Vendors should check for malicious content when developing applications, says Cloud services vice president The practice of “security by obscurity” on the Apple’s iOS needs to improve as smartphone adoption increases, according to Blue Coat US vice president of Cloud services, Anthony James.James, an ex-pat Australian who has worked in the US for 10 years with security companies such as Fortinet, said iOS users have been lulled into a false sense of security because Apple doesn’t check an application for security controls before it is published.“They’ve had this whole sense of security around to get an application published, you need to go through their scrutiny,” he said. “They don’t check for security controls but for inappropriate content with the app,” he said.He pointed out that a US principal research consultant called Charlie Miler was able to exploit a bug in iOS which could stock the Apple App Store with malware-infected apps. Miller built a fake stock ticker app, dubbed “Instastock,” as a proof-of-concept, then submitted it to Apple, who approved and placed it in the App Store in September 2011.“Apple has done a great job of security by obscurity,” James said. He also criticised Google, the developer of Android, for having an open operating system but said Android 4.0 did contain some security improvements.“If you look at Android 4.0, the Ice Cream Sandwich, they put in some enterprise management features,” he said.“We’re starting to see pressure on Google because what’s happening now is that corporate Australia is starting to dictate to these vendors that if they are going to allow these smartphones into their organisation they need to have some control,” he said.“That’s where we have seen Android take their first step into enterprise management capabilities so I see Google is going to be more active in that.”James, who was working on Cloud security offerings for release next year, said he was targeting four operating systems, iOS, Android, Blackberry and Windows Mobile.Got a security tip-off? Contact Hamish Barwick at hamish_barwick at idg.com.au Follow Hamish Barwick on Twitter: @HamishBarwickFollow Computerworld Australia on Twitter: @ComputerworldAU Related content news Okta confirms recent hack affected all customers within the affected system Contrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident. By Shweta Sharma Nov 30, 2023 3 mins Data Breach Cyberattacks Cybercrime news Top cybersecurity product news of the week New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Cycode, and more. By CSO staff Nov 30, 2023 17 mins Generative AI Security feature How to maintain a solid cybersecurity posture during a natural disaster Fire, flood, eathquake, hurricane, tornado: natural disasters are becoming more prevalent and they’re a threat to cybersecurity that isn’t always on a company’s radar. Here are some ways to prepare for the worst. By James Careless Nov 30, 2023 8 mins Security Operations Center Data and Information Security Security Practices news analysis Attackers could abuse Google's SSO integration with Windows for lateral movement Compromised Windows systems can enable attackers to gain access to Google Workspace and Google Cloud by stealing access tokens and plaintext passwords. By Lucian Constantin Nov 30, 2023 8 mins Multi-factor Authentication Single Sign-on Remote Access Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe