Top stories

Journalists Cover Microsoft, Using Macs

It’s not an easy time for Microsoft — with Steve Ballmer having to field questions about being “buffoons” and an “evil empire”  at the shareholder’s meeting (.doc) — so when they get together “the world’s most influential technology pundits and online writers” (nb: we weren’t invited) for Mobius to discuss super-secret mobile tech you’d think [...]

Guide To Black Friday Apple Bargains: Cheap MacBooks, iPods and Accessories Galore

Here’s a guide for finding the best bargains on Apple-related gear during the infamous Black Friday sales on November 27. We’ve compiled a comprehensive list of gear from leaked photos of sales flyers and descriptions of sales.
The bargains include a 2.26 GHz MacBook + $150 gift card at Best Buy for $999.99 ; a 32GB [...]

Review: Voices Is Today’s Best Thing Ever, Grab It Now While It’s Cheap

New on the App Store is Voices from the clever folk at Tap Tap Tap. You can guess what it does.

Open it up, pick a silly voice. Helium is pretty silly. A microphone appears and the app even clears your throat for you (try it, you’ll see what I mean). Now speak your brains, and [...]

Review: Sony Walkman S540 Series Video MP3 Player

Press releases, you will hardly be surprised to hear, are rarely very interesting. But one arrived in my inbox a couple of weeks ago that made me double-take.
“Sony’s S Series Walkman,” it chattered, “is a serious challenger to the iPod Nano.” Gosh, really? Perhaps the Cult had better have a look at one, then, despite [...]

iPhone Security Takes Another Hit

3:03 pm, November 11th, 2008, Lonnie Lazar

Third party iPhone app developers may be able to update and execute arbitrary code from their applications at will, circumventing Apple’s App Store approval process, according to a report at TechCrunch.

The exploit stems from a trick documented by developer/blogger Partick Collison, who figured out a workaround to allow for the display of dynamic default.png images that load when an app is opened on the phone.

Jason Kincaid, who writes for TechCrunch, believes this security flaw makes it possible that “using the same technique with arbitrary code would likely allow a developer to update and execute whatever code they’d like at will.”

Kincaid notes that this is only an issue insofar as Apple purports to retain control of everything that appears on the AppStore. Developers enjoy the capability of running malicious code in just about every Windows or Mac desktop application you can buy without a screening process similar to the one Apple maintains before allowing iPhone and iPod touch applications to be distributed through the AppStore.

It’s also worth noting that no developer or application has been found to have used this particular exploit to run malicious code to date, and that Apple could act to close the loophole before anyone’s phone is put at risk.

Posted by Lonnie Lazar in News, iPhone | Comment on this article

About the author

Lonnie Lazar

Lonnie Lazar is a writer, musician, web designer attorney. He writes about Apple for Cult of Mac and Mac|Life, and about VoIP and telecommunications for Voxilla. Follow Lonnie on Twitter @LonnieLazar, join the Cult of Mac on Facebook, and find Lonnie's photos on Flickr.

Email the author | Read more posts by Lonnie Lazar.

Related posts from Cult of Mac

Comments are closed.

Buy Inside Steve's Brain Buy from Amazon.com Buy from Barnes & Noble