Daniel Eran Dilger in San Francisco
Random header image... Refresh for more!

Kim Zetter and the iPhone Root Security Myth

200710231834
Daniel Eran Dilger
Writing for Wired, Kim Zetter published an article that attempts to portray the iPhone as a security boondoggle on the order of Windows 95, due to fundamental mistake Apple made in designing it. Fortunately, Zetter is wrong, here’s why.

Updated: Kevin Poulsen Attacks Ron Paul, iPhone, Mac Users In a Single Broad Brush of Wired Incompetence.

Irony of Ironies.
At first blush, an article about wireless devices in Wired Magazine seems a bit contradictory. Then again, this is a publication that differentiated itself by putting frantic yellow text on lime green pages. Perhaps ‘Wired’ is really just an allusion to hypercaffeination. It also seems ironic that Zetter’s headline, “IPhone’s Security Rivals Windows 95 (No, That’s Not Good),” slavishly conforms to conservative style guidelines that refrain from starting a sentence with trademark that is not supposed start with a capital letter.

Dear Wired: you print your own name in wildly alternating fonts; live a little and print a headline that starts will a small letter. I dare you. I also dare you to have Zetter rewrite the article after interviewing more than one source. Perhaps this would result in an informed, balanced piece rather than a simple regurgitation of the message one individual fed her as a story.

After all, if you’re going to carefully follow the formal style of punctuation from the turn of the last century, you might as well go all the way and write actual content that has been researched as proper journalism.

The Root of All Evil.
Zetter’s article revolves around the idea that because the iPhone runs all its internal applications as the same root user account, users are imperiled by potential crisis. How bad is it? Windows bad, at least according to Zetter’s headline.

“Every application on the device — from the calculator on up — runs as ‘root,’ i.e., with full system privileges,” Zetter noted. “As a result, a serious vulnerability in any of these applications would allow hackers to gain complete control of the device.”

Let’s make that simpler. A serious vulnerability in anything would allow hackers to gain complete control of anything.

Or paring down the details to bare truth: A Possibility of an Undesired Result would allow, possibly, an Undesired Result.

Zetter, thank you for alerting us to the universal nature of cause and effect. However, the real issue you should have examined is: does the architecture of the iPhone actually make it more vulnerable than other products? Would changing things make a real difference?

The Panic Worm.
To provide some context for the level of panic Zetter wants readers to take away, she compares the iPhone’s design to Windows by referencing the “plague of Internet malware” that has caused billions in damage and interruption–as well as untold annoyance–to users from the widely publicized Melissa virus outbreak in 1999 to the more recent Storm worm.

Windows doesn’t have a “root user,” but users logged in as an administrator–which Windows makes the default setting–do have the ability to do most anything on the system. Even worse, other programs can install and perform actions without the user even being aware of it. This is the real reason Windows systems are plagued with malware; simply browsing the web or reading email could result in malware being installed.

Microsoft’s “solution” to this problem in Vista is to pop up UAC warnings every time anything happens. This puts the burden of security upon users, who are effectively trained to click “OK” repeatedly rather than to only examine the legitimacy of an unusual event.

However, Zetter’s mention of Melissa is interesting because that worm, which shut down networks and embarrassed Windows administrators at the height of the dotcom boom, had nothing to do with privilege escalation. “Hackers” didn’t exploit a vulnerability to gain access to Windows and take over full control of the system in the Melissa outbreak.

In reality, Melissa was just an Office macro virus, which–acting as the regular user–carried out a scripted task of sending itself to the top fifty users of their Outlook address book. It then copied itself into all their Word documents as a Word 97 macro, and then attempted to email those documents out randomly to other users. Later variants would also attempt to delete files on attached Windows network shares.

Similarly, the Storm trojan has nothing to do with privilege escalation either. It is also sent by email, with provocative messages designed to entice the user to open the attached script. Windows runs the malware upon opening it, and it installs a hidden Windows service that acts as part of a distributed spambot network, forwarding itself out by email at hundreds of messages per minute.

