Previous entries
Next entries

August 6th, 2008

Researcher Uncovers iPhone App “Kill Switch”

iphone3g.jpgBy Michael Santo
Editor-in-Chief, RealTechNews

Remember NetShare, the iPhone tethering app that went up, down, up, and finally down (probably forever)? It turns out, even though some users managed to snag it before Apple took it down, if they wanted to, they could remotely blacklist and kill the app.

Jonathan Zdziarski, author of the upcoming book iPhone Forensics, has revealed an URL that he suggests Apple is using to keep a list of any “offending” applications: https://iphone-services.apple.com/clbl/unauthorizedApps. Right now, the only content on that page is:

{ “Date Generated” = “2008-08-07 02:53:53 Etc/GMT”; “BlackListedApps” = { “com.mal.icious” = { “Description” = “Being really bad!”; “App Name” = “Malicious”; “Date Revoked” = “2004-02-01 08:00:00 Etc/GMT”; }; }; }

Just a filler, for now. As Zdziarski says:

“This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.

“I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.”

However, since the iPhone SDK requires that each app that is made available through the App Store be signed by a security certificate (issued by Apple and unique to each developer), Apple could also disable apps by revoking a developer’s security certificate.

This blacklisting URL does provide a more targeted approach, and also one that could be used extremely quickly. So far, no apps have been blacklisted via this URL, not even the sadly lost NetShare. Of course, there’s no evidence this is truly a blacklisting URL, but knowing how “closed” Apple wants the iPhone to be, it wouldn’t be surprising if it was.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

6 comments to "Researcher Uncovers iPhone App “Kill Switch”"

  1. Apple Blows Chunks Too!!! says:

    Another reason not to buy iCrap - iCrapware! When are you suckers who buy overpriced, proprietary iCrap gonna learn…. Never mind, you never will!

    You get what you deserve when you purchase junk like this from Apple - told HOW you will use the item & pay through the nose for it & “you will like it or else we will disable it on you”!

    August 6th, 2008 at 7:15 pm

  2. Caco Potoso says:

    As I have said many many many times: the appstore think is seriously broken (from the users and developers point of view). Apple unilaterally can do anything they want with the efforts of developers and with the property of users (it is MY iphone, not apple’s). Cydia/Installer is the way to go, the only way to go in the long term. Apple suc ks.

    August 6th, 2008 at 7:15 pm

  3. MacVicta says:

    So far the only people bitching are those who don’t even have the iPhone and lust for any chance to bash Apple. The thousands of App Store developers and millions of new iPhone/iPod touch customers around the world seem to be content with the situation.

    August 6th, 2008 at 9:06 pm

  4. Ed3 says:

    So, how is this different from any other mobile phone tied to an operator-provided application store? Does your provider let you run unauthorized BREW apps on your phone?

    August 7th, 2008 at 10:21 am

  5. sobes says:

    Makes perfect sense to me. Apple has a high ‘quality of service’ mandate to uphold, so if there are any apps out there that aren’t up to par, Apple needs to reserve the ability to block them, or at least warn users before they’re run.

    Sure, there’s a danger that Apple will start blocking apps that compete with their own, or apps that do things Apple doesn’t like. In those cases the third-party app vendors/distributors have legal tools to their disposal such as anti-trust laws and the EFF.

    Just think of it this way — if your iPhone crashes because of some little-known app you just installed on it, who do you blame? Apple. No one ever blames the little guy.

    If you’re an app developer that’s pissed off by this, that just means you don’t want to play by Apple’s rules. If that’s the case, go find another platform to code your app on (or even better, build your own one).

    sobes.

    August 7th, 2008 at 2:21 pm

  6. Caco Potoso says:

    The phone should not crash because of a bad App. If it does it shows a poor design of the OS and SDK. A proper mode is that a crashed app crashes itself but the OS stays up (e.g. my OS X and linux machines never crash, my uptimes—typically of 0.5 year—are only limited by power outages). On the other hand my iphone crashes a couple of times a day. (I miss 1.1.4 which never crashed)

    August 7th, 2008 at 6:29 pm

Leave a comment