Commentary
Hacker Claims Apple Can Spy On iPhone Users, Disable Apps Remotely
Apple may have opened up the iPhone to third-party applications, but it is keeping a very close eye on those apps. According to hacker Jonathan Zdziarski, the iPhone can "phone home" to tell Apple what apps are installed, and if Apple doesn't like what it sees on your iPhone, it can kill the offending application. Updated!Apple may have opened up the iPhone to third-party applications, but it is keeping a very close eye on those apps. According to hacker Jonathan Zdziarski, the iPhone can "phone home" to tell Apple what apps are installed, and if Apple doesn't like what it sees on your iPhone, it can kill the offending application. Updated!Oh man. Apple, please tell me you didn't open this can of worms for real. The iPhone Apps Store, fun while it may be, already has had its fair share of negative press. Several apps have been squashed with no explanation from Apple, and the SDK has angered many developers, who feel Apple's control over what sort of apps they can develop is onerous and restrictive.
Turns out that's not the half of it. MacRumors is reporting that Apple has set up a URL to keep a list of applications that it doesn't like. So far, nothing is on that list. In Zdziarski's words:
More Mobility Insights
White Papers
- How To Regain IT Control In An Increasingly Mobile World - by BlackBerry
- Red Alert: Why Tablet Security Matters - by BlackBerry
Reports
- Mobility’s Next Challenge: 8 Steps to a Secure Environment
- Time to Move: How to Ensure 'Mobility' Translates to 'Agility'
Webcasts
- Maximize ROI with Database Consolidation onto Private Clouds
- Five Jobs You Can Do Better with Intelligent Decision Automation
This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.
MacRumors suggests that Apple will most likely only use this functionality to kill malware or other code it deems dangerous. But what about unsanctioned applications that are downloaded to unlocked iPhones? Will Apple keep tabs on the applications that unlocked iPhone users download and install? Will it kill apps it doesn't like, even if the user has paid for it?
All these questions remain unanswered.
The bigger one that lingers in my mind is, if Apple is keeping tabs on the applications I am downloading, what else is it keeping tabs on? My phone calls? My text messages? My browsing history? The type of content I chose to consume? I surely hope not, as that's a major breach of privacy.
Update:
Apple has clarified what this blacklist is for:
An "informed source" at Apple has [said] the mysterious iPhone app blacklist striking fear in the hearts of iPhone-toting privacy nerds everywhere actually isn't for remotely disabling apps. Nope, it's actually a CoreLocation blacklist-in other words, a list of apps not allowed to access CoreLocation (which would be why it was buried there). So actually, it's protecting your privacy by keeping naughty apps from knowing where you are.
/hysteria
Related Reading
| To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy. | |
|
|
T-Shirt Giveaway: Each week we're selecting one great comment from our readers. The author of the comment will receive an InformaitonWeek Community t-shirt. So get posting! |
Subscribe to RSSResource Links
This Week's Issue
Technology Whitepapers
- Creating the Enterprise-Class Tablet Environment - by Yankee Group
- How To Regain IT Control In An Increasingly Mobile World - by BlackBerry
- The BlackBerry PlayBook tablet's Good Bones - by BlackBerry
- Red Alert: Why Tablet Security Matters - by BlackBerry
- New Visual and Wizard-Driven Paradigms for Exploring Data and Developing Analytic Workflows
Featured Resource
This white paper focuses on the critical need to manage outbound content sent via various avenues including email, Instant Messages, text messages, tweets, and Facebook posts. Read More