Certainly Wired editors should know that root access or administrative privilege is not required for sending out emails or deleting one’s own files. Administrative privileges are apparently also not required for printing sensationalist, uninformed articles either.

200710231835-1

The Windows Security Crisis.
The security problems Zetter identified relate to the poor design and implementation of Office and Windows–and not just the decade-old Windows 95, as the headline tries to suggests. Microsoft scrambled to address these issues with Windows XP service pack 2, a distraction that helped delay the company from releasing Vista as intended. Vista also attempts to create further safeguards, although its UAC solution has been universally panned as a “sad realization.”

However, while Windows does have privilege escalation flaws on an architectural level, its security problems are not all related to security escalation, as Zetter’s own examples demonstrate. In fact, the most problematic issues with Windows aren’t related to “running as root,” but rather running automated, invisible actions as the regular user, without their knowledge.

Nobody needs root access to delete their own files, or to email out their sensitive documents to random people who happen to be in their contact list. Windows and Office have made automating those types of actions embarrassingly easy for scripts launched from emails to do. This is the problem behind the Windows Security Crisis, not some imagined elite team of hackers who painstakingly crack through real security just to look at our photos.

iPhone Security Cake, And Eating it Too.
In contrast, the iPhone won’t run scripts you send it in emails and it won’t execute ActiveX plugins as Internet Explorer does; even the most determined user can’t run software of any kind on it without using other hardware and the Unix command line to break down its security skin first.

There are no SD card slots that offer to automatically execute any code that might be copied to a memory card when inserted as a Palm OS phone will, and there’s no provision for installing software downloads of unknown origin, as Windows Mobile and most Symbian phones will be happy to do. There’s simply no way to run code on the iPhone, outside of its web application platform within Safari.

And of course, that is what hackers have been complaining about, and what uninformed media columnists have been whining about as if they were the last advocates of the public good on Earth, or perhaps modern day Ronald Reagans demanding “Mr Gorbe-Jobs, Tear Down This Wall!” Yes, very teary and profound, but not very informed.

10 FAS: 10 – Apple’s Mac and iPhone Security Crisis
The iPhone Web Platform.
Those same know-it-alls who seem to think they steer the captains of industry from their populist pulpits were also in the same breath outraged to find that the iPhone might have potential vulnerabilities. Sure enough, there were soon documented flaws in the web interface offered by Safari, after it was found to incorporate open source software with some previously discovered flaws.

The thing is, we know a lot about web security. The web is also quite restrictive, and therefore has a finite number of vectors for attack. Unless you add something new, such as Flash or Silverlight or ActiveX, the actual functionality of the web is hard to exploit in unknown ways. We know most of them. That’s why Apple released the web interface as the only way to build third party applications at the iPhone’s launch, and why it’s taking another several months to gestate plans for an SDK with more native access to the iPhone’s internals.

Imagine if Apple had released the iPhone in June with the door wide open to throw on any software. Is it perhaps likely that the first implementation of Apple’s Cocoa development tools ever ported to ARM might have some initial flaws? Perhaps even many times more flaws than the well documented, highly restrictive environment provided by Safari and the well vetted, mature open source code Apple incorporated with it?

Steve Jobs Ends iPhone SDK Panic
Security Myth-Mongering.
There are a lot of reasons for complaining about iPhone security–including making a name for yourself as a security researcher–but nobody can seriously compare iPhone security with that of other mobiles, nor that of Windows on the desktop. Anything that can load software of any kind is automatically more vulnerable to attacks than the iPhone.

In addition, the iPhone is at the top of everyone’s tongue, so if there were any actual problems in the wild, they’d be on the front page. Zetter imagineers scenarios where rogue applications take over one’s iPhone to spy on them, take photos, and track their location via WiFi. Oh please, the virus market on Windows is funded by spam; there’s no incentive behind Hollywood-style fantasy viruses that do such things on an individual level. Who is going to develop custom applications targeting 1% of the mobile industry to covertly snap pictures of users’ pockets?

