toggle

AAPL Stock: 105.22 ( + 0.39 )

Printed from http://www.macnn.com

iPhone 2.0 hiding built-in kill switch for apps?

updated 09:30 am EDT, Thu August 7, 2008

iPhone 2.0 kill switch?

The iPhone 2.0 firmware may contain a means of disabling applications at Apple's behest, investigation reveals. Probing into CoreLocation code has uncovered a reference to an unexpected URL, listed as "https://iphone-services.apple.com/clbl/unauthorizedApps." Visiting the page in a browser like Firefox displays yet more unusual code, containing terms such as "BlackListedApps," "com.mal.icious," "'Description' = 'Being really bad!'" and "Date Revoked."

The data suggests that Apple has remote control over which apps a person can use, likely without regard to whether or not something has been paid for. Mention of "malicious" apps, however, hints that the web code may be meant as a safeguard against software which has become dangerous, rather than unpopular with Apple management.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. danviento

    Joined: Dec 1969

    +1

    Question for ya:

    Has anyone used taken a VERY close look at the terms of service agreement they got with their iPhone? I'd like to know if there is legal provision in there to back this ability.

  1. mxmtc

    Joined: Dec 1969

    +1

    Or....

    Or this could just be a hidden tool built into the software for use in enterprise to Kill apps that aren't meant to run on a company owned business phone, like Facebook or Super Monkey Ball. With this tool, IT Administrators could shut down unauthorized apps from running in the event they found installed.

  1. cmoney

    Joined: Dec 1969

    -1

    re: Or...

    Except it's an apple.com domain and freely available. If it were for enterprise use, you wouldn't want to expose the blacklist to public eyes.

    For the time being, it sounds more like an ability to blacklist malicious apps in a hurry, like a fail safe.

  1. robert_myers

    Joined: Dec 1969

    +1

    Here's the question...

    Will it be limited to malicious apps, or just things Apple doesn't like (e.g. the tethering app, that $1000 app...)

  1. cutmoney

    Joined: Dec 1969

    +3

    I think it's a good thing

    First of all, it is obviously not for apps that Apple just doesn't approve of, this has already been proven. The three apps that Apple has removed from the store are still reported to run on purchaser's iPhones, they just aren't available for any new downloads. And, as far as that goes, I think that was a good idea to remove those apps anyway since the I Have Money app was just a piece of worthless software that someone put online to get publicity and/or money without putting out a real application.

    As far as the disabling apps remotely, this is an excellent idea. I was just thinking the other day that even though Apple screens new applications, what if someone was clever enough to create a malicious app that got past Apple's security or morphed itself in some way after being installed. Then, Apple would be distributing an app to all iPhone users that everyone assumed to be safe but really wasn't. For the people that already installed the app there would be no way for Apple to kill the app without just removing it from the store, which would just prevent new users from getting it. Instead, if someone reports that an app is malicious and that's proven to be true, Apple can kill it on every single device and eliminate the threat to all users in one shot.

    If you ask me, this is the perfect way to ensure the security of iPhone users, this is merely a way to protect users rather than give Apple more power.

  1. testudo

    Joined: Dec 1969

    -7

    this is news?

    Hasn't it been known since the whole AppStore thing was publicized that this was a feature of said store? This way Apple protects their minions in case there's some trojan in that app you bought.

  1. testudo

    Joined: Dec 1969

    -5

    Re: i think...

    I was just thinking the other day that even though Apple screens new applications, what if someone was clever enough to create a malicious app that got past Apple's security or morphed itself in some way after being installed.

    You don't have to be "clever" to get past Apple's security. All you need to do is obscure it. h***, put a trojan in there that reads the contents of the address book and send an entry every couple of hours to some server. Or put a nice piece of code in there that won't run for 14 days before it does it deed.

  1. appleuzr

    Joined: Dec 1969

    +6

    Challenge to Testudo.

    If it's so easy to get past Apple's security then do it. That's what I thought. Easier said than done.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Sound Blaster Roar Bluetooth speaker

There could very well be a new king of the hill for Bluetooth speakers, with Sound Blaster's recent entry into the marketplace. Bring ...

Kenu Airframe Plus

Simple, stylish and effective, the Kenu Airframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this ...

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

toggle

Most Commented