Overclock.net › Forums › Industry News › Software News › [Cult of Mac] Apple Kicks Security Researcher Out Of The App Store After iOS Exploit Demonstration
New Posts  All Forums:Forum Nav:

[Cult of Mac] Apple Kicks Security Researcher Out Of The App Store After iOS Exploit Demonstration - Page 3

post #21 of 46
12/3/11 at 4:24pm
Thread Starter 
Quote:
Originally Posted by Tunechi View Post



This, he should have told Apple not publish it.

Here's the kicker....

It shouldn't have happened anyway. The app should NOT have been allowed to get through, the hole here lies in how thoroughly they go through apps before they approve them.

It's a telling tale that says that Apple devices and the Apps Store is just as susceptible to compromise as other OS's.

Yes he got fired, but that's not really whats important here. It's HOW it happened and got through unnoticed. It cost him his job, but his proof of concept is genius.

Methinks he got tired of hearing how "secure" iOS was and went out to prove it's susceptibility. And he did. Why else would someone risk their job like that releasing an exploit to the public?
Edited by MediaRocker - 12/3/11 at 4:26pm
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
post #22 of 46
12/3/11 at 5:48pm
Quote:
Originally Posted by MediaRocker View Post


Here's the kicker....
It shouldn't have happened anyway. The app should NOT have been allowed to get through, the hole here lies in how thoroughly they go through apps before they approve them.
It's a telling tale that says that Apple devices and the Apps Store is just as susceptible to compromise as other OS's.
Yes he got fired, but that's not really whats important here. It's HOW it happened and got through unnoticed. It cost him his job, but his proof of concept is genius.
Methinks he got tired of hearing how "secure" iOS was and went out to prove it's susceptibility. And he did. Why else would someone risk their job like that releasing an exploit to the public?


He doesn't work for Apple, he was part of the developers program, so he wasn't fired from his job he was kicked out the iOS developer program.

Tuned Up Gamer
(15 items)
  		  
CPUMotherboardGraphicsRAM
Intel Core i7 930 @ 3ghz Asus P6T SE Gigabyte GTX 560 Ti OC Corsair 6GB DDR3 1333 MHz 
Hard DriveOptical DriveCoolingOS
Samsung Spinpoint F3 1 TB LG DVD-R iBuyPower Cooling Windows 7 Home Premium 
MonitorKeyboardPowerCase
LG W2486L Black 24" Razer Lycosa XION PowerReal 700W PSI CyborgX 
MouseMouse PadAudio
Razer NAGA Black Mousepad Sony Earphones 
View all
  hide details  
Reply
Tuned Up Gamer
(15 items)
  		  
CPUMotherboardGraphicsRAM
Intel Core i7 930 @ 3ghz Asus P6T SE Gigabyte GTX 560 Ti OC Corsair 6GB DDR3 1333 MHz 
Hard DriveOptical DriveCoolingOS
Samsung Spinpoint F3 1 TB LG DVD-R iBuyPower Cooling Windows 7 Home Premium 
MonitorKeyboardPowerCase
LG W2486L Black 24" Razer Lycosa XION PowerReal 700W PSI CyborgX 
MouseMouse PadAudio
Razer NAGA Black Mousepad Sony Earphones 
View all
  hide details  
Reply
post #23 of 46
12/3/11 at 6:05pm
Thread Starter 
Quote:
Originally Posted by Tunechi View Post



He doesn't work for Apple, he was part of the developers program, so he wasn't fired from his job he was kicked out the iOS developer program.

Then I don't see why everyone cares so much about him getting kicked out? (All I keep seeing is "He should've been kicked out" instead of focusing on the real issue)

I only posted this (apparently a repost, I know.) because I found it interesting that a supposedly highly secure OS is about as secure as swiss cheese. I understand that this exception is patched, however I expect that there will be others, especially considering apples apparent lack of appropriate oversight in their apps store.

The real problem is that Apple needs to step up their app screening process. This shouldn't have happened, and it did effortlessly.
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
post #24 of 46
12/3/11 at 6:16pm
Not to be ignorant, but those who are saying, "Typical Apple, cover up all the problems." aren't considering the whole situation. What should Apple of done? Left him in place so he can exploit their iOS even more and share it with the world? Apple strives for security in their iOS; security doesn't mean just dealing with software issues, but with taking care of people like this guy. It would of been LESS secure to leave him in place. Stop making biased statements about Apple just because you don't like the way they do business.
The Intel Fun Build
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7 3770k Gigabyte Z77-UD5H-WB Golden GTX 670 Windforce 3X 2 x 4GB GSkill RipJawsX 
Hard DriveCoolingOSMonitor
OCZ Vertex 4 64GB- WD Caviar Black 1TB Noctua NH-D14 Windows 7 Dell U2311H IPS 
KeyboardPowerCaseMouse
xArmor iOne U9BL MX Blues Seasonic x750 LIAN LI PC-T60B Logitech G500 
Audio
Modded JVC HA-RX900 
View all
  hide details  
Reply
The Intel Fun Build
(13 items)
  		  
CPUMotherboardGraphicsRAM
i7 3770k Gigabyte Z77-UD5H-WB Golden GTX 670 Windforce 3X 2 x 4GB GSkill RipJawsX 
Hard DriveCoolingOSMonitor
OCZ Vertex 4 64GB- WD Caviar Black 1TB Noctua NH-D14 Windows 7 Dell U2311H IPS 
KeyboardPowerCaseMouse
xArmor iOne U9BL MX Blues Seasonic x750 LIAN LI PC-T60B Logitech G500 
Audio
Modded JVC HA-RX900 
View all
  hide details  
Reply
post #25 of 46
12/3/11 at 6:20pm
Quote:
Originally Posted by MediaRocker View Post

Here's the kicker....
It shouldn't have happened anyway. The app should NOT have been allowed to get through
his proof of concept is genius.

He's not a genius. He exploited a piece of software. Whoop-de-doo. People do that all the time. If he wants to behave like a black hat, then let him do so as an outsider. Learn how the security industry is run before you make comments like that.
IVY bench warmer
(14 items)
  		  
CPUMotherboardGraphicsRAM
Intel 2500K @ 5.0 1.44V Asus P8Z68-V Pro 2X MSI 6950->6970 Unlocked SP @ 950Mhz 1.2V 2X 4GB G.Skill Ripjaws-X 1600 7-8-7-24 1.6V 
Hard DriveCoolingOSMonitor
Raid 0 120GB Kingston HyperX Noctua NH-D14 Vista SP7 x64 HP ZR30w 30" + 2x 2001FP 
KeyboardPowerCaseMouse
Steel Seried 6Gv2 Antec HCP-1200 Corsair Obsidian 800D Razer Naga Epic 
View all
  hide details  
Reply
IVY bench warmer
(14 items)
  		  
CPUMotherboardGraphicsRAM
Intel 2500K @ 5.0 1.44V Asus P8Z68-V Pro 2X MSI 6950->6970 Unlocked SP @ 950Mhz 1.2V 2X 4GB G.Skill Ripjaws-X 1600 7-8-7-24 1.6V 
Hard DriveCoolingOSMonitor
Raid 0 120GB Kingston HyperX Noctua NH-D14 Vista SP7 x64 HP ZR30w 30" + 2x 2001FP 
KeyboardPowerCaseMouse
Steel Seried 6Gv2 Antec HCP-1200 Corsair Obsidian 800D Razer Naga Epic 
View all
  hide details  
Reply
post #26 of 46
12/3/11 at 6:20pm
Quote:
Originally Posted by SGT. Peppers View Post

Just goes to show that apple is not perfect and that the majority of their buyers are sheep.

