Re: How is this possible with a modern OS?
Seems there is a lot of confusion.
They way to think about this is that someone has:
1) Modified a tool so the tool can produce output that is not what the developer intended.
2) The tool's output is compliant with what can normally be done by this tool.
3) The developer uses his certificate to authenticate his now compromised app.
When the app is used it can't do anything special that any app couldn't potentially do.
But it may have structured it's illegitimate instructions so that they are not recognisable by Apples automatic screening process. So vetting doesn't work (for now).
And, of course, the fact that a legit developer is behind the app makes this more dangerous.
So it's not a total cracking of Apples iOS security system. It doesn't mean free reign for the app on the iDevice. Any sandboxing restrictions, like for any normal app, still applies -but the implied trust that the app does what the developer says it should do has been broken.
P.S: The developer downloading the compromised Xcode would have had to explicitly told OS X to install it and run it as insecure software, from an unknown source.