Regarding TestFlight and Malwarebytes

[Amaroq_Starwind]

One of the benefits of using TestFlight is that it enables distributing applications which would otherwise not be allowable on the App Store.

 

So this makes me wonder... Could we get iOS Anti-Malware capabilities via TestFlight?

[alvarnell]

If you are currently signed up for this beta test program, then TestFlight is what is used to distribute beta versions of iOS Anti-Malware. The App Store has the current release version.

[Amaroq_Starwind]

Not what I meant.

Malwarebytes for iOS is not an Anti-Malware program. Actual "find and remove malicious software from my phone" capabilities are something Apple doesn't want on the App Store.

[alvarnell]

Unless you have a jailbroken iPhone, there isn't any known malicious software on it (unless you consider PUPs to be malicious) so an Anti-Malware program would not be able to find anything.

[Amaroq_Starwind]

You don't necessarily know that. iOS has had security vulnerabilities before, and malicious software has mistakenly gotten onto the App Store as well. There's countless ways a threat could pop up.

[alvarnell]

Of course there are vulnerabilities, but as I said in order to find a threat you have to know about it in order to scan for it. If anti-malware is ever able to implement an effective Heuristic method of finding zero day infections, then there could be a market for such software, but the technology certainly isn't available today and Malwarebytes isn't known for pursuing such an approach.

[treed]

There is rare malware that can get on the phone without a jailbreak. This is typically nation-state malware, relying on million-dollar (or more) vulnerabilities, like the Pegasus malware.

However, that's irrelevant, as even with beta apps, there is no way to scan an iPhone for malware without jailbreaking it. Beta apps are sandboxed just like apps from the App Store, and they can't scan the file system on iOS any more than approved apps can. (Also, beta apps have to go through an approval process as well.)

[Amaroq_Starwind]

22 hours ago, treed said:

(Also, beta apps have to go through an approval process as well.)

Okay, that raises some serious questions, such as how some of the apps I use every day even got approved for beta.

I wonder what it would take to convince Apple to approve a non-sandboxed Anti-Malware solution on their mobile platforms.

[alvarnell]

23 minutes ago, Amaroq_Starwind said:

I wonder what it would take to convince Apple to approve a non-sandboxed Anti-Malware solution on their mobile platforms.

Clearly any serious outbreak of malware starting to show up on the average user's iDevices.

[Amaroq_Starwind]

Maybe Malwarebytes should develop a prototype on jailbroken iOS devices, and then just license the code to Apple as something that could be built directly into future versions of iOS.

[alvarnell]

I find it hard to believe that Apple would be at all interested. They seem to have lost interest in fully protecting macOS with Apple built-in systems despite an upward trend in Mac malware (neither XProtect nor MRT have received updates for several months now, despite new malware and variants being positively identified and reported to them). 

Of course that could change should iOS malware actually become something other than a Nation sponsored thing.