Newly found code signing flaw allows for iOS malware

2

Comments

  • Reply 21 of 44
    I am sure Apple is already aware of their MacOS and iOS security holes and prefers not to make them public. The biggest stick they have, since they must approval all AppStore apps, is to kick violators out of the program. Charlie may be a good hacker, but he lacks basic common sense IMHO.
  • Reply 22 of 44
    Quote:
    Originally Posted by anantksundaram View Post


    Kicking him out was stupid and churlish on Apple's part.



    In some ways it is stupid, but he did not tell Apple about the flaw in advance as far as we can tell. We will not know the whole story until after his presentation. So far, he does not appear to be helping Apple with the bugs he finds, if that was true I am sure they would not be dumb enough to make an enemy of him
  • Reply 23 of 44
    galbigalbi Posts: 968member
    Apple acting like a kid, again.
  • Reply 24 of 44
    Quote:
    Originally Posted by karmadave View Post


    Charlie may be a good hacker, but he lacks basic common sense IMHO.



    Individuals are not the only ones that occasionally lack basic common sense, IMHO.
  • Reply 25 of 44
    Quote:
    Originally Posted by anantksundaram View Post


    Kicking him out was stupid and churlish on Apple's part.



    Boy that's smart thinking, Apple!





    About as sound as the US policy towards Iran getting a Nuke...



    us:"You keeping working on a Nuke weapon and you'll be sorry!"



    Iran: "But we are almost done."



    us: "That's it! You crossed the line! We are going to the UN and organize a boycott! Not just any boycott, but a Strong Boycott. So there!!!"



    Iran: "Iran Nuke Warhead Finished!"



    Find an exploit in iOS that shows how malicious content can be added and show how information can be extracted?... There's an app for that! Err, was!... There was an app for that!



    There was also a smart person, member of the Apple iOS Dev community, who found the exploit, made a video to show everyone of his findings and showed what it could do rather than actually implement it for his own ill gotten gain and Apple throws him under the bus! Way to go Apple! My viewpoint of your OS/iOS security has just gone down a notch when it comes to your unfailing fortitude to keep malware out.



    I just finished watching a movie with Bruce Willis and that former Apple Commercial "I'm a Mac" Justin Long in "Live Free or Die Hard 4" where the premise of the movie, the hero, "must save the day once again, this time from an attack on the nations computer infrastructure. The terrorist plan seems to have taken into account every possible detail in the digital world to render the financial markets and everything else useless"



    I wonder if like in the movie where the evil tech expert only became evil after being maligned and discarded will other "holes" in iOS that this individual might come across be taken advantage of? What is to prevent him from paying a computer friend to become an Apple Developer and have a way back in the Apple eco system and app store? This time to prove his point on such a future exploit he may come across but utilize in a more detrimental way? What 's to stop him? A EULA or that "Agree" checkbox to terms and conditions?



    Apple, I love ya, because you think differently, but right now, you're not thinking smart!

    /

    /

    /
  • Reply 26 of 44
    Find an exploit in iOS that shows how malicious content can be added and show how information can be extracted?... There's an app for that! Err, was!... There was an app for that!



    There was also a smart person, member of the Apple iOS Dev community, who found the exploit, made a video to show everyone of his findings and showed what it could do rather than actually implement it for his own ill gotten gain and Apple throws him under the bus! Way to go Apple! My viewpoint of your OS/iOS security has just gone down a notch when it comes to your unfailing fortitude to keep malware out.



    Funny, I just finished watching a movie tonight with Bruce Willis and that former Apple Commercial "I'm a Mac" Justin Long in "Live Free or Die Hard 4" where the premise of the movie, the hero, "must save the day once again, this time from an attack on the nations computer infrastructure. The terrorist plan seems to have taken into account every possible detail in the digital world to render the financial markets and everything else useless" and this AI story pops up!



    I wonder if like in the movie where the evil tech expert only became evil after being maligned and discarded, will other "holes" in iOS that this individual might come across be taken advantage of? What is to prevent him from paying a computer friend to become an Apple Developer and have a way back in the Apple eco system and app store? This time to prove his point on such a future exploit he may come across but utilize in a more detrimental way? What 's to stop him? A EULA or that "Agree" checkbox to terms and conditions?



    Apple, I love ya, because you think differently, but right now, you're not thinking smart!

