toggle

AAPL Stock: 524.94 ( + 5.93 )

Printed from http://www.macnn.com

Apple quickly revokes hijacked certificate for GBA emulator

updated 08:41 pm EST, Wed February 19, 2014

Former jailbroken software bypasses App Store, poses security risk

A former "unofficial" app that required jailbreaking an iOS device to run its Game Boy emulator has attempted to "backdoor" its way onto non-jailbroken devices by hijacking a legitimate certificate, which has now been disabled by Apple. The app, GBA4iOS 2, offered emulation of Game Boy, Game Boy Color and Game Boy Advance games on iOS 7 devices, and included a built-in browser to allow users to pirate ROMs.

Improper certificate seen on installation
Improper certificate seen on installation


The certificate used by the developer traces back to a Beijing company, presenting potential security risks. The previous version worked around security restrictions by requiring users to both jailbreak their devices and set the internal clock back to a date in 2012, but the 2.0 release required neither, exploiting the hijacked enterprise distribution certificate instead and installed through a direct download link.

Despite this, many users reported that the app failed to install properly or work. It is possible that the software carries other payloads beyond its emulation ability, which would explain the rationale of using a repurposed certificate rather than keeping it as an unofficial app available through the usual jailbreaking app repositories.

Several emulator apps have snuck into the official App Store, usually by pretending to be other types of applications. Once discovered, Apple has routinely pulled such apps for violations of its rules. The company has since disabled the enterprise certificate the GBA4iOS developers hijacked, and may take further action depending on how it was obtained.

MacNN is currently testing the emulator and will update the story if any suspicious outgoing connections or other activity apart from the emulation itself is detected.




by MacNN Staff

toggle

Comments

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    Cue the Android fanboys telling us how this means Apple is evil because FREEDOM!

  1. v7nn7

    Fresh-Faced Recruit

    Joined: 02-21-14

    So... any news? Is it safe?

  1. EstaNightshift

    MacNN Staff

    Joined: 07-19-12

    So far, so good. No odd network communications, or the like.

  1. reader50

    Administrator

    Joined: 06-01-00

    By testing it, I assume someone is getting paid to play nonstop games in emulation?

    Actually, that sounds like a really cool job.

  1. EstaNightshift

    MacNN Staff

    Joined: 07-19-12

    I've farmed the task out to assorted family members. They're connecting to a computer with network sharing on that I set up for the express purpose of monitoring traffic through those devices and the app in question. While I didn't write this article, I did consult with the author some, and needless to say, I'm a bit wary.

    So far, we've got 34.7 hours of gameplay logged across four different devices.

    This all said, I'd really, REALLY like Apple to open things up for emulation. I know things have slipped by the iOS cops in the past, and were available for a short time, but I don't see the point of trying to block it.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Booqpad for iPad Air

Before we get rolling, I'll confess: I've never understood the purpose of cases like the Booqpad. If you've got a tablet, surely p ...

Linksys EA6900 AC Router

As 802.11ac networking begins to makes its way into more and more devices, you may find yourself considering an upgrade for your home ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

toggle

Most Commented