iOS Bug Allows Malware to Be Sold in Apple App Store

[watcha]

[citation][nom]nukemaster[/nom]It was his own computer it linked too. I do not think he was sending out viruses. He did prove that the Apple screening process is still crap. If he can do it how many other apps are out there like this with a real payload on the other end.He did tell them. they just did not care. It is hard to hear people when you and rolling in money....[/citation]

If your phone could be controlled by a notorious hacker at will, I think you'd regard it as having a virus. The computer it connects to can always be compromised.

He proved that the screening process isn't perfect, but he didn't need to do that in order to prove the issue. He told them, and they did care, and they are probably working on a fix. That doesn't make it OK to infect potentially thousands of people to prove the point.

At least there actually is screening on iOS unlike Android which is a free-for-all. Apple could remotely remove this malicious app from all infected phones instantly, Android could not.

[citation][nom]lionsson[/nom]@watcha the problem is that this security expert made it public by posting a YouTube video about the app on the App Store, the real hackers are just sitting back and reading your silly comment.[/citation]

The fact that he made the problem public is not the problem. The fact that he went a step further and infected people, is the problem. Apple had no choice. They can't allow any individual to release apps which allow them to control the users' phones. Very simple, very logical, very obvious. Only a fool would regard basic logic as 'silly'.

 

[halcyon]

Android trolls rejoice. You now have some additional fuel.

 

[awood28211]

[citation][nom]watcha[/nom]If your phone could be controlled by a notorious hacker at will, I think you'd regard it as having a virus. The computer it connects to can always be compromised.He proved that the screening process isn't perfect, but he didn't need to do that in order to prove the issue. He told them, and they did care, and they are probably working on a fix. That doesn't make it OK to infect potentially thousands of people to prove the point.At least there actually is screening on iOS unlike Android which is a free-for-all. Apple could remotely remove this malicious app from all infected phones instantly, Android could not.The fact that he made the problem public is not the problem. The fact that he went a step further and infected people, is the problem. Apple had no choice. They can't allow any individual to release apps which allow them to control the users' phones. Very simple, very logical, very obvious. Only a fool would regard basic logic as 'silly'.[/citation]

Firstly, Google can and has used toe capability to remove malicious apps from Android. You are wrong.

Second, this man "infected" no one.

The view that he broke the rules isn't entirely black and white. He submitted an app that contained code that he believed would make it through the screen REGARDLESS of what the code actually did. It could have been legitimate code but since he was attempting to prove the concept of the vulnerability he chose to make it perform an action that would PROVE the vulnerability. This may have already been occurring with legit code it's just gotten no press because who cared? No on.

If he showed something simple it would certainly have not received press and would have been disregarded by Apple and probably not fixed. For instance, hypothetically... "Oh look I submitted code that lets me flash the power light when Apple doesn't allow this feature..." would have been laughed at not only by the public but by Apple. Instead of a response of "Oooh, he made the light flash" and going on without action, Apple is now FORCED to fix this. They cannot deny it's dangerous.

How long must a responsible person wait after informing a company of something critical of this nature? I'm sure Apple gave him no acknowledgement, no status update or even a confirmation that it existed. Was he to just wait forever? No. He waited a period of time he believed reasonable then exposed the flaw that Apple had not even so much as made a peep that it existed.

I say good for him.

 

[iceman1992]

[citation][nom]stonedatheist[/nom]Banning a white hat hacker that is helping them find potential threats in their OS? Apple has sunk to a new low.[/citation]
Well said! A very low and incredibly stupid move to do. This just increased my dislike towards Apple

 

[watcha]

[citation][nom]iceman1992[/nom]Well said! A very low and incredibly stupid move to do. This just increased my dislike towards Apple[/citation]

The ban doesn't stop him finding flaws. It stops him publishing them to the public.

 

[iceman1992]

[citation][nom]watcha[/nom]The ban doesn't stop him finding flaws. It stops him publishing them to the public.[/citation]
Yes I know. Still, punishing the good guy is never a good thing to do. But not very surprised either, it's Apple

 

[anonymous32111]

[citation][nom]watcha[/nom]The ban doesn't stop him finding flaws. It stops him publishing them to the public.[/citation]

Hopefully HTML5 will cut Apple out of the 'app store' alltogether, in my book nobody can justify a 30% cut of the profits unless they've done 1/3rd of the work.