    /

    /

    /
  • Reply 27 of 44
    self delete
  • Reply 28 of 44
    solipsismsolipsism Posts: 25,726member
    Quote:
    Originally Posted by Rot'nApple View Post


    ...rather than actually implement it for his own ill gotten gain...



    He did implement it, which is why his app was pulled and he banned from the developer program. Think about it; this isn't Charlie Miller's first rodeo exposing vulnerabilities with Apple's code yet it was only after he used that code to implement an app that he agreed was a legit app that didn't violate any of the terms of service and that Apple, as the retailer, backed did Apple take any action against Miller. Whether you think his overall intent was honorable everything he did in regards to the App Store policies and what users expect from App Store apps was unscrupulous.



    Quote:

    Funny, I just finished watching a movie tonight with Bruce Willis and that former Apple Commercial "I'm a Mac" Justin Long in "Live Free or Die Hard 4"...



    I enjoyed that movie.



    Quote:

    What is to prevent him from paying a computer friend to become an Apple Developer and have a way back in the Apple eco system and app store?



    Let me get this straight. Because there are deceitful methods that can be employed Apple should bend over to placate all those that could potentially do evil movie villain harm? How much should Apple pay these guys that are keeping them hostage?
  • Reply 29 of 44
    To quote Miller from the Forbes article, "?Android has been like the Wild West,? says Miller. ?And this bug basically reduces the security of iOS to that of Android.?



    No, it doesn't unless you have outbreaks of malware that Android routinely suffers, and so he's stooped to spreading FUD to get attention. In fact, in an article about Android malware from March of this year, Miller states, "Google's Android Marketplace differs from Apple's more controlled App Store. Apple performs a scan of the application's binary for private APIs and other issues that could harm the performance of the iPhone. The centralized control has helped keep the iPhone relatively safe, he said."
  • Reply 30 of 44
    Quote:
    Originally Posted by Rot'nApple View Post


    What is to prevent him from paying a computer friend to become an Apple Developer and have a way back in the Apple eco system and app store? This time to prove his point on such a future exploit he may come across but utilize in a more detrimental way? What 's to stop him? A EULA or that "Agree" checkbox to terms and conditions?



    /

    /

    /



    Not much is stopping him from doing this, but his friend would then be sued for any damages that this guy causes, not to mention the potential for being arrested and jailed.



    That is like asking your buddy to go into the bank and rob it for you. Who in their right mind would want to take the risk?
  • Reply 31 of 44
    Quote:
    Originally Posted by Prof. Peabody View Post


    They didn't "kick him out."



    they certainly yanked his app and I'm betting in fact they did kick him out. Forget why he claims he did it, he broke the rules. That gets you kicked out.
  • Reply 32 of 44
    hill60hill60 Posts: 6,992member
    Quote:
    Originally Posted by lkrupp View Post


    Please inform us which of Miller's "nasty exploits" ever came to pass in the real world. He comes up with these convoluted machinations, makes a big deal of calling Apple out over them, and none of them ever appears to be deployed or actually go live in real world malware that attacks Mac users. I think he does a great service to Apple users by finding these flaws but he's a real prick when it comes to how he informs the world.



    hmmm....



    Quote:

    Miller has refused to reveal the exploit, though he will announce the specifics at the SysCan conference in Taiwan next week



    Coincidence?



    I think not.



    The Miller publicity machine at work.
  • Reply 33 of 44
    Quote:
    Originally Posted by mstone View Post


    Looks like Charlie turned down the job in Apple's security division



    I suppose he was hoping for a job and didn't get an offer
  • Reply 34 of 44
    macrulezmacrulez Posts: 2,455member
    deleted
  • Reply 35 of 44
    jragostajragosta Posts: 10,473member
    Quote:
    Originally Posted by anantksundaram View Post


    (I assume you meant to say "not be allowed").



    It's these types of one-size-fits-all rules that I am calling "stupid and churlish."



    Context and motives are important.



    I see. So you'd prefer that Apple not have fixed rules and simply make things up as they go along? Why not treat every developer different? Every one of them might have different motives and the context would certainly be different for each app.



