Forgot your password?
typodupeerror
Communications Iphone Security Apple

Malicious Websites Can Initiate Skype Calls On iOS 177

Posted by Soulskill
from the buck-passing dept.
An anonymous reader writes "In this article, security researcher Nitesh Dhanjani shows how iOS insecurely launches third-party apps via registered URL handlers. Malicious websites can abuse this to launch arbitrary applications, such as getting the Skype.app to make arbitrary phone calls without asking the user. Dhanjani 'contacted Apple's security team to discuss this behavior, and their stance is that the onus is on the third-party applications (such as Skype in this case) to ask the user for authorization before performing the transaction.' He also discusses what developers of iOS apps can do to design their software securely and what Apple can do to help out."
This discussion has been archived. No new comments can be posted.

Malicious Websites Can Initiate Skype Calls On iOS

Comments Filter:

Whoever dies with the most toys wins.

Working...