Skip to main content

Apple boots iOS developer for exposing a security bug

charlie-miller-security-expert
Image used with permission by copyright holder

Companies like Google and Facebook reward hackers with monetary incentives for finding bugs and security holes in their software. Apple has taken the opposite approach. TG Daily reports that security researcher Charlie Miller was ousted from the iOS developer program after revealing a security flaw in iPhones and iPads. He discovered, and made public, that it’s possible to create an app for the App Store that passes all of Apple’s security sweeps but still downloads malware onto the device and does bad things. His app, called InstaStock and masked as a stock trading app, was able to access photos and contacts as well as make the device vibrate or play sounds, all of which are typically restricted on iOS.

 “The user doesn’t know anything’s going on, it just looks like a normal app,” he says. “I can grab any file I want – here is, for example, the address book.”

Unfortunately, though it was necessary for his research, Apple did not take kindly to Miller uploading malware to the App Store. He was booted from the developer program despite the fact that he publicly stated that his app was for research and warned Apple of the hole in their system. 

“OMG, Apple just kicked me out of the iOS Developer program. That’s so rude!” said Miller on Twitter. “First they give researchers access to developer programs (although I paid for mine), then they kick them out…for doing research. I thought they’d just remove the app and we’d still be friends.”

Apple has not commented on the situation. 

Editors' Recommendations

Jeffrey Van Camp
Former Digital Trends Contributor
As DT's Deputy Editor, Jeff helps oversee editorial operations at Digital Trends. Previously, he ran the site's…
iOS 17: How to share contacts using Apple’s amazing NameDrop feature
Enabling NameDrop toggle in iOS 17.

iOS 17 is full of cutting-edge iPhone features and optimizations, and we’ve been singing the latest firmware’s praises for a while now. Beyond the typical bug repairs and standard improvements, Apple’s most recent iOS level-up includes a convenient iPhone exclusive called NameDrop. In just seconds, this iPhone-to-iPhone wireless tech lets iPhone A receive a full contact card from iPhone B, simply by placing the two phones next to each other.

You’ll also be able to perform this trick by swapping one (or both) of those iPhones for the Apple Watch Series 7 or newer running watchOS 10.1. It’s not a difficult process, but it involves a little iOS know-how, which is where we come in. We’ve put together this step-by-step explainer for using the NameDrop feature, covering both the iPhone and Apple Watch connectivity methods.

Read more
How to use iOS 17 FaceTime gestures (and what they look like)
Video reactions in macOS Sonoma, with the balloons effect in use.

iOS 17 brought a number of new iPhone features and optimizations to the table, and one of these tweaks adds a few cool layers of entertainment to your FaceTime experience. It’s called FaceTime gestures, and once it’s set up correctly, you’ll be able to send 3D animations to your friends and family during FaceTime video calls. You’ll even be able to trigger the animations with physical gestures!

Getting your phone ready for action doesn’t take much time or effort, but we put this guide together to walk you through the process nonetheless. 
How to make a FaceTime gesture in iOS 17

Read more
8 iPhone browser apps you should use instead of Safari
iPhone browser apps

By default, the Safari web browser is available on every iPhone, including the iPhone 15 series. Nevertheless, several other web-browsing options can be found on the App Store, each with at least one unique feature that distinguishes it from the others. While some web browser apps like Google Chrome, DuckDuckGo, and Microsoft Edge might already be familiar to you, others such as Aloha and Arc Search may not be.

If you're looking for a Safari alternative, here are our favorite iPhone browser apps you should consider using instead.
Google Chrome

Read more