Why do you hate Woz and Jobs?
Woz maybe, but it was my understanding that Jobs was always the businessman, not doing hacking himself. That not right?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Security Researcher Reveals iOS Security Flaw, Gets Developer License Revoked
- Thread starter wrldwzrd89
- Start date
- Sort by reaction score
Woz maybe, but it was my understanding that Jobs was always the businessman, not doing hacking himself. That not right?
I'd agree, if he hadn't published an app which deliberately hid code that utilized the code-signing bug.
He got what he deserved - getting thrown out of the developer program.
Who says that bug isn't being harmfully exploited already? It's apparently flying under the radar of the App review mechanisms at Apple.then a Russian (no offense to Russianshacker trying to actually utilize this.
Being thrown out just made his publicity stunt bigger, it does not hurt or stop him or his research one bit.
Charlie did the right thing, the wrong thing, and the very wrong thing.
Right thing: Alerting Apple to the bug.
Wrong thing: Publishing code into the app store which deliberately utilized this bug; in effect ignoring the terms of service.
Very Wrong thing: Publicizing the bug without checking in with Apple first.
----------
It only stops him from publishing his "research" into the app store.
If he was solely interested in "research" he could have demonstrated this bug without publishing it into the app store.
As others have said, (publishing deliberately broken code into the app store) seems like a real douche bag move on his part.
Right thing: Alerting Apple to the bug.
Wrong thing: Publishing code into the app store which deliberately utilized this bug; in effect ignoring the terms of service.
Very Wrong thing: Publicizing the bug without checking in with Apple first.
----------
It only stops him from publishing his "research" into the app store.
If he was solely interested in "research" he could have demonstrated this bug without publishing it into the app store.
As others have said, (publishing deliberately broken code into the app store) seems like a real douche bag move on his part.
That wouldn't have demonstrated Apple's broken security model for approving App Store apps would it?
Apple has a long history of ignoring zero day exploits for months on end for Safari until people go public. Not as a one off, not as a "takes months to fix". As in ignoring and hoping they go away.
Publicising their problems is the only responsible thing to do in this case.
Phazer
I think the real issue here is he published code that utilized the bug into the app store.
That's when the "researcher" becomes a hacker.
Even if Apple doesn't respond to him, why should they? Finding a bug is easier than developing code to fix the bug so that the "bug fix" doesn't unintentionally break anything else. Bug fixes take time to develop and test.
That's when the "researcher" becomes a hacker.
Even if Apple doesn't respond to him, why should they? Finding a bug is easier than developing code to fix the bug so that the "bug fix" doesn't unintentionally break anything else. Bug fixes take time to develop and test.
... thus showing the app-review is not really about security.
So being a hacker (in its real meaning) is something bad? Brainwashing really works.
If something would break by fixing that bug with another of the sandbox-not-really-sandbox-for-Safari-checks, then that app would be using the exploit, too. No?
The approval process would only be broken because they haven't yet had time to address this security bug because some douche bag publicized it all over the web. :roll eyes:
If he hadn't published it onto the app store, he would have been fine.
----------
It only shows that the app review process is not taking THIS BUG into consideration.
Hacking is fun, except when you violate the terms of service.
It's speculation to know what would or wouldn't break, but anything that might be affected by a fix needs to be extensively tested.
If he hadn't published it onto the app store, he would have been fine.
----------
It only shows that the app review process is not taking THIS BUG into consideration.
Hacking is fun, except when you violate the terms of service.
It's speculation to know what would or wouldn't break, but anything that might be affected by a fix needs to be extensively tested.
... thus showing the app-review is not really about security.
So being a hacker (in its real meaning) is something bad? Brainwashing really works.
If something would break by fixing that bug with another of the sandbox-not-really-sandbox-for-Safari-checks, then that app would be using the exploit, too. No?
... thus showing the app-review is not really about security.
So being a hacker (in its real meaning) is something bad? Brainwashing really works.
First of all, the App Review is not about security. Or at least, it's not ONY about security. There are tons of app review concerns, such as legal, and aesthetical.
And being a hacker doesn't make you bad. Posting an application into an application store and using that to prove your ability to hack is. He could send a bug report, or at least make a post into a forum or blog. Instead, he made an application and posted it into the App Store.
Now, how can anyone prove that he used that application just for show and didn't exploit it to obtain contacts, photos or stuff like that? I don't believe he did, but the fact that he made an application like that raises a very important legal issue on its own, that could possibly result in legal troubles for him, if Apple decide they want more information on what he actually did.
We have reported many bugs in iOS since the first iPhone, including some security holes. There is no reason for Charlie to be a jerk except that he is a jerk...
