backtop


Print 12 comment(s) - last by robinthakur.. on Aug 14 at 6:16 AM

Secret "feature" may allow Apple to blacklist any app on your iPhone

While I generally try to maintain a writing moratorium on all things Apple or Steve Jobs – it’s both a personal bias/contempt thing and a desire not to be flamed to a crisp – I will make the occasional exception for things that grossly offend my personal values, of which Apple appears to have done this week.

The value in question is rather simple: what’s mine is mine. Not yours, Apple – it’s mine. If I pay for something, and that transaction does not explicitly specify a condition like “rental” or “lease”, then I will automatically assume an ownership stance and I expect the goods that I purchase to behave as such – which means “do what I tell you do,” in the old-school-parenting spank-your-kids sense of the phrase. Do it without questioning me, bugging me, or otherwise interfering with what I want in the end result.

This leads me to rumors floating around the ‘net, about a hidden feature in the iPhone OS that gives Apple a silent, remote killswitch for any application running on users’ iPhones. These rumors come from Jonathan Zdziarski, a forensic examiner and author of the books iPhone Open Application Development and the upcoming iPhone Frensics Manual, who found that iPhones running the version 2.0 of the phone’s OS will periodically check a special URL for a list of applications to disable:

“This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.

“I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.”

Word on the street seems to indicate the feature was designed for combating the spread of malware, but since Apple hasn't used it yet, nobody knows for sure. Many fear that the feature could be used in conjunction with Apple’s propensity for silently removing applications from its App Store, disabling snuffed programs even after they would ordinarily be out of the company’s control.

This takes me back to my original principle: what’s mine is mine. If I had an iPhone (which I don’t, thanks to AT&T’s apparent contempt for current customers), I would expect that the things I put on it remain there, fully functional. If an app stops working, it should be my fault!

There’s an even bigger fear, however: With the knowledge out there that Apple has the capability of permanently disabling already-downloaded apps, a court could theoretically compel Apple to invoke the feature in a lawsuit – such as the one surrounding an application called, simply, Baseball. Major League Baseball claims the app’s use of official logos infringes its trademarks, and is suing to force its author to either remove the offending graphics, or presumably remove the app entirely. (Never mind the fact that the MLB has a program of its own available for $5, called MLB.com At Bat.)

While the program’s author, self-employed hobbyist and Mac programmer Dave Knopper, says he will comply with the court’s order and make the necessary adjustments, let’s play devil’s advocate here: what if he refused, and either fought the case and lost, or simply ignored the order? What if he was outside U.S. jurisdiction or otherwise unable to appear? The MLB would, presumably, sue to have the app removed and, had it the knowledge, might move to blacklist it as well.

Or, let’s say AT&T doesn’t like iPhone-tethering app NetShare, and asks Apple to pull it off the store and blacklist its execution. Even if Apple or AT&T issued refunds to NetShare’s paying customers, those users are still out the tethering capability.

What about license agreement violations? Homebrew apps? Unauthorized hacks?

Do we really want Apple to have this capability? Apple does not know best, and never can know what’s best, simply because it carries a heavy financial stake in the continued business and operation of its Mac platform, and the health of its partnerships. One look at the music industry tells us that company objectives aren’t always in-line with customer freedom – another principle that I consider absolutely paramount – and I have a hard time believing that Apple, or any of its legal adversaries, would never try to wield this kind of power in the future.

Ordinarily I would have segued into a rant against cloud computing and Big Brother-ish tactics, but this post is neither the appropriate time nor place – plus, it's long enough. So let’s just keep it at this: if Apple’s tactics bother you at all then let your voice be heard before we tread much further down that path.

Will this stop me from buying an iPhone? Probably not. I am actually a pretty satisfied Apple customer, however when I buy the company’s products I choose not to buy into its attached ecosystem. When I finally do get an iPhone, I fully intend to jailbreak the thing and load on it whatever I damn well please. Hopefully, by then, someone will have found a way to cripple this “feature”.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Rumor already dispelled
By symbiidotcom on 8/8/2008 9:25:32 PM , Rating: -1
You might wish you'd kept that moratorium or at least kept up to date on the story. Engadget posted again at 9am today (almost 12 hours before this story) saying it is only a Core Location service blacklist, and not a way to kill/disable apps. The original stories posted yesterday also mentioned that this was just a possibility, and nobody had confirmed it.

http://www.engadget.com/2008/08/08/your-iphone-pro...




RE: Rumor already dispelled
By Brandon Hill (blog) on 8/11/2008 1:04:07 PM , Rating: 3
Steve Jobs just confirmed it:

quote:
Apple raised hackles in computer-privacy and security circles when an independent engineer discovered code inside the iPhone that suggested iPhones routinely check an Apple Web site that could, in theory trigger the removal of the undesirable software from the devices.

Mr. Jobs confirmed such a capability exists, but argued that Apple needs it in case it inadvertently allows a malicious program -- one that stole users' personal data, for example -- to be distributed to iPhones through the App Store. "Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull," he says.


http://online.wsj.com/article/SB121842341491928977...


RE: Rumor already dispelled
By Hare on 8/11/2008 1:30:15 PM , Rating: 2
That makes me chuckle. They have already pulled apps from the appstore and I don't think Apple would hesitate to kill an application it doesn't like (or kill one due to operator request). After all, they bricked many 1-gen iPhones.

Anyway. I hate software that calls home. I wouldn't mind if it happened when I manually check for a software update, but definately not automatically in the background without users consent...


RE: Rumor already dispelled
By overlandpark4me on 8/11/2008 8:23:11 PM , Rating: 1
What I kind laughable is Job's selective concern. It's in our interest when he is "concerned" about something "bad" happening to the I-phone, but doesn't think the Ipod deserves the same consideration. Ipod's are stolen in huge quantities and Apple knows the IP addy when the thief connected to Itunes. All they have to do is give the the authorites the IP and let them do their job, or at the very least brick the stolen unit to get the satisfaction of knowing no one else well be able to use it. Try going in to an Apple store and getting the IP. They have it in front of them if someone logged in with I-tunes, but don't care because they figure another unit will be bought by the victim.

I got the IP because I was making a scene, and they know I wasn't going anywhere until I got my way. Try it sometime. Raise your voice and get into someones grill and see what happens. Get a little louder every few minutes and they will get quite tense. I did this in Kansas City in a ritzy area, and they aren't used to confrontation. Don't forget to wave your hands around a lot. They love that.


RE: Rumor already dispelled
By Reav3r on 8/13/2008 5:38:00 AM , Rating: 2
Actually, IP addresses aren't assigned to IPods, you may be thinking of the serial number. IPods don't have NICs (Network Interfaces), so they don't have an actual IP address. Users have IP addresses, but most people have what's called a 'Dynamic IP Address', so it's not that easy to trace a stolen IPod. The IP address for their computer changes very often to another randomly assigned DHCP address.


"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki