In fact, AI researchers say they actually had an easier time finding signs of hacking and investigating Apple devices targeted by Pegasus malware than Android ones.
“In the AI experience, there are many more forensic traces that investigators can access on Apple iOS devices than on stock Android devices, and therefore our methodology focuses on the former,” the group wrote in a lengthy report. Technical Analysis From his findings on Pegasus. “As a result, the most recent cases of Pegasus infection have involved iPhones.”
Some of the focus on Apple also stems from the company’s focus on privacy and security in the design and marketing of its products.
“Apple is trying, but the problem is that it’s not trying as hard as its reputation suggests,” says Matthew Green, a cryptologist at Johns Hopkins University.
Even with its more open approach, Google faces similar criticism about security researchers’ access to its mobile operating system.
“Android and iOS have different types of records. It’s really hard to compare them,” says Zoch Avraham, CEO of ZecOps analysis group and a longtime advocate for access to mobile system information. “Each one has an advantage, but both are equally inadequate and enable the actors to hide.
It seems that both Apple and Google are reluctant to reveal more about the digital sausage industry. While most independent security researchers advocate this shift, some also acknowledge that increased access to the telemetry system would help bad actors as well.
“While we understand that permanent records will be most useful for forensic uses such as those described by AI researchers, they will also be useful to attackers,” a Google spokesperson said in a statement to WIRED. . “
“Apple unequivocally condemns cyber-attacks against journalists, human rights activists and others who strive to make the world a better place,” said Ivan Krstic, Apple’s chief of security engineering and engineering, in a statement. For more than a decade, Apple has led the industry in Security innovation, and as a result, security researchers agree that the iPhone is the most secure consumer mobile device on the market.Attacks like the ones described are highly complex, cost millions of dollars to develop, often have a short lifespan, and are used to target specific individuals.Whereas This means that they do not pose a threat to the vast majority of our users, we continue to work tirelessly to defend all of our customers, and are constantly adding new protections for their devices and data.”
The trick is to strike the right balance between serving more system pointers without inadvertently making the attackers’ tasks much easier. “There is a lot that Apple can do in a very secure way to allow monitoring and imaging of iOS devices to catch this kind of bad behavior, yet it doesn’t seem to be treated as a priority,” says iOS security researcher Will Stravach. “I’m sure they have fair political reasons for that, but that’s something I don’t agree with and I’d like to see changes in that thinking.”
Thomas Reed, director of Mac and mobile platforms at antivirus maker Malwarebytes, says he agrees that more insight into iOS would benefit user defenses. But, he adds, allowing private, trusted monitoring software will bring real risks. It points out that there are actually suspicious and potentially unwanted programs on macOS that the antivirus can’t completely remove because the operating system gives them that special kind of system trust, which is probably in error. The same problem with rogue system analyzers will inevitably appear in iOS as well.