Latest in App store

Image credit:

Charlie Miller's latest iOS hack gets into the App Store, gets him tossed out (video)

45 Shares
Share
Tweet
Share

Sponsored Links

This isn't the first brush Apple's iOS platform has had with apps that exploit security holes to run unsigned code, but according to the developer of InstaStock, this may be the first to get a security researcher booted from its developer program. Charlie Miller shared his discovery with Forbes earlier today, showing off an app which successfully made it through Apple's approval process despite packing the ability to download and run unsigned code. That could allow a malicious app to access user data or activate hardware features remotely. Apple pulled the app after the findings were published, and according to Miller, revoked his developer access shortly afterward for what seems to be a clear violation of the guidelines. He told CNET that he alerted Apple to the exploit three weeks ago, however it's unknown whether or not a fix for the problem is included in the new 5.0.1 version of iOS that's currently in testing. He'll be explaining his method in more detail next week at SysCan, but until the hole is confirmed closed we'd probably keep a tight leash on our app store browsing.

[Thanks to everyone who sent this in]



All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Share
45 Shares
Share
Tweet
Share

Popular on Engadget

Blizzard may reveal 'Diablo IV' at Blizzcon

Blizzard may reveal 'Diablo IV' at Blizzcon

View
Georgia court rules police need a warrant to get data from your car

Georgia court rules police need a warrant to get data from your car

View
Google adds seasonal Nest doorbell ringers in time for Halloween

Google adds seasonal Nest doorbell ringers in time for Halloween

View
NordVPN admits to 'isolated' server breach in Finland

NordVPN admits to 'isolated' server breach in Finland

View
Mitt Romney has a ridiculous Twitter alias: Pierre Delecto

Mitt Romney has a ridiculous Twitter alias: Pierre Delecto

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr