Thursday, March 6, 2008

How long til the iPhone App store hacker challenge?

As most of the tech industry knows, Apple launched its long-awaited iPhone SDK on Thursday.

With the move Apple has gone more corporate with its iPhone (Techmeme) and talked a good security game by offering features like remote wipe. Here’s a snippet via Tom Krazit from the Q&A with the press that’s almost begging for a hacker contest:

Q: What sort of safeguards did you use to make sure the applications will be secure?
A: This is a big concern, (Apple CEO Steve) Jobs says. “We’ve tried to strike a really good path here. On one side, you’ve got a closed device like the iPhone, and on the other side you’ve got a Windows PC, where people spend a lot of time just getting it up to speed.” Apple has done that through a developer registration program, which is mandatory. Apple is using the electronic certificate method, where developers can be tracked when they release an application. If it’s a malicious one, Apple can “shut off the spigot” if need be, turning off the App Store.

You can almost see where this is headed. The challenge will be to create malicious software that won’t be detected to get through Apple’s spigot.


No comments: