• E-mail this page
• |  Print this page
• | 
• | 
• | 

Hacker Claims Apple Can Spy On iPhone Users, Disable Apps Remotely

Apple may have opened up the iPhone to third-party applications, but it is keeping a very close eye on those apps. According to hacker Jonathan Zdziarski, the iPhone can "phone home" to tell Apple what apps are installed, and if Apple doesn't like what it sees on your iPhone, it can kill the offending application. Updated!

Oh man. Apple, please tell me you didn't open this can of worms for real. The iPhone Apps Store, fun while it may be, already has had its fair share of negative press. Several apps have been squashed with no explanation from Apple, and the SDK has angered many developers, who feel Apple's control over what sort of apps they can develop is onerous and restrictive.

Turns out that's not the half of it. MacRumors is reporting that Apple has set up a URL to keep a list of applications that it doesn't like. So far, nothing is on that list. In Zdziarski's words:

This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.

I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.

MacRumors suggests that Apple will most likely only use this functionality to kill malware or other code it deems dangerous. But what about unsanctioned applications that are downloaded to unlocked iPhones? Will Apple keep tabs on the applications that unlocked iPhone users download and install? Will it kill apps it doesn't like, even if the user has paid for it?

All these questions remain unanswered.

The bigger one that lingers in my mind is, if Apple is keeping tabs on the applications I am downloading, what else is it keeping tabs on? My phone calls? My text messages? My browsing history? The type of content I chose to consume? I surely hope not, as that's a major breach of privacy.

Update:

Apple has clarified what this blacklist is for:

An "informed source" at Apple has [said] the mysterious iPhone app blacklist striking fear in the hearts of iPhone-toting privacy nerds everywhere actually isn't for remotely disabling apps. Nope, it's actually a CoreLocation blacklist—in other words, a list of apps not allowed to access CoreLocation (which would be why it was buried there). So actually, it's protecting your privacy by keeping naughty apps from knowing where you are.

/hysteria

« Microsoft Starts Taking (Expensive) Surface Orders | Main | Apple MobileMe Memo Shows Jobs Grown Soft »