iOS apps have more vulnerabilities than Android, says new report

iOS apps have more vulnerabilities than Android, says new report
Because of how the platform is designed, whenever we hear about malware or security threats in the mobile world, it tends to be pointed at Android, despite there being little evidence of anyone being at real risk outside of users in Russia or China who use a third-party app store. Now, a new report is claiming that the majority of app vulnerabilities exist in iOS apps, and they tend to be more severe as well.

The traditional thinking has been that because Apple locks down what apps are able to do on the platform and has a more strict app review process (not to mention a relative lack of malware), that the platform is safer overall, but mobile application security vendors Checkmarx and AppSec Labs say that isn't necessarily true. Their report claims that 40 percent of vulnerabilities in iOS apps were critical or high severity, compared to 36 percent of the Android vulnerabilities. 

The report didn't give exact figures but said the average mobile app had nine vulnerabilities, and iOS apps had more than Android apps. 

Leaking personal information was the most common vulnerability, at 27 percent of all flaws found. ID authentication and authorization problems were next with 23 percent. Plenty of other vulnerabilities were found, including cryptography weaknesses, disclosure of technical information such as application logs, and more.

source: Checkmark via CSO Online

FEATURED VIDEO

52 Comments

2. zeeBomb

Posts: 2318; Member since: Aug 14, 2014

This is going to be a fun article

46. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

In WWDC Tim cook said; 'Yep, most malware and viruses are in Android apps, not in iOS apps. After that, he showed this slide (below), which described Android as a "toxic hellstew of vulnerabilities." Which other organisation has a constant need to talk down others in order to reassure their own fellowship?

3. Tizo101

Posts: 515; Member since: Jun 05, 2015

popcorn in tow.

5. cheetah2k

Posts: 2149; Member since: Jan 16, 2011

Say it isn't so!!!!!!!!!!!!!! ROFLMAO

6. rick_mobile

Posts: 358; Member since: Dec 13, 2010

Ima start selling popcorn. I could make a killing here

7. NoToFanboys

Posts: 3231; Member since: Oct 03, 2015

cue the defenders

13. AlikMalix unregistered

I don't even know how to defend it even for the argument sake. It's such a blanket claim without one thing to try or test or fix or an explanation. I could make an article like that without anything to back it up - and see if it can be explained. Can someone explain at least what apps are showing volnerabilities? Which part of OS is letting it happen? Something....

17. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

http://www.gfi.com/blog/most-vulnerable-operating-systems-and-applications-in-2014/ According to this article of the most vulnerable OS' for 2014, Apple took first place with OS Xbox and second with iOS. Windows is in 4th with one version and Android didn't even make the list. LINUX rounds out the top 3. What's apps are potential dangers? All of them because you are relying on Apple to be honest and cat has them all. When you install Android apps, you are told what they access. Full transparentcy! Doesn't mean you won't get rogue apps, does mean u get an idea up front. If you sideline on any os it's always riskier. But Microsoft, Google search and others have never made false claims on security. It's always a work in progress.

44. marorun

Posts: 5029; Member since: Mar 30, 2015

You are so funny. I see such article about Android all the time and you Apple Trolls love to bash on android when its happen. Well i always said iOS was not really more secure than other mobile OS they all have vulnerabilities. Only difference is on iOS if you give the info outside of Apple walled garden they remove your dev access so you have to play nice and say nothing so end result is there is vulnerabilities but you dont even know they are there. Apple on other hand pay security firm to show out to the world Android vulnerabilities and tech website spread the info. Thats how propaganda work!

55. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

How am I trolling. Because i'm not fullish liek you. All operating systems are insecure. The problem with you Apple fans, if you think you're more secure than anyone else, when you're not. No one attacks OS X because there is nothign to gain. OSX isnt used in businesses where there is information worth taking. Those businesses use Windows/Unix/Linux based operating systems. Security through obscurity can't be possible on iOS because iOS has far more users vs Mac OS. In fact 4+times as much users. The reality is, it's a fact. There is no way apple can catch every single vulnerablity even in their own software. Windows is forced to work hard at security because of the clients who use them like world governments which dont use OSX except in special purpose. Its not trolling. We've known this already. You foolish fans are the ones who think Apple loves you and everything they do is for YOUR best interested. They are liars. They are no more honest than any other OEM. What is great is the disease known as IOS, can't hurt us Android uders. Android has flaws. The difference from us vs you foolish simpletons, is we have no false sense of security. We knwo havign an open OS means their could be issues. But here is a fact. Whether you use Android or iOS, there has been no confirmed occurrence that a specific person was knowing ever compromised. I've been using Windows for years, I have never been compromised. I have had 4 virus attacks since 1990 and 3 of the attacks were avoidable, but I caused them experimenting. Android users dont troll you fools. The problem is you guys loved being lied too because it makes you think you're better than others. You're an absolute moron. No software can ever be 100% secure. Closed source operating system are no safer than open ones. Windows has proved this for years. Apple who is terrible at making software can't do better than Microsoft even with less users. How many times do we need to repeat this fact before you dummies who think you are so smart understand? I dont troll, but I will attack you lack of common sense and you all obsession at being clueless and stupid on purpose.

57. Oxygen

Posts: 125; Member since: Mar 29, 2012

You're wasting your time, dude. This tool is too biased to hear reason. He even said that Apple Maps was great since day one when it's a well-known fact that its sucks, and even hardcore ifanboys were complaining about it back then.

58. Oxygen

Posts: 125; Member since: Mar 29, 2012

It's called being an hypocrite. lol

8. TSMan2

Posts: 363; Member since: Aug 20, 2015

Loading...

9. AlikMalix unregistered

"The report didn't give exact figures but said the average mobile app had nine vulnerabilities, and iOS apps had more than Android apps." So basically vapor, absolutely nothing to go on, nothing to lookout for? Anything as proof? There were at least 3 android volnurabilitoes reported that also include apps that root your iPhone behind your back and makes them unusable. Those reports were specific and detailed on what is happening and who is affected. This report is buncha baloney, almost feels like damage control for all they crap happening to android. Take this article with a grain of salt - will look for real news about this - if it really exists - in next few days, otherwise I call bulls**t especially the fact that you can control app permissions and what they're allowed to access on a item by item basis. They didn't even mention ONE APP as an example, for crying out loud!

12. TSMan2

Posts: 363; Member since: Aug 20, 2015

This not even a news. This that iOS is more vulnerable than Android is known all those years. Just google 'Android Vulnerability Statistics' and 'Apple iOS Vulnerability Statistics' and you will see year by year so far.

29. engineer-1701d unregistered

apples hush money will be kicking in soon i give it 12 hours untill no story and apples reports they are the safest

50. marorun

Posts: 5029; Member since: Mar 30, 2015

Yep thats how its work. They will pay a few security firm to lash out on android OS and there we go its will be on all tech website. Ofcourse we dont get much info about what exactly is wrong with Apple iOS vulnerabilities because if they get into detail they get kicked out of the dev account they have..

53. AlikMalix unregistered

Do you and moronrun really believe your own bs, that you come up with? Is this just to convince yourself Apple is bad and android is the devine?

56. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

We have proved this is fact. Apple does pay hush money. All operating system are vulnerable. It doesn't matter if one is more vulnerable than another. The fact is they are all equal. Because all have vulnerabilities. as long as you have one, you have more than one. NO OS IS SECURE...PERIOD. I dont care who make sit, who owns it and who watches it. Apple does pay hush money. We've seen it happen as fact. PA even published an article about it. How apple threaten sites who showed their phone bending would be removed from the list of receiving devices to review. I could care less.if it was me. I'd wrote them back and tell then F#$@ your worthless piece of S$@#. I don't need or want to review them. In fact I wont even buy them to even do a review. If Google or Microsoft had lied about products to consumers, they'd be in court in a heartbeat. But its always ok for Apple to do wrong and not get called out. When we do call them out, we have to be haters and trolls. Actually you all are the haters and the trolls for believing Apple's bull$#%@ in the first place.

