iOS Bug Allows Malware to Be Sold in Apple App Store

Status
Not open for further replies.

Goldengoose

Distinguished
Jul 12, 2011
119
0
18,640
3
Apple and their actions just remind me of a child. Give them advice and they throw it back in your face, have something they don't and they throw a tantrum and ask mummy to sort it (the current state of patents and courts).
 
G

Guest

Guest
Technically speaking, he did contravene the terms and conditions of the agreement. What did he expect would happen? That Apple would welcome him into the fold/offer him a job in the security department and pat him on the head?
 

digisol1

Distinguished
Nov 9, 2011
1
0
18,510
0
Looks to me he went and tried the proper channels and they were not receptive. To bad he is white hat, the skiddies will prolly leave apple alone - ask Sony how well it worked out for them when they went after geohot.
 

ojas

Distinguished
Feb 25, 2011
370
0
18,940
2
i really appreciate anyone who exposes security flaws in Apple's software/devices because they keep acting like they're not vulnerable.
Yesterday, Miller tweeted that he'd been kicked out of Apple's iOS developer program.
While Google pays for each vulnerability that people discover in Chrome. I hope Miller embarrasses Apple real bad next time.
 

house70

Distinguished
Apr 21, 2010
1,465
0
19,310
100
[citation][nom]thekanester[/nom]Technically speaking, he did contravene the terms and conditions of the agreement. What did he expect would happen? That Apple would welcome him into the fold/offer him a job in the security department and pat him on the head?[/citation]
Apple made the terms and conditions you mentioned, they could have bent their own rules for the greater good (and their own). It's not about that, it's about their stupid pride and claim they're secure by default; when someone points at the holes in their shoes, this is the answer.
 

watcha

Distinguished
Sep 2, 2007
950
0
18,930
0
[citation][nom]house70[/nom]Apple made the terms and conditions you mentioned, they could have bent their own rules for the greater good (and their own). It's not about that, it's about their stupid pride and claim they're secure by default; when someone points at the holes in their shoes, this is the answer.[/citation]

This is nonsense. He didn't get banned for finding the problem, pointing the problem out, or even telling them the problem, all of which he should have done. He got banned for deliberately adding an app to the app store which can leave any users phone vulnerable.

By banning him, Apple could have anticipated that it would get far more publicity and it's therefore clearly not an act of 'denial' or being 'controlling' or trying to stop people 'knowing about it'. They banned him to make it perfectly clear that while finding a virus is acceptable, deliberately spreading said virus is not. There is a big, big difference.

If someone finds an exploit in some software which can be exploited, they should simply develop a proof of concept, and privately demonstrate it to the company. Contrary to one or two misinformed comments on this comments section, he did not do this, but instead decided to go one step further and leave the mass market vulnerable to the virus. This is obviously, clearly irresponsible, and Apple were left with no choice but to stop him doing it

Ironically, Charlie Miller has repeatedly stated that iOS is far more secure than Android, so again that proves this isn't about trying to cover things up, it's just their only choice.
 

watcha

Distinguished
Sep 2, 2007
950
0
18,930
0
Also very interesting reading one of his recent tweets:

Quote:

'0xcharlie
@ioerror lol, cause google is nice, oh wait, they tried to get me fired when I reported my first android bug, nm.'

Seems like Google tried to take it one step further to sweep things under the rug.

http://twitter.com/#!/0xcharlie
 

billybobser

Distinguished
Aug 25, 2011
107
0
18,630
0
lollers, but no one ever hacks apple because they're so awesome.

I imagine stealing money from people already willing to get shafted by apple would be much more profitable than attempting this kinda thing on others.
 
G

Guest

Guest
@watcha the problem is that this security expert made it public by posting a YouTube video about the app on the App Store, the real hackers are just sitting back and reading your silly comment.
 

nukemaster

Distinguished
Moderator
[citation][nom]watcha[/nom].....but instead decided to go one step further and leave the mass market vulnerable to the virus. This is obviously, clearly irresponsible, ......[/citation]
It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.

He did tell them. they just did not care. It is hard to hear people when you and rolling in money....
 

anonymous32111

Distinguished
Dec 27, 2010
49
0
18,580
0
Sorta wish he just released malware without ever telling crapple about it, after the way they responded to this. Bad things happen to good people, so he must be doing something right.
 

tramit

Distinguished
Jul 27, 2009
75
0
18,580
0
[citation][nom]nukemaster[/nom]It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.He did tell them. they just did not care. It is hard to hear people when you and rolling in money....[/citation]

And is that compared to the relatively non-existent app screening process of Android? Relatively the screening process is still a success and has minor flaws every now and then. I don't expect perfection in software ever.
 

del35

Distinguished
May 22, 2009
495
0
18,930
0
Apple itself is malware. The sooner we get rid of it, the sooner we will return to open standards and user accessible batteries...

 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
SyncroScales Streaming Video & TVs 1
Paul Wagenseil Streaming Video & TVs 1
E Streaming Video & TVs 1
Marshall Honorof Streaming Video & TVs 14
Paul Wagenseil Streaming Video & TVs 3
Jill Scharr Streaming Video & TVs 1
Marshall Honorof Streaming Video & TVs 15
G Streaming Video & TVs 6
G Streaming Video & TVs 1
G Streaming Video & TVs 2
Marshall Honorof Streaming Video & TVs 2
G Streaming Video & TVs 2
G Streaming Video & TVs 5
G Streaming Video & TVs 7
G Streaming Video & TVs 1
G Streaming Video & TVs 7
G Streaming Video & TVs 5
G Streaming Video & TVs 0
G Streaming Video & TVs 2
G Streaming Video & TVs 0

ASK THE COMMUNITY