![[Valid Atom 1.0]](valid-atom.png "Validate my Atom 1.0 feed")
BBC MUNDO RADIO
An iPhone app that secretly gathered user data was approved and published in Apple's iTunes App Store.
Apple maintains strict control over the apps allowed into its App Store
7:00AM GMT 09 Nov 2011
1 Comment
The app, called InstaStock, was created by a security expert to expose a
security flaw in Apple's iOS - the operating system that runs iPhone, iPad
and iPod touch devices.
Charlie Miller designed the app to look like an application for checking
stockmarket prices but it was also able to steal user data, including
photographs and contacts.
The app, which was accepted into the iTunes App Store in September, has since
been removed by Apple and Mr Miller's account has been suspended.
Mr Miller intends to present details of the security flaw at a conference next
week but it is thought to exploit the Nitro JavaScript engine that Apple
introduced with iOS 4.3 early last year.
Writing on Twitter, Mr Miller expressed his anger at being barred by Apple: "First
they give researchers access to developer programs, (although I paid for
mine) then they kick them out.. for doing research. Me angry."
Apple's iOS devices have typically had fewer security vulnerabilities than
competing platforms because of the company's tight control of the operating
system and the approval process for apps that run on it.
