Sorry, but possibilities for exploiting the works of Chaucer for a blog title don’t come along very often. Charlie Miller, who has made something of a career of pushing the Apple envelope, has upset Cupertino by publishing a “sleeper app” on the App Store that demonstrated a vulnerability that could allow a malicious app author to download unsigned code from a remote server.
At next week’s SysCan conference in Taiwan he plans to demonstrate a flaw in iOS 4.3 onwards that allows the Nitro JIT Compiler to “add dynamic, unsigned code to a process while running.” As he told Brian Prince at Security Week:
Characteristically, Apple has not only removed the app (understandable) but also removed Miller from its developer program. I understand the company’s annoyance, but for the sake of its customers’ security, can it really afford to take an “I’m not listening” stance towards a researcher who has given them advance warning on so many potentially problematic security issues?