59. AlikMalix unregistered

Techie you're twisting it. Apple submitted the German site a device to review - not destroy!!! Given that any phone bends under some pressure some bend even under less pressure than the iPhone 6+ isn't the issue - the issue was that the iPhone 6+ was singled out from the rest making people think it's a problem - when it's just isn't as rigit as others. But instead of reviewing the device, its performance, screen, operating system, usability, feel - they just destroyed it. Apple wouldn't say a thing if the review was good or bad - but you're singling out ONE product for cheap clicks - you're going to make someone upset. It's like taking a slow car and saying its defective because there are other cars that are faster. It's not a design flaw, but a bad choice of material used. Like using four cylinders instead of six. Yeah the iPhone 6+ was easier to bend, but is it a defective device - no! Because you can still use it just gotta be more careful not to sit on it. Duh!

16. willard12 unregistered

Be safe out there.

22. Commentator

Posts: 3722; Member since: Aug 16, 2011

Don't be surprised. When an article against Android comes out it's derided for being biased and unfounded. When an article against Apple comes out it's applauded for being airtight and exact. The particulars don't matter, nor does the source. I'm not saying this article is incorrect. It probably IS correct (because, newsflash, they usually are). Just pointing out a double-standard that exists in the commentary.

52. marorun

Posts: 5029; Member since: Mar 30, 2015

All OS have vulnerabilities.. Apple try to keep the one they have as invisible as possible thats what sad.. they also pay security firm to do those report on android.

28. engineer-1701d unregistered

apple doesn't give exact figures when they say they sold 75 million iphone up from last year that's just not possible do the math, this is how we android users feel every time an apple fan article comes out badgering android os

45. marorun

Posts: 5029; Member since: Mar 30, 2015

You are so funny. I see such article about Android all the time and you Apple Trolls love to bash on android when its happen. Well i always said iOS was not really more secure than other mobile OS they all have vulnerabilities. Only difference is on iOS if you give the info outside of Apple walled garden they remove your dev access so you have to play nice and say nothing so end result is there is vulnerabilities but you dont even know they are there. Apple on other hand pay security firm to show out to the world Android vulnerabilities and tech website spread the info. Thats how propaganda work!

10. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

I have caramel, butter and cheese popcorn. I can't wait. Let's see what other things it's is bad at? Oh yeah, it's crashes more app that all versions of Android combined. iT's Obvious Security is not in iOS. i Oppose Security No one is secure. But since the Ifans have been lied too for years... Wait. Jailbreaks though lauded, are made possible by security holes. Yet Ifans aren't against it. But bash routers who want to root for more power than they already get. The most advanced insecure operating system in the world. This article should get 50 pages of comments. Anyways, has there actually been a recorded successful hack of a person actually using their phone? Not these, see if u can break out software for money contests.

38. Wiencon

Posts: 2278; Member since: Aug 06, 2014

Why do you need popcorn when you are the main troll on this site? I don't think you get the idea of "grabs popcorn"

15. TSMan2

Posts: 363; Member since: Aug 20, 2015

'and iOS apps had more than Android apps' Really?:) Cool story.

24. TechieXP1969

Posts: 14967; Member since: Sep 25, 2013

The fact is none of this matters. I may crack some jokes, but the reality is simple. Software can never be secure from hackers. All software is vulnerable, zoom can be cool like give you advantages in games, or be bad and wipe out years of photo collections. Software is vulnerable by nature. Software is like a big city, the mores streets (lines of code), the more places crimes (hacks) can take place and no one will know. Just because your city is on an island (walled garden), doesn't make u more safe. It just means your crimes will be isolated to your city. Linux had an advantage to where issues could be worked on by many and get solved quicker. Even Apple and Microsoft with all their money, aren't Fort Knox, and they aren't quickly able to solves problems with their own stuff. The more people in your town (users) the harder it is to secure your city. I recall though with all software it's never finished; it's always work in progress; and security is a never ending battle.

25. MrElectrifyer

Posts: 3960; Member since: Oct 21, 2014

Hahaha, not surprised, it's apple's typical security by obscurity practice...more vulnerabilities, but they're swept under the rug and haven't been exploited much. betanews.com/2014/04/07/the-apple-myth-why-securit​y-through-obscurity-isnt-security/

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.