![]() ![]() ![]() ![]() And on Tuesday Weinmann said that after checking the OCSP (Online Certificate Status Protocol) status of the Hacking Team developer certificate, he found that Apple had revoked it early that morning. Those developers are required to have a code-signing certificate and Apple monitors the security and integrity of their apps. Apple has in the past revoked certificates and ejected developers from the program for various reasons. One of the main protections that Apple offers iOS users is the way that it vets and monitors the developers who write apps for the App Store. It’s a separate program from the normal app developer program, which gives participants the ability to get signed apps into the Apple App Store. ![]() The certificate would not have given the company the ability to get signed apps into the App Store, but it shows that Hacking Team had the ability to gain some legitimacy with software companies.Īpple’s enterprise developer program is designed to allow individual enterprises, educational institutions, and other organizations to develop and sign iOS and OS X apps to be distributed to internal users. That certificate would give Hacking Team the ability to sign iOS and OS X apps and distribute them internally to their employees. On Monday afternoon, German security researcher Ralph-Philipp Weinmann posted on Twitter the details of the enterprise developer certificate issued to Hacking Team. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to develop internal apps, but could not get its malware onto iOS devices. More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |