Unfortunately, it’s easy for an app developer with malicious intent to create a pop-up dialog in iOS that exactly resembles a system-level message prompting for a password. Felix Krause, like other iOS developers and security advocates, have taken issue with this for years. Krause is the founder of fastlane, a project designed to speed app release by automating all the app-store metadata and required elements.
His post on October 10 received due attention, because he created visualizations of a user interface problem Apple needs to tackle. Few malicious apps make their way to the App Store, and they’re usually stopped before they can do much or any harm. However, an attacker who subverted an app’s internal repositories and was able to insert code could do just as much harm as an designed to phish intentionally.
To read this article in full or to leave a comment, please click here
