McAfee Labs' Gloomy 2011 Predictions & My Disagreement with the Blame Placed on Jailbreaking

Security software and services firm McAfee’s Labs group issued their gloomy 2011 predictions to depress everyone before the new year starts.

McAfee Labs Predicts Geolocation, Mobile Devices and Apple Will Top the List of Targets for Emerging Threats in 2011

Two of the nine dark predictions are mobile related. They are:

1. Exploiting Social Media: Geolocation services
I have to agree with this prediction and concern. Providing personal geo-presence information via social network services is a double edge sword.

2. Mobile: Usage is rising in the workplace, and so will attacks
This prediction bothers me even though I agree with it. I have a problem with identifying jailbreaking as a primary mobile threat of 2010. The act of jailbreaking is not a threat. The real threat is the security exploit that enables jailbreaking. The best known, perhaps, and easiest to understand example is the JailBreakMe now jailbreaking process for the iPhone revealed this past summer.

Brief Screen Tour of JailBreakMe on an iPhone 3G

It used a specially prepared PDF file with a payload that caused a buffer overrun in the Safari mobile browser on an iPhone or iPad. This was the threat (now closed) that enabled the jailbreak. The jailbreak was just one expression of the threat.

My disagreement with McAfee Labs’ assessment does not reduce their overall message, however. 2011, like every year before it, will probably be a nastier one than the previous year cyber-security-wise.