Is There A Security Bug in the iPhone?

Is There A Security Bug in the iPhone?

Since it’s release in 2007, Apples’ iOS has remained malware free, first for the iPhone and now the iPad. This is due to Apples highly rigorous attitude towards their apps and their app store. The process that a developer has to go through to get an app approved in their store can be overwhelming at times, to say the least. Not even something that looks vaguely rogue gets accepted, let alone gets downloaded to an iOS device.

Thus we see no malware on iOS devices, until now that is. Mac serial hacker Charlie Miller has found a vulnerable exploit within the iOS. He has even found a way to sneak an evil app on your iPhone or iPad without Apple’s knowledge.

Next week at the SysCan (security) conference in Taiwan, Miller plans to expose the exploit in the iOS. That exploit is within Apple’s restriction on code signing on iOS devices. This security measure allows only Apple approved commands to run in an iPhone or iPads memory.

Miller is such a good Mac hacker, he already has put an app in Mac’s app store to demonstrate its capabilities. It is capable of phoning a remote computer that downloads unapproved commands onto iOS devices and executes them to steal all of the owners personal information from photos, contacts, and making the device do obnoxious things like continuously vibrate or play sounds.

Miller claims this was research he was doing, but Apple has permanently terminated his developer’s license. He had created an app called Instastock, a simple app for stock tickers. Unaware of the apps capabilities Apple approved it. This app also served as a communicator between the app and with a server in Millers house, where he was able to execute any command he wanted. Miller won’t say what the exploit is until the conference next week, thus enabling Apple time to fix the bug. Can we expect to get a patch for our iOS devices? Is there more security holes within the iOS? What do you think?

Wayne Tempel is a freelance writer who has contributed to many articles on the web. You can follow him on Twitter.

This entry was posted in

Leave a Reply

­©2012 Powered by Blogger.