Another group of apps they're free to perm ban in my opinion; I consider those things scams and am not surprised they're using pirated content or dodgy downloads to create their unoriginal products for whatever malicious ends.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
What You Need to Know About iOS Malware XcodeGhost
- Thread starter MacRumors
- Start date
- Sort by reaction score
No matter the size of the company their accounts should be suspended. Only way to prevent this from happening repeatedly and on this scale.
Why are most of your posts confrontational? Miserable much?
I only had WeChat installed, but I never used it.
As far as others, I have installed some of the Chinese Social apps, maybe a year ago, and removed them because it was virtually impossible to use, language wise, and they would constantly lock you out from logging in. So what's the point, and I deleted them. I have had Oplayer and deleted that, because I never used it.
Maybe two months ago, I went cleaning "house" on my phone and removed everything I didn't use or ever use... I routinely clear out background apps, to preserver battery, and stability. Still not sure... This is depressing.
As far as others, I have installed some of the Chinese Social apps, maybe a year ago, and removed them because it was virtually impossible to use, language wise, and they would constantly lock you out from logging in. So what's the point, and I deleted them. I have had Oplayer and deleted that, because I never used it.
Maybe two months ago, I went cleaning "house" on my phone and removed everything I didn't use or ever use... I routinely clear out background apps, to preserver battery, and stability. Still not sure... This is depressing.
I had CamCard installed a couple of years ago. I can't remember how long ago I deleted it. It's been probably over a year ago that I deleted it. But to be safe, I went ahead and did a full restore to factory settings on my phone.
I did copy passwords every once in a while. So that has me concerned. There were a couple of times when I needed to copy my WiFi password. Would it really matter if someone in China had my WiFi password? Serious question. I wonder if I should change it. I just hate to have to change it on all my devices.
I did copy passwords every once in a while. So that has me concerned. There were a couple of times when I needed to copy my WiFi password. Would it really matter if someone in China had my WiFi password? Serious question. I wonder if I should change it. I just hate to have to change it on all my devices.
Although an interesting thought, this is unfortunately practically impossible.
1. This would be a totalitary system and shuts down any project based on any kind of free or open source library. Which is about 99.9%. What remains are Flashlight- and Fart-Apps.
2. Legal issues. What is Apple allowed to do with my code? Let's not get started with it. I do not want to have another 20 pages in contracts with Apple.
3. Locality. Many projects require libraries stored on the local hard drive, need scripts to run. Very hard to make such things work remote.
4. This scenario would make Apple responsible. And they are not gonna do that.
But yes, theoretically, this would be what a true Guard is meant to be.
Sorry, maybe I was beating around the bush a bit. I meant Apple should only accept apps based on the most current, secure version of XCode.
The security should be on Apple's end, not based on a devs good will or common sense. The way Apple has it the key slot and thumb latch seem to be reversed.
I've already reset my iCloud password, but really? Any password entered on the device included four digit and app specific we should change too?
OK, here's a clarification regarding the clipboard reading. I think the Macrumors article worded this wrong. Here's the original paragraph from Palo Alto Networks (highlighting by me):
A little background: In iOS there can be not just one clipboard (or pasteboard in Apple terminology), but many. There is one system-provided pasteboard that is used for regular copy/paste operations between apps (with the name "UIPasteboardNameGeneral"). But apps can create additional named pasteboards for their own purposes. According to Palo Alto Networks, this is what the Xcodeghost code does (probably to share some data between mulitple infected apps on the device).
So, while Palo Alto Networks point out the theoretical possibility of grabbing sensitive data from the system clipboard, the Xcodeghost code in its current form does not appear to actually do that.
A little background: In iOS there can be not just one clipboard (or pasteboard in Apple terminology), but many. There is one system-provided pasteboard that is used for regular copy/paste operations between apps (with the name "UIPasteboardNameGeneral"). But apps can create additional named pasteboards for their own purposes. According to Palo Alto Networks, this is what the Xcodeghost code does (probably to share some data between mulitple infected apps on the device).
So, while Palo Alto Networks point out the theoretical possibility of grabbing sensitive data from the system clipboard, the Xcodeghost code in its current form does not appear to actually do that.
This is good news, but we don't know for sure how many incarnations this exploit has?
I freakin KNEW Mercury Browser would be in there. It was the best app in the app store, the best browser hands down, had built in ad blocking that was perfect, was fast as heck, I PAID for it, and then a few months ago the developer name changed to a weird chinese name and the browser went to hell, became slow, full of bugs, and then started charging a monthly subscription fee for add blocking even after I had previously paid for the app. I don't know what kind of weird conspiracy decided to take that browser out, but with BILLIONS of dollars depending on mobile ads, someone was gunning for that browser and it has been taken out by every means necessary.
Whoa. Take it easy. No need for racial profiling.
China has always been a source of circumvention of US policies.
eBay is a great example of how letting Chinese players into the sandbox, contaminates the sandbox.
It's likely that Chinese developers review Chinese apps. Simple as that. How developers managed to get a tampered version of Xcode is likely more than just the OP's speculation that the App store is slow in Mainland China, it's also likely the apps are developed on Hackintosh (PC's running OSX) which can't connect to the App store normally anyway.
Apple's solution for this should be pretty simple. Going forward all iOS software must be compiled with an unafflicted version of XCode, and Apple should make sure that developers using tampered versions of XCode have their software removed from the App store until submitted from a clean version using the current XCode.
Is this a big issue? Depends on your point of view. If your point of view is this was driven by piracy of OSX/XCode, then it's very likely there's other versions of XCodeGhost out there, not just in China. If it was solely because some XCode developers couldn't be bothered to spend a few hours/days to download it, then the problem speaks loudly about how poor China's internet is.
A little too hard. Besides, it's not that hard to actually analyse a compiled binary and look for suspicious function names.
Like for example, there are numerous "flash downloader" drive by downloaders. Open the .DMG file with 7zip, go find the binary itself, and open it in a text editor, you'll see several http:// strings in plain text that you can identify as malware.
This is just an example without knowing the binary language. Apple can "run" the binary with a debugger inside a virtual machine and create a function tree and compare the functions to known libraries, and this is how Apple can check for prohibited API's and such.
No, we don't. But then, any other app could just as easily read the system clipboard. This is not something that Apple can easily detect in their screening process.
So what is Apple doing, it should be writing a Malware detector and cleaner right now, with all the money they've got, they should be buying one and immediately put it in their store for free.
i did. slow speed isn't an alternative to downloading it faster from some chinese schmuck's cloud. if it's a good enough reason for you.. it still isn't.