In their ’25 Years of Vulnerabilities’ study, SourceFire — a firm that focuses on providing network security solutions to companies — has revealed iPhone has 81% of all smartphone operating system vulnerabilities, followed by Android (9%), Windows Mobile/Phone (5%), and BlackBerry (4%). SourceFire based its conclusions upon data gathered by Common Vulnerabilities and Exposures (CVE) data and National Vulnerability Database (NVD) since 1988.
If you are surprised by this finding, don’t be. The reasons why iPhone — and by association, iOS — has the lion’s share of vulnerabilities is actually quite simple: popularity and Apple’s walled garden.
Earlier this month, I posted an article about how Android accounts for roughly 79% of all mobile malware apps. In the article I explained the reason Android is targeted by malware app developers is because a) Android is very popular, so scumbags have a better chance of infecting people and b) it is fairly easy to install apps from non-official sources (aka sideloading) on Android, which makes it easier to get malware apps installed on devices.
Apple, on the other hand, is very restrictive about which apps can be installed on iOS/iPhone. In fact, you can only download and install apps from Apple App Store (unless you jailbreak, which most people don’t do). So scumbags looking to attack iPhone users don’t have a very good chance of getting malware apps installed on iDevices. However, scumbags still want to attack iPhone due to its popularity — the same idea of “best bang of the buck” I mentioned in the above-referenced Android article. Since crackers cannot infect iPhones vis-a-vis apps, they look for operating system vulnerabilities. This is primarily the reason why iPhone has 81% of all mobile operating system vulnerabilities found over the past twenty or so years.
However, put all logic aside. I just want to see how iSheep justify these findings; they do, after all, jump all over Android for having malware apps (and rightly so, by the way — Google should have better control over Play Store). So will they be as willing to bash on Apple? I doubt it. Excuses coming in 3… 2… 1…