Top 10 Security Concerns with the new iPad

Well, you know it had to happen, with the iPad as the biggest story last week. Jonathan Abolins and I have come up with a few legitimate, and a few far-fetched security concerns about Apple's new iPad.

In this week's episode:

1- What's happening with the Streetwise Security Zone Podcast?

2- Highlighting an editorial on Identity Theft done by Jesse Hirsh of CBC Radio

3- How secure is the iPad?

3a - Which is more secure Windows PC's or MacOS, and does it matter?

4- Threatpost highlights geolocation and automation in hacker attacks on social media sites.

(Apologies for the split in recorded video, as well as the flashing picture from my webcam in the corner. You probably should only listen to the audio, rather than watching the video , if you don't want to have an epileptic seizure during the playback. Technical difficulties during recording, and no way to easily edit or splice the two segments back together... Next week's show will use an entirely different setup, which I think will be a big improvement in quality.)

Jesse Hirsh's blog: http://www.jessehirsh.com/

Mac vs. Windows security comparisons:

1. Why Mac's aren't immune to malware: http://www.eset.com/threat-center/blog/2009/09/08/is-apple%E2%80%99s-snow-leopard-immune-to-malware
2. CNET survey of security experts' opionions on Mac vs. Windows security: http://news.cnet.com/8301-27080_3-10444561-245.html

And, here's our Top 10 list:

Top 10 Security Concerns about the new Apple iPad

10. No USB port for a Yubikey (www.yubikey.com is a USB one-time password solution that Steve Gibson likes - google GRC Yubikey...) [typo in slides on video, not ubikey.com, but Yubikey.com)
9. You'll tend to create passwords that are easier to type on touch-pads than you used to have on laptops (easier to break)
8. Spin-rite won't work on an iPad because of the Flash memory (of course, you won't need to fix them the way you do hard drives anyway)
7. Speaking of Flash, there's no Adobe Flash for the iPad yet and probably not ever. Bogus iPad Flash Player applications will be offered on the Internet but they're really malware.
6. There will be a surge in Google adwords phishing ads for keywords:
            "FREE IPAD APPS" (it's happened already - sw)
5. New popups that say, "You need to download a new iPageTurn.dmg component before you can swipe to the next page" cause Koobface to make its debut on the iPad.
4. Shoulder surfing becomes easier than with the iPhone.
3. Like the iPhone, the iPad's encryption is weak.
(See http://news.cnet.com/8301-27080_3-10443800-245.html )
2. Since the iPad uses the same OS as the iPhone but is more powerful, it will give malicious coders opportunities for running the iPhone OS exploits that couldn't run on an iPhone.
1. With it's approx. 10x7.5x0.5 inch dimension, an iPad can get mixed in with papers going into a photocopier's autofeed..... CRUNCH.

(compiled with assistance from Jonathan Abolins - thanks JA!)

As a final note, I am still looking for a good technical setup for doing a co-hosted show with audio and video that can be recorded. In fact, I'm looking for co-hosts who would like to get into the live conversation. You don't have to be a security expert. But knowing something about business and technology would help. Having an opinion, and being able to express it passionately would also make you a good candidate. I don't need any commitment for more than one show, but if things work out well, maybe your participation could turn out to be a longer term feature.

As always, I am looking for comments and feedback. I am always looking for ways to make the content and format more consumable and compelling for people.

rate this post: