Apple bars security researcher over unsigned code test

FRUIT THEMED SOFTWARE OUTFIT Apple has shunned a security researcher who exposed a vulnerability in its IOS operating system.

Charlie Miller at security research organisation Accuvant had been testing a proof of concept vulnerability experiment in the App Store when he tweeted that he and Apple had parted ways.

"OMG, Apple just kicked me out of the iOS Developer program. That's so rude!", he tweeted in reaction to an email from the firm. "Letter of termination. Sounds permenant... [It] feels heavy handed, I miss Steve."

Miller calls himself the zero-day guy on Twitter and has made rather a name for himself as an exposer of Apple's software flaws. Perhaps his latest wheeze was a step too far for Apple, as it saw him hiding potentially malicious code within an otherwise unsuspicious looking application. "I thought they'd just remove the app and we'd still be friends," he added.

Miller will show off the proof of concept at a security show next week and is convinced that his real world test is essential in proving that the threat is a real one. He added that it was designed to highlight whether the Apple review process was able to detect an app that is capable of running unsigned code.

"For the record, without a real app in the AppStore, people would say Apple wouldn't approve an app that took advantage of this flaw," he tweeted in advance of the event.

"See the bug and how to go from a RWX region to dlopen working on an unsigned lib. Also, learn how to get kicked out of the iOS developer program as easy as pie!" µ