An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple’s normal review process, potentially opening the door to abuse and security risks for users.

The technique is a variation of hot patching, which is a way of dynamically updating a system or application without restarting it. In this case, an iOS application is updated without the developer having to submit a new version to the official iOS app store and then wait for Apple’s review of the changes, which can be a lengthy process.

An implementation of this hot patching method comes from an open-source project called JSPatch, which provides an engine that app developers can integrate into their apps and which bridges JavaScript code to Objective-C, the programming language used by iOS apps.

To read this article in full or to leave a comment, please click here