Apple Bans App Reseacher Made
Software was recently developed to expose gaps in security at Apple’s App store.
The application was designed to look like other stock price trackers but with one important difference – the application could steal personal information once downloaded.
Security expert and hacker Charlie Miller created the software to demonstrate Apple’s vulnerabilities.
Experts said the proof-of-concept program was a "significant threat" to the App store.
Apple declined to comment, removed the application and barred its developer from its store.
"Until now you could just download everything from the App store and not worry about it being malicious. Now you have no idea what an application might do," said Miller.
Miller’s application, Instastock, took advantage of a change in Apple’s mobile operating system in which outside or non-approved code would be added to installed applications for the first time.
Apple accepted Miller’s program to its iTunes store in September. Two months later, he informed Apple the program contained malware and was able to remotely download pictures and contacts.
Shortly after Miller notified Apple of the flaw, he received an email stating he was barred from the iOS developer program due to violated terms and conditions.
To vent his discontent, Miller posted his feelings on Twitter: “First they give researchers access to developer programs, (although I paid for mine) then they kick them out for doing research. Me angry.”
This is not the first time Miller exposed flaws in Apple software.
In 2009, he discovered a bug that allowed hackers to gain remote control of user’s devices using iPhone’s text messaging system.
Independent mobile analyst Ian Fogg described the application was "the most significant threat yet to Apple's App store economy."
Mr. Miller plans to present his research at a security conference in Taiwan on Nov. 17.