Fallacy of the Sandbox

Interesting article about how some App Developers were able to get an app on the App Store that stole important data from other apps.


Like the TSA, I maintain that it’s security theater.

What surprised me is that some of the ways in which they broke the Sandbox were so simplistic! Like having a helper application with the same bundle id as the application you want to attack.

Well, don’t go posting any more nude selfies online for a while. :wink:

Darn it…

it’s remarkable that there is still no comment on this by Apple… this flaw is known for a half year the article says.