JavaScript trojan horse found out in iOS 6 “Good App Banner”


smart-app-banners-1An unusual bug  was detected in iOS 6 with Smart App Banners  function. Banners browser Safari, reports that, for a given site, you can download the mobile application from the App Store, automatically enable JavaScript in iOS without the knowledge and express consent to do so by the user.

At first glance, such a behavior of the operating system is not something worthy of attention. Most users do not disable JavaScript settings on your iPhone, so many sites on the internet working with this technology. But the fact that the “smart” banners can include function independently, worrying experts who called it “a serious security vulnerability and personal information.”

“It’s a safety issue, the issue of privacy and trust, – the expert said Peter Eckersley of the Electronic Frontier Foundation organization. – Can we then trust something programming interface? This is definitely a bug that should be fixed as soon as possible. ”

However, not all observers share the position Exley. Expert in the field of information security Lisa Myers from the company Intego does not consider “the situation with JavaScript» big problem. “While it can not be considered normal, by itself it is not a big problem,” – she said.


Reproduce the issue with JavaScript in iOS 6 as practice:

  1. Stop Safari and go to Settings iOS.
  2. Go to Safari and scroll all the way down to the Safety part. Disable JavaScript.
  3. Now open Safari and go to the website online of Sensible App Banner
  4. Shut the browser and return to the setup iOS.
  5. Once more, go to the part Safari and have a look at the place of the change JavaScript.

Follow us on Twitter, subscribe to our Facebook Page, find us on LinkedIn