Apple Boots Developer Who Exposed Security Hole

Finding App Store bug costs Charlie Miller his license
By Rob Quinn,  Newser Staff
Posted Nov 8, 2011 3:24 AM CST
Updated Nov 8, 2011 3:42 AM CST
Apple Boots Researcher Charlie Miller for Exposing App Store Security Hole
"I didn’t have to report this bug. Some bad guy could have found it instead and developed real malware," Miller says.   (Getty Images)

Security guru Charlie Miller found himself kicked out of Apple's developer program just hours after he announced that he had found a major security flaw. Miller discovered a hole that allows iPhone and iPad applications to grab potentially malicious code from third-party servers even after they have been approved and gone live on the App Store, Forbes reports.

Miller, who has reported dozens of bugs to Apple over the years, tested the flaw with a stock-ticker app that won approval. The hidden features were grounds for ejection from the program, but Miller says his treatment is heavy-handed and counterproductive. "I don't think they've ever done this to another researcher. Then again, no researcher has ever looked into the security of their App Store. And after this, I imagine no other ones ever will," he tells CNET. "That is the really bad news from their decision." (More App Store stories.)

Get the news faster.
Tap to install our app.
X
Install the Newser News app
in two easy steps:
1. Tap in your navigation bar.
2. Tap to Add to Home Screen.

X