No Answers From Apple On iPhone 'Kill Switch' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Devices

No Answers From Apple On iPhone 'Kill Switch'

Apple hasn't commented on the discovery by a hacker that the iPhone can download a list of "unauthorized" applications and disable them.

A hacker who discovered a mechanism on the iPhone that downloads a list of unauthorized applications from Apple has challenged speculation that the technology is an application "kill switch."

Jonathan Zdziarski, author of the books iPhone Forensics and iPhone Open Application Development, said on his blog that there's no evidence to support the conspiracy theories that traveled throughout the blogging community as a result of his discovery.

"We do not know just how active this mechanism is," Zdziarski said. "It might vaporize applications. It might simply prevent them from using the GPS [global positioning system]. For all we know, it could trigger world war three, or it could cause some computer somewhere to spit out recipes for buttermilk pancakes."

Apple was unavailable for comment.

Zdziarski discovered in the iPhone a cache that can hold a list of unauthorized applications and a URL to a page on Apple's servers. The URL is apparently used to download a new list from time to time.

"That's all we know -- nothing more," Zdziarski said. "And just to clarify, it only downloads a list of applications -- it doesn't 'tell Apple' what apps you are running -- get your facts straight."

Zdziarski later said in an update that he was able to feed his own list into an iPhone and effectively kill applications that tried to use the GPS.

"It looks like that's all it's set to do right now, but I may just not have found the 'vaporize' switch," the developer said.

If the mechanism is to kill malicious applications, Zdziarski questioned whether it was a good idea to stop at the GPS, since the application would still have access to the mobile network to transmit data.

"Either there is some mechanism that can be activated to kill the app entirely, or this isn't really designed to kill 'malicious' applications, as advertised, but rather applications that interfere with Apple's business model," Zdziarski said. "Either way, the idea that Apple can choose what functionality my applications should have frightens me."

In an update posted Friday, Zdziarski offered a way to disable the functionality using the Pwnage Tool, open source software that enables the iPhone to be used on wireless carriers other than AT&T, the exclusive mobile phone provider in the United States.

While Apple has yet to deactivate any iPhone applications remotely, the company has been criticized for removing applications from the App Store, launched this summer, without explanation. One such application was Nullriver's NetShare, which makes it possible for iPhone customers to use their high-speed Internet connections to provide Web access to a PC.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
What Comes Next for the COVID-19 Computing Consortium
Joao-Pierre S. Ruth, Senior Writer,  11/24/2020
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
White Papers
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Flash Poll