Larry-G
08-11-11, 18:05
http://cdn0.afterdawn.fi/v3/news/apple-official-logo-ONLYUSETHISONELOL.jpg
Security research Charlie Miller recently found a problem in iOS which could allow an app to give remote access to a device.
After receiving no response from Apple when he reported the problem more than two weeks ago, Miller submitted an app to the iTunes App Store which takes advantage of the vulnerabililty. He then went public with the information, after which Apple rewarded him for his trouble by kicking him out of the iOS Developer Program.
In an article published yesterday, Miller was quoted, saying: (via Forbes):
Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check. With this bug, you can?t be assured of anything you download from the App Store behaving nicely.
It's hard to understand why Apple, after dropping the ball themselves by failing to act on Miller's warning, would draw more attention to their own failure like this. Then again, it's hard to understand why Apple does a lot of things.
Before his app was pulled and his developer privileges revoked, Miller made a video demonstrating the problem.
http://www.youtube.com/watch?v=ynTtuwQYNmk&feature=player_embedded
http://www.afterdawn.com/news/article.cfm/2011/11/08/apple_boots_researcher_from_developer_program_for_ publicizing_ios_vulnerability
Security research Charlie Miller recently found a problem in iOS which could allow an app to give remote access to a device.
After receiving no response from Apple when he reported the problem more than two weeks ago, Miller submitted an app to the iTunes App Store which takes advantage of the vulnerabililty. He then went public with the information, after which Apple rewarded him for his trouble by kicking him out of the iOS Developer Program.
In an article published yesterday, Miller was quoted, saying: (via Forbes):
Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check. With this bug, you can?t be assured of anything you download from the App Store behaving nicely.
It's hard to understand why Apple, after dropping the ball themselves by failing to act on Miller's warning, would draw more attention to their own failure like this. Then again, it's hard to understand why Apple does a lot of things.
Before his app was pulled and his developer privileges revoked, Miller made a video demonstrating the problem.
http://www.youtube.com/watch?v=ynTtuwQYNmk&feature=player_embedded
http://www.afterdawn.com/news/article.cfm/2011/11/08/apple_boots_researcher_from_developer_program_for_ publicizing_ios_vulnerability