The target installation in the figure above (from the document), means the FinSpy software installation.
Apple’s security is generally considered tight, at least in the mobile world, but certainly not impenetrable. An iPhone can be jailbroken using a number of available free tools that actually allow the user to gain root access – something which Apple’s iOS does not allow by default. This user access to the root permits unsigned apps to run along with extensively customizing the operating system.
Though this feature is supported by Android on its open-source system, if unsigned code is allowed to run in the iOS, it provides a gateway for spyware such as FinSpy to enter.
Moreover, researchers at Georgia Tech reportedly have found a way to infiltrate into an iOS device – a USB connection to a hacked computer is required.