Even though the most recent Trojan for Mac OS turned out to be a "phantom menace" that doesn't mean that Apple users are immune to security woes.
At the SysCan conference in Taiwan next week, Miller plans to present a method that exploits a flaw in Apple's restrictions on code signing on iOS devices, the security measure that allows only Apple-approved commands to run in an iPhone or iPad's memory. Using his method — and Miller has already planted a sleeper app in Apple's App Store to demonstrate the trick — an app can phone home to a remote computer that downloads new unapproved commands onto the device and executes them at will, including stealing the user's photos, reading contacts, making the phone vibrate or play sounds, or otherwise repurposing normal iOS app functions for malicious ends.
"Now you could have a program in the App Store like Angry Birds that can run new code on your phone that Apple never had a chance to check," says Miller. "With this bug, you can't be assured of anything you download from the App Store behaving nicely."
In the immortal words of Popsicle Pete, "none of you are safe."