Increasingly popular "hot patching" update tool for iOS apps puts users at risk<article>
<section class="page">
<p>An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple’s normal review process, potentially opening the door to abuse and security risks for users.</p><p>The technique is a variation of hot patching, which is a way of dynamically updating a system or application without restarting it. In this case, an iOS application is updated without the developer having to submit a new version to the official iOS app store and then wait for Apple’s review of the changes, which can be a lengthy process.</p><p>An implementation of this hot patching method comes from an open-source project called JSPatch, which provides an engine that app developers can integrate into their apps and which bridges JavaScript code to Objective-C, the programming language used by iOS apps.</p><p class="jumpTag"><a href="/article/3027573/security/increasingly-popular-update-technique-for-ios-apps-puts-users-at-risk.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
Increasingly popular "hot patching" update tool for iOS apps puts users at risk