toggle

AAPL Stock: 116.47 ( + 0.16 )

Printed from http://www.macnn.com

Apple quickly revokes hijacked certificate for GBA emulator

updated 08:41 pm EST, Wed February 19, 2014

Former jailbroken software bypasses App Store, poses security risk

A former "unofficial" app that required jailbreaking an iOS device to run its Game Boy emulator has attempted to "backdoor" its way onto non-jailbroken devices by hijacking a legitimate certificate, which has now been disabled by Apple. The app, GBA4iOS 2, offered emulation of Game Boy, Game Boy Color and Game Boy Advance games on iOS 7 devices, and included a built-in browser to allow users to pirate ROMs.

Improper certificate seen on installation
Improper certificate seen on installation


The certificate used by the developer traces back to a Beijing company, presenting potential security risks. The previous version worked around security restrictions by requiring users to both jailbreak their devices and set the internal clock back to a date in 2012, but the 2.0 release required neither, exploiting the hijacked enterprise distribution certificate instead and installed through a direct download link.

Despite this, many users reported that the app failed to install properly or work. It is possible that the software carries other payloads beyond its emulation ability, which would explain the rationale of using a repurposed certificate rather than keeping it as an unofficial app available through the usual jailbreaking app repositories.

Several emulator apps have snuck into the official App Store, usually by pretending to be other types of applications. Once discovered, Apple has routinely pulled such apps for violations of its rules. The company has since disabled the enterprise certificate the GBA4iOS developers hijacked, and may take further action depending on how it was obtained.

MacNN is currently testing the emulator and will update the story if any suspicious outgoing connections or other activity apart from the emulation itself is detected.




by MacNN Staff

toggle

Comments

  1. The Vicar

    Junior Member

    Joined: 07-01-09

    Cue the Android fanboys telling us how this means Apple is evil because FREEDOM!

  1. v7nn7

    Fresh-Faced Recruit

    Joined: 02-21-14

    So... any news? Is it safe?

  1. Mike Wuerthele

    Managing Editor

    Joined: 07-19-12

    So far, so good. No odd network communications, or the like.

  1. reader50

    Administrator

    Joined: 06-01-00

    By testing it, I assume someone is getting paid to play nonstop games in emulation?

    Actually, that sounds like a really cool job.

  1. Mike Wuerthele

    Managing Editor

    Joined: 07-19-12

    I've farmed the task out to assorted family members. They're connecting to a computer with network sharing on that I set up for the express purpose of monitoring traffic through those devices and the app in question. While I didn't write this article, I did consult with the author some, and needless to say, I'm a bit wary.

    So far, we've got 34.7 hours of gameplay logged across four different devices.

    This all said, I'd really, REALLY like Apple to open things up for emulation. I know things have slipped by the iOS cops in the past, and were available for a short time, but I don't see the point of trying to block it.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a for ...

toggle

Most Commented