Apple has a reputation for being virus and malware-free, but a hacker has uncovered a potentially dangerous security flaw in the App Store. Charlie Miller, a Mac hacker and computer security researcher, has made a bit of a career finding and exposing flaws in Apple‘s software.
His latest discovery shows how the App Store, Apple’s tightly regulated marketplace for iOS apps and programs, could be compromised by code not approved by Apple, reports Forbes.
Miller’s method is to create a normal, Apple-approved app that is programmed to “call” a remote computer that can then use the app to gain access to the user’s phone. This remote computer can then issue commands such as downloading the address book, files stored on the device or even make it vibrate and ring.
Miller created a dummy app (which has since been removed from the app store) called Instastock, which displayed various stock tickers. The app, however, was also tied to Miller’s home computer where he could use the app to gain access to his phone. You can see Miller describe and discuss the app and his hacking process in the video below.
Forbes reports that Miller noticed the potential flaw when Apple released iOS 4.3, which allows javascript code from the web to run deep in the iOS device’s memory. In order to boost the web speed of its new operating system, Apple created an exception for the browser to run unapproved code — such as Miller’s hack — in a region of the device’s memory that had previously been inaccessible. Miller says it’s a flaw in Apple’s restriction on code signing.
Apple hasn’t issued an official response to Miller’s discovery, though Apple did revoke his developer license. Miller says he’s planning to talk about the flaw in more depth at the SysCan conference in Taiwan next week but has stayed mum on the exact details to give Apple more time to fix the security flaw.
Miller’s hack raises an interesting question on whether publicizing these potentially dangerous flaws are good for companies. Hackers (presumably white-hat) find flaws in systems so that companies and organizations can improve their products and safety measures. This practice becomes more controversial when the hackers are officially unaffiliated with the company or relative unknowns. The hackers essentially break the system to show it can be broken with the hope the company can, or will, fix it.
Are white-hat hackers a public service or a corporate nuisance? Let us know your opinions in the comments below.
More About: app store, apple, hacker, hacking, iOS
For more Dev & Design coverage:
- Follow Mashable Dev & Design on Twitter
- Become a Fan on Facebook
- Subscribe to the Dev & Design channel
- Download our free apps for Android, Mac, iPhone and iPad