SecurityResearcher
Latest
Charlie Miller's latest iOS hack gets into the App Store, gets him tossed out (video)
This isn't the first brush Apple's iOS platform has had with apps that exploit security holes to run unsigned code, but according to the developer of InstaStock, this may be the first to get a security researcher booted from its developer program. Charlie Miller shared his discovery with Forbes earlier today, showing off an app which successfully made it through Apple's approval process despite packing the ability to download and run unsigned code. That could allow a malicious app to access user data or activate hardware features remotely. Apple pulled the app after the findings were published, and according to Miller, revoked his developer access shortly afterward for what seems to be a clear violation of the guidelines. He told CNET that he alerted Apple to the exploit three weeks ago, however it's unknown whether or not a fix for the problem is included in the new 5.0.1 version of iOS that's currently in testing. He'll be explaining his method in more detail next week at SysCan, but until the hole is confirmed closed we'd probably keep a tight leash on our app store browsing. [Thanks to everyone who sent this in]
Charlie Miller discusses iOS security and MacBook battery hacking with Tom's Hardware
Charlie Miller is a household name for those interested in Mac and iOS security. He was the first to hack the iPhone back in 2007, is a Pwn2Own veteran, and recently uncovered a battery firmware hack he'll discuss at the upcoming Black Hat 2011 Conference. Miller recently sat down with Tom's Hardware and talked about security, cloud computing, hardware hacks and more. It's a six-page interview, so get a hot cup of coffee, lean back in that lounger and prepare for a nice long read.
