back to article Apple is picking off iOS antivirus apps one by one: Who'll be spared?

Confusion reigns over whether or not Apple is really pulling all iOS antivirus apps from its online software store. One leading developer says yes, another says no, and Apple is keeping schtum. Security specialist Intego claims the Cupertino idiot-tax operation has yanked anti-malware tools from the iOS App Store, leaving just …

  1. Rodrigo Valenzuela

    "It seems Apple is acting in the belief that antivirus apps for iOS are either unnecessary or create the wrong impression."

    Sounds a lot like famous last words.

    Admittedly, iOS seems more attack resistant than Android, but if we have learned from the lasts years, there is nothing 100% invulnerable.

    R

    1. Steve Davies 3 Silver badge

      That's a good question

      but I'd be asking this one as well.

      Ok Mr Application Vendor, do the claims you put alongside your product in the AppStore actually hold up to close examination? If they don't then... bye-bye.

      If these products don't 'does what it says on the tin' then they should be booted off. The same goes for any App Store be it iOS, Android or whatever.

      1. Anonymous Coward
        Anonymous Coward

        Re: That's a good question

        You guys are just making Apple's point. Nobody reads product descriptions and they get confused about what an app is supposed to do. The product name VirusBarrier iOS was confusing customers who might think it was supposed to scan the iOS device.

        Intego, if anyone bothered to check, never claimed to scan the iOS device for viruses. They allow the user to scan email attachments and cloud storage for threats so they don't get passed through the device. This particular threat vector is of great concern to enterprises.

        The product description was very clear about this. Problem is, nobody apparently reads the product description and jumps to conclusions.

        1. Sarah Balfour

          Re: That's a good question

          *I* most certainly DO read product/app descriptions, and I can't be the only one, quit making sweeping generalisations!

    2. Shane Sturrock

      Doesn't have to be 100%

      It just needs to be better than the other guy. In the case of Android, there's a lot of potential targets due to the large number of old and vulnerable versions out there. Apple has been much better at supporting their OS, and the biggest danger comes from jailbreaking your phone. Don't do that and it is very difficult for malware to do very much of anything and as another poster pointed out, these anti-virus apps can't do anything inside iOS outside their own sandbox. That said, sure, there can be documents or e-mail on your phone which can have virus infected attachments but frankly, that stuff should be screened at the server end rather than wasting my phone's cycles doing it just to protect another platform. If your device or computer is vulnerable, you deal with protecting it.

      1. big_D Silver badge

        Re: Doesn't have to be 100%

        @Shane, on the other hand there are still an awful lot of iOS devices out there and surveys regularly show that iOS owners are more willing to part with their money for apps and services.

        If you are after syphoning off money as quickly as possible, then iOS is a more alluring target than Android.

  2. aaaa

    Pointless apps?

    I'm no expert on iOS - maybe someone here can explain, how is a anti-virus app on iOS helpful if iOS has no anti-virus API so apps can only access their own memory and their own files?

    Seems like the anti-virus apps are just scanning their own app for viruses. I don't see how in iOS one app can scan another - there is just no API for that.

    1. Anonymous Coward
      Anonymous Coward

      Re: Pointless apps?

      Exactly, this is what the critics are missing. The ones currently available are pure snake oil and can't possibly detect any real viruses or malware on iOS because they don't have the access outside of their sandbox that would be required.

      In order to function as advertised, they'd have to be able to exit their sandbox to dig around the whole iOS memory space. If they were able to do that, they'd be the malware they are tasked with detecting!

      1. jason 7

        Re: Pointless apps?

        But as the recent PWN2OWN showed, sandboxes appear trivial to work around.

        1. jai

          Re: Pointless apps?

          sandboxes on desktops, no?

          is there an article about pwning mobile devices (especially un-jailbroken ones)?

          1. jason 7

            Re: Pointless apps?

            The only systems tested were desktop systems.

            However, as all of the browsers had their 'sandboxes' bypassed I would take from that Sandboxing on any system potentially can be bypassed if required.

            I think the rule of "Don't get cocky kid!" potentially applies to sandboxing.

            1. Anonymous Coward
              Anonymous Coward

              Re: Pointless apps?

              If a method is found to bypass the iOS sandbox, Apple will fix it. It can't be relied on as a way to run AV software, because as I said by definition such software is exploiting a security hole and is therefore the very malware it claims to protect you from.

              So there are two possibilities for every AV app on iOS:

              1) it doesn't work

              2) it is malware

    2. Dan 55 Silver badge
      Alert

      Re: Pointless apps?

      So how did the apps get in in the first place? Either they don't do what they claim they do or they get out of the sandbox and in either case Apple's review process shouldn't have let them in the store.

  3. Anonymous Coward
    Facepalm

    I say, keep picking.

    Given how locked down iOS is, regardless of whether it exposes a large or small attack surface, just what do these anti-virus apps authors think they'll accomplish and how? Some magic extra API that Apple doesn't tell anyone else about? Voodoo?