Such frantic, uninformed scare mongering belongs in one of the many anti-iPhone blogs run by Rob Enderle, who similarly imagined scenarios involving the violent death of children, murder, and rape, all of which were somehow connected to the iPhone.

Why Dan Frommer and Scott Moritz Are Wrong on iPhone Sales: It’ll Be the Death of You

Inside Vulnerability.
Zetter clearly does not understand the subject matter she presents, and should not be writing about it without first passing her copy to someone with security credentials. She also should have talked to more than just one source; in this case it was Dan Geer, who only seems to be an expert at being an expert. What’s next, an article on global warming, interviewing science fictionalist Michael Crichton?

Zetter wrote, “Computer security professionals call the iPhone design flaw a fundamental mistake, and say that Apple should have known better,” citing Geer as saying, “The principle of ‘least privilege’ is a fundamental security principle.” Yes, and what phone has fewer privileges that the iPhone?

Your internal organs are highly vulnerable to infection, but that’s why you keep them wrapped up in skin. Being vulnerable on the inside isn’t something to worry about unless you plan to rip things open. That’s why it’s a challenge to provide a secured development environment for mobiles. Apple is giving things some thought to prevent another disaster on the order of Windows.

The Root Myth.
Insisting that the iPhone’s internal architecture is a house of cards because it all runs as processes as root ignores the fact that the vast majority of malware doesn’t have to run as root. In fact, most everything a user cares about on the iPhone is user data.

Are Zetter and the iPhone Root Scare Mongers really trying to say that Apple could design the iPhone so that users wouldn’t have access to their own data, or wouldn’t have permission to use the camera or to send messages? Any compromised user account could do everything the user can do. User permission limitations only matter if you have multiple users and don’t trust some of them.

“Running as root” has become such a sensationalized buzzword that the underlying idea has been lost. A similar thing happened to the concept of a “firewall,” which many pundits are prattling off as another supposed omission from the iPhone. Real security is an engineering effort, not a marketing exercise.

While sandboxing externally-facing apps with an inert barrier of non-privilege makes sense, the privilege levels of internal, inaccessible applications don’t really matter. That’s why the US Army famously chose to use classic Mac OS servers running WebSTAR to run its website in 1999. While the Mac OS didn’t have amazing security features–and nothing at all in terms of user permissions–it was very secure as a web server because there were no significant external interfaces for attackers to exploit, unlike Windows NT, which was being exploited regularly, much to the embarrassment of the Army.

The Mac Observer–StarNine Makes It Official – WebSTAR/MacOS Replaces Win NT For Army

Dealing with Malware.
The biggest problem for Windows PC users infected with malware isn’t that they lose some type of “root access,” but that a messed up PC is very difficult to fix. There’s no simple way to pull all your data from an infected PC and reinstall everything without wasting a lot of time and likely losing data and settings that are stored who knows where in the system. It’s also a huge pain to have to reinstall all of your PC applications again because of the design of the Windows Registry.

Road to Mac OS X Leopard: Parental Controls and Directory Services: Microsoft’s Windows Registry – AppleInsider

On a Mac, you could do an archive install and cleanly wipe out just the hypothetically infected system, leaving applications and data intact. On the iPhone, iTunes does all that itself. If the iPhone were breached by a nefarious attack, all a user would have to do is sync their data and reset the phone from iTunes, which would reinstall all the system software fresh and resync their data and configurations on top.

In any case, the entire premise of Zetter’s article is flawed; running services as root makes no difference to users, and does not expose them to special rings of evil. Apple has also released rapid patches for addressing vulnerabilities that have been found. Incidentally, they were found in large part because the iPhone is built using a lot of publicly scrutinized, mature code.

