ETMarkets.com"And now the ownership of that operating system is half with the Google and half with that manufacturer. And if that manufacturer does any mistake, it leads down to a compromised mobile device to the user," says Rahul Tyagi, Co-Founder, SAFE Security.
I want to understand the kind of secure system that is built on an iPhone and why is it called the most safe brand of smartphones.
I just want to mention that say there are two main players in the smartphone market. One is Android and iOS. The main difference why we say that iOS is very secure because this is the only operating system which is very closed in nature. For example, when Google released an Android operating system, all the manufacturing companies like Samsung, Xiaomi, OnePlus, they can take that operating system, do some tweaking, can read each and every line of their operating system, do the modification and then push that thing into their customised hardware.
And now the ownership of that operating system is half with the Google and half with that manufacturer. And if that manufacturer does any mistake, it leads down to a compromised mobile device to the user.
On the other hand side we have Apple whose operating system and its hardware is basically owned by Apple itself. Hence, it is not disclosed to anyone in the public. So, whenever there is a vulnerability which is found on this type of operating system usually before it triggers to the public domain Apple just protects that.
And second thing is the bounty Apple gives to ensure that nobody will publish this. If I found a vulnerability in Apple today, it can give me a more than 1 million dollar based on the seriousness of that vulnerability.
So, no security researcher will release that in public for free instead of going to Apple and telling them that guys I have found this, you can pay me for this vulnerability and they will fix it and that is the reason whenever you see your iPhone weekly, monthly, basically you will not only get the main updation software releases, but also you get security releases also which are like 150 MB, 200 MB. So, in this way Apple is very proactive in terms of securing their users from a hardware point of view and from the operating system point of view.
Here we are specifically talking about iPhone users, I think that is something that is missing on the flashes also and we will get that corrected. But then Rahul I want to understand that what are the vulnerabilities and leakages that are being reported and how true are they?
Well, iPhone if you compare with Android definitely it is secure, but we cannot say that this is 100% safe. And the first and most problem comes to users when they go beyond Apple's ecosystem and when I say ecosystem, I am talking about installing certain apps out of Play Store by jailbreaking their phone and usually this happens with the users who are not that tech savvy, who want to do something beyond Apple's ecosystem and try to test something.
In this process they were able to go beyond the security of Apple and once they go out of the security of Apple, their device gets vulnerable. Up to an extent Apple has controlled that. It is difficult to jailbreak your devices now. The term they use is jailbreak when you go beyond the security permissions of Apple and do whatever you want with your iPhone.
Up to an extent it is very difficult to do that nowadays but still there are certain players who are releasing these type of applications in the public domain and users with the curiosity they try to do that. Second thing is basically which is on App Store itself there are certain fake apps which are named with the name of antiviruses and so on and so forth which sometimes Apple misses to recognise and when you install that app intentionally you are giving permission to that app to control your entire device. So, if an antivirus wants to scan your device, it has to go through your photos, it has to go through your contacts, it has to go through your memory, everywhere.
Is App Store working in India? Are we able to access that? And also is not the App Store supposed to be very safe because there was no third party involvement over there and apparently Apple being Apple used to screen all the kind of new apps which are coming on the App Store and then it was made available to its users. Was not there a security and a safety check and a filter?
It is there. It is like the more you expand, the more you become vulnerable. There are thousands and millions of apps which are available on App Store and up to an extent it has to go through a human check before it goes public.
As compared to Android or Google Play Store, App Store is far better than that.
But still, take an example of 2021. There was a fake antivirus which was selling on App Store with 134 euros for three months and it was there on App Store for more than three months.
Nobody was able to figure it out. So, there are chances where you will be able to recognise these applications and how it goes to attention because there are certain users who are commenting on that app in the comment section of the review that after installing this my iPhone got slow, there are certain new icons I can see on my smartphone which we have not seen before and so on and so forth.
