SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023
SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023 Apple has kept malware out of its App Store, but not iOS devices, like its Android competitors, are still vulnerable to all sorts of attacks.
iOS may not be the malware magnet that Android has become SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023:
, but that doesn’t mean it’s fundamentally more secure than Google’s enterprise operating system.
Apple CEO Tim Cook has taken a jab at Google’s Android division for turning devices into a “toxic hell soup of vulnerabilities,” but in a new report from Marble Security, the company says that “neither iOS nor Android is inherently more secure than the other.”
Apple’s stricter take on the app and its distribution has largely kept it malware-free, while the same can’t be said for Google Play despite its Bouncer technology, although most Android malware still comes from third-party app stores.
Apple’s operating system update practices also mean that five months after iOS 7 was released, 80% of its users’ devices were running the latest version. Kit-Kat, the latest release of Android, is now running on 13.6% of Android phonesSECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Although the changes that come from bringing your own device (BYOD), Android or iOS present similar risks to the enterprise.
iOS and Android attack faces are mostly the same, the company added, including malicious apps, SMS or via compromised Wi-Fi hotspots SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
While Android apps could be installed from many devices, the company also argues that non-jailbroken devices can escape Apple’s walled garden — and do so to access enterprise app stores — through third-party testing apps like TestFlight. In particular, Apple developed this application before this year.
Some of the main corporate threats to both racks come in the form of phishing attacks, especially in a corporate environment where an attacker has gained access to a corporate directory and then sent SMS messages or emails to targets SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
The company also points to a threat that could be introduced through mobile device management profiles that can be delivered to iOS devices via a website.
“This attack strategy requires the user to visit a website on their iPhone or iPad. If that consumer installs an aggressive configuration profile, then the enterprise is at risk of traffic capture, application spoofing, cultured phishing and APTs,” he said.
Samuel Hopstock Department of Computer Science Technical University of Munich
Abstract – Smartphones are used as the preferred device for as many things as possible in today’s world. This is why having secure phones that are resistant to attacks targeting their users’ data is increasingly important.
This paper attempts to assess what measures device vendors have taken to ensure that these attacks are not successful SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Since the market is mostly divided between Google’s Android and Apple’s iOS, we focused on these two operating systems and compared their respective security models. Additionally, this comparison will evaluate how these models have changed over time since the start of the smartphone era around 2010.
The final part of this analysis will look at a different perspective on smartphones, the perspective of the so-called “power users”: These are people who don’t just use their smartphone to download apps and surf the Internet, but want to do some lower-level customization of the operating system, by rooting their Android device or jailbreak their iPhone SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
This process of gaining full permissions on the phone not only brings benefits to the user, but can also have rather negative effects on the security of the device. How exactly will this affect vendor implemented protections?
I. INTRODUCTION
For some time now, users have relied on the smartphone for many, if not most, digital tasks in daily life, such as browsing the Internet and interacting with other people through social media platforms.
This, of course, makes life easier for users as it allows them to store all their important data on a single device that they always carry with them. But this sweeping transformation of smartphones, from being a simple phone device to serving as a central hub for user data,
also makes them an attractive target for malware attacks: Hacking a smartphone can give attackers access to all kinds of sensitive data, such as login credentials. to users’ email inboxes or even online banking accounts SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
One aspect that favors deploying malicious apps on a large number of devices at once while requiring only a single code base is that most of the smartphone market is split between just two mobile operating systems:
In 2017, Google’s Android had 85% and Apple iOS for 14.7% of all smartphones worldwide, covering a total of 99.7% of the market.[1] So attackers trying to break into most devices at once don’t really need to worry about different systems (like Microsoft’s Windows Mobile) because they only cover a fraction of the market.
Because of this duopoly, Apple and Google have a great responsibility for the security of their operating systems, as many people rely on them to be immune to potential attacks. Both operating systems use several different protections to achieve this goal.
Some of these measures are related to similar concepts across both platforms, but both also take completely different approaches to some aspects of their security models.
This paper aims to take a closer look at the security models of both platforms and compare their key features as well as how they may have changed over time. Then some additional thoughts are presented on the security perspective of the ever-present question “Which OS is better, iOS or Android?”
May 27, 2018
II. First version: before 2010
A. iPhone OS (before version 4.x)
Even the first iPhones had cryptographic keys built into their hardware during manufacture: Two AES keys, one called GID (group ID) and one UID (unique ID). The GID is the same for all devices using the same processor model, and the UID is different for each individual device (generated at the manufacturing plant when the device is manufactured). When the phone starts up, several device keys are derived from the UID and GID keys: keys 0x835, 0x836, and 0x838 from the UID, and key 0x837 from the GID SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
This is done to avoid unnecessary exposure of these two integral keys. 0x837 is then used to decrypt the device firmware so that the kernel can be loaded into memory. It is stored in an encrypted form to make it harder to reverse engineer the firmware code. Apple mobile devices establish a strict chain of trust across different pieces of software (Fig. 1):
– Boot ROM is immutable and loaded on the chip at the time of manufacture. It contains the Apple CA public key, which is used to verify that the iBoot bootloader code is properly signed by Apple. If this cannot be ensured, the device will go into DFU (Device Firmware Upgrade) mode, which will only allow the phone to be restored to a properly signed version of iBoot and prohibit any other action until this is done.
– iBoot then proceeds to load the kernel and rechecks that the kernel has been properly signed by Apple and can therefore be trusted SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Starting with iPhone OS 3.0, the device ID and nonce were included in the kernel signature to prevent a device from being downgraded to a potentially vulnerable version of the operating system. When the user wants to install
Abbildung in dieser Leseprobe nicht enthalten
Giant. 1. iOS chain of trust from startup code to user-level applications
different version of the operating system on their device (for example, to upgrade the operating system or when restoring the device using iTunes), Apple must send them a new signature for the operating system, because with a nonce, each signature can only be used to install a firmware version once SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Now, when Apple releases a new version of the operating system, their servers stop signing the old version, forcing users to use the new version as soon as they want to restore their device through iTunes.
It may seem strange to the user, why would anyone want to restore their device to an older version of the operating system? The main reason is that if a kernel vulnerability was found, an attacker could gain access to their target device and manually install a vulnerable version of the operating system. This can then give them the ability to steal user data from the phone or install malware SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Additionally, this target makes the jailbreak process more difficult, as users cannot install firmware known to have jailbreak exploits after updating to a newer version SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
– The kernel only runs trusted apps: Only an Apple CA can sign them, so developers must sign up for the Apple Developer Program providing their identity and pay $99 a year. Additionally, each app is thoroughly reviewed by Apple to identify potential malware before signing SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
The fact that the kernel only runs applications signed by Apple itself also means that loading programs from third-party app stores (which is possible with other operating systems such as Android) is not allowed SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
Apps are compiled to ARM bytecode and protected by the FairPlay DRM system (the executable part of the app package is encrypted), so the only way to “crack” apps, i.e. read the executable code and modify it,
In topics of protection, as in subjects of faith – all people chooses for himself the most that he SECURITY COMPARISON BETWEEN IOS AND ANDROID 2023.
All About Carding, Spamming , And Blackhat hacking contact now on telegram : @blackhatpakistan_Admin
Blackhat Pakistan:
Subscribe to our Youtube Channel Blackhat Pakistan. check our latest spamming course 2023
Learn from BLACKHATPAKISTAN and get master.
