Exploit was demonstrated by uploading malicious app to App Store.
A security expert, Charlie Miller, recently discovered a security flaw in Apple’s iOS platform, which basically allows developers to run unsigned code remotely on an approved app.
The things is, though, that despite being a White Hat hacker, Miller didn’t inform Apple of this vulnerability directly. Instead, he uploaded a malicious app to the App Store, and once it was authorized on the App Store, he created a video showing how he could run unsigned code that Apple isn’t even aware of, on an app that they have approved.
Obviously the idea is to show how dangerous this can be for consumers, but Apple didn’t take this show lightly. “Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” says Miller. “With this bug, you can’t be assured of anything you download from the App Store behaving nicely.”
Late yesterday Apple banned Miller from the App Store and the Developers Program. At this point Miller tweeted about the incident by writing, “First they give researcher’s access to developer programs, (although I paid for mine) then they kick them out.. for doing research.”
I find it hard to blame Apple on this one, because the ban is justified just on principal alone; Miller clearly violated the App Store agreement by uploading an app whose purpose was to allow malicious content to be run on the iOS device. Furthermore, Miller could have brought this security flaw to the attention of Apple directly, but the manner in which it was displayed showed signs of displaying his hacking skills rather than warn Apple.
As far as uploading the malicious app, Miller tweets, “For the record, without a real app in the AppStore, people would say Apple wouldn’t approve an app that took advantage of this flaw.”
Whether this ban was justified or not, it certainly shows what not to do when a security flaw is discovered in the App Store.