So, now talking about these loopholes and talking about these kind of leakages, how you as an Apple user should be practicing your use of Apple phone because it is not only about these vulnerabilities which are increasing day by day, there are other type of news or reports coming up that a specific set of iPhones are hacked or there is some kind of a virus that has been released. How true are these and are Indian iPhones also targeted over here, there is going to be some kind of a cyberattack. How does all this work and why specifically iPhone and is it possible considering that you have an iPhone supposed to be so safe and so secure?
Well, definitely it is possible and if you see the criminals way of doing it, they are not nterested in remote controlling your iOS device, but moreover they want to try to play within the device certain applications which can be payment application and so on and so forth.
So, they more use iPhone as a communication where you will get a phishing link in your SMS and your iMessages were not able to detect that and then you click on that and you land somewhere else.
On the other hand side, I think iPhone has given certain things to really ensure the safety of the users but usually people do not enable that.
And the first and most important is the updates. Most probably in one month they release one to two updates on security only. They do not disclose what they are patching but they just release an update that this is a security update.
Please do not miss that. No matter how slow is your phone, those security updates will never slow your phone that is point number one. Second is whenever you are using an iPhone on a public platform like Wi-Fi and so on and so forth, use any free VPN which is available which will help you to secure the communication happening on your iPhone to the Wi-Fi and if possible, use your mobile data only on your iPhone.
And the third one is that if you will receive any configuration setting which usually comes in an SMS, I am not able to describe you in a verbal manner but there is a concept known as configuration profile which usually gets installed on smartphones by the companies.
Sometimes the criminals will send you the configuration settings via SMS and if you click on those configuration and install in your phone, that is the only way and one of the most popular way to really control remotely your device which is an iPhone.
So, if you take care of these three things, I think iPhone users will be protected and in case you think that your mobile phone is compromised, there is an option given by iOS now known as lockdown. It will limit the access of your phone to the criminal and after locking it, you will be able to see certain patterns, certain mobile indicators that someone is trying to breach into your smartphone. So, if you do all these things, the iOS is secure for you.
Just in case you are able to figure out there has been a security breach on your iPhone, what should be your first step?
I think the first thing you need to do is delete. So, there is an option known as lockdown, please enable that, this will limit the in-and-out communication of your smartphone. For example, it will lock your photos folder. Nobody will be able to get into the phone through a remote access, that means the internet anything any request coming from the internet it will not send anything to that so that means you are offline on your smartphone, you will still be able to use the calls and the SMS and so on so forth and this specific feature was released because it was so difficult for users to really know whether they are compromised or not.
There are certain things which you can see. First, your battery will drain a lot because when there is a consistent connection with your phone, data is coming and going out of your smartphone, even it is sitting on the idle mode. So, your battery will drain very fast. Second thing, you will be seeing certain applications icons on your smartphone which you do not recognise. Third, whenever you will be calling someone or doing any kind of a communication, you will be able to see a beep sign, so there is a kind of a beep which happens on mostly on the GSM calls when the your phone is bugged on iPhone itself.
If you see any of these kind of three signs, immediately start the lockdown mode which is available in your setting and security, you will see within few seconds those application will pop up some messages because they are not able to connect with the internet and you will be able to see that yes, data was going and coming out into the phone which is being blocked now, so that a user can do.
So, when it comes to using secured phones, it is still a hands-down win for iPhone, would you still go for it as compared to any other Android smartphone?
Well, definitely because of budget concerns users usually shift to Android but everyone wants to have iPhone for sure but no one can beat iPhone and their ecosystem when it comes to security.
I want to understand the kind of secure system that is built on an iPhone and why is it called the most safe brand of smartphones.
I just want to mention that say there are two main players in the smartphone market. One is Android and iOS. The main difference why we say that iOS is very secure because this is the only operating system which is very closed in nature. For example, when Google released an Android operating system, all the manufacturing companies like Samsung, Xiaomi, OnePlus, they can take that operating system, do some tweaking, can read each and every line of their operating system, do the modification and then push that thing into their customised hardware.
