It looks like Apple is keeping a closer hold on the iPhone's apron strings than anyone thought, if information uncovered by Jonathan Zdziarski is to be believed.
Speaking on iPhone Atlas
on Wednesday, Zdziarski – author of a book on iPhone application development – explained that he was performing “forensic examination of an iPhone 3G
” when he discovered a suspicious configuration file in the CoreLocation section of the memory. Upon investigating, he discovered a link to a page
on Apple's website which appears
to contain the skeleton for a future application blacklist.
The page, called 'unauthorizedApps', seems to exist so the iPhone can occasionally download a copy and check the signatures of banned applications against installed applications – if a match is found, the app is disabled immediately. Zdziarski believes that this functionality exists “to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.
Clearly, there are legitimate reasons why such functionality should exist – although slightly fewer for why it's undocumented and downright concealed – including the possibility that Apple can update iPhones with a sort of anti-malware by listing known 'bricking' programs in the blacklist. However, it demonstrates that even a 'jailbroken' iPhone might not escape Apple's clutches for long – and how sure can you be that Installer.App or your favourite non-Apple approved software won't hit the blacklist once it's activated?
I'm withholding judgement on this one for now – if Apple had really
wanted to prevent third-party software being installed to an iPhone, the site would have been a whitelist
of pre-approved applications. Still, it's something that iPhone users should be keeping an eye on.
Anyone here worried about the possibilities of a hidden remote app killer developed by Apple, or does the Cupertino company just have your best interests at heart? Share your thoughts over in the forums