App hides pre-installed iOS titles, disables iAds without jailbreak [u]

2»

Comments

  • Reply 21 of 27
    gatorguygatorguy Posts: 20,932member


    It's been pulled at Apple, but it still available without jail-breaking your iPhone. Courtesy 9to5


    http://cydiahacks.com/

  • Reply 22 of 27
    blah64blah64 Posts: 933member






    Originally Posted by Tallest Skil View Post


    I wish there was an equivalent to Little Snitch in iOS.



     


    There is, it's called: Firewall IP


     


    Of course you need to jailbreak, since Apple doesn't want users in control of network traffic.

  • Reply 23 of 27
    lightknightlightknight Posts: 2,312member
    @dasanman69 Apple doesn't really check everything. They check for crashes and easily detectable defects, and they have humans who may, or may not, checkmore thoroughly.

    Look at the list of apps that obviously disregard Apple's terms and conditions. I even found a bug in one of my apps years after pushing it to the Store, which by the way is irritating as a programming artist :p
  • Reply 24 of 27
    asciiascii Posts: 5,941member


    It makes a mockery of the review process that something so obvious a hack could get through. But then they can't properly review all apps because they don't have a policy of automatically disallowing insubstantial apps.

  • Reply 25 of 27

    Quote:

    Originally Posted by GTR View Post


     


    Can you (or anybody else) elaborate on this comment?


     


    I'd like to know more.



     


    "Profiles" are a feature for enterprise control of iOS devices, and (potentially) allow for the app to do some sneaky things.


     


    Profiles can also be installed from other sources too, such as email attachments or web pages. You always get prompted first, though.


     


    To see how a profile can modify your device, check out this Apple reference page:


    http://developer.apple.com/library/ios/#featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html


     


    Other than the obvious things listed in the above link, the ability to install certificates is a huge security hole if you don't trust the source of the profile. If they install a bogus certificate, they could potentially perform a man-in-the-middle attack and intercept/tamper with secure communications from your phone (ie online banking). The certificate's only one step in the process though, they'd still have other work to do to attack successfully.


     


    Moral of the story: never allow a profile to be installed on your device unless you really trust the source.

  • Reply 26 of 27
    tallest skiltallest skil Posts: 43,399member


    Little update here: I downloaded this on my computer, yeah, with no intention of ever installing or using it.


     


    Come to grab my iPad and the App Store password modal popup pops up. Turns out, it's downloading there.


     


    On my iPad. Running iOS 5.


     


    So it downloads and starts to install, and then it hangs. Now all it can do is restart the installation, eventually changing the app icon from dim to normal brightness, but keeping the installation bar on top of it. Can't open it, doesn't install, but it's there.


     


    1. That's Apple's fault, and it should be embarrassing.


    2. This PROVES that Cards (which STILL perpetually shows up as an update on my device but CANNOT be updated) does not require iOS 6 and was never originally going to require it, which is also embarrassing to Apple. 

  • Reply 27 of 27
    Here is a perfect example of why you shouldn't install unknown custom profiles:

    http://appleinsider.com/articles/13/03/13/ios-vulnerability-uses-mobileconfig-files-to-steal-data
Sign In or Register to comment.