CNET también está disponible en español.

Ir a español

Don't show this again

Phones

iOS bug puts your data at risk

An Apple hacker has revealed a bug in iOS that could let someone steal your photos, contacts, and even send texts without you knowing.

If you think your iPhone is safe because of Apple's closed door policy on its operating system, think again.

A notorious Apple hacker has said a bug in iOS lets someone steal your photos, contacts, and even lets them send texts from your handset without you knowing. We bet you're not feeling quite so secure now.

Android is known as less secure because of its open source nature. But Charlie Miller, a researcher at Accuvant and well-known Apple hacker, told CNN that Apple's App Store isn't anywhere near as safe as believed.

"Until now, you could just blindly trust and download as many apps as you wanted and not worry about it," he said. "But until they fix this, you really should think twice about any apps you're downloading, because they could be malicious."

Miller told Apple; Apple replied a fix was in the works, and banned him from the iOS developer program for a year, according to Miller. He hasn't given exact details of the bug, as ne'er-do-wells could take advantage, but he does plan to show how it works at a security conference in Taiwan.

If said ne'er-do-wells were to find the security flaw, they could install malicious code through any app onto the device. This would let them steal your contacts, photos, and even let them send texts without you knowing. Which may well raise a few eyebrows among your friends. 

Apple checks each app before approving it for the App Store, keeping it free from malware. And it is still more secure than Android Market, Miller said. "I'm very happy with the way (Apple has) designed the system to prevent malware. It's really the ideal situation."

Though he was a little annoyed about being blocked from the developer program. "I think it's pretty rude," he said. "If you think about what I'm doing -- I'm pointing out a flaw that would affect everybody and that the bad guys could use to install malware. And they're not paying me, I'm just doing it to be nice."