His colleague, PhD candidate Luyi Xing, noted that "Apple should do something to enforce scheme management" as well. However, Xing said that it boils down to being a design problem, rather than an app implementation issue. That will require some deep rethink at Apple, and put some burden on developers as new authentication and registration procedures make their way into App Store requirements.
Because the flaws can only be exploited by apps that make it into the App Store, that provides a firewall for now.
Sign up for CIO Asia eNewsletters.