Charlie Miller, a former NSA analyst that now works for security firm Accuvant, has taken it as a personal challenge to find exploits in Apple’s products since 2007. After his latest discovery however this dedication backlashed, and Apple went as far as terminating his developer license.

Apple’s fairly criticized approach of controlling its ecosystem by closely monitoring the apps available on the App Store, the only source of third party applications available to iOS users, has a history of stirring some debate. But it’s highly effective when it comes to keeping users’ devices safe. Applications that may run un-approved commands on an iProduct have no way of getting to a user’s device; or at least that’ was we thought until Miller’s latest discovery.

Miller will reveal a bug in Apple’s system at the SysCan conference in Taiwan next week that will demonstrate how it is possible to bypass these security measures. Before going public with it though, he already uploaded an app to the App Store called Instastock which effectively exploits this vulnerability. Needless to say Apple pulled the app from its storefront.

According to the security expert, the vulnerability has to do with excess permission given to javascript code running on iOS 4.3’s browser designed to boost performance.

“In fact, he realized, the browser’s speed increase had forced Apple to create an exception for the browser to run unapproved code in a region of the device’s memory, which until then had been impossible.

As noted above, Millar already has a portfolio of bugs and exploits he single-handedly discovered in Apple products. In July, he uncovered a security flaw in the Mac’s battery firmware that can enable hackers to inject malware that can’t be removed by simply formatting the machine.

iOS is far from being immune to malware. A Skype exploit was discovered not to long enough that provided hackers access to a victim’s contact list, and it’s only one of many. One of the best indicator of that is Lookout Security’s recent launch on iOS.