(LiveHacking.Com) – Charlie Miller, a veteran at finding vulnerabilities in OS X and iOS has discovered a flaw in iOS that allows rogue apps to download and execute unapproved code on an iOS device. As a proof of concept Charlie successfully uploaded an app to Apple’s iTunes store, a trick which then cost him his rights as an iOS developer.
Charlie is no stranger to hacking Apple products. In 2008 he won a $10,000 prize at the hacker conference Pwn2Own for cracking a MacBook Air in under 2 minutes. In 2009, he won $5,000 for cracking Safari in under 10 seconds. And in the very same year he also demonstrated an SMS processing vulnerability that allowed for the complete compromise of an iPhone.
His latest discovery exposes a flaw in Apple’s restrictions on code signing, Apples largely successful way to ensure that only Apple-approved applications can run on an iPhone or iPad. Charlie plans to present his findings at the SysCan conference in Taiwan next week.
“Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” says Miller. “With this bug, you can’t be assured of anything you download from the App Store behaving nicely.”
However once Apple discovered what Charlie had been up to, it terminated his iOS Developer Program License:
“This letter serves as notice of termination of the iOS Developer Program License Agreement…between you and Apple,” the email read. “Effective immediately.”
Of course, Apple is well within its rights to terminate Charlie’s developer license. He has broken the terms of the license, however we are left wondering if Apple wouldn’t have done better to contact Charlie and get him to explain the flaw to them.
Charlie isn’t the only person trying to get around Apple’s security systems. Pod2g an iPhone hacker from Chronic Dev Team is reporting that he has found a bug in Apple’s iOS 5 that may allow for the development of an untethered jailbreak:
“Hey jailbreaking friends, I’ve found a bug that can untether iOS 5. Don’t expect a release soon, but I’m gonna work hard in it.”