This thread is going to devolve into a bunch of Apple haters confusing the issue in order to do what they do best - recycle the same old pointless, irrational, and downright absurd arguments just because they think it's "cool." Nothing in this news story in any way alludes to Apple customers being sheep. "But hey, a post about Apple! No time to read it, I'd better reply with some anti-Apple vitriol so everybody knows that I hate Apple!" Bleh. Grow up.

FWIW I don't even own any Apple products except an iPod. Couldn't care less about the company - I just hate seeing this kind of stupidity on OCN.
Edited by flyingsaucers - 12/3/11 at 6:25pm
1.21 Gigawatts!
(13 items)
  		  
CPUMotherboardGraphicsRAM
i5 2500k Asrock Z77 Extreme 6 2x R7970 Lightnings  Kingston HyperX 8GB 1600MHz 
Hard DriveOptical DriveOSMonitor
2x WD Caviar Black 1TB LG Lightscribe BD Windows 7 Home Premium Dell UltraSharp U2711 2560x1440 
KeyboardPowerCaseMouse
Filcos & Duckys  Ultra x4 1050w Antec eleven hundred Logitech G700 
View all
  hide details  
Reply
1.21 Gigawatts!
(13 items)
  		  
CPUMotherboardGraphicsRAM
i5 2500k Asrock Z77 Extreme 6 2x R7970 Lightnings  Kingston HyperX 8GB 1600MHz 
Hard DriveOptical DriveOSMonitor
2x WD Caviar Black 1TB LG Lightscribe BD Windows 7 Home Premium Dell UltraSharp U2711 2560x1440 
KeyboardPowerCaseMouse
Filcos & Duckys  Ultra x4 1050w Antec eleven hundred Logitech G700 
View all
  hide details  
Reply
post #27 of 46
12/3/11 at 6:45pm
Thread Starter 
Quote:
Originally Posted by flyingsaucers View Post

Quote:
Originally Posted by SGT. Peppers View Post

Just goes to show that apple is not perfect and that the majority of their buyers are sheep.

This thread is going to devolve into a bunch of Apple haters confusing the issue in order to do what they do best - recycle the same old pointless, irrational, and downright absurd arguments just because they think it's "cool." Nothing in this news story in any way alludes to Apple customers being sheep. "But hey, a post about Apple! No time to read it, I'd better reply with some anti-Apple vitriol so everybody knows that I hate Apple!" Bleh. Grow up.

FWIW I don't even own any Apple products except an iPod. Couldn't care less about the company - I just hate seeing this kind of stupidity on OCN.

This thread will only devolve if you let it. However, his comment is spot on considering that the vast majority of Apple users say that iOS is the most secure OS out there. This vulnerability perfectly envisions a flaw in the Appstore approval process, and at one point in time, an exception in Apple's iOS code. It supports the notion that iOS isn't the gods gift of OS's, and that like all OS's has holes, exceptions, and problems which may not be currently apparent. Who know's? Maybe it's friggin perfect now that this exception has been repaired!

The thing is no one knows for sure, so those making the ignorant comments spouting that iOS is the best platform out there are in fact sheep because they are willing to buy into the guise that apple is perfection.

No bias included. Now let's let not let this thread devolve. Shall we?
Quote:
Originally Posted by PoopaScoopa View Post

He's not a genius. He exploited a piece of software. Whoop-de-doo. People do that all the time. If he wants to behave like a black hat, then let him do so as an outsider. Learn how the security industry is run before you make comments like that.