Windows isn’t; its a black hole of proprietary software that is only “open” in the sense of Pandora’s Box. Which is why Windows–and not just Windows 95–most certainly does not rival the security of the iPhone, hypothetically or in practical terms.

For her outstandingly poor research and sensationalist, emotional pandering, Kim Zetter gets a Zoon. Thanks to Mardis Coers for providing a nomination.

Technorati Tags: , , , , , , ,

35 comments

1 NorCalBolt { 10.23.07 at 11:32 pm }

“What’s next, an article on global warming, interviewing science fictionalist Michael Crichton?”

Actually Michael Crichton’s Book ‘State of Fear’ is provided with footnotes and a full bibliography to support all the facts used in this fiction novel.

Otherwise you made valid points in your article about the inherent flaws in Windows Mobile.

2 lightstab { 10.24.07 at 12:03 am }

Yeah, Yeah, Dan, okay, we get it⎯she’s a hack with no grasp of what she speaks, but would you date her, that’s the question?

You do know that Ms. Zetter lives in Oakland, right? Right across the Bay. Yeah, she doesn’t understand the most fundamental security concepts and she may even be a paid shill and for all we know, have a crush on Ballmer, but she can write⎯mostly about fine dining and Kabbalah, but who knows, you might even get lucky… she may even hate Bush.

And nice article by the way.

3 jdoc { 10.24.07 at 12:36 am }

“On the iPhone, iTunes does all that itself. If the iPhone were breached by a nefarious attack, all a user would have to do is sync their data and reset the phone from iTunes, which would reinstall all the system software fresh and resync their data and configurations on top.”

This is very true, and a great feature. When I upgraded to the 1.1.1 software, iTunes for some reason kept giving me an error, stating ” please restore the iPhone software”. Of course, my heart dropped to my feet as I hit the ‘restore’ button and watched the ‘erasing data’ message come up. But after all was said and done, my iPhone was restored to exactly the same state as before the restore- right down to the background picture and all of my notes. Great job Apple!

4 Apple Blog » Kim Zetter and the iPhone Root Security Myth { 10.24.07 at 2:13 am }

[...] danieleran put an intriguing blog post on Kim Zetter and the iPhone Root Security MythHere’s a quick excerptWriting for Wired, Kim Zetter published an article that attempts to portray the iPhone as a security boondoggle on the order of Windows 95, due to fundamental mistake Apple made in designing it. Fortunately, Zetter is wrong, here’s why. … [...]

5 Iphone | Apple | Mac Blog » Kim Zetter and the iPhone Root Security Myth { 10.24.07 at 2:20 am }

[...] danieleran placed an interesting blog post on Kim Zetter and the iPhone Root Security MythHere’s a brief overview [...]

6 PerGrenerfors { 10.24.07 at 2:35 am }

This very topic came up in a nerdy discussion just the other day, thanks for clearing things up!

7 slayerjr { 10.24.07 at 4:08 am }

jdoc’s experience is a typical tale of Apple competence. I remember my first re-install and upgrade of OSX. What would be a nightmare scenario in Windows turned into a brilliant result in record time on my new iMac. I was sold on Apple forever, right there and then.

That does not mean that Apple is perfect. OSX has many quirks to discover when you start tinkering under the hood so there’s plenty to keep hobbyists and enthusiasts busy, but the experience is first class computing pretty much each and every time.

Daniel, you are on a roll here so keep it up. Your style is slowly starting to infect the community psyche as more of us are demanding more balanced info from the Journalists and Bloggers who vie for our attention. I have also noticed a rising trend in IT publications to chronicle and expand upon the history of computing, something you have done so well for us already.

Personally I am shocked that such well balanced and intelligent opinion is able to compete with the shills who bombard us with made up headline issues daily… and even show them up. There may be some hope for humanity after all but don’t quote me on it. ;)

8 johnmac { 10.24.07 at 8:36 am }

Actually (NorCalBolt)I wonder whether the Crichton comment in the article does make sense given that the vast majority of scientific public opinion disagrees with Crichton.
Of course by scientists I dont mean those ice cream salesmen deputised as scientists by those organisations who wanted some more voices asserting that there is no such thing as global warning.

