Russian hacker Alexey Borodin who created exploits for old version of ios has said this week that hacking game has come to an end due to the release of a new ios 6 version. For him its all over just for now and to his chat on the subject, he said that he’ll still be keeping his exploit up for download even though it no longer works in the current version of Apple’s iOS but he will be working to keep security strong in the system which is his ultimate goal, he adds.
The hack that Borodin used had him only needing a receipt with which he could then authenticate a purchase. He used a fake in-app purchase server, a custom DNS server, and some emulation of Apple’s verification process to make his whole system work. With this system outside of Apple’s control, many 3rd party attacks could very well go on with exploits galore – on either end of the equation.
Today Borodin has found that Apple’s solution to the exploit he discovered is very much a solution to the possible problem. He’s declared that iOS 6 is indeed as safe as Apple can make it, for now, and that he’ll continue work once the next version appears on actual non-beta devices.
Borodin says “By examining last apple’s statement about in-app purchases in iOS 6, I can say, that currently game is over. Currently we have no way to bypass updated APIs. It’s a good news for everyone, we have updated security in iOS, developers have their air-money.”
