Apple Bans Researcher For Disclosing iOS Bug
Miller, if you don't know, is easily the most famous and successful security researcher for the Mac and iOS platforms. Miller has won many awards for his research and found many important vulnerabilities in Apple's software. Miller doesn't work for Apple; he is principal research consultant for Accuvant LABS, the research arm of security consulting firm Accuvant.
- IBM Analytic Answers for Retail Purchase Analysis and Offer Targeting
- Solving Today's Toughest Mainframe Security Challenges
Apple expelled Miller for doing what he does: demonstrating his research. In the video below, he explains and demonstrates a flaw he found in iOS and, arguably, the App Store vetting process, which allows a malicious app to download and execute unsigned code from any arbitrary site.
Normally, code run on the iPhone has to be code signed so that Apple can ensure who wrote it and be able to remove it, but the downloaded code need not be signed. This is a major gap in iOS security.
As Miller makes clear, he created the app that downloads and executes the malicious code. He submitted it to Apple for the App Store and it was published. This is a clear violation of the terms of service for the App Store, so in that sense he knew what he was doing and they have every right to revoke his iOS developer program account.
But this is about as classic a "shoot yourself in the foot" maneuver as I have ever seen. It has become clear in the last 10 years or so that independent research is critical to keeping products secure. Modern software products are just too complicated for vendors to do all the research themselves. Although Apple does do some internal security penetration research on their own products, they have a bad reputation for finding and fixing vulnerabilities quickly. It's not uncommon for them to go years before patching known vulnerabilities.
There's nobody out there who has done as much work in this area as Miller. Apple and their users need him, and Apple would do well to find some way to allow Miller do what he needs to do
Follow Larry Seltzer and BYTE on Twitter, Facebook, LinkedIn, and Google+: