Charlie Miller, the famous security expert who has been able to hack pretty much every Apple device known to man, is being denied use of his developer license for security research purposes after showcasing a type of malware that the App Store review board failed to detect and unknowingly approved.
found a flaw in code signing on iOS devices that may allow a hacker to build and submit a malware app right under Apple’s nose.
The malware is undetectable (or was, until Miller exposed its modus operandi) and can be used to read user’s contacts, steal photos, and enable or disable pretty much any function.
“Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check,” Miller told Forbes in an interview, before seeing his app pulled and his license revoked.
“With this bug, you can’t be assured of anything you download from the App Store behaving nicely,” he said.
Miller compared iOS security to that of Google’s Android OS and said ”Android has been like the Wild West,” because Google doesn’t enforce many rules during its approval process, but added that “this bug basically reduces the security of iOS to that of Android.”
Little did Miller know that such comments could lead to the termination of his Apple Developer license.
“Apple has removed my app from the app store, those bastards!”, he later told his Twitter followers.
That second remark apparently got him into even more trouble, with Miller later updating his Twitter feed yet again: “OMG, Apple just kicked me out of the iOS Developer program. That's so rude!”
“First they give researcher's access to developer programs, (although I paid for mine) then they kick them out.. for doing research. Me angry,” he said.Editor’s note
Well, that’s probably what you get for calling Apple bastards before asking why they decided to pull the app. In all senses, it’s their store and there was an app in there that made the iOS ecosystem insecure. You probably didn’t leave them much choice there Mr. Miller.