Crichton has come out with similar spuriousness in regards to “grey goo”. But hey – he is a great story teller, his job is to make unlikely things sound possible, something that Zetter failed at.

9 Good Dog { 10.24.07 at 8:40 am }

Hello, Daniel. This is a great article. Keep them coming.

Now, as to if you missed anything, there’s the bit on Michael Crichton: “What’s next, an article on global warming, interviewing science fictionalist Michael Crichton?”

From what I know, Crichton was an M.D. before he became a bestselling author, so he has a background in science. His web site discussing his views on global warming is quite thought provoking, similar to another favorite ‘myth busting’ site we all love, perhaps.

And, it’s important to remember that many scientists in the 1970′s and 80′s (Newsweek cover story) were just as convinced of Global Cooling as many scientists now are convinced of Global Warming, and treated any Global Cooling naysayer with the same degree of ridicule as certain groups of scientists and media now dish out to anyone not marching to the Global Warming Party Line.

At best, nobody really, truly knows what’s happening.

10 James { 10.24.07 at 9:28 am }

Why Daniel can’t you write this without all the personal attacks. Sarcastic remarks about Wired magazine’s title, their logo, and even the layout of the headline is both irrelevant and childish. I know that this stuff infests Internet forums, and is of course the only way the Bushies know to react to critics, but to me it just leaves a sour taste in the mouth, and the impression that you don’t actually have much confidence in the technical arguments you are making. Mocking Wired for using an uppercase “i” in their headline, in particular is strange behaviour from someone whose own posts often contain typos and grammatical errors.

Other than that, a good article. Well done.

11 PerGrenerfors { 10.24.07 at 10:30 am }

I agree with James. Steering away from personal attacks is an imortant part of serious writing, as they do not in any way contribute to raised awareness. Wired was silly enough to publish the article, and simply pointing out the flaws is enough. You don’t need to poke them in the eye with a stick, Daniel.

RoughlyDrafted is a great read, and I’d be disappointed to see it go back to the Dvorak-is-an-idiot rants.

Off-topic: How about an article about the history of computer games? It’s a subject that I haven’t seen covered. Without doubt it, games have contributed to the stranglehold that Windows has on the software market. The history of OpenGL and DirectX? Considering the advantages in graphics that Macs had in the ’80s, it puzzles me that it wasn’t a stronger gaming platform with the rise of 3D games.

12 Wired falha ao comparar segurança do iPhone com a do Windows 95, diz colunista | AppleMania.info { 10.24.07 at 3:45 pm }

[...] detalhes no artigo completo de Dilger. [...]

13 Ch.Blackthorne { 10.24.07 at 3:51 pm }

I know this is off-topic, but…

“…Actually Michael Crichton’s Book ‘State of Fear’ is provided with footnotes and a full bibliography to support all the facts used in this fiction novel…”

Some people say Crichton’s would be more appropriately titled ‘State of Confusion’: check out the comments on realclimate.org. As for the footnote and bibliography, there’s a saying “The devil can quote scripture to serve his devices.” Ann Coulter also uses footnotes, but apparently feels that accuracy is something that only needs to be approximated. There’s a veritable cottage industry showing that her references often contradict her statements.

14 serfware { 10.24.07 at 4:16 pm }

“What’s next, an article on global warming, interviewing science fictionalist Michael Crichton?”

What…? As opposed to science fictionalist Al Gore?

15 kzetter { 10.24.07 at 5:28 pm }

Much of what Dan finds objectionable about this piece was added by the editor, Kevin Poulsen, who also came up with the premise for the story. If readers have a problem with the piece, I’m sure Kevin would be open to discussing it with them.

