Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple XcodeGhost Malware More Malicious Than Originally Reported

Posted by samzenpus on from the how-bad-is-it dept.

An anonymous reader writes: Details were scant when Apple confirmed the XcodeGhost malware had infiltrated the iOS App Store. The company didn't say which specific iOS vulnerabilities were exposed and didn't indicate how its iPhone users were affected. However, a Palo Alto Networks security analyst is reporting that XcodeGhost had been used to phish for iCloud passwords, and more specific details are emerging. According to the Networkworld article: "URLs can be sent to the iOS device and opened. This isn't limited to HTTP and FTP URLs, but includes local URLs, such as itunes:// and twitter:// that iOS can be used for inter-app communications. For example, this could be used to force automatic phone calls to premium phone numbers, which can charge up to $1 per minute in some cases. Some iOS password manager apps use the system clipboard to paste passwords into the login dialog. As another example, the XcodeGhost malware can read and write data in the user's clipboard, which would allow it to snatch a password."

79 comments

  1. Why would any developer ever download this? by Anonymous Coward · · Score: 3, Interesting

    Seriously. Xcode is beer as in free, yes it used to cost $5 many years ago because of weird accounting but that was a long time ago. Why would anyone ever download Xcode from the Apple Developer web site or the Mac App Store?

    1. Re:Why would any developer ever download this? by Anonymous Coward · · Score: 2, Informative

      As all the stories clearly said it was because it took a long time to download via official channels so they went with an unofficial one which had local servers and much better speed. In hindsight a bad decision but at least you can see why someone would consider it.

      On another topic, the headline is too long. It can be shortened to Apple more malicious than originally reported.

    2. Re:Why would any developer ever download this? by k2r · · Score: 2

      > Why would anyone ever download Xcode from the Apple Developer web site or the Mac App Store?

      I think the current theory is that the big firewall of china made the download so slow that people used local copies.

    3. Re:Why would any developer ever download this? by sexconker · · Score: 1

      it used to cost $5 many years ago because of weird accounting

      I bet you also believed the line about OS X updates having to cost money because of the Sarbanes Oxley Act.

      Apple charges what they do because people pay. There is absolutely no accounting or SARBOX voodoo involved.

    4. Re:Why would any developer ever download this? by Anonymous Coward · · Score: 0

      If you can prove that about accounting SARBOX, you should file a class action suit since Apple discussed it in their filings. That is unlikely to happen.

    5. Re:Why would any developer ever download this? by Hattmannen · · Score: 3, Insightful

      Slow download and installation using the official channels does not even begin to describe it. I did some work in Xcode this spring. Two and a half hours it took to install the bloody thing even with a quick and stable connection.
      Two days later I had to install a new update to be able to continue my work. Thankfully that only took slightly more than an hour.
      In hindsight it was a good thing that I didn't grab it from an unofficial source, but man, was it ever so tempting.

      --
      People are not wearing enough hats.
    6. Re:Why would any developer ever download this? by locksmithsinscottsda · · Score: 0

      What are talking about this was the safe for my Apple pc.

    7. Re:Why would any developer ever download this? by macs4all · · Score: 1

      Slow download and installation using the official channels does not even begin to describe it. I did some work in Xcode this spring. Two and a half hours it took to install the bloody thing even with a quick and stable connection. Two days later I had to install a new update to be able to continue my work. Thankfully that only took slightly more than an hour. In hindsight it was a good thing that I didn't grab it from an unofficial source, but man, was it ever so tempting.

      I guess you've never installed Visual Studio, then. Even from a DVD it is quite a long process.

    8. Re:Why would any developer ever download this? by phalse+phace · · Score: 1

      Seriously. Why would anyone ever download Xcode from the Apple Developer web site or the Mac App Store?

      So they can get a clean version of Xcode?

    9. Re:Why would any developer ever download this? by Anonymous Coward · · Score: 0

      Wow. I just set it to download, and it handled itself in the background while I did real work in other windows. Fifteen minutes later it was done. Helps that I had a decent internet connection (no more, alas, since I've moved) and a solid-state drive instead of spinning platters. For doing anything with a Mac, you really need an SSD and 16GB of RAM. Once you have that, OSX works beautifully, and XCode starts up instantly. Without an SSD and plenty of RAM, you're fucked.

