Controversial iPhone app security bug fixed in iOS 5.0.1
The security flaw that led to security researcher Charlie Miller getting kicked out of Apple's developer program has been patched in the company's latest iOS update.That flaw, which let apps phone home to download potentially malicious unsigned code, thus changing the behavior of an application, is listed as one of the security fixes in iOS 5.0.1, which went out to users today."A logic error existed in the mmap system call's checking of valid flag combinations. This issue may lead to a bypass of codesigning checks," Apple posted in a security document coinciding with the new software this morning. "This issue does not affect devices running iOS prior to version 4.3," it read, crediting Miller as the finder of the issue. Miller, who is a researcher with Accuvant Labs posted his initial findings of the flaw earlier this week in an interview with Forbes to promote a demonstration of his method at the SysCan conference, which takes place in Taiwan next week.Despite Miller having sent Apple his findings three weeks prior to publicizing the issue, the company responded by terminating Miller's developer license, saying that he violated two parts of the agreement that cover interfering with Apple's software and services, and hiding features from the company when submitting them. The boot came with a one-year ban from reapplying to Apple's iOS Developer Program. Miller declined to comment on what's happened since that decision, and what he plans to show off at Syscan now that the issue's been addressed. In a tweet this morning, Miller said "even if some thought what I did was unethical, I hope public reporting of that flaw sped up time to patch release to make things safe for us."
