Apple's iOS has emerged as the most spyware-proof mobile operating system in a test conducted by a surveillance software and hardware vendor.
Detailed in a leaked document apparently from the Gamma Group, a piece of its spyware called FinSpy was used to determine whether various mobile platforms could withstand snooping attempts on phone calls, contacts, and other data. In the document seen by the Washington Post and noted by Cult of Mac, FinSpy is "designed to help Law Enforcement and Intelligence Agencies to remotely monitor mobile phones and tablet devices."
FinSpy can gain full access to phone calls, text messages, the address book, and even the microphone via silent phone calls. It can also trace a device to determine its location. Used by law enforcement and government agencies, FinSpy has earned a reputation for itself as a powerful but controversial tool for sneaking into mobile devices. That's why iOS's ranking in the Gamma Group's document from April is a nod to Apple security.
Among the major mobile platforms cited in a chart in the document, all of them were susceptible to FinSpy. The spyware was able to bully its way into Android (all versions from 2.x.x to 4.4.x), BlackBerry (versions 5.x, 6.x., and 7.x), Symbian, and Windows Mobile 6.1 and 6.5 (Windows Phone 8 is not yet supported by the software).
And what of iOS? Apple's mobile OS did make the list but only in jailbroken mode. According to the Gamma team, iOS versions 4.3.x, 5.x, 6.x, and 7.0.x are vulnerable to FinSpy but an untethered jailbreak is required. As the document explains: "The iOS target (meaning the FinSpy software itself) can be installed only under iOS jailbroken devices."
So does this mean your iPhone is totally safe and secure against a product like FinSpy unless you jailbreak it? Unfortunately, few things are totally secure.
Apple's security is generally considered tight, at least in the mobile world, but certainly not impregnable. Researchers at Georgia Tech reportedly have cooked up a way to hack into an iOS device, according to Wired. The one caveat: a USB connection to a hacked computer is required.