    10. Re:Why would any developer ever download this? by Gr8Apes · · Score: 1

      XCode only took 5-10 minutes to download and install, even on a really crappy broadband connection. Yes, it's 1.5GB. But at even 1.5Mbps average download it's just a shade over 2 hours. So how bad exactly was your "quick and stable connection" since every cable and fiber connection advertises speeds in excess of 10 Mbps these days in the US?

      --
      The cesspool just got a check and balance.
    11. Re:Why would any developer ever download this? by Gr8Apes · · Score: 2

      For doing anything with a Mac, you really need an SSD and 16GB of RAM. Once you have that, OSX works beautifully, and XCode starts up instantly. Without an SSD and plenty of RAM, you're fucked.

      That is true for any system. I ran a cleaned XP on an SSD - it's amazing how fast it is. Same with Win7. Or Linux. Or OS/2 (in a VM even). It's amazing what a 10 fold increase in disk I/O and a 100 fold decrease in latency will do for performance.

      --
      The cesspool just got a check and balance.
    12. Re:Why would any developer ever download this? by Anonymous Coward · · Score: 0

      Let me explain why they don't download from the official site.
      It's because of Great Fire Wall censorship. In mainland China, all traffic to the foreign countries are crappy as hell, if it's not interrupted by the GFW. It would take them months to download Xcode from official App Store. That's why they need to download from unofficial sources to keep up the pace of the development environment.

    13. Re:Why would any developer ever download this? by Anonymous Coward · · Score: 0

      I guess you've never installed Visual Studio, then. Even from a DVD it is quite a long process.

      Christ you apologists are quick off the mark. The deficiencies of Visual Studio have absolutely zero significance on the shitfullness of the Xcode download/installation/update process nor does presenting this process give any indication as to whether or not the user has ever installed Visual Studio. Seriously we get that you love Apple and feel a need to defend them at every possible opportunity but perhaps you can take control of your Apple-loving urges a little more?

    14. Re:Why would any developer ever download this? by macs4all · · Score: 1

      The deficiencies of Visual Studio have absolutely zero significance on the shitfullness of the Xcode download/installation/update process

      I was merely trying to point out that IDE installs in general are often kinda long.

    15. Re: Why would any developer ever download this? by Rosyna · · Score: 1

      Slow installation of Xcode? Xcode doesn't have an installer. You either download the app and copy it to wherever via drag and drop or grab it from the Mac App Store.

    16. Re:Why would any developer ever download this? by Plumpaquatsch · · Score: 1

      it used to cost $5 many years ago because of weird accounting

      I bet you also believed the line about OS X updates having to cost money because of the Sarbanes Oxley Act.

      Apple charges what they do because people pay. There is absolutely no accounting or SARBOX voodoo involved.

      Actually, that would be a SEXCONKER OXSHIT ACT issue, because you just made it up.

      --
      Of course news about a fake are Fake News.
  2. Actually, the opposite by Rosyna · · Score: 5, Informative

    It's actually the opposite. It's much, much less malicious that people say. The source code is available.

    For one, it cannot be used for phishing attacks. The UIAlertView is shows has no text input fields and it never attempts to get anything from the dialog other than the integer value of the button that was pressed.

    It also cannot get the UDID of the device because it uses -identifierForVendor which is a UUID that is specific to that specific app, so it can't be used to track users. iOS can and will change it.

    It can't be used to dial premium services either as iOS always shows a dialog when opening telephone URLs and iOS 9 always shows a dialog when using URLs that open another app. But the fact it can open Twitter so what? It can't do anything with that. It can't control Twitter.

    This functionality was actually designed to open the App Store so the user can review/rate the app or to show users similar apps.

    It's even significantly less bad than most ad/analytics packages.

    1. Re: Actually, the opposite by Rosyna · · Score: 2

      It seems you didn't actually bother to look at the source code? It doesn't not attempt to phish anything. I even linked to the precise line of code for the alert creation.

    2. Re:Actually, the opposite by sribe · · Score: 1

      Not informative, in fact disingenuous. Mod down.

      Perhaps you'd like to point out the (alleged) inaccuracies?

