After latest iPhone hack, Charlie Miller kicked out of iOS dev program

After latest iPhone hack, Charlie Miller kicked out of iOS dev program

Summary: Charlie Miller defeats a major iOS security mechanism, a move that ruffles feathers in Cupertino.

SHARE:
TOPICS: Mobile OS, Apple
287

Charlie Miller gets a kick of out defeating Apple's security mechanisms, using his hacking skills to break into Macbooks and iPhones.   Now, Apple has kicked the security researcher out of its iOS developer program after word got out that he built a proof-of-concept iPhone app to showcase a bypass of the code signing mechanism.

According to Forbes's Andy Greenberg, Miller found a way to sneak an evil app into the iPhone/iPad app store and will demonstrate the vulnerability at the upcoming SysCan conference in Taiwan.

follow Ryan Naraine on twitter

Miller plans to present a method that exploits a flaw in Apple’s restrictions on code signing on iOS devices, the security measure that allows only Apple-approved commands to run in an iPhone or iPad’s memory. Using his method–and Miller has already planted a sleeper app in Apple’s App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user’s photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.

Miller has created a video demonstrating the attack, which gave him enough control over the hijacked iPhone to control the device vibration or read files off the iPhone.

Greenberg writes that Miller effectively created a proof-of-concept app called Instastock that appears to merely list stock tickers, but also communicates with a server controlled by Miller, "pulling down and executing whatever new commands he wants."

Details on the actual vulnerability being exploited is being kept under wraps until Apple issues a fix.

Just hours after word of his Miller's app -- which was approved by Apple -- was publicized by Greenberg, Apple nuked Miller from the iOS dev program "effective immediately."

Topics: Mobile OS, Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

287 comments
Log in or register to join the discussion
  • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

    For a company wanting to wear the "Big Boy pants" they sure don't get it. That is totally obvious now.
    Apple has got to be the most Security "Unconscious" that I have ever seen. Apple doesn't get it because they believe kicking someone out, suing someone or just throwing a plain ol' Jobs tantrum will solve it all. Sadly to say guys, that's not working today, or tomorrow either, matter of fact you might as well get your head out of the hole it's in and look around.

    Your products are not as secure as you lead the masses to believe.

    Kicking people out, denying the facts until there out of control. In case you have missed the headlines nearly everyday, your weaknesses are being shown to all and it's not going to go away under a rug. The community is laughing at you, daily, yet you still just don't get it.
    Nate_K
    • Anyway, Miller broke the rules so obviously he was ousted of developer ...

      @Nate_K: ... program.<br><br>He personally agreed to follow the rules, so breaking his own promise was an act of <b>dishonesty</b>, which is not dignified at all.<br><br>Also, Apple, though definitely not perfect, is not security unconscious -- they do correct the vulnerabilities.
      dderss
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss And how else is he supposed to find vulnerabilities? Think about it, how many hackers with malicious intent are not going to be [b]dishonest[/b]? As an iPhone owner/ iOS user this sort of act by Apple makes me nervous... the man found a vulnerability and exploited it so that Apple could fix it and Apple just tosses him aside. It seems to me they are more worried about possible egg on their faces rather than the security of their OS and the possible exploitation of their user base.
        athynz
      • He can work with Apple.

        @Pete "athynz" Athens: [i]And how else is he supposed to find vulnerabilities?[/i]

        It sounds as if he violated the terms of the iOS Developer Program. While his intentions may have been noble but that's irrelevant. Especially because he uploaded a "sleeper app" to the app store.

        Apple was correct to do this.
        ye
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss

        So bringing it to light so apple can flat out deny the crap out of it does something more than actually showing them proof of what they so blatantly deny until they cant deny it any more.

        What better way to prove them wrong when they say it cant be done or doesn't exist. If he had true malicious intent, why say anything at all and reap the full benefits of his POC code? That's not what happened. He made the public aware in a way apple could not deny but show their true face.
        Nate_K
      • Athens

        The issue was not him finding the exploit, it was him uploading malware to the App store in a publicity stunt to magnify his own glory and fame. While, of course, using the standard lie that it's the only way to make the evil corporation listen and acknowledge the problem.
        baggins_z
      • Rules intendend to hide security holes in their products

        @dderss
        How nice of Apple.
        William Farrell
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss Yep and kicking him out means you lose a valuable resource by which to make your platform more secure!

        The way I see it, he doesn't need Apple to get an App into their App Store but they could sure use his help keeping other people from circumventing their state
        .
        slickjim
      • Good!