    They need fixed rules so that developers know what to expect.
  • Reply 36 of 44
    ssquirrelssquirrel Posts: 1,196member
    Yeah no way is taking your app that has the exploitation built in and getting it thru the App STore a wise way of getting Apple's attention. He could have written the app and emailed ity to Apple w/a note saying "This is just a proof of concept, someone could put something like this on the App Store and get info via this exploit" and there would have been no problems. He had to go and get it on the App Store tho. I don't really feel sympathy. Thanks for finding the exploit, but that was a dumbass publicity stunt that will keep him off the App Store for good.
  • Reply 37 of 44
    hkzhkz Posts: 190member
    Quote:
    Originally Posted by SSquirrel View Post


    Yeah no way is taking your app that has the exploitation built in and getting it thru the App STore a wise way of getting Apple's attention. He could have written the app and emailed ity to Apple w/a note saying "This is just a proof of concept, someone could put something like this on the App Store and get info via this exploit" and there would have been no problems.



    It's not a proof of concept if he didn't actually get the app approved now is it? Do you know what proof of concept means?



    Quote:
    Originally Posted by markbyrn View Post


    To quote Miller from the Forbes article, "”Android has been like the Wild West,” says Miller. “And this bug basically reduces the security of iOS to that of Android.”



    No, it doesn't unless you have outbreaks of malware that Android routinely suffers, and so he's stooped to spreading FUD to get attention. In fact, in an article about Android malware from March of this year, Miller states, "Google's Android Marketplace differs from Apple's more controlled App Store. Apple performs a scan of the application's binary for private APIs and other issues that could harm the performance of the iPhone. The centralized control has helped keep the iPhone relatively safe, he said."



    Well, if you knew the whole story you'd know that his app violates nothing about private APIs or anything. It is well within the boundaries of what that app is allowed to access. It just so happens that what it can access has a massive security hole in it and that hole could be used for nefarious purposes. He didn't do that, he merely showed that it's possible. Whether or not the bad out come actually happens, you have bad security like Android until that hole is closed.



    If you and your neighbor both have broken door locks on every door, you don't have a security problem unless you get robbed like your neighbor has? Saying that is FUD? Get real.
  • Reply 38 of 44
    Quote:
    Originally Posted by lkrupp View Post


    Please inform us which of Miller's "nasty exploits" ever came to pass in the real world. He comes up with these convoluted machinations, makes a big deal of calling Apple out over them, and none of them ever appears to be deployed or actually go live in real world malware that attacks Mac users. I think he does a great service to Apple users by finding these flaws but he's a real prick when it comes to how he informs the world.



    How do you know it is not happening right now? How would you know?
  • Reply 39 of 44
    Quote:
    Originally Posted by anantksundaram View Post


    Kicking him out was stupid and churlish on Apple's part.



    Quote:
    Originally Posted by solipsism View Post


    I disagree. Whether it's a proof of concept that he won't release to the public or intended to harm or steal from users is irrelevant, Apple has to protect their customer base and riding someone who wrote an app that breaks guidelines and allows developers backdoor access into a user's device should not be allowed.



    Precisely, he could have easily gone to Apple first & ask to test his proof of concept. Apple responded they way they are obligated to legally, if they hadn't then anyone who got kicked out could cry foul saying all they were trying to do was a proof of concept.



    He's stumbled upon something big & so he's trying to get his own name out there. If they were smart Apple would offer him an irresistible job offer in their security devision, just like how they hired jailbreaker Comex. I have my doubts he would ever accept such an offer or likely his demands would be far beyond reasonable. Still, a company as big as Apple really would be wise to recruit the best & brightest when it comes to security; they certainly have the money.
  • Reply 40 of 44
    russellrussell Posts: 296member
    God AI, censor much? What you posted is missing so much that you changed the story. Read the original article here, http://www.reuters.com/article/2011/...7A71ZS20111108



    "He told Reuters on Monday that several hundred Apple customers had downloaded the free app and that it had connected to his server, but said he had not installed any other software on their devices.



    Still, the incident may have proved embarrassing for Apple because its App Store failed to identify that InstaStock was actually a prototype malicious program. That meant there could currently be malware in the App Store that similarly made it past the security vetting process, Miller told Reuters on Monday."



    "Apple has good reason to believe that you violated (the iOS developer agreement) by intentionally submitting an App that behaves in a manner different from its intended use," the email said.



    "We will deny your reapplication to the iOS Developer Program for at least a year, considering the nature of your acts," the letter read.



    Miller is a well-known researcher who in 2009 identified a bug in the iPhone text-messaging system that allowed attackers to gain remote control over the devices.
Sign In or Register to comment.