The creator of an exploit that let users purchase digital goods inside of iOS apps without actually paying for them said today that Apple's fix puts the hack out of business.
"Currently we have no way to bypass [the] updated APIs," creator Alexei Borodin wrote in a post on his development blog. "It's a good news for everyone, we have updated security in iOS, developers have their air-money."
Antivirus software specialist Bitdefender has found that nearly 19% of iOS apps access your address book without your knowledge — or your consent — when you’re using them, and 41% track your location. What’s most concerning is over 40% of them don’t encrypt your data once it has been collected.
That’s all going to change when iOS 6 makes its debut later this year, however.
A Russian programmer who released a hack allowing iOS users to steal paid app content has thwarted Apple's attempts to fix the flaw.
Alexey Borodin published a video on YouTube outlining how users could avoid paying for in-app purchases without even having to gain root access to the system. All they needed to do was install two security certificates and change the DNS settings on their device.
The third beta version of iOS 6 has been handed out to developers running the new mobile OS as an over-the-air update this morning. The new versions of Xcode haven't quite made their way out into the world yet, but they should soon, giving iOS and Mac developers the option to test and build their apps on the upcoming operating system.
One interesting challenge that’s emerging for companies out of the bring your own device (BYOD) and iPad-at-work trends is deciding who’s responsible for setting and enforcing policies when it comes to employee-owned devices. The immediate assumption is that it should be the IT department, but what group within IT? Security, network management, and user support teams can all make a claim that it should be them.