Trojan, virus...?

Discussion in 'iOS Programming' started by detz, Aug 5, 2009.

  1. detz macrumors 65816

    Joined:
    Jun 29, 2007
    #1
    I'm surprised this hasn't been developed yet...or, it has it just hasn't been found. I could think of a few that would be easy to do and if attached to a "real" app would be easy to sneak past Apple. I'm guessing there are some out there waiting to pounce.
     
  2. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #2
    So, you're encouraging the development of trojans / viruses for the iPhone? :mad:
     
  3. kainjow Moderator emeritus

    kainjow

    Joined:
    Jun 15, 2000
    #3
    What would it do exactly that would "harm" your phone? It can't touch other files, it can't run itself or another process as root...
     
  4. detz thread starter macrumors 65816

    Joined:
    Jun 29, 2007
    #4
    Not encouraging thus the reason I didn't put how/what do to. I'm just surprised there hasn't been anything yet. You don't need root, some of the API's allow certain things that could show cause for concern.
     
  5. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #5
    Many people, including reviewers, have accused my app, [app]a.k.a.[/app], of using social engineering to steal people's identity. Of course, it doesn't, but if it did, I wonder if Apple would pull an "Aurora Feint" on me.
     
  6. admanimal macrumors 68040

    Joined:
    Apr 22, 2005
    #6
    Creating a trojan that is anything but annoying is pretty much impossible using the official SDK. Creating a virus (i.e. an app that replicates and propagates to other phones) is impossible without some genius hacking.

    In either case, you have to remember that Apple maintains a currently empty blacklist of apps that can be disabled remotely, which would further mitigate any potential harm.
     
  7. PhoneyDeveloper macrumors 68030

    PhoneyDeveloper

    Joined:
    Sep 2, 2008
    #7
    Few comments:

    What if someone wrote a trojan/virus that only attacked jailbroken phones?

    The way that apps are distributed from a central repository, or even on jailbroken phones from web sites, makes it hard to see how malware could propagate from one phone to the next.

    A trojan that gathered valuable info from a phone and sent it to a server might be a more likely strategy.

    There is code that runs in the sandbox that can access data and hardware from outside the sandbox. This includes everything from the size and orientation of the display, taking a picture, getting files from the camera roll, and a bunch more. There could be security holes in any of the UIKit code that does those things. So it might be possible to find out how some of that functionality works and duplicate it or subvert it. FWIW, I've never tried to do anything like that and Apple's engineers aren't dummies to it's certainly going to be hard and might be impossible. gdb can connect to your device over USB and do more-or-less what it likes.

    Given Apple's control over the distribution of software it seems like it would be impossible to distribute malware and completely get away with it. They would figure out how it was done and who did it. OTOH, it should be impossible to jailbreak phones and it would seem that Apple would have a great motivation to fix that problem but they appear to do nothing about it.

    There's no malware on MacOS X so it must be a hard task.
     
  8. newb16 macrumors regular

    Joined:
    Feb 27, 2008
    #8
    It's like writing a trojan that attacks linux machines - there are few and operated by more or less computer-savvy pepole that will not download random executables from spammed attachments.

    Afaik presence of security holes (in safari?) was demonstrated but as long as macs are not at least 30% of installed units no one will try to build botnet of them.
     
  9. dejo Moderator

    dejo

    Staff Member

    Joined:
    Sep 2, 2004
    Location:
    The Centennial State
    #9
    Ah, the ol' "security through obscurity" myth. Mac OS 9 had viruses and had even less installed base than OS X.
     
  10. mccannmarc macrumors 6502

    mccannmarc

    Joined:
    Aug 15, 2008
    Location:
    Manchester, UK
    #10
    Are symlinks to files in other locations possible in bundles as opposed to real files? That would allow for one hell of an exploit if so
     
  11. PhoneyDeveloper macrumors 68030

    PhoneyDeveloper

    Joined:
    Sep 2, 2008
    #11
    In the 2.x time I read about the ability to have links inside the bundle to files in the sandbox, not outside. This was used to have a link to an icon file so the app's icon file could be changed dynamically. While this did apparently work I don't think any app got onto the appstore that utilized this. I never heard of links to files outside the sandbox working.
     
  12. Kingbombs macrumors member

    Joined:
    Jun 24, 2009
    #12
    No point developing something that will be distributed on the app store
    If it does get through, and it gives phones a virus, then you get a bad review and quite quickly the first few who downloaded it will be the only ones who downloaded it

    Doubt you would make much money for it realistically, thats assuming apple doesn't just reject you, and if it is a virus probably banned
     

Share This Page