iPad: Anything But Leak Free

With the recent release of Apple’s new and anxiously awaited iPad, the channel and the consumer market are all buzzing over the features and possibilities of this device.  As well they should – the highly anticipated iPad is not only the latest and greatest offering by the gadget giant, but brings to the market a new and unique device to be considered by businesses, public entities and home users as well as an on-the-go technology solution.  As portable entertainment was revolutionized by Apple’s iPod, the iPad should have a similar affect on the mobile computing and communications market, in due time.

But with it come the inevitable problems and dangers of any new platform.  Problems that iPad users should keep in a mind and also consider while looking at the iPad as a solution.

Is iPad leaving users with a false sense of security?

Is iPad leaving users with a false sense of security?

For years part of Apple’s marketing campaign included the underlying message, “No Windows, no viruses.”  While this may be true to an extent, it doesn’t mean that there are no security flaws in their products.  And while the ultra-mobile iPad may not be vulnerable to such issues right now, that doesn’t mean that it never will be.

Part of Microsoft’s problem with security through the years is simply the breadth of their products usage in the business and government sector.  While approximately 98% of all desktops in these markets run a Windows O/S, the odds are good for the bad guys that they will find an open port or a vulnerable system somewhere.  As the iPad becomes more popular it too will become more frequently targeted, and more frequently hit by the bad guys.  Think of it as a numbers game; the more of them there are out there, the more attractive of a target it becomes.

Since it runs a very similar operating environment as the iPhone and the iPod Touch, distribution of malware that can exploit browser based vulnerabilities in these devices are equally effective, and all of these devices are currently vulnerable to numerous web kit attacks.

Along with that is Apple’s attempt to keep applications on these devices proprietary – meaning you have to go to Apple to get their officially licensed software for them.  Jailbreak attacks have grown in popularity as users and hackers alike attempt to open their iDevices to applications and software other than those sold by Apple.  As always with these applications it is, “buyer beware,” and you can bet not all of them are designed to be the user’s friend.

You might be asking, “So, some security software should cover these problems, right?”  Well, that would be the case, except there are no anti-virus or firewall options for the iPad.  With the ability to access public WiF and hotspots, the iPad is touted as a convenient mobile internet device.

But, would you consider doing internet banking on public network on a Windows laptop without having a firewall or encrypted connection?  I hope not – unfortunately without any built-in firewalls, that is exactly what you would be doing using an iPad for these purposes.  Lacking this feature will inevitably make for easy access for mobile hackers looking to steal personal information.

Compounding that is iPad’s lack of any comprehensive encryption and password protection.  A serious concern for a device designed to be used for mobile e-mail and internet capabilities.

Apple has marketed iPad as a robust media device, which also offers hackers a varied platform for attacks.  Just prior to the release of the iPad, Apple distributed patches to address 88 different vulnerabilities for Mac OS X, Quicktime and iTunes.  However, there are still security issues and known vulnerabilities in Quicktime, which is embedded as OS X’s default media player, as well as known exploits found in iTunes, CoreAudio and ImageIO. 

The media capabilities and security issues present can also allow malicious code to be embedded into media sent through e-mail via video CODECS or into phishing e-mails with fraudulent web links.

So with advancement and possibilities, the warnings should also be noted.  Identity theft continues to rise – and the best defense against it is being aware of where the threats can come from.  The iPad is a great device in concept, but my road-tested ThinkPad is still a durable platform and I’ll be waiting for the release of iPad 2.0 before jumping on this bandwagon!