CYBERSECURITY CONCERNS OVER APPLE CASE
Cybersecurity experts are worried about the fallout from a Supreme Court ruling allowing customers to sue Apple over the prices in its App Store, claiming it could eventually lead to more unsecured apps being sold to consumers.
The Supreme Court ruled on Monday that a group of iPhone users can proceed with their class-action lawsuit against Apple, which claims that the company’s monopoly over the downloading of apps from its App Store drives up prices.
The case will now work its way through the lower courts, but at issue is the potential that Apple could be forced to allow users to download apps from third-party groups and not just the App Store.
The cyber angle: Experts warn that scenario could lead to a higher rate of malware infections from apps for Apple’s iOS devices.
Cyber experts see this issue in Android phones, with users already able to download apps from third-party sources easily, leading to a much higher rate of malware in Android phones than in iOS phones.
Renaud Deraison, the co-founder and chief technology officer of cyber exposure company Tenable, told The Hill that Apple’s current “stringent” review process for apps on the App Store has minimized the amount of malware that iOS users can download.
“While Apple’s review process can seem restrictive and arbitrary in some cases — it is one of the most stringent in the industry — it also actually helps keep users secure,” Deraison said.
“If Apple were mandated to allow third-party app stores to exist, the likelihood of malware-ridden apps would be high, as we’ve seen on platforms with multiple stores. That level of autonomy is definitely not in the customers’ best interest.”
Apple pushes back: Apple did not respond to request for comment for this story, but the company put out a statement following the Supreme Court’s ruling defending its App Store practices and denying that it ran a monopoly.
“We’re proud to have created the safest, most secure and trusted platform for customers and a great business opportunity for all developers around the world,” the company said.
The high-profile fight over its App Store has pit Apple against developers and consumers over the company’s 30 percent commission on apps sold. But the unintended cyber consequences have received little attention.
JT Keating, the vice president of product strategy at mobile security company Zimperium, compared the Supreme Court’s ruling to a “Rubik’s cube,” with consumer choice on one side and security of the apps on the other.
PAPER BALLOTS BILL: Sen. Ron Wyden (D-Ore.) and a group of 12 other senators introduced a bill Wednesday to mandate the use of paper ballots in U.S. elections and also ban all internet, Wi-Fi and mobile connections to voting machines in order to limit the potential for cyber interference.
Wyden’s office described the Protecting American Votes and Elections (PAVE) Act as “providing the strongest protections for American elections of any proposal currently before Congress.”
The legislation would also give the Department of Homeland Security the power to set minimum cybersecurity standards for U.S. voting machines, authorize a one-time $500 million grant program for states to buy ballot-scanning machines to count paper ballots and require states to conduct risk-limiting audits of all federal elections in order to detect any cyber hacks.
Among the bill’s co-sponsors are 2020 presidential candidates Sens. Bernie Sanders (I-Vt.), Elizabeth Warren (D-Mass.), Cory Booker (D-N.J.), Kirsten Gillibrand (D-N.Y.), and Kamala Harris (D-Calif.). Rep. Earl Blumenauer (D-Ore.) is planning to introduce a companion bill in the House.
“The Russian government interfered in American elections in 2016 and if we don’t stop them, they and other governments are going to do it again,” Wyden said in a statement. “The administration refuses to do what it takes to protect our democracy, so Congress has to step up. Our bill will give voters the confidence they need that our elections are secure.”