Skip to main content

iOS app store security hole allows people to download dangerous apps

apple app store appsApple reviews every app that is available in the app store to make sure it is safe to use. Forbes reported on Charlie Miller an Apple security researcher who found a way for seemingly safe app to turn evil. Miller created an app that was able to pass all of Apple’s review tests and was available on the app store. Apple has removed the app that Miller used as an example of the security hole, and has removed him from the Apple developer program.

Miller’s app appeared as a run of the mill stock checking app which communicated with a server in his house. When the app was reviewed by Apple it looked like a normal app, and didn’t raise any red flags. The app uses security issues related to Apple’s mobile Safari app which allows apps to run code that wasn’t seen or approved by Apple.

Miller demonstrates just how powerful this kind of app can be by downloading the app and showing how it looked to Apple’s review team. He then updates the app’s code on his computer and re-downloads the same program. Upon start up Miller was able to access all kinds of information stored on the phone. Miller says that he is able to download contacts and pictures stored on the phone, and all of this is done without the phone user having any idea what is going on.

We have seen other security holes on Apple’s iOS devices, but nothing to this degree.  Many jailbreakers used a PDF exploit to easily jailbreak their phones.  Miller is scheduled to speak at a conference next week where he will further demonstrate how the exploit works, and hopes that Apple pays attention to fix the problem. Miller says that any app on the market would be able to use this technique to tap into users phones, and until Apple fixes the problem that any app can be a threat.

Editors' Recommendations

Mike Dunn
Former Digital Trends Contributor
Mike graduated from University of Arizona with a degree in poetry, and made his big break by writing love sonnets to the…
How to reset your iPhone, restart it, and wipe your data
iPhone 14 Pro showing the Moon always-on screen, held in a man's hand.

Most cell phone carriers offer generous upgrade plans nowadays, making it easy to snag the latest iPhone without dropping tons of cash. The official upgrade process at the majority of retailers includes a factory reset step, ensuring all your data is wiped clean and preventing any subsequent users from accessing your files.

Read more
How to turn a Live Photo into a video on your iPhone
A person holding an iPhone while taking a Live Photo.

Apple’s Live Photos feature is a great way to add some extra charm to your normal, everyday iPhone pictures. Enabled by default, Live Photos automatically records and integrates the 1.5-second interval before and after you hit the shutter button on your iOS device. The end result is a lightly animated image, which can easily be shared via iMessage or a Shared Photo Album with any friend of family member with an iPhone, iPad, or Mac.

You’ll also be able to share a static version of any picture captured as a Live Photo. But if you’d like to enchant your Windows and Android device buddies with your moving pics, you’re better off converting that Live Photo into a video or animated GIF. This is also the best way to future-proof your Live Photos against any down-the-line compatibility issues the Live Photo format might face from non-Apple hardware.

Read more
How to hide apps on your iPhone
How to Hide Apps on an iPhone.

People either love the iPhone's home screen or hate it. Unlike Android, which hides apps away in an app drawer, the iPhone proudly plops app icons down onto the home screen. This means apps are very easily accessible, but it can also lead to your phone feeling cluttered, especially if you're an app-o-holic. The introduction of the App Library helped this by giving everyone a central place to keep their apps, but for most people, the home screen is still the place to keep apps.

Read more