It's quite trivial to setup a method that implements "NSSelectorFromString" [1] etc.. and have it read from a Json payload send from a server. It's very hard for Apple to check for that unless they have active monitoring on apps after the review process.
Right. Any runtime behavior can be altered by observed state from outside the phone.
There's even a paper on intentionally inserting security flaws into your code and then exploiting them from your own server to change execution patterns:
Ultimately, you need to enforce access control instead of just trying to detect problems a priori. Apple's sandbox is a great start to that, and I expect they'll keep improving it to block apps like these.
The state doesn't even have to be from outside the phone. You could have an internal timer that kicks off 2 weeks after you've submitted to the App Store (to allow for unexpected delays) and switches on the evil behavior.
NateLawson|10 years ago
There's even a paper on intentionally inserting security flaws into your code and then exploiting them from your own server to change execution patterns:
https://www.usenix.org/conference/usenixsecurity13/technical...
Ultimately, you need to enforce access control instead of just trying to detect problems a priori. Apple's sandbox is a great start to that, and I expect they'll keep improving it to block apps like these.
jandrese|10 years ago