More on iPhone Security

by rmtwrkr

After the last post that focused on how unintentionally the iPhone is a real bitch to free up for criminal types, I now will look at what could be done by Apple to make the iPhone completely locked down. For this you can look at Nokia’s E-Series smartphones as an excellent example of security featuresets. On my Nokia E61, you not only have Simlock codes, but also Devicelock codes. This adds a double-layer of security so that in the event that the Sim is removed, you still cannot access the Phone nor the MiniSD memory card. The only thing a thief could do is get the phone re-flashed with new firmware. So at the minimum at least your data is wiped out for sure. The other brilliant feature on Nokia’s E-Series (maybe other devices as well?) is the Remote Lock. Basically what you do is set a long password or string, and once this feature is switched on, then in the event that the phone is lost or stolen you can send an SMS from any other phone to your handset that contains the password string. It immediately locks down the device, Sim and all.

It would not be difficult to implement this on the iPhone in a future firmware update. But Apple could take it even further…

What about having every Picture that is taken with the iPhone, embedded with the Serial of the device? Maybe in the EXIF data? That way, IF someone took photos with it, and uploaded to a site like Flickr, Flickr could parse the data of the image, and send any ‘registered stolen’ phones to Apple or whoever is in charge of these things. Plus in the future, photos can and will be embedded with geodata, giving even more ways to identify who or where this was taken. Another thing I am waiting for is iPhone integration into OSX 10.5 server. Apple really needs the iPhone to be able to use the new groupware functionality of Leopard Server, and also the ability of the Server admins to ‘lockdown’ the iPhones connected if necessary.

Things like the Remote Lock/Administration are essentials in the Mobile I.T world. These sort of features are why Enterprise loves them some Blackberry. Big Business will give no chance to a handset without this, no matter how cool or good the device actually is.
So I think either Apple or 3rd party devs (in february) will have to take mobile security seriously on the iPhone, ‘if’ they want to enter the extremely lucrative Enterprise world.