A forecast released by Arbor Networks suggests that the iPhone will become a major target for hackers in 2008. Do iPhone users have anything to worry about? Well, I'd say that all depends on whether there are enough users from the "stupid crowd" to target. After all, hackers follow the path of least resistance and go after the "stupid crowd"
Why bother going to the effort of targeting an exploit when you can get a user (a stupid user) to do the work for you?The term "stupid crowd" might seem harsh and unjust, but it's as good a label as any. This is the crowd that hackers have focused on for a few years now, especially as their techniques have had to shift from finding and making use of exploits to relying on social engineering instead. The "stupid crowd" is made up of those users who don't let anything get in their way when they're after that funny video, porn, a keygen or pirated movie. The "stupid crowd" click first and ask questions later (thinking doesn't seem to factor in the process at any stage). You must know people like this - they're a couple of rungs up the tech ladder from those who are still looking for the "any" key. Anyone who's had to throw away a PC because it was trashed by malware is a member of the "stupid crowd." If you share a PC with a member of the "stupid crowd," you have my sympathies.
The reason why hackers have so far concentrated their efforts on the Windows platform, not because all Windows users fall into the "stupid crowd" but because there's statistically a greater number of people in the crowd. Whether hackers shift their focus from Windows and direct it to other platforms depends on whether they feel that there is now a large enough pool of "stupid crowd" using say, Mac, Linux or the iPhone. While it's true that exploits do still crucial play a part in the hacker's plans, but their significance is decreasing. Why bother going to the effort of targeting an exploit when you can get a user (a stupid user) to do the work for you?
Stupid users are a fact of life. The more popular a product is the more of them will be in the user pool. Popularity brings them. And don't think that price is a barrier - I'm sure that you've seen plenty of sports cars driven by people who fall into this category. The question is whether the stupid group has achieved critical mass yet on a platform other than Windows. From talking to people who know far more about the dynamic and make up of hacker groups out there, I'm getting the impression that hackers are looking to expand the platforms that they target, and that Mac and iPhone are on the hit list.
Still, if you're not part of the "stupid crowd" (and if you're reading this, you're not) you have little to worry about.