And now the ownership of that operating system is half with the Google and half with that manufacturer. And if that manufacturer does any mistake, it leads down to a compromised mobile device to the user.
On the other hand side we have Apple whose operating system and its hardware is basically owned by Apple itself. Hence, it is not disclosed to anyone in the public. So, whenever there is a vulnerability which is found on this type of operating system usually before it triggers to the public domain Apple just protects that.
And second thing is the bounty Apple gives to ensure that nobody will publish this. If I found a vulnerability in Apple today, it can give me a more than 1 million dollar based on the seriousness of that vulnerability.
So, no security researcher will release that in public for free instead of going to Apple and telling them that guys I have found this, you can pay me for this vulnerability and they will fix it and that is the reason whenever you see your iPhone weekly, monthly, basically you will not only get the main updation software releases, but also you get security releases also which are like 150 MB, 200 MB. So, in this way Apple is very proactive in terms of securing their users from a hardware point of view and from the operating system point of view.
Here we are specifically talking about iPhone users, I think that is something that is missing on the flashes also and we will get that corrected. But then Rahul I want to understand that what are the vulnerabilities and leakages that are being reported and how true are they?
Well, iPhone if you compare with Android definitely it is secure, but we cannot say that this is 100% safe. And the first and most problem comes to users when they go beyond Apple's ecosystem and when I say ecosystem, I am talking about installing certain apps out of Play Store by jailbreaking their phone and usually this happens with the users who are not that tech savvy, who want to do something beyond Apple's ecosystem and try to test something.
In this process they were able to go beyond the security of Apple and once they go out of the security of Apple, their device gets vulnerable. Up to an extent Apple has controlled that. It is difficult to jailbreak your devices now. The term they use is jailbreak when you go beyond the security permissions of Apple and do whatever you want with your iPhone.
Up to an extent it is very difficult to do that nowadays but still there are certain players who are releasing these type of applications in the public domain and users with the curiosity they try to do that. Second thing is basically which is on App Store itself there are certain fake apps which are named with the name of antiviruses and so on and so forth which sometimes Apple misses to recognise and when you install that app intentionally you are giving permission to that app to control your entire device. So, if an antivirus wants to scan your device, it has to go through your photos, it has to go through your contacts, it has to go through your memory, everywhere.
Is App Store working in India? Are we able to access that? And also is not the App Store supposed to be very safe because there was no third party involvement over there and apparently Apple being Apple used to screen all the kind of new apps which are coming on the App Store and then it was made available to its users. Was not there a security and a safety check and a filter?
It is there. It is like the more you expand, the more you become vulnerable. There are thousands and millions of apps which are available on App Store and up to an extent it has to go through a human check before it goes public.
As compared to Android or Google Play Store, App Store is far better than that.
But still, take an example of 2021. There was a fake antivirus which was selling on App Store with 134 euros for three months and it was there on App Store for more than three months.
Nobody was able to figure it out. So, there are chances where you will be able to recognise these applications and how it goes to attention because there are certain users who are commenting on that app in the comment section of the review that after installing this my iPhone got slow, there are certain new icons I can see on my smartphone which we have not seen before and so on and so forth.
So, now talking about these loopholes and talking about these kind of leakages, how you as an Apple user should be practicing your use of Apple phone because it is not only about these vulnerabilities which are increasing day by day, there are other type of news or reports coming up that a specific set of iPhones are hacked or there is some kind of a virus that has been released. How true are these and are Indian iPhones also targeted over here, there is going to be some kind of a cyberattack. How does all this work and why specifically iPhone and is it possible considering that you have an iPhone supposed to be so safe and so secure?
Well, definitely it is possible and if you see the criminals way of doing it, they are not nterested in remote controlling your iOS device, but moreover they want to try to play within the device certain applications which can be payment application and so on and so forth.
So, they more use iPhone as a communication where you will get a phishing link in your SMS and your iMessages were not able to detect that and then you click on that and you land somewhere else.
On the other hand side, I think iPhone has given certain things to really ensure the safety of the users but usually people do not enable that.
