Meet Two Security Researchers Apple Hates

This video is a half-hour speech given by Dino Dai Zovi and Charlie Miller, two people Apple corporately hates because of their success in finding security holes in Apple operating systems and software. Both Charlie and Dino have been mentioned on Slashdot before and probably will be again. This is a chance to see how they sound and look in person, talking to a small "by invitation only" group. They have a book to push, too: The iOS Hacker's Handbook. (Please note that this book is supposed to help you secure iOS and iOS apps, not exploit security holes in them.)

Re:Silly and inflammatory

This is bull shit. Apple has a strict process for vetting apps after they've been submitted to the iTunes store.

I don't think that anyone(or at least people that know about security) is amazed at someone having the ability to write a malicious app that can run unsigned code. It's really not that big a deal. What Apple has been excellent at is screening out those apps before they ever make it somewhere that a user could install them.

He was banned for publishing this app to the iTunes store. How else is he supposed to determine if there's a security hole other than having it go through the normal process to end up in the iTunes market? Should he send this code to Apple directly and say "Hey, I'm a security analyst trying to discover a security hole. Would this App pass your inspection process to get into your consumer store?"

This was the only way that he could truly prove the vulnerability.