iPhone hacker says devices "phone home," allows for disabling apps remotely
iPhone Atlas is reporting that Apple has a way to blacklist and remotely remove applications from your iPhone. According to the post, the iPhone will remotely "phone home" and check a posted blacklist of bad applications. These speculations are based on a URL found on Apple's site with references for a blacklisting mechanism: https://iphone-services.apple.com/clbl/unauthorizedApps
Jonathan Zdziarski, an iPhone hacker, says nothing has been blacklisted as of yet. However, the mechanism is there, and the iPhone could call in on occasion to see what has been blacklisted. Zdziarski says that Apple could have the ability to shut down applications you've purchased from the App Store.
While this may sound like a privacy violation, our sources tell us that Apple has put this tool into place as a security measure to shut down rogue apps if needed, and it could simply be a proof of concept that hasn't yet been implemented for actual takedowns. We're not convinced that this is new, considering that the only entry in the unauthorizedApps list is dated "2004" and is clearly a test entry.
[via Engadget & Macrumors]
Share
Categories
iPhone Atlas is reporting that Apple has a way to blacklist and remotely remove applications from your iPhone. According to the post, the...
Add a Comment
The only issue I have with Apple disabling apps remotely is that if I paid for an application, then they have no right to disable it - I own it at that point. If they disable it, that would be akin to them stealing the money I paid for that app. Now if they update the iPhone software/firmware and that happens to break my application, there is not much I can do about that since it is their right to modify the iPhone software. My only recourse would be to not upgrade the iPhone and hope that the application developer issues an update to the software.
Anyways, what I am trying to say is that I do not feel it is legal or right for Apple to disable software I have legally purchased.
Would a test of this not be as easy as writing a simple 'Hello World' app, calling it "Malicious", and uploading it to an iPhone? Then, wait and see if it vanishes.
There are no hash strings or certificate IDs in the list, which seems rather odd, as simply erasing apps by name is dangerous.
Erica, can you do this simple test?
This isn't anything new. The iPhone is one of the consumer devices for which the owner is not the administrator of the device. And the administrators can take mesures that they find to be necessary insofar as they do not violate the EULA. Microsoft has done something like this with the Xbox 360. Units that were found to have certain illegal mods were locked out of xbox live. When a shipment of Halo 3 disc was stolen and released before the ship date Microsoft responded by disabling the xbox live functionality of any devce that tried to connect to the service with that game before the release date.
When one accepts the EULA it is good to know what is being accepted. That text is not just there to bore you.
what about hacked ipa ?sorry if I'm off topic.
August 07 2008 at 4:31 PM Report abuse Permalink rate up rate down Replyi really didn't expect TUAW to run this article with the same CRAPPY and MISLEADING title that Engadget used.
weaksauce, TUAW.
RIM can do this with the Blackberry. They can brick them and there isn't much you can do about it. Considering the device goes through Waterloo, ON to get email and stuff there is probably a lot RIM could do that is nasty. However, I imagine its a corporate security *feature* being able to remotely brick them.
August 07 2008 at 1:32 PM Report abuse Permalink rate up rate down Reply'iphone phone home'
My iPhone is home!
As long as this iPhone service is only used to kill really bad applications such as purposely malicious software I have no problem with it. I'm actually supportive of this sort of thing. Imagine if Microsoft had this implemented for Windows? How many trojans or viruses could be stopped by simply not allowing them to run on the machine?
August 07 2008 at 1:04 PM Report abuse Permalink rate up rate down Reply"There's no possible way the cows can escape the pasture. We don't need any plans to get them back if they do."
I think you missed my point ars_workerbee. Apple locked down the App store and requires developers to pay into the system before contributing. They claimed this would make the platform that much more secure and ensure the quality of apps. Security and quality haven't been the hallmarks of the App store to date.
It seems that in addition to the need for proactive, last-line-of-defense security, proper use of the "reply" button has also escaped you.
I don't think I need to say any more than that.
I wonder if you would get a refund for the app if you purchased it and then Apple went ahead and nuked it. Sounds to me like you would have a right to a refund since the software is being "taken" from you for any reason at all.
August 07 2008 at 12:42 PM Report abuse Permalink rate up rate down ReplyHot Apps on TUAW
Deals of the Day
more deals- Refurb Apple MacBook Air Laptops: 12" 64GB SSD for $699 + free shipping
- JVC Motion Sensing Clock Radio with Dual iPod Docks for $55 + free shipping
- Apple iPhone Headset with Mic for $4 + $2 s&h
- miFrame Picture Frame Dock for iPad for $64 + $8 s&h
- Refurb Apple iPod nano 8GB MP3 Player for $99 + free shipping, 16GB for $119
- Hannspree Apple-Shaped 28" 1080p LCD HDTV for $270 + free shipping
Software Updates
more updates- EFI Firmware Update brings Lion Internet Recovery to 2010-model Macs
- OS X Lion 10.7.3 released with Safari 5.1.3, Wi-Fi bug fix
- Aperture updated to 3.2.2, addresses Photo Stream issue
- Apple updates Keynote to address Lion issues
- Google Search app gets new look on iPad
- Apple releases Apple TV Software Update 4.4.3
Featured Stories
more stories
Popular Stories
TUAW (or The Unofficial Apple Weblog) is a website devoted to tips, reviews, news, analysis and opinion on everything Apple.
33 Comments