Posted by & filed under Security News.

I just saw Steve Jobs announce the new iPad (oooh, shiny, want one), and I’m impressed of the numbers he presented in the keynote: > 200 million users are now registered through the App Store. All with associated credit cards.

This is of course nice for Apple, but it is also raises some security concerns: 200 million credit cards (or user accounts to the App Store for that matter) is an attractive target for malicious Internet users.

And that’s just the App Store. The slow shift in the computer industry (from Microsoft and other vendors towards Apple) is going to cause some serious threat elevation for Apple products, the Apple malware discovered in the wild recently confirms this. There is also a shift in terms of mobility, which I think increases the risk of directed fire against Apple products even more.

While Apple probably encrypts credit card data in the App Store, I suspect that we’ll see more targeted attacks against Apple infrastructure and products in 2011. I hope someone in Cupertino is re-evaluating their risk assessments and takes security even more seriously, by for example implementing basic security features such as full ASLR in all Apple products asap.

3 Responses to “New iPad 2 keynote raises security concerns”

  1. Jorge

    I got the Ipad2 and imediatly saw that the first IPad I had was faster it crashed less and didn’t have many of the glicthes the 2nd one had.

    Reply
  2. Ironman

    A new repo for those who pentest with jailbroken iDevices has emerged. It is ininjas.com/cydia. Almost all hack tools and pentest tools that can be ported to the iDevice is on this repo. We also have a support forum. This forum was started 2 months ago by a group dedicated to the use of iDevices for pentesting. Hacking from an iPhone is a practice that is gaining ground. Since they are small and “innocent”. And no one outside of this small but widening area views iDevices as a threat. Check it out.

    Reply

Leave a Reply

  • (will not be published)