This is just a proof of concept. No app with this flaw would ever get sold on the App Store. Apple would detect it and reject it in a heartbeat. Walled garden my ass!
Repeat after me. When you submit an app to the app store, you only send in a binary. Apple cannot determine the logic of your program unless they reverse engineer your binary which is very difficult to do. This is like me giving you the iTunes binary and asking if you can find any hidden code in it.
You have to understand that the main way iOS ensures security is through limited app permissions, which has been breached here. The main purpose of app review is to check for things like porn and in app purchases.
I agree that the flaw likely exists in theory (something to fix?), and that it could reach people in reality if the App Store process allows it, which as I said is plausible (something else to fix?); I just don't see the evidence yet. So from what we know now this sound like one of the many past claims that got exaggerated, gave someone 5 seconds of fame, and then turned out to be very different from what articles had stated/implied (and fed to the echo chamber).
But the App Store approval process does more (both human and automated) then you're saying, and does scan the code. It's not like "you getting the code" and eyeballing the binary. The code is scanned automatically, and hidden transgressions can be caught, and are caught all the time. (I use the game engine Unity, for instance, and sometimes developers report that the Unity engine is triggering some automated rejection for doing something wrong, and so Unity makes a needed tweak and the apps now make it through.)
Otherwise:
A) why would they need to "approaches to bypass" the process at all? They'd just submit and there would be no story about that end of the problem.
how would they catch apps doing invisible disallowed things (like using certain private APIs or using a UDID) which they catch all the time?
It's possible (we don't yet know) that Apple's process could detect this in the same way--even if from a binary.
Here are some links to developers explaining how Apple scans app binaries for various things prior to approval:
I agree that the flaw likely exists in theory (something to fix?), and that it could reach people in reality if the App Store process allows it, which as I said is plausible (something else to fix?); I just don't see the evidence yet. So from what we know now this sound like one of the many past claims that got exaggerated, gave someone 5 seconds of fame, and then turned out to be very different from what articles had stated/implied (and fed to the echo chamber).
But the App Store approval process does more (both human and automated) then you're saying, and does scan the code. It's not like "you getting the code" and eyeballing the binary. The code is scanned automatically, and hidden transgressions can be caught, and are caught all the time. (I use the game engine Unity, for instance, and sometimes developers report that the Unity engine is triggering some automated rejection for doing something wrong, and so Unity makes a needed tweak and the apps now make it through.)
Otherwise:
A) why would they need to "approaches to bypass" the process at all? They'd just submit and there would be no story about that end of the problem.
how would they catch apps doing invisible disallowed things (like using certain private APIs or using a UDID) which they catch all the time?
It's possible (we don't yet know) that Apple's process could detect this in the same way--even if from a binary.
Here are some links to developers explaining how Apple scans app binaries for various things prior to approval:
I think you're overestimating how much can be found by a binary scanner. It may find clear violations like using undocumented APIs, but code that is written to do things in a roundabout way is nearly impossible to decipher without a detailed analysis by a programmer. It's very easy to confuse even the Clang/LLVM static analyzer which has full access to the source code.
The only solution is to have a rock solid OS that can prevent apps from performing actions outside the sandbox at runtime. I don't blame the binary scanner here, this is a sandbox problem.
Apple is doomed! But seriously it's good to have these firms pointing out flaws for Apple to close, just in case. iOS is still quite secure and the malware available is almost non-existent compared to Android.
Comments
This is just a proof of concept. No app with this flaw would ever get sold on the App Store. Apple would detect it and reject it in a heartbeat. Walled garden my ass!
I agree that the flaw likely exists in theory (something to fix?), and that it could reach people in reality if the App Store process allows it, which as I said is plausible (something else to fix?); I just don't see the evidence yet. So from what we know now this sound like one of the many past claims that got exaggerated, gave someone 5 seconds of fame, and then turned out to be very different from what articles had stated/implied (and fed to the echo chamber).
But the App Store approval process does more (both human and automated) then you're saying, and does scan the code. It's not like "you getting the code" and eyeballing the binary. The code is scanned automatically, and hidden transgressions can be caught, and are caught all the time. (I use the game engine Unity, for instance, and sometimes developers report that the Unity engine is triggering some automated rejection for doing something wrong, and so Unity makes a needed tweak and the apps now make it through.)
Otherwise:
A) why would they need to "approaches to bypass" the process at all? They'd just submit and there would be no story about that end of the problem.
It's possible (we don't yet know) that Apple's process could detect this in the same way--even if from a binary.
Here are some links to developers explaining how Apple scans app binaries for various things prior to approval:
http://stackoverflow.com/questions/2842357/how-does-apple-know-you-are-using-private-api
http://stackoverflow.com/questions/9934143/how-does-apple-detect-udid-access-during-app-review
http://stackoverflow.com/questions/3186648/does-apple-view-the-actual-source-code-when-approving-apps
I agree that the flaw likely exists in theory (something to fix?), and that it could reach people in reality if the App Store process allows it, which as I said is plausible (something else to fix?); I just don't see the evidence yet. So from what we know now this sound like one of the many past claims that got exaggerated, gave someone 5 seconds of fame, and then turned out to be very different from what articles had stated/implied (and fed to the echo chamber).
But the App Store approval process does more (both human and automated) then you're saying, and does scan the code. It's not like "you getting the code" and eyeballing the binary. The code is scanned automatically, and hidden transgressions can be caught, and are caught all the time. (I use the game engine Unity, for instance, and sometimes developers report that the Unity engine is triggering some automated rejection for doing something wrong, and so Unity makes a needed tweak and the apps now make it through.)
Otherwise:
A) why would they need to "approaches to bypass" the process at all? They'd just submit and there would be no story about that end of the problem.
It's possible (we don't yet know) that Apple's process could detect this in the same way--even if from a binary.
Here are some links to developers explaining how Apple scans app binaries for various things prior to approval:
http://stackoverflow.com/questions/2842357/how-does-apple-know-you-are-using-private-api
http://stackoverflow.com/questions/9934143/how-does-apple-detect-udid-access-during-app-review
http://stackoverflow.com/questions/3186648/does-apple-view-the-actual-source-code-when-approving-apps
I think you're overestimating how much can be found by a binary scanner. It may find clear violations like using undocumented APIs, but code that is written to do things in a roundabout way is nearly impossible to decipher without a detailed analysis by a programmer. It's very easy to confuse even the Clang/LLVM static analyzer which has full access to the source code.
The only solution is to have a rock solid OS that can prevent apps from performing actions outside the sandbox at runtime. I don't blame the binary scanner here, this is a sandbox problem.