Security researcher Charlie Miller revealed earlier today that he had found an exploit in Apple's iOS software that allows an App to run arbitrary code. Apple generally approves all code that is submitted to the AppStore and forbids the execution of un-approved code, but Miller discovered a way to bypass this restriction. Forbes writes:
Miller became suspicious of a possible flaw in the code signing of Apple’s mobile devices with the release of iOS 4.3 early last year. ... The researcher soon dug up a bug that allowed him to expand that code-running exception to any application he’d like.
Beyond discovering the bug, Miller went a step further and actually had an App submitted to the App Store which took advantage of this bug. The App was approved and was able to perform as expected:
Using his method–and Miller has already planted a sleeper app in Apple’s App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user’s photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.
Shortly after the news broke, Apple revoked Miller's developer account, citing a breach of the developer agreement.
“This letter serves as notice of termination of the iOS Developer Program License Agreement…between you and Apple,” the email read. “Effective immediately.”
Miller plans to present his findings at the SysCan conference in Taiwan next week.
Meanwhile Google is handing out bounties for stuff like this. Because why would you want to get (almost) free help from industry-leading professionals? Submitting it to the App Store probably wasn't the way to go, though.
It's one thing to find a security hole and professionally inform Apple, quite another to write an app to exploit it and announce you will tell the works how to do it in a conference in a week...
Charlie is a smart guy who makes some really stupid decisions.
Professional developers disclose issues in iOS to Apple through secure channels all the time without this media madness.
The iPhone 15 Pro Max will have the thinnest bezels of any smartphone, beating the record currently held by the Xiaomi 13. That's according to the leaker known as "Ice Universe," who has divulged accurate information about Apple's plans in the past.
Both iPhone 15 Pro models are expected to have thinner, curved bezels compared to the iPhone 14 Pro, potentially resulting in an Apple...
While year-over-year iPhone upgrades are not always groundbreaking, new features can begin to stack up over multiple generations. For example, the iPhone 15 Pro will be a notable upgrade for those who still have a three-year-old iPhone 12 Pro.
If you are still using an iPhone 12 Pro and are considering upgrading to the iPhone 15 Pro when it launches later this year, we have put together a...
While the iPhone 15 lineup is around six months away, there have already been plenty of rumors about the devices. Many new features and changes are expected for the iPhone 15 Pro models in particular, including a titanium frame and more.
Below, we have recapped 11 features rumored for iPhone 15 Pro models that are not expected to be available on the standard iPhone 15 and iPhone 15 Plus:A17...
Apple's high-end iPhone models have started at $999 in the U.S. since they first launched back in 2017 with the iPhone X, but could this finally be the year that starting price sees an increase?
This week also saw some more rumors about Apple's upcoming headset and the company's explorations in the booming AI industry as well as the release of a new round of beta updates, so read on for all...
Wednesday March 15, 2023 7:49 am PDT by Joe Rossignol
Apple's next-generation iPhone 15 Pro and iPhone 15 Pro Max will likely be more expensive than previous Pro models, according to Jeff Pu, a tech analyst at Hong Kong-based investment firm Haitong International Securities.
In a research note this week, Pu predicted the iPhone 15 Pro models will see a price increase due to several rumored hardware upgrades, including a titanium frame,...
A first-generation iPhone still sealed inside its box sold for $54,904 at auction, which is more than $54,000 over the original $599 price tag of the device when it was released in 2007.
The original iPhone was put up for sale by RR Auction on behalf of a former Apple employee who purchased it back when it first came out. Back in February, an original, sealed iPhone sold for over $63,000,...
Apple on January 23 released iOS 16.3, delivering support for Security Keys for Apple IDs, changes to Emergency SOS functionality, support for the second-generation HomePod, and more.
Top Rated Comments
Charlie is a smart guy who makes some really stupid decisions.
Professional developers disclose issues in iOS to Apple through secure channels all the time without this media madness.
That pretty much explains why he submitted the app for approval.
I have no doubt that many would have said this wouldn't have got through if he simply revealed the flaw without submitting an app.
----------
He submitted the bug to Apple on Oct 17 according to the source article.
No company or person likes to be exploited. Miller should have revealed the findings instead of trying to take advantage of the flaw.