You seem to have misread my comment, I did not call him a genius. I said his proof of concept was genius. The point was to discern a vulnerability and how easily it could occur, and it did exactly just that. The way he went about releasing it was all wrong, I wouldn't have announced it to the public . Learn how to read before making comments like that. thumb.gif Had you read, you would have noticed I did not condone his actions in releasing this information publicly. (extenuating circumstances omitted)

Nevertheless it's out there that the iOS App store is just as exploitable as the Android Marketplace. As expected. (people seem to be missing the entire point.)
Edited by MediaRocker - 12/3/11 at 6:59pm
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
post #28 of 46
12/3/11 at 6:57pm
Uh, just the fact that the article takes Apple saying that iOS is more STABLE and equates that with SECURE made me think it's retarded and not worth reading.
9/2011 First Build
(15 items)
 
MacBook Pro
(13 items)
  		 
CPUMotherboardGraphicsRAM
i7-2600k @4.2GHz GIGABYTE GA-Z68X-UD4-B3 XFX Radeon HD6870 G.SKILL 8GB Ripjaws X Series (8) 
Hard DriveOptical DriveCoolingOS
WD Caviar Black 2 TB Lite-On DVD RW and Lite-On Blu-ray Burner Cooler Master H212+ Windows 7 
MonitorKeyboardPowerCase
ASUS VH238H Logitech MK710 Seasonic X-560 Cooler Master HAF 912 
MouseAudio
Logitech MK710 Klipsch Promedia 2.1 
View all
RAMOSMonitor
4GB DDR3 OS X Lion Matte 
View all
  hide details  
Reply
9/2011 First Build
(15 items)
 
MacBook Pro
(13 items)
  		 
CPUMotherboardGraphicsRAM
i7-2600k @4.2GHz GIGABYTE GA-Z68X-UD4-B3 XFX Radeon HD6870 G.SKILL 8GB Ripjaws X Series (8) 
Hard DriveOptical DriveCoolingOS
WD Caviar Black 2 TB Lite-On DVD RW and Lite-On Blu-ray Burner Cooler Master H212+ Windows 7 
MonitorKeyboardPowerCase
ASUS VH238H Logitech MK710 Seasonic X-560 Cooler Master HAF 912 
MouseAudio
Logitech MK710 Klipsch Promedia 2.1 
View all
RAMOSMonitor
4GB DDR3 OS X Lion Matte 
View all
  hide details  
Reply
post #29 of 46
12/3/11 at 7:01pm
Thread Starter 
Quote:
Originally Posted by Psykhotic View Post

Uh, just the fact that the article takes Apple saying that iOS is more STABLE and equates that with SECURE made me think it's retarded and not worth reading.

It was a facetious lead up comment which is my own point on the article, It is not of the article itself. Just read the source article already.
Edited by MediaRocker - 12/3/11 at 7:04pm
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
Grim Prophecy
(19 items)
 
Samsung Galaxy S2 (SGH-i777)
(11 items)
 
The Tablet
(13 items)
 
CPUMotherboardGraphicsRAM
Intel Core i7 960 LGA1366 "Bloomfield" Alienware 0XDJ4C GeForce GTX 580 1.5GB GDDR5 Kingston HyperX 2GB DDR3 Triple Channel 
RAMRAMHard DriveOptical Drive
Kingston HyperX 2GB DDR3 Triple Channel Kingston HyperX 2GB DDR3 Triple Channel 1TB SATA II Western Digital Caviar BD Burner 
Optical DriveCoolingOSMonitor
DVD+-RW:DL Burner Corsair H100 Windows 7 Ultimate 64-bit 21.5” Alienware AW2210 
KeyboardPowerCaseMouse
CM Storm QuickFire Rapid (Cherry MX Browns) Flextronics 1200W Alienware Area-51 Logitech M500 Laser 
Mouse PadAudioOther
Discount store epic win pad Creative SoundBlaster X-Fi Titanium Bigfoot Networks Killer 2100 
View all
CPUMotherboardGraphicsRAM
Dual-core 1.2 GHz Cortex-A9 Exynos C210 Mali-400MP 4GLPDDR*2 
Hard DriveHard DriveOSMonitor
16GB NAND 32GB Micro SDHC High Speed Android AOKP 4.0.4 Ice Cream Sandwich (R00ted) 4.3" Super AMOLED Plus capacitive touchscreen, ... 
KeyboardPowerCase
ICS Android Keyboard Samsung Li-Ion 1650 mAh battery Trident Kraken AMS 
View all
CPUMotherboardGraphicsRAM
Pentium Dual T2310 Gateway C Series Intel Accelerated Graphics 1024MB 
Hard DriveOSMonitorPower
80GB Linux Mint 12 Wacom Penabled 65W Power Brick 
View all
  hide details  
Reply
post #30 of 46
12/3/11 at 7:21pm
Quote:
Originally Posted by MediaRocker View Post

