bit-tech.net

Apple has iPhone app blacklist

Apple has iPhone app blacklist

Could Steve really have approved a Big Brother blacklist to kill off unapproved apps that end-users have installed on his precious iPhone?

It looks like Apple is keeping a closer hold on the iPhone's apron strings than anyone thought, if information uncovered by Jonathan Zdziarski is to be believed.

Speaking on iPhone Atlas on Wednesday, Zdziarski – author of a book on iPhone application development – explained that he was performing “forensic examination of an iPhone 3G” when he discovered a suspicious configuration file in the CoreLocation section of the memory. Upon investigating, he discovered a link to a page on Apple's website which appears to contain the skeleton for a future application blacklist.

The page, called 'unauthorizedApps', seems to exist so the iPhone can occasionally download a copy and check the signatures of banned applications against installed applications – if a match is found, the app is disabled immediately. Zdziarski believes that this functionality exists “to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.

Clearly, there are legitimate reasons why such functionality should exist – although slightly fewer for why it's undocumented and downright concealed – including the possibility that Apple can update iPhones with a sort of anti-malware by listing known 'bricking' programs in the blacklist. However, it demonstrates that even a 'jailbroken' iPhone might not escape Apple's clutches for long – and how sure can you be that Installer.App or your favourite non-Apple approved software won't hit the blacklist once it's activated?

I'm withholding judgement on this one for now – if Apple had really wanted to prevent third-party software being installed to an iPhone, the site would have been a whitelist of pre-approved applications. Still, it's something that iPhone users should be keeping an eye on.

Anyone here worried about the possibilities of a hidden remote app killer developed by Apple, or does the Cupertino company just have your best interests at heart? Share your thoughts over in the forums.

8 Comments

Discuss in the forums Reply
liratheal 8th August 2008, 09:48 Quote
I'd be worried if it was even remotely possible no one'd bypass it.

Come on. Firmware's been cracked by some very adept chaps (And probably ladies), I'm sure someone can spoof or outright disable a blacklist. I'll be worried if Apple get 'iPhone Police' or something, sure, but until then? Eh.

I give it a month of being active before it's totally crapped on.
TheCherub 8th August 2008, 09:53 Quote
This is what someone I know wrote about this on another forum:

"This story is complete crap.

What they are referring to is 'https://iphone-services.apple.com/clbl/unauthorizedApps', where the "clbl" part stands for "Core Location Black List". It is inside the Core Location framework because it deal with Core Location security. It doesn't disable any apps at all, it merely prevents certain apps from accessing the Core Location services.

Core Location, so you know, is the API that allows develops to access and use the A-GPS system of the iPhone. This, obviously, has major security concerns. It is great for geo-tagging photos, and for finding out what services are around your location (bars, restaurants, etc.), but you wouldn't want a developer to be able to use it to track your exact location permanently, for example. That is stalkerish."
cjoyce1980 8th August 2008, 09:54 Quote
just another way apple are trying to screw the world
The Infamous Mr D 8th August 2008, 09:55 Quote
Quote:
Originally Posted by liratheal
Come on. Firmware's been cracked by some very adept chaps (And probably ladies)

I like that little addendum!

Every man finds geeky girls extremely sexy. It's a fact.
liratheal 8th August 2008, 09:55 Quote
Quote:
Originally Posted by TheCherub
but you wouldn't want a developer to be able to use it to track your exact location permanently, for example. That is stalkerish."

Apple're trying to rubbish my stalking?!

It took a lot of effort to get that app on her iPhone!

What you said wouldn't surprise me, but given Apples locking down of pretty much everything else, neither would them trying to black list apps.
Quote:
Originally Posted by The Infamous Mr D
I like that little addendum!

Every man finds geeky girls extremely sexy. It's a fact.

Damn right. I want to meet the girl who was rolling around in RAM chips nekkid >.>
Almightyrastus 8th August 2008, 10:45 Quote
Quote:
Originally Posted by liratheal
Quote:
Originally Posted by The Infamous Mr D
I like that little addendum!

Every man finds geeky girls extremely sexy. It's a fact.

Damn right. I want to meet the girl who was rolling around in RAM chips nekkid >.>

Just to make you a little more jealous, I married a geeky girl :) :)

Back on topic though, as people haid, I'm sure it won't be long until a way around this is found if it does turn out to be a potential problem for some people
-EVRE- 9th August 2008, 08:01 Quote
I;m curious why the geeky are still buying apple. If they cared about its consumers, not coin, they would open up their platforms.

Mac OS, only want it running on their way over priced hardware.
Mac PC's, as said above, they want to rape you for your coin.
Ipod, NO! you cant use your mp3 player as a plug and play device, it has to be locked and restricted by using Itunes (consequently why my ipod bounced off my wall and I now own a walkman video)
Iphone, Catch those escaped inmate phones!
RichCreedy 18th September 2009, 12:11 Quote
the trouble is, the iphone does what some people want and need so easily
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums