Blog #1

#1 iOS security and a bit of golfing.

I have always been a fan of blocked ports, and there is no reason to support open ports unless it is necessary. Out of curiosity I used Nmap on the iPhone and this is what I found: two open ports.
That means 2 potential ports are programs, and are accepting data. Why I say there is no reason to support open ports is because unless it is specifically a server that needs to accept connections, the entirety of the phone and operating system could be done with only client activity with closed ports on the iPhone. It's a security perspective I've taken, where when you can you adopt client programs that bind to servers on timers perhaps allowing the phone to properly operate with no ports open at all. For example, what previously operated as an open port and accepted data from Apple servers or whatever, could be changed to a closed port program that starts on bootup and communicates as a client on behalf of you to the Apple servers and otherwise. Open ports always leaves room for vulnerabilities and exploitation and given that the data is accepted into the operating system's open ports, why not close as many as possible?

Also, given that iOS has no AV (anti-virus) capabilties due to it's design, isn't this a little bit worrying that the phone has multiple open ports that can be attacked at any time? My phone is on the latest iPhone 17.0 Beta and is an iPhone 14 if you're wondering.

If it were up to me, I would make not only an Apple iOS in house antivirus, but would close all ports on devices that are not servers (ie. client devices iPhone, iPad etc.). The chips they have in the phones nowadays are so fast that if Apple were to do a nice machine learning artificial intelligence antivirus it would be incredibly quick, and if done properly could essentially entirely secure iOS. Not that it has problems that are known, but it does have two open ports inviting people to attack. With full admin rights over the system with Apple, the antivirus could be absolutely incredibly powerful with full domain over the whole phone etc., as opposed to the apps that are sandboxed and unable to access outside of their install.

Performing like Cylance, Darktrace, or any other AI only antivirus which analyzes system performance such as process memory, process behaviour, etc. this could be the next big thing for the Apple business. Honestly it's a little bit uncomfortable knowing that there are two open scannable ports on the phone without a lack of antivirus, but the lack of jailbreaking essentially nowadays secures the phone tremendously. That being said, a small hack with no antivirus on iOS even without jailbreaking could get GPS location and other data in the phone incredibly easy given the open ports.

This was all part of me golfing 18 holes near where I live. Sometimes I get extremely thoughtful during my golfing, and chatty about it. Golf is such a great sport for a relaxing talking time. I'm sure that's the reason it's the #1 business sport. Here's some pics and a video of the golf.

-Blake Burns