Security Researcher Reveals iOS Security Flaw, Gets Developer License Revoked - MacRumors
Skip to Content

Security Researcher Reveals iOS Security Flaw, Gets Developer License Revoked

by

charliemillerSecurity researcher Charlie Miller revealed earlier today that he had found an exploit in Apple's iOS software that allows an App to run arbitrary code. Apple generally approves all code that is submitted to the AppStore and forbids the execution of un-approved code, but Miller discovered a way to bypass this restriction. Forbes writes:

Miller became suspicious of a possible flaw in the code signing of Apple’s mobile devices with the release of iOS 4.3 early last year.
...
The researcher soon dug up a bug that allowed him to expand that code-running exception to any application he’d like.

Beyond discovering the bug, Miller went a step further and actually had an App submitted to the App Store which took advantage of this bug. The App was approved and was able to perform as expected:

Using his method–and Miller has already planted a sleeper app in Apple’s App Store to demonstrate the trick–an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user’s photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.

Shortly after the news broke, Apple revoked Miller's developer account, citing a breach of the developer agreement.

“This letter serves as notice of termination of the iOS Developer Program License Agreement…between you and Apple,” the email read. “Effective immediately.”

Miller plans to present his findings at the SysCan conference in Taiwan next week.

Popular Stories

Apple Event Logo

Apple's Next Era Begins September 1

Thursday May 7, 2026 10:36 am PDT by
Apple recently announced that Tim Cook will be stepping down as CEO later this year, after 15 years of leading the company. Effective September 1, Apple's hardware engineering chief John Ternus will become the company's next CEO, while Cook will become executive chairman of Apple's board of directors. In his new role, Apple said Cook will assist with "certain aspects" of the company,...
Read Full Article
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro Launching in September With These 10 New Features

Saturday May 9, 2026 6:03 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article
Apple Watch Series 10 Jet Black Touch ID

Apple Watch Series 12 and watchOS 27: What to Expect Later This Year

Friday May 8, 2026 2:07 pm PDT by
While not too much has been reported about the next Apple Watch models, there are a few rumors about potential design changes and watchOS 27 features. Apple Watch Series 12 and Apple Watch Ultra 4 models are expected to be released in September, and we have outlined some of the key rumored hardware and software changes below. A new Apple Watch SE is not expected this year, as that model was...
Read Full Article57 comments

Top Rated Comments

F
Fazzy
189 months ago
I guess he should have told apple about it instead of submitting that app
Score: 61 Votes (Like | Disagree)
miles01110 Avatar
miles01110
189 months ago
Meanwhile Google is handing out bounties for stuff like this. Because why would you want to get (almost) free help from industry-leading professionals? Submitting it to the App Store probably wasn't the way to go, though.
Score: 43 Votes (Like | Disagree)
thewitt Avatar
thewitt
189 months ago
It's one thing to find a security hole and professionally inform Apple, quite another to write an app to exploit it and announce you will tell the works how to do it in a conference in a week...

Charlie is a smart guy who makes some really stupid decisions.

Professional developers disclose issues in iOS to Apple through secure channels all the time without this media madness.
Score: 33 Votes (Like | Disagree)
ChazUK Avatar
ChazUK
189 months ago
https://twitter.com/#!/0xcharlie/status/133739410662494208

For the record, without a real app in the AppStore, people would say Apple wouldn't approve an app that took advantage of this flaw.

That pretty much explains why he submitted the app for approval.

I have no doubt that many would have said this wouldn't have got through if he simply revealed the flaw without submitting an app.
Score: 23 Votes (Like | Disagree)
I
iJanne
189 months ago
If you read the source article, the guy reported the bug to Apple a month ago.

----------

This makes Apple look pretty bad. And if he had submitted the bug what are the chances Apple would have responded in a timely manner if at all?

He submitted the bug to Apple on Oct 17 according to the source article.
Score: 22 Votes (Like | Disagree)
applebook Avatar
applebook
189 months ago
I wasn't aware that Google rewarded people for exploiting their security flaws without their consent. :rolleyes:

No company or person likes to be exploited. Miller should have revealed the findings instead of trying to take advantage of the flaw.
Score: 22 Votes (Like | Disagree)
Read All Comments