    3. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      Read the network world article attached genius.

    4. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      "You're holding it wrong."

      That's basically Apple's response to every major mess-up. Hey, it works!

    5. Re: Actually, the opposite by Rosyna · · Score: 4, Informative

      Because you can verify that it's the same code by simply looking at the disassembly in the Palo Alto Networks articles?

      The author of said article confirmed it was the same source code and updated his post after I pointed out the discrepancy.

    6. Re: Actually, the opposite by Rosyna · · Score: 3, Informative

      First, I'm not "some poster" and two, I'm suggesting you read the updated article that says phishing is not possible with XcodeGhost.

    7. Re: Actually, the opposite by Rosyna · · Score: 1

      The Network Workd article that is full of inaccuracies. Hell, anyone that's used iOS should know a dialog is shown before any number can be dialed.

    8. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      Apparently your skills need some help.

      Palo Alto Networks said that "the malicious code that Xcode Ghost embedded into infected iOS apps is capable of receiving commands from the attacker through the C2 server to Prompt a fake alert dialog to phish user credentials; Hijack opening specific URLs based on their scheme, which could allow for exploitation of vulnerabilities in the iOS system or other iOS apps; Read and write data in the user's clipboard, which could be used to read the user's password if that password is copied from a password management tool."

      http://www.realtytoday.com/articles/36811/20150921/apple-app-store-update-39-malicious-apps-made-through-xcodeghost.htm

    9. Re: Actually, the opposite by sexconker · · Score: 1

      I for one would rather trust a -1 moderated, AC post on /. than any article written by a "security researcher" who has a vested interest in lying.
      In this case, the /. post even makes sense and provides evidence, unlike the "article" we're discussing.

    10. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      And Palo Alto reported an entirely different description than you. Clearly you're a novice...

    11. Re: Actually, the opposite by Rosyna · · Score: 1

      Sigh. You do realize that I linked to a newer article that says they made a mistake about the capabilities? You could have at least read thatâ¦

    12. Re: Actually, the opposite by Rosyna · · Score: 1

      Huh? Here's what the article I just linked to says:

      In previous reports, we discussed that XcodeGhostâ(TM)s malicious code can be used for phishing by prompt deceptive alert dialog with built-in remote control functionalities. Here we actually made a mistake in our initial reporting. In the current version of the code, XcodeGhost cannot be directly used to phish iCloud passwords. However, by changing a few simple lines of code, it can do that. .

      In iOS, if an app prompts a dialog by the UIAlertView class, thereâ(TM)s a property alertViewStyle to specify which kind of dialog it wants to show. For example, if a password input dialog is needed, the property should be assigned to UIAlertViewStyleLoginAndPasswordInput. If the iOS developer didnâ(TM)t specify any value, by default the dialog will have no input form but is just an alert with message and buttons.

      We checked all versions of malicious files in XcodeGhost we have available, and didnâ(TM)t find any one of them specified this property when prompting the alert dialog. Hence, current XcodeGhost cannot be directly used for iCloud password phishing.

    13. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      Sigh. You do realize that I linked to a newer article that says they made a mistake about the capabilities? You could have at least read that

      Ya, I read that. The article states that while the existing code they've analyzed can't do it, it's a relatively simple matter to change the code and it would be possible. Just because it hasn't been observed in the wild doesn't mean it doesn't exist, or won't exist tomorrow.

      The concern is less about the specific malware observed and more about:
      a) How it got into the affected Apps
      b) How those Apps made it past review and into the market
      c) How the malware *could* be used for some pretty severe activity, despite the constant pro-Apple drumbeat about having ironclad security on all things Apple.

      No matter how much you try to perform damage control and attempt to divert attention from the issue, those problems remain.

    14. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      So what you're saying is that it was possible, but for some reason the original malware writers decided not to?

    15. Re: Actually, the opposite by ilsaloving · · Score: 1

      *pat pat* There there.

      You have the support of people who actually look at code for a living. :)

    16. Re: Actually, the opposite by Rosyna · · Score: 1

      Wait, you seriously said, "Sure, while XcodeGhost doesn't do anything they say XcodeGhost does, a totally different piece of malware could possibly do it in the future. Maybe."?!