And the first and most important is the updates. Most probably in one month they release one to two updates on security only. They do not disclose what they are patching but they just release an update that this is a security update.
Please do not miss that. No matter how slow is your phone, those security updates will never slow your phone that is point number one. Second is whenever you are using an iPhone on a public platform like Wi-Fi and so on and so forth, use any free VPN which is available which will help you to secure the communication happening on your iPhone to the Wi-Fi and if possible, use your mobile data only on your iPhone.
And the third one is that if you will receive any configuration setting which usually comes in an SMS, I am not able to describe you in a verbal manner but there is a concept known as configuration profile which usually gets installed on smartphones by the companies.
Sometimes the criminals will send you the configuration settings via SMS and if you click on those configuration and install in your phone, that is the only way and one of the most popular way to really control remotely your device which is an iPhone.
So, if you take care of these three things, I think iPhone users will be protected and in case you think that your mobile phone is compromised, there is an option given by iOS now known as lockdown. It will limit the access of your phone to the criminal and after locking it, you will be able to see certain patterns, certain mobile indicators that someone is trying to breach into your smartphone. So, if you do all these things, the iOS is secure for you.
Just in case you are able to figure out there has been a security breach on your iPhone, what should be your first step?
I think the first thing you need to do is delete. So, there is an option known as lockdown, please enable that, this will limit the in-and-out communication of your smartphone. For example, it will lock your photos folder. Nobody will be able to get into the phone through a remote access, that means the internet anything any request coming from the internet it will not send anything to that so that means you are offline on your smartphone, you will still be able to use the calls and the SMS and so on so forth and this specific feature was released because it was so difficult for users to really know whether they are compromised or not.
There are certain things which you can see. First, your battery will drain a lot because when there is a consistent connection with your phone, data is coming and going out of your smartphone, even it is sitting on the idle mode. So, your battery will drain very fast. Second thing, you will be seeing certain applications icons on your smartphone which you do not recognise. Third, whenever you will be calling someone or doing any kind of a communication, you will be able to see a beep sign, so there is a kind of a beep which happens on mostly on the GSM calls when the your phone is bugged on iPhone itself.
If you see any of these kind of three signs, immediately start the lockdown mode which is available in your setting and security, you will see within few seconds those application will pop up some messages because they are not able to connect with the internet and you will be able to see that yes, data was going and coming out into the phone which is being blocked now, so that a user can do.
So, when it comes to using secured phones, it is still a hands-down win for iPhone, would you still go for it as compared to any other Android smartphone?
Well, definitely because of budget concerns users usually shift to Android but everyone wants to have iPhone for sure but no one can beat iPhone and their ecosystem when it comes to security.
Read More News on
(What's moving Sensex and Nifty Track latest market news, stock tips and expert advice, on ETMarkets. Also, ETMarkets.com is now on Telegram. For fastest news alerts on financial markets, investment strategies and stocks alerts, subscribe to our Telegram feeds .)
...moreDownload The Economic Times News App to get Daily Market Updates & Live Business News.
Subscribe to The Economic Times Prime and read the Economic Times ePaper Online.and Sensex Today.
Top Trending Stocks: SBI Share Price, Axis Bank Share Price, HDFC Bank Share Price, Infosys Share Price, Wipro Share Price, NTPC Share Price
Read More News on
(What's moving Sensex and Nifty Track latest market news, stock tips and expert advice, on ETMarkets. Also, ETMarkets.com is now on Telegram. For fastest news alerts on financial markets, investment strategies and stocks alerts, subscribe to our Telegram feeds .)
...moreDownload The Economic Times News App to get Daily Market Updates & Live Business News.
Subscribe to The Economic Times Prime and read the Economic Times ePaper Online.and Sensex Today.
Top Trending Stocks: SBI Share Price, Axis Bank Share Price, HDFC Bank Share Price, Infosys Share Price, Wipro Share Price, NTPC Share Price
Pick the best stocks for yourself
Powered by
Get Unlimited Access to The Economic Times
