i2 Security Blog

Keeping you upto date on the world of IT Security

i2 Security Blog - Keeping you upto date on the world of IT Security

App Store expels iOS hacker

Charlie Miller, a well known Apple hacker who has exposed a large number of vulnerabilities in Apples software has been ousted from the iOS Developer Programme by Apple.  This happened after he published an app that exposes a serious bug in new iPhones and iPads.

 

InstaStock app, which had been accepted and approved by the App Store back in September, is a program that tracks stock prices in real time.  However there is also a secret hack that bypassed protections built into iOS devices that prevent code from running on them unless it has been signed by Apple’s official cryptographic seal.  As a result the app is capable of other things including downloading pictures and contact details from iPhone’s and iPad’s.

Apparently a few hours after Miller revealed the ‘extra’ functionality of his app he received an email stating that Apple was terminating him from the iOS Developer Program for violation of a clause in the program’s license in which he agreed he wouldn’t “hide, misrepresent or obscure any features, content, services or functionality” of applications he submitted.

 

Miller’s code-signing bypass exploits a change introduced in iOS 4.3 that for the first time created a small region in iPhones and iPads where unsigned code downloaded from the internet could be executed. The exception was designed to improve the performance of Safari by allowing it to do just-in-time compiling. To prevent the exception from being abused, Apple tightly restricted it to Safari, and even then only in certain cases.  Miller discovered a flaw in the way the checks are run though.

 

Miller said he’s concerned that his excommunication will hinder his ability to find security bugs in Apple software until it has become publicly available. A case in point is iOS version 5.01, which is currently in beta testing.  Now no longer part of the developer program Miller no longer has access to beta code and therefore will have to wait until the code is publicly available before he can check for vulnerabilities.  By which time it will probably be too late.

Sick Facebook scammers try to exploit the death of a genius

As always in the world we live in it hasn’t taken long for the scammers to try to exploit a sad world event, the passing away of Steve Jobs.

The scammers are telling people that an unnamed company are giving away 50 iPad’s in memory of the Apple genius.  Victims are asked to follow a link and complete a survey to qualify for the prize.

The offer is obviously a fake one and so far over 15000 users have followed the link, according to reports from the security company Sophos.
The scammers are aiming to make money from affiliate links, basically they make more money the more people they drive to certain websites such as gambling, contests and survey sites.  Obviously they could just as easily point you to sites hosting malicious content, but in this particular scam all pages that you redirect to are the types mentioned above.

I think we can expect a few more of this type of scam over the coming days, as always these scams seem to surface after an event like this.
Just be careful of the links you click on, never give away your personal details, logins, bank details etc and try to keep all your anti virus and other software up to date.