      Then in what way would that have anything to do with XcodeGhost, which these articles are about?

      The entire reason an Xcode infected with malware even ran is because the developers that fell for it had to explicitly bypass gatekeeper (Mac OS X's built in anti-malware), which otherwise prevents the infected Xcode from launching.

    17. Re: Actually, the opposite by Rosyna · · Score: 1

      If they had done it, it wouldn't have been the same malware or the same code. These articles are about the actual XcodeGhost malware in the wild. Not some made up version everyone seems to wish existed.

    18. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      I also have sympathy for Rosyna. An ignorant AC is moderately easy to ignore. An AC that smugly revels in their ignorance is difficult bait to resist.

    19. Re:Actually, the opposite by gnu-sucks · · Score: 1

      Ok, I read the article you linked to. Very interesting.

      What I do not understand is how the source code was "found". I understand how to use a disassembler, but that would not yield such readable code.

      Can you comment on this?

      Thanks for linking to the article.

    20. Re:Actually, the opposite by gnu-sucks · · Score: 1

      I think I answered my own question, and the answer is obvious:

      They distributed this malicious program as an SDK with source code inside the Xcode install. So it's not just a binary library that gets linked against, it's the code too. Is that correct?

    21. Re: Actually, the opposite by Rosyna · · Score: 1

      The author of XcodeGhost released the source after they heard what was happening. It includes an apology at the bottom (in Chinese) that makes it seem like it was just a proof of concept and he had no intention of it getting out but was picked up and spread via Baidu by others.

      The PoC angle would explain why it looks so damn much like any other basic analytics package. This is also likely why Apple's app scanners didn't pick it up, it doesn't do anything that's not permitted. The only weirdness is that it tries to hide from the debugger, but that's also done by legitimate apps that use DRM.

      I found about about the code on GitHub from a fellow Mac/iOS developer/reverse engineer. As for getting samples of the actual infected Xcode, the author of the Palo Alto Networks article uploaded it to his DropBox account so others could confirm the findings and detect the malware. That's where I got the infected Xcode from for my own tests.

    22. Re: Actually, the opposite by angel'o'sphere · · Score: 1

      Gatekeeper is not preventing third party apps from launching, it only asks: "look, this is a third party app, downloaded from the internet, do you want to launch it anyway?"
      Guess what I answer: yes!

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    23. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      yuo sound like an apple shill spreading peace and happiness to all your apple drones

    24. Re: Actually, the opposite by Rosyna · · Score: 1

      That Palo Alto article has been updated it now includes

      UPDATE September 21: In the current version of the code, XcodeGhost cannotbe directly used to phish iCloud passwords.

    25. Re: Actually, the opposite by Rosyna · · Score: 1

      So where exactly is the OK or Open button on the dialog I just posted a screenshot of?

    26. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      Gatekeeper is not preventing third party apps from launching, it only asks: "look, this is a third party app, downloaded from the internet, do you want to launch it anyway?"
      Guess what I answer: yes!

      No actually gatekeeper isn't that dialog, that is quarantine. In this case OS X wouldn't let the Xcode run because its signature wouldn't match Apple's. They had to turn off gatekeeper explicitly.

      quarantine - https://support.apple.com/en-us/HT201940
      gatekeeper - https://support.apple.com/en-us/HT202491

    27. Re: Actually, the opposite by k2r · · Score: 1

      checks the signed hash of the application against the current hash and keeps the application from starting if it differs because obviously something altered the application.
      You can override this and it will not ask you again.

      You can configure which kind of signature to accept: Only App-Store Applications or any registered developer.
      Or you can switch it off completely, which is stupid.

      What you mentioned are the file-quarantine extended attributes that are set by Safari et al if a file has been downloaded from the net.
      On the initial run of a quarantined binary this enforces verifying the users intention and a check against a list of known malware.
      Files from some known well-known applications are quarantined per default or developers can turn this feature on for their application.
      This is a measure against unintentional execution of unknown binaries (drive-by-download?) and - again - it can be disabled.

    28. Re: Actually, the opposite by angel'o'sphere · · Score: 1

      Why do you ask? It is a damaged executeable ... or so the dialog says.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    29. Re: Actually, the opposite by angel'o'sphere · · Score: 1

      Or you can switch it off completely, which is stupid.
      Care to explain why? I know what I download from where and can judge how safe it is.

