Apple Gazette logo

  • Home
  • News
  • iPhone
  • iPad
  • Mac
  • Apple Inc
  • Archives
  • Contact
  • Advertise
You are here: Home / Apps / App Store Security Vulnerability Allows Entry of Malicious Apps

App Store Security Vulnerability Allows Entry of Malicious Apps

November 8, 2011 by Mel 2 Comments

Apple critics have long complained about Apple’s walled garden policy that severely restricts the ability of just anyone to develop an app for the iPhone and then sell it. You need to play by Apple’s rules if you want to get inside the so-called garden. This policy may be generating some negative spin for Apple but by all accounts it does work. Apple does make sure that any app that enters the fold and is sold at the App Store is safe for everyone to use. But that assurance has been tarnished with the exposure of a security hole that allows an app that passed Apple’s review to turn rogue.

The vulnerability was revealed by Charlie Miller, an Apple security researcher. The app Miller developed was an innocuous looking stock checking app that communicates with a server located in Miller’s home. The app was reviewed by Apple and was deemed safe. It was made available in the App store. The shenanigan happens after the app is downloaded. The app’s code gets updated remotely and from here on in the app will be able to gather information stored on the phone and send it back to the server. The bad news is that the phone user won’t even have any idea that this is happening because it occurs in the background. The app takes advantage of a security hole in the mobile Safari app that will allow apps to run a code that has not been approved by Apple.

Apple has removed the app from the App Store and has also removed Miller from the Apple developer program.

 

 

Filed Under: Apps, iPhone Tagged With: App store, apple, security hole, vulnerabilities

About Mel

Comments

  1. TDW says

    November 8, 2011 at 6:08 pm

    So Apple’s response is to shoot the messenger ???

    Reply
  2. spenser says

    November 16, 2011 at 11:14 am

    No, he was the one who found the security hole and then tried to take advantage of it by creating the app.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Please prove you're human *

Your Favorite Posts

  • What to Do If Your Macbook Pro Screen Goes Black and Unresponsive
  • How to Turn Off an iPhone When the Screen Is Broken (Updated)
  • 12 Super Cool Things to Do on a Mac Computer
  • How to Turn Off MacBook Screen When Using External Monitor
  • Best Torrent Client for iPhone in 2020
  • Apple Watch Messages Not Syncing? Here’s What You Can Do

Disclaimer

Some of the links in our posts are affiliate links. That means we may earn a small amount when you make a purchase when clicking our links – at no extra cost to you. This helps us to carry on serving up all things Apple. Thank you!

Apple Gazette © 2021 Splashpress Media