@0xcharlie Discovers iOS Code Signing Security Flaw
Posted November 8, 2011 at 12:31am by
Shalom Levytam
Charlie Miller, a popular hacker known as 0xcharlie, has discovered a security flaw in the code signing of iOS apps and subsequently been terminated from the iOS developer program.
Forbes reports that at the SysCan conference in Taiwan next week, Miller plans to present a method that exploits a flaw in Apple's restrictions on code signing on iOS devices, the security measure that allows only Apple-approved commands to run in an iPhone or iPad's memory. Using his method–and Miller has already planted a sleeper app in Apple's App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user's photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.
Miller demonstrates the bug in the video posted below. Two hours after linking the Forbes article, he tweeted that Apple had removed his sleeper app and kicked him out of the iOS developer program.
OMG, Apple just kicked me out of the iOS Developer program. That's so rude!
First they give researcher's access to developer programs, (although I paid for mine) then they kick them out.. for doing research. Me angry
dunno, letter of termination. Sounds permenant. feels heavy handed, I miss Steve.
Read More [via Josh]
Forbes reports that at the SysCan conference in Taiwan next week, Miller plans to present a method that exploits a flaw in Apple's restrictions on code signing on iOS devices, the security measure that allows only Apple-approved commands to run in an iPhone or iPad's memory. Using his method–and Miller has already planted a sleeper app in Apple's App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user's photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.
Miller demonstrates the bug in the video posted below. Two hours after linking the Forbes article, he tweeted that Apple had removed his sleeper app and kicked him out of the iOS developer program.
OMG, Apple just kicked me out of the iOS Developer program. That's so rude!
First they give researcher's access to developer programs, (although I paid for mine) then they kick them out.. for doing research. Me angry
dunno, letter of termination. Sounds permenant. feels heavy handed, I miss Steve.
Read More [via Josh]
![Apple Shares Teaser for Early 2026 TV Lineup: 'Hijack', 'Shrinking', 'Monarch', More [Video]](/images/news/99372/99372/99372-160.jpg "Apple Shares Teaser for Early 2026 TV Lineup: 'Hijack', 'Shrinking', 'Monarch', More [Video]")
![Beats Teams Up With IShowSpeed for Kung Fu-Inspired Powerbeats Pro 2 Ad [Video]](/images/news/99367/99367/99367-160.jpg "Beats Teams Up With IShowSpeed for Kung Fu-Inspired Powerbeats Pro 2 Ad [Video]")
![AirPods Pro 3 Hit New All-Time Low of $199! [Deal]](/images/news/99326/99326/99326-160.jpg "AirPods Pro 3 Hit New All-Time Low of $199! [Deal]")
![AirPods Pro 3 Drop Back to Lowest Price Ever of $219.99 [Deal]](/images/news/99303/99303/99303-160.jpg "AirPods Pro 3 Drop Back to Lowest Price Ever of $219.99 [Deal]")
![Apple Watch Series 11 Drops to New All-Time Low of $299 [Deal]](/images/news/99283/99283/99283-160.jpg "Apple Watch Series 11 Drops to New All-Time Low of $299 [Deal]")
![AirPods 4 With ANC Are Still On Sale for Just $99! [Lowest Price Ever]](/images/news/99264/99264/99264-160.jpg "AirPods 4 With ANC Are Still On Sale for Just $99! [Lowest Price Ever]")
![Final Cyber Monday Deals: M4 MacBook Air for $749, Beats, Sonos, and More [List]](/images/news/99203/99203/99203-160.jpg "Final Cyber Monday Deals: M4 MacBook Air for $749, Beats, Sonos, and More [List]")