16 danieleran { 10.24.07 at 5:37 pm }

(From the Forum)

Several journalists I have talked to have made it clear that they don’t write their own headlines, and frequently can’t print the story as they wished to cover it. In many cases, this is because the editors they work for push to sensationalize the news to make it more marketable. It is common for editors to lay out a story idea and then expect a writer to fill it out as an assignment; rather than actually covering a subject as journalists, they’re simply given a writing assignment to print the equivalent of marketing copy. This is what I complain about in regards to ‘modern journalism.’

Who would read an article in Wired about iPhone security if it did not suggest the sky was falling? From that perspective, I may have directed too much complaint at Kim Zetter, because I don’t know her actual circumstances in writing for Wired. The tone of the article could very well have been dictated as part of the assignment.

I have been interviewed by journalists (and talked to others who have) and have frequently seen occasions where a writer will indicate that they are not interested in facts that don’t contribute toward the slant they wanted (or are commissioned) to deliver. In other circumstances, I’ve been quoted or edited in ways that lift the words I used to say things I did not.

On the other hand, I could have given Zetter props for not citing a blurb from Rob Enderle. There’s no doubt she had to valiantly fend off his advances.

17 UnnDunn { 10.24.07 at 6:29 pm }

Wow, Daniel, rationalize much?

When Microsoft let all applications run as the Windows equivalent of “root”, it was bad but when they locked the system down in XP SP2 and Vista, it was STILL bad? UAC has been universally panned as a “sad realization” because an Apple ad told you so?

Conversely, when Apple allows all applications to run as root in the iPhone, it’s GOOD?

Can Apple do ANYTHING wrong, in your eyes? Can Microsoft do anything RIGHT? Or are you just another Apple fanboy with a popular blog, spouting the popular anti-Microsoft rhetoric of the day?

iPhone running its apps as root may not be the huge problem Zetter suggests it is, but it IS a problem that could very well rear its head sooner rather than later, and it’s something Apple should not have allowed to happen, period.

18 LunaticSX { 10.24.07 at 6:35 pm }

Daniel, if you want to keep in your “zingers” like pointing out Wired’s colorschemes and typographic inconsistencies, I’d suggest doing it in footnotes, like this:

“At first blush, an article about wireless devices in Wired Magazine seems a bit contradictory.[1]

(Continue with the info that Zetter single-sourced her story)

[1]Then again, this is a publication that differentiated itself by putting frantic yellow text on lime green pages. Perhaps ‘Wired’ is really just an allusion to hypercaffeination. It also seems ironic that Zetter’s headline, “IPhone’s Security Rivals Windows 95 (No, That’s Not Good),” slavishly conforms to conservative style guidelines that refrain from starting a sentence with trademark that is not supposed start with a capital letter.

Dear Wired: you print your own name in wildly alternating fonts; live a little and print a headline that starts will a small letter. I dare you.”

One could say that it’s a bit ironic in an article where you criticize a magazine columnist for the flaws in her journalism that you’re leading off yourself with what could be seen as petty attacks on style, rather than focusing on the substantive claims.

Footnotes are an accepted means to add “editorializing,” while keeping the body of the article focused on hard facts.

Anyway, there are enough problems with the basic facts in what pundits, analysts, and so-called “journalists” write that pointing out those flaws alone are enough for full-length aticles!

P.S. One thing that I’m really looking forward to in Leopard is the addition of a built-in grammar checker, which will hopefully detect “that/than/then” errors and typos such as “Yes, and what phone has fewer privileges that the iPhone?,” above.

19 kzetter { 10.24.07 at 6:58 pm }

A P.S. to my earlier note. Dan is incorrect that the story has only one source. It has three sources — Dan Geer, Charlie Miller, and HD Moore. I also spoke with a fourth source — Rik Farrow — about the root issue. Farrow, a security consultant, was invited to speak with Apple’s staff last year about security issues. He is quoted, along with Moore, in the first piece I wrote about the iPhone security issue that was published a few days earlier. He said pretty much the same thing that Moore, Geer and Miller said. Therefore, Geer is not alone in criticizing Apple for this.

