Tuesday, 08 November 2011 07:42

Charlie Miller Kicked out of the Apple Developer Program

Written by

Reading time is around minutes.

14621rotten_appleIf the name Charlie Miller sounds familiar to you it should. After all he is one of the researchers that has consistently found bugs and holes in Apple’s vaunted security. He is also a very frequent winner of the Pwn2Own competition where security experts and “hackers” alike compete to find the fastest way of breaking into a computer system. Charlie’s love for Apple and all of its devices has kept him in something of a love-hate relationship with the company for years, but recently things turned for the worse.

After the discovery of a flaw in Apple’s Mobile Safari that allowed the execution of unsigned code Miller reported this to Apple. He did this on the 14th of October and never received any word back on it. To further demonstrate the seriousness (and apparent ease) of this new flaw Miller submitted an app that had the malicious code packed inside. The App, which was disguised as a stock ticker, was approved by Apple and set up for distribution in the walled garden of the iTunes App Store. Miller was able to use the App to execute his code and take control of core functions of the phone.

For his troubles Miller was unceremoniously dropped from the Apple Developers Program for violating the terms of the agreement (which he really did do). The problem with this type of action from Apple is that it makes them seem like they do not want to admit or address serious security issues inside their operating systems. Miller has sent off an email asking for clarification stating “I’m mad, I report bugs to them all the time. Being part of the developer program helps me do that. They’re hurting themselves, and making my life harder.”

Miller feels that this is one of the changes that are coming after the passing of Steve Job and the new management. “I miss Steve Jobs,” he says. “He never kicked me out of anything.”

Source Forbes

Discuss in our Forum

Read 2474 times Last modified on Tuesday, 08 November 2011 07:48

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.