iOS Bug Allows Malware to Be Sold in Apple App Store
According to Denver-based security consultant Charlie Miller, the Apple App store is vulnerable to infiltration by malware apps that can pose a significant risk to Apple customers. Miller, 4-time winner of the Pwn2Own hacking contest and an employee of security consulting firm Accuvant, managed to submit and gain Apple's approval to sell an app that exploited a previously unknown iOS bug.
Though Miller may have done Apple an enormous favor by identifying an enormous vulnerability and making it public, a move likely to help Apple avoid the fate of the Android market, which has had a notorious problem with malware apps in the last year, Apple isn't having it. Yesterday, Miller tweeted that he'd been kicked out of Apple's iOS developer program. Miller claims to have informed Apple of the flaw in October, but didn't warn them about putting the App for sale (a move he insists was necessary to prove the flaw's seriousness).
He has now been officially banned from the iOS developer program for one full year. Probably for the best, as not having to worry about people helping to identify potential threats to their customers will give Apple more time to pursue vicious legal action against tiny competitors.