Last week a clever, duplicitous fifteen-year-old got Apple to approve an iPhone flashlight app which contained a secret tethering utility. A few days later, Citi told users of its iPhone mobile banking app that it was storing personal information in a manner which might have left it vulnerable to misuse by other apps or hackers.
Neither incident represented a security disaster, but both provided sobering evidence that the iPhone’s level of security is less than airtight. The tethering app’s acceptance showed that it’s possible to sneak hidden code past Apple’s approval process, and the Citibank storage glitch was a useful reminder that iPhone apps aren’t completely isolated from each other.