iPhone hacker says the device 'calls home' to Apple, allows apps to be remotely disabled
By Joshua Topolsky 
posted Aug 7th 2008 10:07AM
posted Aug 7th 2008 10:07AM
"This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.Now honestly, we don't expect the folks in Cupertino to suddenly start turning off apps that you've paid for and downloaded, but if Apple is indeed monitoring iPhones or touches (even passively) for applications it doesn't want or like, it signals a problem deeper than a company simply wanting to sign-off on software for the device. Even on platforms like Symbian -- which calls for apps to be signed and traceable -- the suggestion that a process of the OS would actively monitor, report on, and possibly deactivate your device's software is unreasonable, and clearly presents an issue that the company will have to deal with sooner or later. Oh, and Apple -- we're not going to buy the "for your security" angle, so don't even bother.
I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation."
[Via Mac Rumors]
Read - iPhone can phone home and kill apps?
Read - Apple's URL with "unauthorized applications" string
Could it be that this is part of their Enterprise functionality. It isn't used correctly now, but if an enterprise wanted to allow an iPHone to be deployed more officially they would want this level of monitoring on it. Most companies can do this level of monitoring in some way on WiMo devices if they put the right software on the front and back ends. I would be surprised if BB doesn't have something similar already.
It seems like Apple just has the ability to turn off a program *if they need to*. I think it's smart of them to build that in, there's nothing inherently evil about it. It's not like you're adding programs to your iPhone directly from a computer. Everything comes through Apple, meaning they're reponsible for everything that gets put onto your phone (and I don't mean legally, just in the eyes of its users and the public/press), and if something goes wrong, like a virus slips through one of their programs, they're able to do something about it for everyone. If there was something bad in one of the programs from the App Store and Apple couldn't do anything about it, then people would just as easily cry foul.
Ha Ha, It seems you are a Apple fan who is blind, like many out there. If Microsoft Windows did this, you would probably throw a fit and scream out FOUL PLAY! and illegal! Invasion of Privacy! But since it’s Apple doing this you have no problem with it? Funny how that works....
Why don't you let Apple put a chip in your head and tell you what you are allowed and not allowed to eat. Because if you eat something bad then Apple would just tell you to spit it out and there is nothing wrong with that... right?
If you purchase the Iphone you should have the right to do whatever you want on it, except of course the obvious copy right issues. But if you buy it and you choose to step on it and scratch it on the floor it's your choice and your risk. Just the same works with the software. The intellectual rights belong to Apple but the device is yours. Whatever you do to it is your choice because at the end of the day, if it breaks while installing "illegal" or personal software and your phone dies, it's your own fault and there is nothing you can do about it. Apple will be happy in fact because you can waste more money on them! BUT if your software works then Apple won't have it because they didn't get a piece of that pie.
This is a very very slippery slope.
@deeutilize515
Couldn't have said it better myself!
it would seem then they can find my STOLEN ipod touch also?
> the suggestion that a process of the OS would actively monitor,
> report on, and possibly deactivate your device's software is unreasonable
Well, there actually is a standard protocol for mobile devices to precisely do that !
It is called "Diagnostics and Monitoring" (DiagMon) and "Software Components Management Objects" (SCOMO) and is specified by the Device Management (DM) working group of the Open Mobile Alliance (OMA), the folks who specify most mobile applications protocols (including the infamous WAP, MMS, etc.)
It turns out that most mobile operators will make this feature mandatory to cater for the needs of entreprise IT departments
and -yes- WinMob and Symbian have this feature
c'mon guys - did you really expect anything less from apple? C'mon, really?
It's fine to have this feature for Enterprise users, but then Enterprise firmware should stay seperate from Consumer firmware.
The requirements of the two are totally different. There's a reason why Nokia (for example) has seperate lines for smartphones and business phones. Nokia can build in a lot of features for the business phone firmwares that the consumers don't need or rather shouldn't have!
And even if this is an Enterprise feature, it should be up to the enterprise's IT to decide what should/shouldn't work. Now, it's not clear about WHO will be using this 'feature', but I kinda wish this was not released as part of the Consumer-level firmware update.
In my opinion, Enterprises should be able to have custom firmware where they can enable/disable features as they please. That is acceptable. Consumer-level firmware holding this feature can be ridiculous.
Consider this scenario: I have bought my own iPhone (a personal device) but I've registered it on my office network. My office decides that we can't use App 'A'. They trigger this feature and my phone (because it is registered on that network) cannot use App 'A' anymore. I've paid for this off my own money. I own the phone, but my enterprise disables it just because I am registered on it's network? This can get pretty scary as more scenarios can be built up!
The chances of this being misused and/or hacked are so high, it's scary. What if competing apps used this feature to disable their rival's app (if they can figure out how to access the list and blacklist that app)?
Also, if I've paid for an app, I should have complete authority to use that app as I please, when I please, as long as it does not cause any violations of existing laws. Preventing me from using something I've paid for is just dictatorial. It is definitely not a good sign!
So everyone should probably think about this before passing judgement on the merits of allowing Apple to have that authority.
I can just see it now...
APPL: Hey Comcast, check this out.
COMCAST: Wow, the guy is downloading a lot of data using P2P, that sucks... wait, what just happened? It just stopped suddenly! How did you do that!
APPL: I just "asked" the program to stop running and it obliged.
COMCAST: Wow! A way to stop P2P traffic without committing fraud! Hey guys, come over here.
COX et al: Hey, check that out, that's awesome!
Apply to any other competitive and therefore undesirable webtraffic (VoIP, streaming video, etc) and viola.
I love listening to the violas in an orchestra, they add a great harmony to the music. I'm not sure how that applies to your post, but if Apple, Comcast, and Cox are planning on bringing us some awesome new instruments, I'm psyched.
it'll has some severe security problem
Apple or some crackers can use this "back door" to explolit every single iPhone and steal personal info