    Looks like smoke and mirrors to me so I'm glad Apple is weeding out the cruft.

    Before you anti-fanbois start frothing, I'm not stating that iOS is immune from viruses.

    1. Anonymous Coward
      Anonymous Coward

      Re: I say, keep picking.

      Indeed, any anti-malware software would ironically have to use similar exploits to what the malware does.

      These would likely be OS-level exploits, which are Apple's responsibility to fix, not third party vendors.

    2. Dan 55 Silver badge

      Re: I say, keep picking.

      Symbian had a special permission just for antivirus apps so they could get at everything but they needed a special certificate and a special process to get one from Nokia. Maybe iOS has something similar?

  4. sisk

    Those who don't learn from history....

    Apparently Apple doesn't. Will we have to wait 5 years after iOS malware is in the wild behind the walls of the garden for them to admit such software exists like we did with Macs?

  5. Phil Endecott

    The "lookout" app does not claim to be anything like an anti-virus app.

    The "virus barrier" app was apparently a thing that will scan for nasties in e.g. email attachments; it looks like you would choose to "open in..." their app from e.g. the mail app, and it would tell you if it found something matching its signatures. So it is also not an anti-virus product in any conventional sense. Not sure what Apple's objection would be. Have a look at: http://www.intego.com/mac-security-blog/virusbarrier-ios-8-antivirus-malware-scanner-iphone-ipad/ :

    "For instance, email is one of the most common sources of malware in iOS. Once you receive an email attachment, before you open the file you could scan it in VirusBarrier to make sure that it is not infected with malware. Here’s how easy it is to scan these files:

    Hold your finger over the attachment until the share sheet pops up

    In the middle section of the share sheet, select “Open in VirusBarrier”

    The VirusBarrier application will open and perform the scan

    If no malware is found, you can return to the email and feel safe to open the attachment

    If the scan comes up clean and no malware is found, our integrated file reader will open the document for quick and easy viewing, or you can send the file to a remote location, such as Dropbox, for storage.

    *All scans must be done manually; automatic scans or real time scanning are not possible due to Apple restrictions. You may scan entire cloud drives and websites, but email attachments must be scanned individually."

  6. Curly4
    Happy

    If a company wants to make money then keep out all other contenders so all shoppers will have to come to you to get what they want. If the product meets the demand (mostly flashie) of the customers then will pay what the company demands.

    And make billions and billions of dollars.

  7. Anonymous Coward
    FAIL

    Ya know what I love about apple drones?

    How fucking ignorant you all are. Apple OS' are not vulnerability free..... I see it every day. You group of dolts are absolutely clueless!

    1. Wzrd1

      Re: Ya know what I love about apple drones?

      Just what, pray tell, does your rant have to do with the article or any of the comments?

      The alleged antivirus apps would require kernel level access in order to access the filesystem. No downloaded app store app can do that. Hence, the removed apps are bullshit apps that operate only in their own sandbox and hence, cannot access the full filesystem.

      So, who is the drone? The one who gave a reasoned and knowledgable response on the capabilities of the software and OS or the one who reasonlessly bashes a product's users?

      Now, please excuse me. I have to get back to supporting Linux, Unix, Windows and OS X systems security.

      1. Anonymous Coward
        Anonymous Coward

        Re: Ya know what I love about apple drones?

        Just what, pray tell, does your rant have to do with the article or any of the comments?

        Ummmm.....that apple drones believe that there is no reason to check for malware because of a superiority notion that apple operating systems are not targeted and the mother-ship is protecting them from the worlds worst. I hear the same bunk @ work .... " There isn't any malware targeting apple OS' " - WRONG!

        You don't think the NSA is going to let you people walk around unchecked, do ya? So go back to your sandpit and insert head.

  8. Lee D Silver badge

    They pull this stuff but:

    I have a few hundred iPads in a school. If we want to roll out apps without getting them all in and doing them manually, we need the Apple MDM function of "allow installing apps". Doing that with kids means we need to be able to restrict things somehow, even in a BYOD situation. So we enforce age ratings on apps and deny other content entirely.

    Apple, however, allow free VPN apps that are sold as "bypassing filters" to be tagged as 4+. And REFUSE to change the rating even after many heated requests. They say it's up to the app author to change the rating. The app is *marketed* as being able to evade filters and age restrictions for Internet access, however, so the app maker has no interest in doing so.

    And that's it. One kid installing one free app, and all your web filters, logging, security, email/web scanning etc. are useless.

    Yet, Chrome - that they put an 18+ rating on without warning because "it allows unrestricted access to the Internet".

    Honestly, Apple have NO CARE for the use of their products in business or education, so long as they make the initial sale.

    1. jason 7

      Maybe it's something to do with Chromebooks slowly replacing all those iPads every school was so keen to get.

  9. Anonymous Coward
    Anonymous Coward

    Have to agree that AV seems like a scam on iOS. If it gets out of its app sandbox to scan around in the system, that's a bug that needs squashed by Apple.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021