Myth 12: Applications can securely manage access control and enforce process rules. Applications can be easily manipulated to bypass any kind of access control or sanity check, whether on the victim's device or on a copy running on an attacker's device at a later time. Manipulating Objective- C applications is very easy, and much more is at risk than just hacking free hours into your Internet music player. Physical Access Is Optional We've established that stolen or "borrowed" devices are easy to hack. Physical security is commonly the biggest reason some developers dismiss the notion of stolen data. After all, if someone can steal your wallet with your credit cards, you're also going to be in for a considerable headache. Historically, a limited number of remote code injection vulnerabilities have been discovered and exploited for iOS. Fortunately, the good guys have found the ones we presently know about, but that is not to say criminal hackers won't find future remote code injection exploits. The most notable of these exploits include the following: · A TIF image processing vulnerability, several years old, was discovered to exist in an older copy of the libraries used by applications in earlier versions of iOS. This allowed an attacker to load and execute code whenever the device loaded a resource from the Safari web browser. This attack could have also been used to exploit the