Apple iOS flaw exposes iPhone app security risk

Security researcher Charlie Miller has discovered a new flaw in Apple's iOS operating system which could allow developers to bypass Apple's code signing restrictions on applications and remotely control an iPhone.

The bypass exploits an exception added to Safari in iOS 4.3 which allows unsigned downloaded code to execute. 

"The flaw I found allows apps in the App Store to download new code and run it even if it's not signed or checked by Apple," Miller said in a YouTube presentation.

Miller demonstrated how such code could let a hacker remotely download a user's address book, view their pictures and even make the phone vibrate.

"It's a payload that shouldn't be allowed to run on the iPhone. It shows that malware can run on the phone with this flaw," he said.

Miller demonstrated the flaw using his own stock price checking application, InstaStock, which he managed to get approved even though it contained functionality allowing it to carry out remote downloads and other unapproved actions.

As a result, Miller was thrown off the iOS Developer Program when Apple discovered that he had broken the App Store rules about including secret functionality.

The guidelines for developers state that Apple will reject any apps which can download code or which do not perform as advertised.

"OMG, Apple just kicked me out of the iOS Developer program. That's so rude!" Miller tweeted on Monday.