Support Our Site
Get Better Gear!
- Notability For iPad: Much More Than A Note Taking App from Ginger Labs, Inc, US$0.99
- Scosche’s RH656m Headphones With Microphone Are Wonderful from Scosche, US$129.99
- IPEVO’s Typi Folio Case & Keyboard for iPad is First-rate from IPEVO, US$79.99
- Scosche’s boomSTREAM BT Speaker: Features & Compromises from Scosche, US$99.95
- FX Photo Studio HD: iPad Painting of Effects Made Easy from MacPhun LLC, US1.99
Premier Sponsors
Top 5 Free Apps
iTunes New Music Releases
Top 5 Paid Apps
Discover New Music
- Harvey Danger
The sophomore effort from Harvey Danger, I was really looking forward to this followup to "Where Have All the Merrymakers Gone?" Unfortunately, "King James Version" failed to deliver any of the bri
- The Stooges
Another pillar of my musical foundations, The Stooges' first album is one those records whose influence far outweighed its popularity. Like The Velvet Underground & Nico, hordes of people wh
- The Strokes
The Strokes set the music world on fire with this 2001 album, with headlines declaring that the New York band was here to save Rock and Roll. While the band hasn't made as much of a splash since t
- Fantomas
Mike Patton may well be one of the hardest working men in showbiz these days, and his latest with Fantômas underscores just about how far out he is willing to travel.
Suspended Animation
Bowie at Beeb: Best of BBC Radio 68-72
- David Bowie
The companion CD to a BBC television concert, BBC Radio Theatre has some of the best renditions of many of Bowie's best songs throughout his career. "I'm Afraid of Americans" is substantial
Reader Specials
Visit Deals On The Web for the best deals on all consumer electronics, iPods, and more!
News
Charlie Miller: iPhone Vulnerabilities and Ethical Issues
Sunday, August 19th, 2007 at 4:00 PM - by John Martellaro
Charlie Miller found a vulnerability in the Apple iPhone that could have allowed a malicious Website to break into the phone and capture personal information. The flaw has since been fixed, and Mr. Miller described the dealings he had with Apple and the ethical quandaries associated with these vulnerabilities in an interview with Dean Takahashi at the TechTalk Blog.
When Mr. Miller, who works for Independent Security Evaluators. discovered the flaw in the iPhone’s Safari, he sent an e-mail to the official address at Apple for reporting bugs. However, he also advised them that he would be discussing the flaw at the Black Hat Conference on Aug 2.
The idea was to force Apple to act. The result was iPhone update 1.0.1.
However, dealing with Apple was a murky process. While they treated him well, no individual at Apple was ever associated with the e-mails -- which is Apple’s policy. They even asked him specifics on [the spelling] of his name because Apple knows that researchers want credit for their findings. Overall, Mr. Miller was pleased with his dealings with Apple. "They weren�t mean. They were nice. I give them an A minus," Mr. Miller said.
Even so, ethical issues get very sticky. While Mr. Miller didn’t ask for money this time, others have. Some companies consider that blackmail. On the other hand, how do researchers who find critical flaws get compensated for what they do?
It can get even more complicated when warning the U.S. Government. "I was talking to a federal guy last night and he was saying that if you warn the government about a bug, some of them would like to warn everyone about it. But another part of the government might want to exploit it," Mr. Miller said.
Once, Mr. Miller sold key information about a bug to the U.S. Government. "I caught a lot of criticism. They wanted me to responsibly disclose it. For nine months, I knew about something and a lot of people were at risk. My answer is it was the U.S. government. I trust them with my tax dollars. I don�t think it is totally unethical to help my government do whatever they want to do with it. It�s not like I sold it to a terrorist. For me, it was ethically fine. But I was in the minority if you would have read my emails. A lot of people thought it was unethical," the researcher concluded.
Mr. Miller plans to start researching tools that help find these kinds of vulnerabilities. Even so, the dealings one has with a company like Apple, and the ethical issues involved remain murky at best.
Recent Headlines
- Reading, Writing, & Saving the World
- Free Retro Gaming for iOS - Activision’s Kaboom!
- Apple Adds Chomp Bits to iOS 6 App Store Discovery
- Notability For iPad: Much More Than A Note Taking App
- Scosche’s RH656m Headphones With Microphone Are Wonderful
- Tim Cook & Larry Page Reportedly Discuss Patents
- Analysis: Amazon Kindle Fire Sold Out, Kindle Fire 2 Pic Leaked
Post Your Comments