“Our philosophy is simple—when Apple brings a new subscriber to the app, Apple earns a 30 percent share; when the publisher brings an existing or new subscriber to the app, the publisher keeps 100 percent and Apple earns nothing,”

Doubt Apple has ever 'brought' a new subscriber to any app, I don't have an iPhone but last time I checked the user searches and navigates to the app.

 

[watcha]

[citation][nom]awood28211[/nom]Firstly, Google can and has used toe capability to remove malicious apps from Android. You are wrong. [/citation]

How ironic that you cry on about 'black and white' yet make such ridiculous uninformed statements like 'you are wrong'. Please do some actual research before you spout BS:

http/arstechnica.com/gadgets/news/2011/03/google-using-remote-kill-switch-to-swat-android-malware-apps.ars

Quote
'Although Google can deploy software to undo the damage caused by the malware, the underlying vulnerability that the attackers exploited can't be closed so easily. Google says that the bug is fixed in Android 2.2.2 and later, but there are still a large number of users at risk because their handsets runs a previous version of the operating system. Google is making a patch available, but it's going to be up to the carriers and handset makers to make sure that the patch gets deployed. In light of the mobile industry's poor track record updating Android phones, it's possible that this flaw will continue to be exploitable on a considerable number of handsets.'

If they can't do it for all phones, YOU would have to restrict your statement. YOU are wrong.

Great of you to point out that Android is not at all open though, I like that we're clear on that.

[citation][nom]awood28211[/nom]Second, this man "infected" no one. The view that he broke the rules isn't entirely black and white. He submitted an app that contained code that he believed would make it through the screen REGARDLESS of what the code actually did. It could have been legitimate code but since he was attempting to prove the concept of the vulnerability he chose to make it perform an action that would PROVE the vulnerability.[/citation]

What on EARTH are you on about? Could you BE any more wrong? (Said in the style of Chandler Bing). He has infected ANYONE who downloaded his app, simple as. He submitted an app on the off-chance it would get approved PURELY FOR THE PURPOSE OF SHOWING malicious code could get through - code which he knew in theory should be blocked. Submitting ANY app with malicious code (his did indeed have malicious code) IS A BREACH of the terms, as even he admits this (how can you be so stupid?). To quote the man himself:

' I did violate the tos, but I doubt the tos let's me do any of the crap I do. So why boot me now?'

So, it is ENTIRELY black and white. It COULDN'T have been legitimate code because then he WOULDN'T have violated the terms and he WOULDN'T have served any purpose.

It's like you've done no research whatsoever and don't have a clue what the app he created actually does:

'Greenberg writes that Miller effectively created a proof-of-concept app called Instastock that appears to merely list stock tickers, but also communicates with a server controlled by Miller, “pulling down and executing whatever new commands he wants.”'

How can you possibly not realise that ANYONE who has downloaded that app is infected. The app itself contacts Millers own pc, which he states (by his choice) will not issue any commands, but if he chose to, it could quite easily do anything he wanted with their phone, including reading their personal documents amongst other things.

[citation][nom]awood28211[/nom]
This may have already been occurring with legit code it's just gotten no press because who cared? No on. If he showed something simple it would certainly have not received press and would have been disregarded by Apple and probably not fixed. For instance, hypothetically... "Oh look I submitted code that lets me flash the power light when Apple doesn't allow this feature..." would have been laughed at not only by the public but by Apple. Instead of a response of "Oooh, he made the light flash" and going on without action, Apple is now FORCED to fix this. They cannot deny it's dangerous.How long must a responsible person wait after informing a company of something critical of this nature? I'm sure Apple gave him no acknowledgement, no status update or even a confirmation that it existed. Was he to just wait forever? No. He waited a period of time he believed reasonable then exposed the flaw that Apple had not even so much as made a peep that it existed.I say good for him.[/citation]

WTF are you on about, lol. If he had submitted legit code he wouldn't have exposed any flaw whatsoever. The fact that the malicious code was accepted is the notable point here. It is not a surprise when and if legitimate code gets accepted...

Forcing a company to fix a virus by infecting their users with said virus is NOT legal, and it's not within their terms and conditions. In the interests of their users, Apple had no choice. How dare you suggest that Charlie Miller has the right to define some arbitrary point at which their 'period of time' is up and he can now do whatever he wants to any users in any malicious way he chooses? How unbelievably stupid, and I can safely say 'WRONG' of you to think that that is morally correct or something within his rights.

 

[anonymous32111]

"How unbelievably stupid, and I can safely say 'WRONG' of you to think that that is morally correct or something within his rights."

