Skip to main content

iOS app store security hole allows people to download dangerous apps

apple app store appsApple reviews every app that is available in the app store to make sure it is safe to use. Forbes reported on Charlie Miller an Apple security researcher who found a way for seemingly safe app to turn evil. Miller created an app that was able to pass all of Apple’s review tests and was available on the app store. Apple has removed the app that Miller used as an example of the security hole, and has removed him from the Apple developer program.

Miller’s app appeared as a run of the mill stock checking app which communicated with a server in his house. When the app was reviewed by Apple it looked like a normal app, and didn’t raise any red flags. The app uses security issues related to Apple’s mobile Safari app which allows apps to run code that wasn’t seen or approved by Apple.

Miller demonstrates just how powerful this kind of app can be by downloading the app and showing how it looked to Apple’s review team. He then updates the app’s code on his computer and re-downloads the same program. Upon start up Miller was able to access all kinds of information stored on the phone. Miller says that he is able to download contacts and pictures stored on the phone, and all of this is done without the phone user having any idea what is going on.

We have seen other security holes on Apple’s iOS devices, but nothing to this degree.  Many jailbreakers used a PDF exploit to easily jailbreak their phones.  Miller is scheduled to speak at a conference next week where he will further demonstrate how the exploit works, and hopes that Apple pays attention to fix the problem. Miller says that any app on the market would be able to use this technique to tap into users phones, and until Apple fixes the problem that any app can be a threat.

Editors' Recommendations

Mike Dunn
Former Digital Trends Contributor
Mike graduated from University of Arizona with a degree in poetry, and made his big break by writing love sonnets to the…
Your iPhone just got a new iOS update, and you should download it right now
iPhone 15 Pro display with iPhone 15 Pro Max in background.

Apple has just released a new security update, iOS 17.4.1. This comes a little over two weeks after iOS 17.4, which was a big update. iOS 17.4.1 doesn't add any new features, but it's still an important update you'll want to download as soon as you can.

With iOS 17.4.1, Apple states that the update “provides important bug fixes and security updates and is recommended for all users.” Apple doesn’t mention any specifics of these bug fixes, but more details on what this security update addresses may be revealed at a later date.

Read more
YouTube TV just got even better on iPhones and iPads
Multiview on YouTube TV on an iPad.

If you use the most popular live-streaming service on an iPhone or iPad, things just got even better. YouTube TV — which boasts more than 8 million subscribers — just pushed multiview live on Apple's mobile devices, as previously promised.

It works basically the same way it does on a television. YouTube TV picks the programs available in multiview, and you get them all at once, with audio coming from one of the shows. Tap another, and the audio switches. And just as before, you can get multiview for sports, news, business, or weather. (Though we definitely don't recommend watching four news channels at once in an election year.) It's just in time for March Madness, which is great, though we hope you'll be able to pick your own games instead of just sticking with the multiple viewing options YouTube TV gives. This will be great come fall, though, when the new season of NFL Sunday Ticket takes hold.

Read more
How to use photo cutout to cut and paste images in iOS 17
The image background remover feature from iOS 16 being used on a photo of a dog.

The iPhone has so many clever and fun little features that it's easy to miss some of them. One of the most whimsical features to come along in recent years is the ability to lift the subject of a photo away from the background so you can use it elsewhere — whether that's sharing it in an email, pasting it into a photo editing app, or even turning it into an iMessage sticker in iOS 17.

What's especially fascinating about this is that it seems like such a simple thing to do — and Apple does make it really easy — but there's a ton of number crunching going on under the hood to make it happen. This means you'll need an iPhone with a reasonably modern processor, but the good news is that it doesn't have to be the latest and greatest iPhone 15 Pro. While the insanely powerful A17 Pro chip in Apple's flagship smartphone surely helps things along, this feature can be used on any iPhone with an A12 Bionic chip or later, which goes back to the 2018 iPhone XS and iPhone XR.

Read more