Top stories

A New Kind Of Heist: Six Apps For Free

Those crazy MacHeisters are at it again, and this time the deal is even harder to resist.
The first ever MacHeist Nano won’t cost you a penny. You can download, without charge, fully licensed copies of ShoveBox, WriteRoom, Twitterific, TinyGrab, and Hordes of Orcs. If 500,000 people take part (which I think is a pretty safe [...]

Getting More iPhone Home Screens – And Keeping Them

A couple of weeks back, I wrote Temporarily Get More iPhone Home Screens Via Cunning Bug Exploit, but had heard staying away from the iTunes Applications tab within my iPhone was probably a Very Good Idea. Reader Larry Pressnell noted that since the most recent iTunes update, his extra screens have been accessible in iTunes.
Since [...]

Cult of Mac Favorite: MobileStacks Is the Best Reason To Jailbreak. Period.

I really like Stacks on my Mac. Stacks makes it fast and easy to find files, folders and apps right from the Dock. It makes managing a Mac pretty slick with all sorts of little UI tricks. That’s why I recently gave MobileStack a go on my jailbroken iPhone.
I must say that it lives up to the [...]

Gallery: Behind the Scenes From Two Classic Apple TV Ads

Is this Steve Jobs driving a tank in a classic Apple TV spot from the late 1990s? That was the rumor at the time: Jobs was making cameos in Apple commercials.
Ken Segall, the TBWA ad man responsible for naming the iMac and Think Different, reveals the truth after the jump. He also shares some rare [...]

iPhone Security Takes Another Hit

3:03 pm, November 11th, 2008, Lonnie Lazar

Third party iPhone app developers may be able to update and execute arbitrary code from their applications at will, circumventing Apple’s App Store approval process, according to a report at TechCrunch.

The exploit stems from a trick documented by developer/blogger Partick Collison, who figured out a workaround to allow for the display of dynamic default.png images that load when an app is opened on the phone.

Jason Kincaid, who writes for TechCrunch, believes this security flaw makes it possible that “using the same technique with arbitrary code would likely allow a developer to update and execute whatever code they’d like at will.”

Kincaid notes that this is only an issue insofar as Apple purports to retain control of everything that appears on the AppStore. Developers enjoy the capability of running malicious code in just about every Windows or Mac desktop application you can buy without a screening process similar to the one Apple maintains before allowing iPhone and iPod touch applications to be distributed through the AppStore.

It’s also worth noting that no developer or application has been found to have used this particular exploit to run malicious code to date, and that Apple could act to close the loophole before anyone’s phone is put at risk.

Posted by Lonnie Lazar in News, iPhone | Comment on this article

About the author

Lonnie Lazar

Lonnie Lazar is a writer, musician, web designer attorney. He writes about Apple for Cult of Mac and Mac|Life, and about VoIP and telecommunications for Voxilla. Follow Lonnie on Twitter @LonnieLazar, join the Cult of Mac on Facebook, and find Lonnie's photos on Flickr.

Email the author | Read more posts by Lonnie Lazar.

Related posts from Cult of Mac

Comments are closed.