iPhone can phone home and kill apps?

Apple has apparently included a blacklisting mechanism in iPhone OS 2.x through which the device can phone home, check for unauthorized applications, and disable them. The OS includes a URL that points to a page containing a list of unauthorized applications, specifically those listed here.

According to Jonathan Zdziarski, author of the book iPhone Open Application Development and an iPhone forensics manual:

This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.

I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.

Originally posted at iPhone Atlas.

Editors' note: For more information, see Tom Krazit's follow-up post, "Much ado about the iPhone's 'kill-switch'."

[jeremyblaze]

yet another reason I wont be getting a new Iphone.

Cant wait to see how the apple fanboys spin this one.

[Perry_Clease]

"yet another reason I wont be getting a new Iphone."

So your current iPhone is fine?

To be sure it could be abused by Apple, but it could also be used to kill a malicious or problem app that snuck through the vetting process.

[pvtech]

What's the purpose of this? To make sure that the device runs smoothly? "Thanks for caring, Apple"? Or "Thanks for caring about your public image more than my autonomy"? (A smoothly running device = "our device won't crash on you!"

Yeah, I got my fug Palm TX, and yeah, I reset it about 1x/month, but I have a multitude of apps, mostly free, that do almost everything that I want a pocket device to do. And I like the calendar better on the TX. Basic control.

And my cellphone: free through Cingular.

[inachu]

I bought a legit version of software from their app store to remote my XP computer and I APPLE decided to delete it from ITUNES and my iphone.

But do they have the guts to refund me? No.
Do they explain why they removed the VNC program? No
So far Apple has a lot of quality control issues that I am not happy with.
Will they uninstall super monkey ball from my phone also in the near future?

[Prince2k3]

@inachu ... I don't know what you're talking about but I still have VNC and I did the update. Sure you didn't just uncheck VNC from your iTunes and got it removed. Might wanna check.

I think they made this to remove malicious software thats it. No where does it say it going to remove unauthorized apps. I for one am happy they are trying to protect consumers. not the small group of individuals that wants everything hacked.

[smokinmunky]

Could you imagine if Microsoft did something like this? Everybody would be up in arms. But, at the end of the day I bet Apple will get away with this. Apple has a really nice product line, but when I hear about stuff like this it just make me question if I want to go there.

[Grizlupo]

Does this strike anyone else as just plain creepy? It is ironic that Apple, which so brilliantly used Orwellian imagery in its famous "1984" superbowl ad, would even contemplate this.

[jeremyblaze]

no, "I" dont, but we do have one at the house. My current is a Pearl, and I want my next device to be more web-capable so I too was contemplating. The more I hear about the app-store, Jobs control-freak attitude, and yeah the mobileme disaster, the more I think I need to wait for different choice.

[jeremyblaze]

no, "I" dont, but we do have one at the house. My current is a Pearl, and I want my next device to be more web-capable so I too was contemplating. The more I hear about the app-store, Jobs control-freak attitude, and yeah the mobileme disaster, the more I think I need to wait for different choice.

[habdelra]

Who's to say that this would be used for paid apps? Perhaps it is for jailbroken iPhones. There is really not enough info to go on here until apple decides to actually put (whatever this is) into use...

[habdelra]

Who's to say that this would be used for paid apps? Perhaps it is for jailbroken iPhones. There is really not enough info to go on here until apple decides to actually put (whatever this is) into use...

[tacit]

*shrug* Sounds like a non-issue to me. Many programs, including Microsoft Internet Explorer, have a mechanism to disable third party software; Explorer can set a "kill bit" for ActiveX plugins to disable them if Microsoft wants.

Does it mean that Apple and Microsoft are conspiring, Big Brother-like, to control what you put on your device? No. It means they can kill software known to be malicious, such as Trojan horse programs.

I think it's interesting that people hate and fear software companies so much that they will immediately jump to Big Brother scenarios. Don't jump the gun, y'all. If the mechanism is not being used and no programs are blacklisted, there's no problem. Save the over-the-top emotional histrionics for when (and if) the mechanism actually gets used for nefarious purposes, 'kay?

[William Schnippert]

The capability is there. Has or will Apple use it? Could it be a concession to the corporate customers that also required remote wipe capability (just like blackberry). Talk about loss of autonomy.

Bottom line is as of now Apple has not abused me as a customer the way Microsoft has with windows Genuine advantage and onerous DRM built into Vista. They haven't abandoned me as a customer of itunes like MS abandoned its Plays-for-sure customers. They haven't tried to con me into paying more for music with Zune points. So I'll give Apple the benefit of the doubt for now.

[fear-teagaisg]

How dare Apple and ATT be concerned about wanting to control malicious applications on device that is connected to the internet, GPS, and every phone system in the world!

It's as though Apple and ATT think someone might want to leverage that connectivity for malicious purposes. I think they harbor the delusion that the effects of a poorly designed or intentionally troublesome application might be able to quietly propagate through a network in a few minutes, infecting innumerable devices and systems worldwide without any ordinary users being aware of the problem until it's too late. They may even imagine that the users themselves might download privacy-compromising or destructive malware, disguised, perhaps, as as innocent games or family photos. Who would do such a thing?

Apple and ATT know full-well that stories of secretly installed code stealing credit card numbers, disrupting network traffic, or relaying pornography are all urban legends. Gee whiz, they probably think they have licensed software to people who have signed agreements to subscribe to a telephone service.

The nerve.

[Vegaman_Dan]

This isn't news. This was announced back when the SDK was first released. This is the same mechanism that Apple stated they would use to remove applications from customer's phones for applications that had been removed from the Apps Store.

Basically the idea being that in order for an app to stay available, the developer had to pay their yearly fees to stay active. If they dropped out, then their apps would be pulled from the Apps Store and from the handunits that customers had purchased the product for. It calls into question again if you are buying software or only renting it. Another EULA situation to be dealt with.

Jailbreaking makes more and more sense. Apple can't do anything about that. If they do remove apps that were not in the Apps Store origianlly, then they become guilty of actively and knowingly causing damage / data destruction and that's simply not something they can afford to get caught doing. The federal government doesn't like that sort of thing and can easily shut the company down for terrorism as a result. Not a good thing at all.

[setgo]

Sounds to me like they are just trying to protect the iPhone and it's users from something malicious. Why would Apple kill apps for no reason at all. The people who mostly comment are the ones who say "well this is the reason that I don't have an iPhone", or "if Microsoft did this then blah, blah, blah". Hey guys, you don't need any more reasons, just don't buy one! No one cares whether you buy an iPhone or not. I guarantee you jeremyblaze and pvtech that trumpets will not sound the day you decide to buy an iPhone.

[inachu]

Nope it is 100% gone and did never delete it on purpose.
The only major thing I ever did was did the 2.0 update bought a few nice apps I like then the patch then now I have missing software.

[troyallen]

lol. All the haters in one package

[bobmarleypeople]

**cough netshare cough**

What's the betting that apple will use this on those who still have the app on their phonei. I'm not sure if it's back up over there in americaland, but here in the uk, the app's gone (mainly cos tethering is against O2's TOS). When I get an iPhone, I'm gonna jailbreak it and hopefully someone will make their own version of NetShare. **crosses fingers**

[DivingDancer]

If somebody found this in a Microsoft device, people would be screaming for congressional hearings, and the EU would be salivating. And Apple gets a pass.

Add that to poor quality control, and high priority security patches that come out last in the industry and don't actually patch the vulnerability when they are released...

No thanks. Their paranoid BS, and super secret culture, is more than I want to deal with.