Recently news broke of security expert Charlie Miller who has helped find many holes in iOS, was kicked off the dev team for showing a proof of concept that allowed malicious apps to be planted into the iOS app store with a code-signing bug. Article by ComputerWorld here
I know many companies have a policy with security researchers - that they have to keep quiet until the hole is closed and not release details about it.
Miller never really released anything, I saw his video for the proof of concept he did, he didn't release the method of how he did it. Yes I can say fair enough, but I can't help but think Apple shot themselves in the foot as well. Losing a decent security researcher like Miller... we'll see how it effects Apple.
No comments:
Post a Comment