|
Title: Increasingly popular "hot patching" update tool for iOS apps puts users at risk Post by: HCK on January 30, 2016, 03:00:14 am Increasingly popular "hot patching" update tool for iOS apps puts users at risk
<article> <section class="page"> <p>An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple’s normal review process, potentially opening the door to abuse and security risks for users.</p><p>The technique is a variation of hot patching, which is a way of dynamically updating a system or application without restarting it. In this case, an iOS application is updated without the developer having to submit a new version to the official iOS app store and then wait for Apple’s review of the changes, which can be a lengthy process.</p><p>An implementation of this hot patching method comes from an open-source project called JSPatch, which provides an engine that app developers can integrate into their apps and which bridges JavaScript code to Objective-C, the programming language used by iOS apps.</p><p class="jumpTag"><a href="/article/3027573/security/increasingly-popular-update-technique-for-ios-apps-puts-users-at-risk.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Increasingly popular "hot patching" update tool for iOS apps puts users at risk (http://www.macworld.com/article/3027573/security/increasingly-popular-update-technique-for-ios-apps-puts-users-at-risk.html#tk.rss_all) |