      (drive-by-download?)
      What is that supposed to be?

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    30. Re: Actually, the opposite by Anonymous Coward · · Score: 0

      yuo forgot to ask if we wanted frys wit that

    31. Re: Actually, the opposite by Rosyna · · Score: 1

      Why do you ask? It is a damaged executeable ... or so the dialog says.

      Is this some kind of weird, surreal art project of yours? You just asked in response to my post that included a screenshot of the dialog:

      Gatekeeper is not preventing third party apps from launching, it only asks: "look, this is a third party app, downloaded from the internet, do you want to launch it anyway?"
      Guess what I answer: yes!

      There is no OK, Open, or "Yes" button on that Gatekeeper dialog.

    32. Re: Actually, the opposite by angel'o'sphere · · Score: 1

      Yes, and your dialog does not show up because you started a downloaded application, it shows up because the file you try to start is damaged!!!

      So again, what is it you want to say? I don't get it.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    33. Re: Actually, the opposite by Plumpaquatsch · · Score: 0

      "You're holding it wrong."

      That's basically Apple's response to every major mess-up. Hey, it works!

      http://dontholditwrong.tumblr....

      --
      Of course news about a fake are Fake News.
    34. Re: Actually, the opposite by Plumpaquatsch · · Score: 1

      So what you're saying is that it was possible, but for some reason the original malware writers decided not to?

      Probably because that would have led to the malware being detected by Apple's app checking, resulting in the loss of bragging rights for "First major malware attack on Apple's App Store".

      --
      Of course news about a fake are Fake News.
  3. Re:Apple is for cows by Anonymous Coward · · Score: 0

    Come on sexconker, we know it's you.

  4. UUID can be generated by MatthiasF · · Score: 0

    The use of [[UIDevice currentDevice] name] and [[UIDevice currentDevice] identifierForVendor] (as well as several other pieces of information including App Name, App Version, OS Version, Language, Device Type, Location, etc.) are enough to not only create a generated Unique ID for each device to track on the analytic side but also all of the Apps infected by the malicious code.

    The people tracking the smartphones do not need the actual local device UUID if they can get enough information to generate their own.

    I agree with other's calls to mod parent down. Does not seem to understand the fact the list of information being digested by the hack and the access being granted is enough to be used for malicious tracking and phishing.

    1. Re: UUID can be generated by Rosyna · · Score: 2

      The name might be (although it's easy to change it to an arbitrary value in Settings -> General -> About and can't really be considered a unique value), but the identifierForVendor is not. It's only the same for apps with the same bundle ID prefix on a device (apps from the same developer). Different infected apps will have entirely different identifiers.

    2. Re: UUID can be generated by MatthiasF · · Score: 1

      Having a UUID on a per Application or Developer basis is in fact better for the attacker. Then they can carefully create a phishing dialog that fits in with the design or behavior of that particular App or package and then associate any information garnered from the user to the particular device and app installation.

      Without the altered library inside the actual app, they cannot do this because apps are jailed (or whatever Apple calls it).

    3. Re: UUID can be generated by Rosyna · · Score: 1

      They have the app name, there's no reason to do that with a UUID

      But as I mentioned before, there's no phishing support in XcodeGhost as their use of UIAlertView doesn't allow for any text input fields. Even if a different malware tried to phish with a fake dialog, real Apple ID password dialogs on iOS never have a blank entry for the username, it's always part of the dialog text because iOS knows what your Apple ID is. This makes it significantly easier to not be fooled by just taking a cursory glance of the dialog.

  5. Re:Apple is for cows by sexconker · · Score: 1, Troll

    It's not, moron. I don't post AC like you do, and I haven't mooed in a long time because I got bored of it.
    Feel free to peruse my history - I've mooed many times under my name, yet you keep linking to one example as if it were a slip up you "caught".

  6. Poor mans ken Thompson attack by goombah99 · · Score: 2

    yawn. This is vaguely interesting in the sense it's novel for using a ken Thompson compiler attack. But it's not an apple problem but a cheapskate developer problem . Morons saved themselves $99 dollars and use unsigned non apple compilers. Dumbasses. Apple just figured out there's dumbasses submitting code. Should be easy to detect non official compilers in the future I would think.

