∞ Researcher finds security bug in iOS

Reuters:

A software flaw in Apple Inc’s iPhones and iPads may allow hackers to build apps that secretly install programs to steal data, send text messages or destroy information, according to an expert on Apple device security.

Here is a video from the researcher Charlie Miller:



  • http://ObamaPacman.com ObamaPacman

    Reuters’s rewrite of Forbes’ article did not mention that Android is also susceptible.

    • foresmac

      Technically, Android is more susceptible, since an attacker on iOS would have to get his app into the App Store in the first place, and now Apple knows what to screen for to find this exploit before it gets in the store. Android users could always side-load apps that do similar things.

  • foresmac

    FWIW, we have a more technical explanation of the flaw on Ars: http://arst.ch/rik

  • jpmhughes

    Apple kicked Charlie Miller out of the developer program for this and imo rightly so. It’s one thing to work with Apple on something like this but an entirely different matter to see if you can do it and then report it to Apple. http://news.cnet.com/8301-27076_3-57320190-248/apple-boots-security-guru-who-exposed-iphone-exploit/

  • http://mangochut.net/ mangochutney

    I read a nice little timeline and commentary about this on Dave Chartier’s site and I can only agree; he got what he deserved. I wonder if his five minutes of fame were worth it?

  • Anonymous

    According to The Verge, the iOS 5.0.1 update released today patches this vulnerability.