Gadget Reviews, Product News, Electronic Gadgets

Apple Boots Developer for Creating iOS App Exploit

Many of you may be familiar with Charlie Miller and his reputation as a security genius. He’s been hacking his way through Apple products for years showcasing bugs and vulnerabilities including his latest discovery that allows approved App Store apps to run unsigned code remotely.
Being realistic, this could be used for evil and in the hands of somebody who wasn’t a “good guy” likely would have been kept much quieter. Instead, Miller plans on discussing his findings at the Taiwan-based SysCan conference next week. Nonetheless, Apple has banned Miller from the App Store and their developer program.
Miller’s sleeper app, called Instastock, was demoed by the developer in order to demonstrate how he is able to run unsigned code from his home server. He does this handily by taking advantage of a JavaScript shortcoming that wasn’t properly addressed by Apple in iOS 5.
Before people go pointing fingers at Apple and saying how wrong they were about their operating system being stable, keep in mind the tremendous code base behind iOS and the considerable brainpower and ever-evolving capabilities facing it from the outside. Just like there will always be a jailbreak, there will always be an exploit. Plenty of hacks exist for Android phones and I’m pretty sure Microsoft and Sony are sitting pretty in glass houses given their past experiences, so I think we should all just stop with the finger wagging in Apple’s direction.
Some may argue that Miller should have reported his discovery directly to Apple but there really is no guarantee that he would have been taken seriously. Even if they had listened, what is his responsibility to Apple? You can’t accuse the guy of lacking class when he had every opportunity to upset Apple’s App Store (and who knows what domino affect that could have had) and didn’t.
Apple might be trying to prove a point, but I’m kind of wondering why they didn’t offer the guy a job.