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re: Poor mans ken Thompson attack by Anonymous Coward · · Score: 2, Insightful

      NO. NO. NO. It isn't even a cheapskate developer problem.

      They did not save themselves $99. They saved nothing except the time it took to download from Apple's servers vs local China servers.

      To submit an app, you have to pay. To download Xcode, you do not have to do so. So if their app is in the app store, no matter where they got the dev environment, they had to pay to submit an app (or any number of apps).

      It is a stupid developer problem, OR a smart Chinese government who slowed downloads via the great firewall enough to get people to download infected local copies.

    2. Re: Poor mans ken Thompson attack by macs4all · · Score: 1

      yawn. This is vaguely interesting in the sense it's novel for using a ken Thompson compiler attack. But it's not an apple problem but a cheapskate developer problem . Morons saved themselves $99 dollars and use unsigned non apple compilers. Dumbasses. Apple just figured out there's dumbasses submitting code. Should be easy to detect non official compilers in the future I would think.

      They didn't save themselves $99 (631 Yuan). XCode is FREE; the Developer License costs money.

    3. Re: Poor mans ken Thompson attack by Rosyna · · Score: 2

      It's not that they were trying to bypass a payment (Xcode is free to download). It's that Apple's severs are just so damn slow if you can't get access to their content distribution network. Sadly, this is pretty much the case of everyone in China due to the Great firewall of China that strangles access to non-China networks.

      It also used to be true if you used Google DNS because previous primary Apple's CDN, Akamai, used DNS to route traffic. In that case, many developers would rather use BitTorrent to grab Xcode than to disable Google DNS.

      The real issue is the fact that these developers disabled Gatekeeper. Gatekeeper would have prevented infection.

  7. Re:Apple is for cows by Anonymous Coward · · Score: 0

    Sounds legit.

  8. Secure the toolchain? by Anonymous Coward · · Score: 0

    Probably a testament to iOS security (The walled garden keeps the bad guys out too) that the malware goons are resorting to attacking the developer toolchain to get a foothold.

    Also illustrates what are probably poor developer relations with developers in China, as they seemed to prefer to get their xcode from dodgy ad-hoc local repositories instead of official ones.

    Wonder if this will cause apple to look in to some sort of toochain security/authentication/signing. - Only letting apps in if the toolchain is verified at compile time. Sure there would be ways around that but it would help mitigate this sort of watering hole attack.

  9. Re:ZOMG, Apple can have malware by macs4all · · Score: 1

    It is funny, how people believe that Apple somehow protects them from malware. In reality, all the testing done in their appstore concentrates on verifying that apps do not have a mechanism for payments that bypass Apple. Anything is ok as long as Apple gets their cut.

    Citation, hater?

  10. Gatekeeper by k2r · · Score: 1

    The first word would have been

    "Gatekeeper"

  11. Re:ZOMG, Apple can have malware by Ravaldy · · Score: 1

    Don't you hate those haters who can't be impartial?

    Of course all platforms have holes at one point in time. No need to invent some or pray for one just because one's platform of choice is inferior or appears inferior to Apple's or any other for that matter.

    For one, I mostly work in the MS world because that's what I specialized in. Today it's rewarding but I have no trouble pointing out it's weaknesses and other OSs strengths. That's what good tech people do. They advise the best tech for the job.

  12. The real story is OS X, or something ain't right by Stewie241 · · Score: 1

    The real story is OS X and somehow Apple getting signed code wrong. Maybe some folks had a connection that was super slow and had trouble getting XCode directly from Apple.

    However, presumably, the people using XCode are developers. And somehow, they managed to install software that was presumably not properly signed.

    Which really makes one worry about the state of mobile development.

    On the other hand, the fact that one could build apps, compile them a little bit different and slip them into the app store is a little concerning. Maybe it was the fake XCode author, maybe it was the app developer, but obviously something isn't being sniffed out right during app vetting.

  13. Re:Couldn't be any worse than iOS itself! by Anonymous Coward · · Score: 0

    Yes it could. It could be Android.