App Developer Discovers Security Flaw In iOS, Gets Licensed Revoked!

Charlie Miller on Monday discovered that there is a flaw in the security system for iOS. The app was able to run arbitrary codes. All the codes that are necessary for the standards of Apple were submitted and they were not able to identify the bypass.

He had found a bug that would allow the app to break the restrictions and access any data on the iOS. Instead of just discovering it, Miller decided to test out this bug. Miller developed an app containing the restricted codes and later the app was accepted and was available at the App Store.

As intended the app was able to bypass the security breach and contact the remote computer which allowed it to send and receive personal data on the iOS. Furthermore it was also able to play sounds, make the phone vibrate. Unknown commands were being executed from the remote computer. The app was also able to reach out and affect other apps by shutting them down maliciously.

As soon as the news reached Apple; Miller’s developer license was revoked. “This letter serves as notice of termination of the iOS Developer Program License Agreement… between you and Apple,” the email read. “Effective immediately.”

(Via Forbes)

If you found this post useful, hopefully hit the +1 (recommend) button ?

Researcher Reveals Security Vulnerability in iOS; Demos It In Apple Approved App; Gets Booted From App Store

Security researcher and a former National Security Agency analyst - Charlie Miller has revealed that he has found a major security vulnerability in iOS that could allow malicious code to be executed on the iOS device, which could be used by the attacker to steal the user’s photos, read contacts, make the phone vibrate or play sounds etc.

Forbes reports:

Miller became suspicious of a possible flaw in the code signing of Apple’s mobile devices with the release of iOS 4.3 early last year. To increase the speed of the phone’s browser, Miller noticed, Apple allowed javascript code from the Web to run on a much deeper level in the device’s memory than it had in previous versions of the operating system.

The researcher soon dug up a bug that allowed him to expand that code-running exception to any application he’d like. “Apple runs all these checks to make sure only the browser can use the exception,” he says. “But in this one weird little corner case, it’s possible. And then you don’t have to worry about code-signing any more at all.”

Miller also developed an app to show the vulnerability, which was briefly approved by Apple:

Miller, a former NSA analyst who now works as a researcher with consultancy Accuvant, created a proof-of-concept app called Instastock to show the vulnerability. The simple program appears to merely list stock tickers, but also communicates with a server in Miller’s house in St. Louis, pulling down and executing whatever new commands he wants. In the video below, he demonstrates it reading an iPhone’s files and making the phone vibrate. Miller applied for Instastock’s inclusion in the App Store and Apple approved the booby-trapped app.

Apple has quickly removed the app from the App Store and also terminated his developer license for breach for developer agreement.

“This letter serves as notice of termination of the iOS Developer Program License Agreement…between you and Apple,” the email read. “Effective immediately.”

This is not the first time Miller has found a security flaw in iOS. In 2009, he had discovered a security vulnerability in iPhone's messaging system.

Apple has a week's time to fix the security flaw as Miller plans to present his findings at the SysCan conference in Taiwan next week.

Do you think Apple has done the right thing by booting Miller out of App Store? Are you worried about the security vulnerability?

[via Forbes]

View the original article here