A developer claims to have found a new exploit in the iPhone that may let App Store developers sneak dangerous code into their apps. With Apple-developed apps, an image called ‘Default.png’ is displayed while the app is launching, and can do anything from show the current date or display the contents of the app before it’s finished loading. App Store devs are limited to static ‘Default.png’ images, but dev Patrick Collison has found a way around this. 
While it seems harmless enough, TechCrunch is guessing that it could be dangerous. The premise of the hack is that it tricks the iPhone into loading unsigned code by making it think it came from a “trusted” source. If the same technique could be applied to arbitrary code, a developer could run any code they want, including things that are not so nice.
It’s probably not likely that this has already been used in the App Store, so there’s no need to get paranoid about the apps you’re downloading, but Apple would probably be wise to fix this soon.
For those interested, Patrick posted details on the hack to his blog.
[via TechCrunch]
How to Capture Your iPhone 3GS iBEC and iBSS (Windows)
iPhone-Dev Team has your 3GS temporary solution ;-)
iPhone OS 3.1 Features: Better Video Editing, Voice Control Over Bluetooth, And More
Stay away from OS 3.1 to stay unlocked, contains new baseband
Edovia Releases Rocket Taxi 2.0
New Features Found in iPhone OS 3.1
3GS Supplies Running Low At U.S. Apple Stores
Doom Resurrection for iPhone Hits the App Store, Costs $10
iPhone 3GS Graphics Performance Benchmarked (Verdict: Significantly Faster)