        @baggins_z: Exactly!

        Kick the bastard and his malware out of the App Store. If he was doing this for the "right" reasons he wouldn't foist it onto the App Store where an unsuspecting person looking for a stock ticker might download his crap. He could have accomplished the same ends without doing what he did.
        RationalGuy
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss

        I guess Steve Jobs himself is no rule breaker, yes?

        All security researchers required special mindset that break rules and think out side the box. In a way what Miller has done couldn't be more "Apple" than that.

        I guess Apple is thinking no more different than IBM anymore.
        Samic
      • What if someone did this with nobody's knowledge?

        @dderss He agreed to follow the rules; so what? Somebody else can agree but create an app like his without alerting anyone; then what? This is the kind of guy Apple should HIRE.
        davidr69
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss
        "Keep your friends close, and your enemies closer."
        CitizenW
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss

        So what your saying is that because Miller found a hole in Apples product after agreeing (thru some surely complex and lengthy legalize ) to not find any holes he must now be botted instead of thanked for helping Apple to find one more hole that needs plugging/

        That makes complete snese in thsimized up world where up is down and right is wrong.
        BlueCollarCritic
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @baggin_z [b]The issue was not him finding the exploit, it was him uploading malware to the App store in a publicity stunt to magnify his own glory and fame. While, of course, using the standard lie that it's the only way to make the evil corporation listen and acknowledge the problem.[/b]

        And yet he's STILL getting publicity for the exploit - the only difference is that Apple got egg on their face in the process and got rid of the resource needed to fix the issue. Note that this does this invalidate the exploit itself nor does it invalidate the fact that a hacker with malicious intent could do the same exact thing and Apple would be none the wiser - Charlie Miller TOLD Apple what he did.
        athynz
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss wow too many iBlinds here.... fanboys are.. well fanboys... they need to trust Apple and Jobs no matter what, they need to live inside the big iTunes fence ...
        pepe-el-Toro
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        What part of "...Just hours after word of his Millers app which was approved by Apple was publicized by Greenberg..." don't you people understand?

        APPLE APPROVED THE APP, if one is to believe the article.
        reibertg@...
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @ye [b]It sounds as if he violated the terms of the iOS Developer Program.[/b] He did - and that's the point I'm making... he did the [i]same exact thing[/i] that a hacker with malicious intent would. dderss said it was an act of dishonesty and not dignified - find me a black hat hack anywhere who is honest and dignified. baggin_z said Charlie Miller did it for publicity - well he's STILL getting publicity over it AND over Apple's knee jerk reaction.

        In this situation all of the Apple fans, fanbois, mactards, whatever need to stop blindly defending Apple...
        athynz
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss - and making excuses for Apple's shortcomings is unconsionable as well.
        Rndmacts
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss Yeah, as the other replies point out, your statement is nothing short of wearing blinders. You're basically saying, "well, Apple said he shouldn't be cracking their security so anyone who does so should be banned". As if this will somehow prevent anyone else from doing exactly the same thing. It's a very Apple response, something I'm finding more and more Applites resorting to (the "Think Different (Like Everyone Else)" syndrome). Apple could've reached out and said, "tell us more about this problem, we'd like to work with you". Instead, in typical Apple fashion, they deny, deflect, finger point (with the help of their acolytes), ban, and otherwise refuse to acknowledge the problem. And no, issuing a fix isn't acknowledging the problem -- not recognizing that issues exist, and banning anyone who finds them is the actual problem. Flaws exist in every system / software, every company *except* Apple deals with them properly, and this is why it's only a matter of time before Apple and their supporters get seriously burned. And you will all deserve it because of your willful ignorance, ongoing denial, a simple inability to see things for what they are, and an inability to get along with people and work together with them instead of being snobby, offensive elitists. Apple will fix any issues they find, but this way they're actively preventing any issues from being found. If you can't see the problem with that, you've obviously drunk way too much Apple Kool Aid.
        PatrickBay.ca
      • RE: After latest iPhone hack, Charlie Miller kicked out of iOS dev program

        @dderss

        So what ?

        Do you want a secure phone ?
        Do you want people to find and reveal vulnerabilities in the open ? or do you want them done where no one knows until their phone is cracked ?

        Apple has a choice between letting the Charlie Miller's of the world get their 15 min of fame for finding and exposing vulnerabilities - in a way that makes it likely they will get fixed before millions of phones are cracked, or having it done by others with more hostile goals.

        Apple is free to control its Store, and developers program as they please - and I am free to switch to Android.
        dhlii@...