A developer claims to have found a new exploit in the iPhone that may let App Store developers sneak dangerous code into their apps. With Apple-developed apps, an image called ‘Default.png’ is displayed while the app is launching, and can do anything from show the current date or display the contents of the app before it’s finished loading. App Store devs are limited to static ‘Default.png’ images, but dev Patrick Collison has found a way around this. 
While it seems harmless enough, TechCrunch is guessing that it could be dangerous. The premise of the hack is that it tricks the iPhone into loading unsigned code by making it think it came from a “trusted” source. If the same technique could be applied to arbitrary code, a developer could run any code they want, including things that are not so nice.
It’s probably not likely that this has already been used in the App Store, so there’s no need to get paranoid about the apps you’re downloading, but Apple would probably be wise to fix this soon.
For those interested, Patrick posted details on the hack to his blog.
[via TechCrunch]
Popularity: 4% [?]
Novothink rolls out Solar Surge iPhone / iPod touch charging case
DARPA looking to develop iPhone and Android apps, App Store
iDongle hardware iPhone jailbreak tool makes hacker life a little simpler
iPhone SDK 3.2 showing first hints of multitasking for third-party apps?
iPad pre-order is go!
Case-Mate’s Hug wireless iPhone charging solution
Sam Fisher to Debut on iPhone in New Splinter Cell Game
TomTom Update to Include Real-Time-Traffic, Google Search, and More
First iPad ad premieres during the Oscars