Well, Apple is everywhere in the news these days … I really enjoyed the news of the first iPhone worm being unleashed in Australia. The question I ask today is: how bad is that news?
It sure sounds bad at first. worms are not the kind of beasts that we want to see on our mobile devices. And a worm that gets on your phone on shared WiFi connections could lead to a lot of paranoia in California’s Starbucks.
Now wait, this worm only attacks jailbroken iPhones. As such, it is at least good news for Apple, as it makes people realize that jailbreaking your iPhone may have consequences, not all good. By extension, it is good news for all the actors that rely on Apple’s closed platforms and on other similar platforms.
Now, this is not the last bit of it. Even for Apple, the news aren’t all good. The worm doesn’t affect all all jailbroken iPhones, but according to Wired,
jailbroken iPhones whose owners have installed SSH and neglected to change the default root password, “alpine.”
If this is right, it sounds quite scary. Does it really mean that iPhones are Unix-based machines that all have the same root password, that the user can’t change (unless they jailbreak their phone)? For me, that entails that if a hacker is able to somehow very very partly jailbreak an iPhone using a worm or other malware, they won’t encounter much resistance from root passwords.
This is really bad news, and could be by itself a good reason to jailbreak an iPhone. And of course, it makes me wonder about the protection of my own (Linux-based) Android phone.