Long overdue: HTTPS for the App Store

Early July 2012, I reported to Apple numerous vulnerabilities related to their App Store iOS app. Early March Apple finally issued a fix for it and turned on HTTPS for the App Store. I am really happy that my spare-time work pushed Apple to finally enabled HTTPS to protect users. This post discuss the vulnerabilities I found.

Attacks included Password stealing, App swapping, App fake upgrade, Preventing application installation, and Privacy leak — All made possible by simply intercepting and manipulating the HTML that’s being used by the App Store app.

 password = prompt("Apple ID Password","");
 var s = document.createElement('script');
 s.type = "text/javascript";  
 s.src = "fakepassword=" + password;
 var script = document.createTextNode(s);

May this be a lesson for all those offering services out there to enable SSL and route all traffic over HTTPS.

Apple finally turns HTTPS on for the App Store, fixing a lot of vulnerabilities →

Published by Bramus!

Bramus is a frontend web developer from Belgium, working as a Chrome Developer Relations Engineer at Google. From the moment he discovered view-source at the age of 14 (way back in 1997), he fell in love with the web and has been tinkering with it ever since (more …)

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.