A collection of articles and links showing how America and American companies need to stop doing business with, or trusting, China with just about anything. That country, especially with its Communist government, is willing to do anything to steal government and corporate info to further their own goals. They do not live by the historical western values of Europe or the United States.
Monday, February 22, 2016
Chinese devs abuse free Apple app-testing certs to install pirated apps
hidden features that allow users to install pirated apps on non-jailbroken
devices. Its creators took advantage of a relatively new feature that lets
iOS developers obtain free code-signing certificates for limited app
deployment and testing.
In fact, someone was recently selling code on a popular Chinese security
forum that could automatically register Apple IDs and then generate personal
development certificates for them.
"We don't know where the App Store reviewers are located," the Palo Alto
Networks researchers said. "If they are not located in mainland China, this
method could trick them into seeing a legitimate app. Even if they're in
China, the author could just shut down that webpage during the review period
so that reviewer could not see the actual functionality through an analysis
of its behavior."
Subscribe to: Post Comments (Atom)
Post a Comment