- Status
stonedatheist
Distinguished
- May 13, 2010
- 37
- 0
- 18,580
Banning a white hat hacker that is helping them find potential threats in their OS? Apple has sunk to a new low.
Goldengoose
Distinguished
- Jul 12, 2011
- 119
- 0
- 18,640
Apple and their actions just remind me of a child. Give them advice and they throw it back in your face, have something they don't and they throw a tantrum and ask mummy to sort it (the current state of patents and courts).
Technically speaking, he did contravene the terms and conditions of the agreement. What did he expect would happen? That Apple would welcome him into the fold/offer him a job in the security department and pat him on the head?
ojas
Distinguished
- Feb 25, 2011
- 370
- 0
- 18,940
i really appreciate anyone who exposes security flaws in Apple's software/devices because they keep acting like they're not vulnerable.
While Google pays for each vulnerability that people discover in Chrome. I hope Miller embarrasses Apple real bad next time.
house70
Distinguished
- Apr 21, 2010
- 1,465
- 0
- 19,310
[citation][nom]thekanester[/nom]Technically speaking, he did contravene the terms and conditions of the agreement. What did he expect would happen? That Apple would welcome him into the fold/offer him a job in the security department and pat him on the head?[/citation]
Apple made the terms and conditions you mentioned, they could have bent their own rules for the greater good (and their own). It's not about that, it's about their stupid pride and claim they're secure by default; when someone points at the holes in their shoes, this is the answer.
Apple made the terms and conditions you mentioned, they could have bent their own rules for the greater good (and their own). It's not about that, it's about their stupid pride and claim they're secure by default; when someone points at the holes in their shoes, this is the answer.
[citation][nom]house70[/nom]Apple made the terms and conditions you mentioned, they could have bent their own rules for the greater good (and their own). It's not about that, it's about their stupid pride and claim they're secure by default; when someone points at the holes in their shoes, this is the answer.[/citation]
This is nonsense. He didn't get banned for finding the problem, pointing the problem out, or even telling them the problem, all of which he should have done. He got banned for deliberately adding an app to the app store which can leave any users phone vulnerable.
By banning him, Apple could have anticipated that it would get far more publicity and it's therefore clearly not an act of 'denial' or being 'controlling' or trying to stop people 'knowing about it'. They banned him to make it perfectly clear that while finding a virus is acceptable, deliberately spreading said virus is not. There is a big, big difference.
If someone finds an exploit in some software which can be exploited, they should simply develop a proof of concept, and privately demonstrate it to the company. Contrary to one or two misinformed comments on this comments section, he did not do this, but instead decided to go one step further and leave the mass market vulnerable to the virus. This is obviously, clearly irresponsible, and Apple were left with no choice but to stop him doing it
Ironically, Charlie Miller has repeatedly stated that iOS is far more secure than Android, so again that proves this isn't about trying to cover things up, it's just their only choice.
This is nonsense. He didn't get banned for finding the problem, pointing the problem out, or even telling them the problem, all of which he should have done. He got banned for deliberately adding an app to the app store which can leave any users phone vulnerable.
By banning him, Apple could have anticipated that it would get far more publicity and it's therefore clearly not an act of 'denial' or being 'controlling' or trying to stop people 'knowing about it'. They banned him to make it perfectly clear that while finding a virus is acceptable, deliberately spreading said virus is not. There is a big, big difference.
If someone finds an exploit in some software which can be exploited, they should simply develop a proof of concept, and privately demonstrate it to the company. Contrary to one or two misinformed comments on this comments section, he did not do this, but instead decided to go one step further and leave the mass market vulnerable to the virus. This is obviously, clearly irresponsible, and Apple were left with no choice but to stop him doing it
Ironically, Charlie Miller has repeatedly stated that iOS is far more secure than Android, so again that proves this isn't about trying to cover things up, it's just their only choice.
Also very interesting reading one of his recent tweets:
Quote:
'0xcharlie
@ioerror lol, cause google is nice, oh wait, they tried to get me fired when I reported my first android bug, nm.'
Seems like Google tried to take it one step further to sweep things under the rug.
http
/twitter.com/#!/0xcharlie
Quote:
'0xcharlie
@ioerror lol, cause google is nice, oh wait, they tried to get me fired when I reported my first android bug, nm.'
Seems like Google tried to take it one step further to sweep things under the rug.
http
/twitter.com/#!/0xcharliebillybobser
Distinguished
- Aug 25, 2011
- 107
- 0
- 18,630
lollers, but no one ever hacks apple because they're so awesome.
I imagine stealing money from people already willing to get shafted by apple would be much more profitable than attempting this kinda thing on others.
I imagine stealing money from people already willing to get shafted by apple would be much more profitable than attempting this kinda thing on others.
@watcha the problem is that this security expert made it public by posting a YouTube video about the app on the App Store, the real hackers are just sitting back and reading your silly comment.
- Nov 23, 2004
- 1,161
- 0
- 20,310
[citation][nom]watcha[/nom].....but instead decided to go one step further and leave the mass market vulnerable to the virus. This is obviously, clearly irresponsible, ......[/citation]
It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.
He did tell them. they just did not care. It is hard to hear people when you and rolling in money....
It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.
He did tell them. they just did not care. It is hard to hear people when you and rolling in money....
anonymous32111
Distinguished
- Dec 27, 2010
- 49
- 0
- 18,580
Sorta wish he just released malware without ever telling crapple about it, after the way they responded to this. Bad things happen to good people, so he must be doing something right.
[citation][nom]nukemaster[/nom]It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.He did tell them. they just did not care. It is hard to hear people when you and rolling in money....[/citation]
And is that compared to the relatively non-existent app screening process of Android? Relatively the screening process is still a success and has minor flaws every now and then. I don't expect perfection in software ever.
And is that compared to the relatively non-existent app screening process of Android? Relatively the screening process is still a success and has minor flaws every now and then. I don't expect perfection in software ever.
- Status
Similar threads
TRENDING THREADS
-
-
Question What graphics card does Dell Inspiron 15 use?
- Started by rege142
- Replies: 1
-
-
Solved! What is causing..my New high end (4090 Gpu) laptop, to crash sudden!...plz help
- Started by AsusRogstrix 16 RTX4090!
- Replies: 20
-
-
-
Question ios AND android: e2ee and self destructing text messages?
- Started by dangerouscake
- Replies: 0
Facebook
Twitter