As for the swipe at Geer’s expertise, I think Geer’s reputation speaks for itself. He doesn’t need me to defend him.

20 makomk { 10.25.07 at 5:11 am }

I’m sorry, but you seem to be a bit out of touch with the current security situation. It’s no longer true that “even the most determined user can’t run software of any kind on it without using other hardware and the Unix command line to break down its security skin first.”.

In fact, all someone has to do to get code running on their iPhone is visit the right (or wrong) website in Mobile Safari, thanks to a vulnerability in libtiff that was fixed a year or so ago. (Apple really aren’t too great at keeping up with security updates to software provided by other people.) As far as I know, Apple still haven’t released a patch for this security vulnerability.

The thing about web browsers is that (a) they’re complicated software and (b) they’re exposed to untrusted and potentially malicious content all the time. That’s why Microsoft sandboxed Internet Explorer in Vista. As far as security risks go, including a full-featured web browser has to rank much higher than allowing third-party software.

(Incidentally, not running everything as root does make sense on the iPhone. Since all applications run as root, if someone manages to find and exploit a security vulnerability they can do anything they like – including installing a persistent backdoor on the system. If all the apps ran as a normal user, then an attacker probably wouldn’t be able to make their code survive a reboot.)

21 vulgaris { 10.25.07 at 10:53 am }

I don’t get it. so if running as a user with all permissions that the user really needs to have is inevitable, why a few years ago for the same reason, everyone blamed MS of war crime? frankly tell me what I’m missing here.

22 kpfeil { 10.26.07 at 10:54 am }

Ok,

So you’ve trashed the grammar, fonts and looks of a magazine. You insult a good reporter based upon one misinterpreted article. You also successfully regurgitated a fragment of what UAC is about for the less Windows-inclined. Congrats on a fine article. (Smell that? It’s sarcasm). You have failed to demonstrate, however, why running everything as root is not a “bad thing”. That was the whole gist of the wired article to begin with.

Your comment “There’s simply no way to run code on the iPhone, outside of its web application platform within Safari.” only demonstrates your ignorance of security models to begin with and does nothing for your own credibility.

Case in point here:

“Are Zetter and the iPhone Root Scare Mongers really trying to say that Apple could design the iPhone so that users wouldn’t have access to their own data, or wouldn’t have permission to use the camera or to send messages?”

Umm, do you *need* root privs to send a message or access your data? You shouldn’t.

“Any compromised user account could do everything the user can do.”

Which should be *limited*. Not all-or-nothing.

“User permission limitations only matter if you have multiple users and don’t trust some of them. ”

That’s the whole point. There *are* multiple users. There are millions of them on the internet. Do you trust all of them? You might want to get a little more familiar with the Metasploit project before making such an asinine assumption.

The only thing you said that makes any sense to the security-minded person is:

“Real security is an engineering effort, not a marketing exercise.”

It’s too bad that this statement flies directly in the face of everything else you write in this article (which incidently looks more like an iPhone commercial than a factual article).

As for the title of your “article”, where exactly is this “Security Myth” your talking about? That running as root could be hazardous to your computing health, except on the iPhone?

Ken

23 Kevin Poulsen Attacks Ron Paul, iPhone, Mac Users In a Single Broad Brush of Wired Incompetence. — RoughlyDrafted Magazine { 11.06.07 at 6:31 pm }

[...] Kim Zetter and the iPhone Root Security Myth [...]

24 Biggest Freaks: Ron Paul Supporters or Apple Geeks « Carsons Post { 11.08.07 at 7:44 pm }

[...] that iPhone security is a-okay, blogger Daniel Eran Dilger falsely accuses Kim of basing the entire article on a single source. (Three sources are named in the Wired [...]