I think that he was completely justified if he told apple and they refused to listen...but only in that context.
And it's good that it is patched, but nonetheless this proves that no OS is infallible, which the majority of the apple community unfortunately fail to recognize.
I am pretty certain there are other security risks that we don't know about yet in the OS...
Edit: And sorry that this got reposted. I searched and apparently it had a different article title.
They didn't refuse to listen, he just didn't wait long enough for them to release it before announcing it before the entire world.
Quote:
Originally Posted by MediaRocker View Post

Here's the kicker....
It shouldn't have happened anyway. The app should NOT have been allowed to get through, the hole here lies in how thoroughly they go through apps before they approve them.
It's a telling tale that says that Apple devices and the Apps Store is just as susceptible to compromise as other OS's.
Yes he got fired, but that's not really whats important here. It's HOW it happened and got through unnoticed. It cost him his job, but his proof of concept is genius.
Methinks he got tired of hearing how "secure" iOS was and went out to prove it's susceptibility. And he did. Why else would someone risk their job like that releasing an exploit to the public?
Who knows why it did? Perhaps they allowed it without much screen purely because he was who he was? It was a pretty simple app after all. (Not saying they did.) And anyway, the code itself was hidden inside the app.

And no, iOS isn't as susceptible to compromise as other OS's. It's far more secure, and you don't see issues very often yet alone malware or actual threats.
Quote:
Originally Posted by MediaRocker View Post

This thread will only devolve if you let it. However, his comment is spot on considering that the vast majority of Apple users say that iOS is the most secure OS out there. This vulnerability perfectly envisions a flaw in the Appstore approval process, and at one point in time, an exception in Apple's iOS code. It supports the notion that iOS isn't the gods gift of OS's, and that like all OS's has holes, exceptions, and problems which may not be currently apparent. Who know's? Maybe it's friggin perfect now that this exception has been repaired!
The thing is no one knows for sure, so those making the ignorant comments spouting that iOS is the best platform out there are in fact sheep because they are willing to buy into the guise that apple is perfection.
No bias included. Now let's let not let this thread devolve. Shall we?

You seem to have misread my comment, I did not call him a genius. I said his proof of concept was genius. The point was to discern a vulnerability and how easily it could occur, and it did exactly just that. The way he went about releasing it was all wrong, I wouldn't have announced it to the public . Learn how to read before making comments like that. thumb.gif Had you read, you would have noticed I did not condone his actions in releasing this information publicly. (extenuating circumstances omitted)
Nevertheless it's out there that the iOS App store is just as exploitable as the Android Marketplace. As expected. (people seem to be missing the entire point.)
It is more secure than Android, I don't know about WebOS or BlackBerry OS (i.e, on PlayBook). Unlike Android, you just don't hear of exploits, malware, or any kind of threat, at all. Google could cut down on most of those with a stricter store, but they've not done it yet. I'm not saying iOS is infallible, but it's pretty good.

It's not just as exploitable as the Android Marketplace, this is one app, one time and we're talking about a security researcher testing something rather than actual malware. The app he made was I think quite simple, and he hid code for the remote downloading. They may've just passed it off or maybe like I said given him a less thorough screening because he's a security expert and/or possibly because he's been a developer for a long time (if that's true).
Reply
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Cult of Mac] Apple Kicks Security Researcher Out Of The App Store After iOS Exploit Demonstration