Agree to disagree. I think he has every right and priveledge to upload the worst kind of BIOS-flashing, hard-disk formatting malware to the app store if it lets him.

Even if he formatted my entire iPhone - good for him, it would have forced Apple to cover this vulnerability. With such a compromising vulnerability i'm just glad hes a white-hat who brought it to everybody's attention before others used it for evil.

Forcing a company to fix a virus by infecting its userbase is NOT legal, but most certainly a good decision for everybody who has an iPhone. Screw Apple's timeline to fix it- the exploit is here so get patch'n.

 

[halcyon]

[citation][nom]anonymous32111[/nom]"How unbelievably stupid, and I can safely say 'WRONG' of you to think that that is morally correct or something within his rights."Agree to disagree. I think he has every right and priveledge to upload the worst kind of BIOS-flashing, hard-disk formatting malware to the app store if it lets him.Even if he formatted my entire iPhone - good for him, it would have forced Apple to cover this vulnerability. With such a compromising vulnerability i'm just glad hes a white-hat who brought it to everybody's attention before others used it for evil.Forcing a company to fix a virus by infecting its userbase is NOT legal, but most certainly a good decision for everybody who has an iPhone. Screw Apple's timeline to fix it- the exploit is here so get patch'n.[/citation]
Interesting perspective you have. I wonder how many iOS users would agree with you.

 

[anonymous32111]

[citation][nom]halcyon[/nom]Interesting perspective you have. I wonder how many iOS users would agree with you.[/citation]

Not many probably haha, most people would shit if that happened to them

 

[halcyon]

[citation][nom]anonymous32111[/nom]Not many probably haha, most people would shit if that happened to them[/citation]
Yes I suppose a good many would indeed relieve themselves...on themselves...if that were to happen. Myself included.

 

[beayn]

watcha said:
"blah blah blah blah"

Wow, you're back at it again watcha? Trolling every Apple article you can find to flame and bash and argue with anyone who says anything even the slightest bit negative about Apple and Apple products... same old same old.

 

[eddieroolz]

The days of getting free infection is over; you must now pay for malware! hahaha

 

[beayn]

[citation][nom]eddieroolz[/nom]The days of getting free infection is over; you must now pay for malware! hahaha[/citation]
This is a revolutionary new feature from Apple!

 

[watcha]

[citation][nom]beayn[/nom]watcha said:"blah blah blah blah"Wow, you're back at it again watcha? Trolling every Apple article you can find to flame and bash and argue with anyone who says anything even the slightest bit negative about Apple and Apple products... same old same old.[/citation]

Good points, as ever, Beayn. Can always rely on you to focus on the discussion at hand and present logical arguments.

 

[watcha]

[citation][nom]eddieroolz[/nom]The days of getting free infection is over; you must now pay for malware! hahaha[/citation]

I think the app was free

 

[beayn]

[citation][nom]watcha[/nom]Good points, as ever, Beayn. Can always rely on you to focus on the discussion at hand and present logical arguments.[/citation]

Oh, I presented plenty of logical arguments to you. I'm long past even trying that. I know how conceited and irrational you are.

 

[watcha]

[citation][nom]beayn[/nom]Oh, I presented plenty of logical arguments to you. I'm long past even trying that. I know how conceited and irrational you are.[/citation]

Again, very good point Beayn. It's great that you're taking my advice and focusing on the discussion at hand and presenting arguments which prove the things I've said wrong.

You're not the very definition of a troll in this scenario, or anything.

Ironic, huh?

 

[Manicslayer]

The last paragraph sums up the article perfectly. Apple, this guy is a respected hacker and security consultant and you go and kick him out of your iOS group? Really? He told them about it, they said, "Nah bro, we got it." He told them again, "Dude we're cool, we told you." Then he showed them, "Hey man, fuck you! You're not in our club anymore!" No one was, in any way, in danger from his download. All it did was ping his private server and show Apple that, "Hey, if I wanted I could totally fuck peoples shit up right now." Making it public forced Apple to act, rather than wait for someone else to figure it out and steal personal information through their downloaded spyware.
Yes iOS is more secure than Android, just like OSX is more secure than Windows. Thankfully, I am not technologically challenged and I don't need the extra security. I'm more about freedom and ingenuity. It's a no brainer why most Tom's readers aren't Apple fans; We do not need the idiot proofing/limiting that Apple sets up in its products as it only limits your options in the long run.