The Macalope: It's dumb work if you can get it
All too often, delving into an egregious act of silly punditry is like peeling an onion of dumb. So many stupid, stinky layers.
First layer in today’s exercise: Writing for Forbes, Erika Morphy says: “Hackers Attack Activists Through Their Androids. Is Apple Next?” (Tip o’ the antlers to the Jony Ive parody account on Twitter.)
First rule of punditry: Anything that happens must be made to be about Apple. And if it’s something bad, so much the better.
This piece is not exactly Morphy’s own brainchild. In fact, it takes so many cues from a piece by Mike Murphy in the Mercury News that Morphy and her editor (if Forbes even uses editors) didn’t notice Murphy’s misspelling of “Kaspersky” and just perpetuated it.
Murphy to Morphy to crap. Worst double-play combination ever.
… Apple’s mobile world is surprisingly open to hackers.
Sure, that’s certainly been the defining iOS experience, right?
iOS was found to be the most vulnerable in a report by SourceFire …
Reading comprehension is clearly not a requirement for Forbes contributors. Surprise!
… which found 233 vulnerabilities in the platform.
Morphy, like Murphy, links to ZDNet, which does not fail to provide a salacious headline: “iPhones most ‘vulnerable’ among smartphones.”
That is, of course, not what the study done by SourceFire and quoted by ZDNet’s Ellyne Phneah found. No, what SourceFire found was 233 historical vulnerabilities. Yes, the Macalope hopes you like cherries, because these cherries are particularly ripe and delicious and now all over the Macalope’s screen and keyboard, and oh great, that’s gonna void his AppleCare.
Yes, SourceFire reviewed vulnerabilities over the past 25 years and found that, historically, iOS had the most of any currently available mobile operating system. Historically. As in “in the past.” Because some of these vulnerabilities date back to iOS 1 and have long since been fixed.
We don’t need to point out that iOS has been around longer than Android, so Apple’s platform would logically have a longer history of vulnerabilities. And we don’t need to point out that iOS’s update percentage is unparalleled, so far more users benefit from patches than on Android. No, there are two simple reasons why this number is so large, if you want to try to understand things instead of just bait for links. First, as the SourceFire researcher noted:
With Android devices, cybercriminals see less reason to look for vulnerabilities to penetrate smartphones, he added.
In other words, one of the primary reasons more vulnerabilities are found for iOS is because that’s the only way to crack it. With Android, you just have the user install an app. Boom.
On top of that, however, is the fact that users often take advantage of these vulnerabilities to jailbreak iOS. That drives a lot of the research.
These two worlds—smugly complacent Apple users and an iOS apparently riddled with vulnerabilities—will surely collide sooner or later, probably sooner.
Like … right now!
How about … now?!
Huh. Well, it’ll be someday soon and for the rest of your life, you can be sure! Even if iOS is more secure now than it has ever been.
Look at the rise of adware aimed specifically at Macs, which has been rising since the beginning of the year, according to Russian anti-virus company Doctor Web.
No! Actually, don’t! The two are nothing alike! Those exploits succeed on the Mac because users can install outside applications. They can’t do that on iOS.
The stupid thing about this (well, one of the stupid things) is that the Kaspersky report that Murphy and Morphy cite makes no mention of iOS. It’s an Android-specific attack into which Murphy nonsensically ropes the iPhone.
The Macalope asked Rich Mogull of Securosis about SourceFire’s report, and he said:
As someone with a history degree, I’m always interested in the past, but when it comes to vulnerabilities, historical counts tell you nothing about the present. This is especially true since vulnerabilities aren’t exploits, and iOS is holding up just fine when it comes to security, with no widespread malware or malicious attacks since it debuted.
Unlike Android. (Mogull also has his own response to Morphy's piece.)
Let the horny one be perfectly clear here: No operating system is perfect. Not iOS, and certainly not Mac OS. And Apple’s track record on security is not good. But trotting out meaningless statistics and yelling “Boogah-boogah!” is not science. It’s headline trolling.