toggle

AAPL Stock: 102.64 ( + 1.58 )

Printed from http://www.macnn.com

Backdoor tethering app appears, disappears at App Store

updated 02:55 pm EDT, Wed July 21, 2010

Raises security concerns

An app allowing unofficial tethering of an iPhone managed to briefly appear at the App Store before being blocked, reports note. Called Handy Light, the app was superficially another flashlight title, using an iPhone's touchscreen to display five different colors of light. By following instructions posted online however, the app could successfully be used to set up tethering through a SOCKS proxy scheme.

While quickly caught by Apple, Handy Light has raised questions of security at the App Store. By burying functions, less benign apps could potentially unleash malware or other unwanted content. Apple screening processes are nominally set up to catch both security threats and rule violations, though the process has not been perfect.








by MacNN Staff

toggle

Comments

  1. testudo

    Joined: Dec 1969

    +3

    What???

    While quickly caught by Apple,

    Quickly, as in "Damn, we just read about this on the internet, we better pull it before ATT starts crying like a kid at the grocery store whose mother won't let him buy a candy bar!"

    Handy Light has raised questions of security at the App Store. By burying functions, less benign apps could potentially unleash malware or other unwanted content.

    Um, right. This is the same thing most people have been saying against the "Apple will protect us!" AppStore proponents. h***, they could just shove a "Turn on these functions starting on day x**" kind of thing, let alone 'number of uses' or 'time of day' or simply 'connect to web site, see if page tells me to turn on spam application'.

    Which also should make one wary of ever putting an ATT sponsored app on their phone. I could see them putting in a bunch of "download this 10MB file every hour" type of background process to run up your data usage and cause you to pay higher fees.

    Apple screening processes are nominally set up to catch both security threats and rule violations, though the process has not been perfect.

    Apple's screening process is set up to make sure the apps don't crash on launch, don't call 'hidden' APIs, doesn't contain really bad words or images and, if it does, it is marked for the proper age group, and stuff like that. There's no way Apple can verify what the software is actually doing unless it actually gets the source code and compiles it themselves. They could try to reverse engineer the code, but that would violate the DMCA, wouldn't it?

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Patriot Supersonic Rage XT 128GB USB drive

USB thumb drives are getting larger by the day, their growth speeding along with the availability and expansion of memory chips. But h ...

Autodesk Smoke 2015

Since May of this year, Autodesk has been shipping the highly anticipated update to its high-end post-production video editing suite, ...

Crucial MX100 256GB SATA-3 SSD

While the price-per-gigabyte ratio for magnetic platter-based hard drives can't be beat, the speed that a SSD brings to the table for ...

toggle

Most Commented