Apple accepts bug reports through many channels, and they address them as appropriate.
This exploit is likely going to delay all app approval now while Apple figures out how to test for this, because millions of iPhones running iOS 5.0 have this hole, and Charlie is going to tell the world how to exploit it..
The impact could be huge on new app submission approval.
Thanks for nothing Jerk
Apple accepts bug reports through many channels, and they address them as appropriate.
This exploit is likely going to delay all app approval now while Apple figures out how to test for this, because millions of iPhones running iOS 5.0 have this hole, and Charlie is going to tell the world how to exploit it..
The impact could be huge on new app submission approval.
Thanks for nothing Jerk
It does not stop him from publishing anything into the appstore. He is employed in a company and could easily open dozens of new accounts under companies names. He may would have to team up with somebody else, but I don't think that should pose a significant hurdle to him.
I tend to disagree with the notion that it was a mistake to publish the code to the appstore. It certainly caught Apple off guard and showed that this or similar scenarios pose a real security risk. This is not some theoretical could/would/if .. this does work in real life. A malicious hacker could have done the exact same thing (or is doing it right now for all we know).
T.
Let me get this straight .. you'd rather have a bunch of apps potentially stealing your personal information than Apple overhauling their approval process? Apple knew about that thing for a while and had time to react.
The impact on the approval process should be immense. One way or the other. Apple needs to do something about it .. now that it is public .. they need to do it a little quicker.
T.
What? Do you even know waht you're talking about here?
The app utilises the security hole to run against unauthorised APIs. A security process should find an app does this, note it and reject it.
A security process that only finds security problems if the developer tells you what they are upfront is no process at all.
The App Store only has three concievable justifications for blocking the running of your own code. These are:
1) Anti-competitive behaviour to artificially cripple superior applications to Apple's versions or prevent them reaching the platform.
2) Arbitrary content censorship of the likes Stalin would have wet dreams over.
3) Security.
If it fails at 3 completely, what the hell is the point?
Phazer
I don't think they will. Apple has more then enough time to react and stop apps during the approval process. And I doubt he gives out all the nitty gritty details necessary in his talk anyways.
T.
The facts are one guy found a security problem, and that one guy did not have to tell every black hat hacker on the planet about it.
It's as simple as that.
Apple now more than likely has to shut down the app approval process completely, because of one jerk hacker who could not keep his mouth shut.
Yes, I would be willing to risk the exposure of this exploit against Apple's ability to plug the hole and improve the approval screening process, in time. These holes are extremely difficult to find, and it's unlikely anyone else would have discovered it without help from Charlie.
Now they have no choice but to stop everything else and address this issue - and it would not surprise me if they caused every app submitted since Charlie discovered the exploit to be pulled and no new apps approved until they have a fix in place. Could be weeks. Could cost us thousands in lost revenue.
I don't relish the thought of having to resubmit 60 apps to the store because they have been updated to be iOS 5 compatible and are now on the potentially bad list.
And if he hadn't done the "wrong thing" and the "very wrong thing", you'd be the first to say "non-issue, wouldn't get through the App submission process". For iOS, the submission process itself is part of the security measures. If your proof of concept can't make it into the app store or be exploited on live devices, then you haven't found much of a security flaw.
He had to push this through to prove to people that it could be done. Otherwise, the people here, like yourself, that simply flame his efforts would be saying how he found nothing, some theoretical bug that would never be exploited in the wild.
Remember folks : People on MacRumors know crap about security flaws, their scope or the way we need to react to them. People on this forum (and I'll get downvoted here by them) *cheered* when the guy behind jailbreakme.com exploited the PDF bug in Safari to run arbitrary code on their devices without their intervention, simply through visiting a web page. These same people *booed* when Apple fixed that bug.
A bug that could have had disastrous effects on their personal data and device. This is the sort of crowd that is now insulting Charlie Miller. Sorry if I don't lend any credibility to the folks here on subject matters that relate to computing and security (not to generalize, some of the people here actually understand the issues, they just get drowned out by the masses who are completely ignorant on the subject and just want to put in their 2 cents to defend Apple).
Journalist: "Hello mr politician, I've found these skeletons in your closet and I want to show them in the paper tomorrow but I just want to make sure that you're ok with it first"
And throughout computing history, that's always what it took to get corporations to react. He submitted the bug on Oct 14th and Apple will have had 1 month to issue a fix (temporary or permanent) by the time he does the disclosure.
That's just awful for such an important security flaw.
No, he did not. Apple take these reports very seriously even if they don't respond personally in a way that Charlie approves of.