25 UnWired! Rick Farrow, Metasploit, and My iPhone Security Interview — RoughlyDrafted Magazine { 11.20.07 at 4:13 am }

[...] and cited a comment from me at the end. Here’s the rest of the story on iPhone security. Kim Zetter and the iPhone Root Security Myth Cross Wired. Kim Zetter took exception with my criticism of her Wired article, and unfortunately [...]

26 Why Microsoft’s Copy-Killing Has Reached a Dead End. — RoughlyDrafted Magazine { 12.16.07 at 7:11 pm }

[...] The Web Browser Renaissance: Firefox and Safari Kim Zetter and the iPhone Root Security Myth: The Root Myth [...]

27 Vista vs Mac OS X Security: Why George Ou’s ZDNet Vulnerability Numerology is Absurd — RoughlyDrafted Magazine { 12.21.07 at 12:35 am }

[...] UnWired! Rick Farrow, Metasploit, and My iPhone Security Interview Kevin Poulsen Attacks Ron Paul, iPhone, Mac Users In a Single Broad Brush of Wired Incompetence Kim Zetter and the iPhone Root Security Myth [...]

28 Tom Krazit of CNET and Eric Savitz of Barrons Deny the Jesus Phone — RoughlyDrafted Magazine { 01.26.08 at 6:35 am }

[...] iPhone Price and Profits vs Nokia, LG, HTC, RIM, Palm UnWired! Rick Farrow, Metasploit, and My iPhone Security Interview Kevin Poulsen Attacks Ron Paul, iPhone, Mac Users In a Single Broad Brush of Wired Incompetence Kim Zetter and the iPhone Root Security Myth [...]

29 yuhong { 03.14.08 at 1:23 am }

You do have some good points about the limitations of security in modern OSes, but the comparison is fundementally unfair. The iPhone’s OS should really be compared against things like Windows Mobile and Windows CE, NOT desktop or server versions of Windows.

30 yuhong { 03.14.08 at 1:49 am }

For example, there is a reason why the iPhone is more locked down than Windows. And it applies to other mobile devices also.

31 CanSecWest and Swiss Federal Institute of Tech Deliver Attacks on the Reality of Mac Security — RoughlyDrafted Magazine { 03.28.08 at 4:37 am }

[...] Kim Zetter and the iPhone Root Security Myth UnWired! Rick Farrow, Metasploit, and My iPhone Security Interview The Theory of Vulnerability. Many of those same principles that prevented Miller’s prognostication of dire woe for iPhone users from coming to pass have similarly protected Mac users from actually suffering from any of the theoretical vulnerabilities reported for their platform. While Windows Enthusiasts like to suggest that the only thing preventing a Mac malware meltdown is the platform’s relatively low market share compared to Windows, that idea is both wrong and deceptively simplistic. [...]

32 Google’s Android Market Guarantees Problems for Users — RoughlyDrafted Magazine { 08.30.08 at 12:06 am }

[...] UnWired! Rick Farrow, Metasploit, and My iPhone Security Interview Kim Zetter and the iPhone Root Security Myth [...]

33 ryanmatic » Blog Archive » Once again, Wired misses the point { 09.12.08 at 1:15 pm }

[...] since Wired apparently decided it hates Apple (apparently a lot), its left the door wide open for making absurd claims about the superiority of [...]

34 Boycott Novell » What is This… Munchkins Again? { 11.09.08 at 8:48 pm }

[...] things like Windows Mobile and Windows CE, NOT desktop or server versions of Windows.” < http://www.roughlydrafted.com/2007/10/23/kim-z&#8230; [...]

35 Boycott Novell » IRC: #boycottnovell @ FreeNode: November 10th, 2008 - Part 1 { 11.11.08 at 4:54 am }

[...] things like Windows Mobile and Windows CE, NOT desktop or server versions of Windows.” < http://www.roughlydrafted.com/2007/10&#8230; [...]

You must log in to post a comment.