Developer sneaks in an app revealing iOS security flaw, gets kicked out of dev program
0. phoneArena 08 Nov 2011, 03:52 posted on
Charlie Miller found out an exploit in iOS which would allow apps to download malicious code after their App Store acception, but in order to prove it he decided to actually submit the application…
This is a discussion for a news. To read the whole news, click here
1. android_hitman (unregistered)
finally someone proved that apple is not so bulletproof as they think
8. iKingTrust (banned) (Posts: 716; Member since: 27 Jul 2011)
finally? Anyone with a brain knows that there is nothing as totally secure.
2. ivanko34 (Posts: 617; Member since: 04 Sep 2011)
Excommunicated of the apple church of bugology
3. protozeloz (Posts: 5396; Member since: 16 Sep 2010)
I think It might have not been so smart to do so. anyways I know people who would like to have him on their team, he is more than welcome to join XDA
5. ibap (Posts: 752; Member since: 09 Sep 2009)
"acception"? Does no one review these things before they're posted?
6. remixfa (Posts: 14255; Member since: 19 Dec 2008)
way to go MS for trying to capitalize on an opportunity to pick up someone smart enough to find long existing security flaws that no one else could. How long has iOS 4.3 been out and noone has noticed?
Like normal, I think apple way over reacted. But, such is apple.
7. Sniggly (Posts: 7305; Member since: 05 Dec 2009)
Wait... Google acts just as swiftly to get rid of malicious attacks and apps. Why put them down in this article?
9. blackrose (Posts: 48; Member since: 15 Apr 2011)
actually the guy told apple about it 3 weeks before it went into the app store and they choose not to pay any mind
10. downphoenix (Posts: 3155; Member since: 19 Jun 2010)
Im sure this dev DID share this information with Apple and Apple either did not acknowledge him or said that he was wrong. So he had to prove them he was right. Way to treat a developer. Hope he's smart and sticks with android or windows from now on instaed of fighting the ban.
11. gaby1451 (Posts: 114; Member since: 30 Mar 2011)
When you said, "Miller could have avoided that if he'd share the found exploits with Apple instead of just demonstrating it in their store." He actually did do just that.
According to Engadget Mobile, "He [Miller] told CNET that he alerted Apple to the exploit three weeks ago, however it's unknown whether or not a fix for the problem is included in the new 5.0.1 version of iOS that's currently in testing."
Still, rules are rules I suppose...