iPhone hacker says the device 'calls home' to Apple, allows apps to be remotely disabled
"This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down.Now honestly, we don't expect the folks in Cupertino to suddenly start turning off apps that you've paid for and downloaded, but if Apple is indeed monitoring iPhones or touches (even passively) for applications it doesn't want or like, it signals a problem deeper than a company simply wanting to sign-off on software for the device. Even on platforms like Symbian -- which calls for apps to be signed and traceable -- the suggestion that a process of the OS would actively monitor, report on, and possibly deactivate your device's software is unreasonable, and clearly presents an issue that the company will have to deal with sooner or later. Oh, and Apple -- we're not going to buy the "for your security" angle, so don't even bother.
I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation."
[Via Mac Rumors]
Read - iPhone can phone home and kill apps?
Read - Apple's URL with "unauthorized applications" string
Reader Comments (Page 1 of 5)
NuttyBars @ Aug 7th 2008 10:12AM
Illogical Apple fanboi defense in 3 - 2 - 1 ...
High Ranks make you sterile @ Aug 7th 2008 10:26AM
0, -1, -2. -3.....
v3xx @ Aug 7th 2008 10:31AM
this post brought to you by 50 other blog sites many days ago.
etechshop @ Aug 7th 2008 10:53AM
What the F*uck is wrong with these companies in general?
You paid for the phone, you own that damn phone! period!
If you do indeed own the phone, you can do what ever to it.
I said, screw Apple!!
Steffen Jobbs @ Aug 7th 2008 10:58AM
So what if it's phoning home. You not supposed to mess with the Zohan iPhone. You got something to hide? You don't honestly think this will stop the iPhone from becoming the best selling smartphone of all time, do ya? Besides a few knowledgeable nerds, most users won't give a crap.
The same monitoring is probably done on BlackBerrys by IT people, so malicious apps don't get installed.
"I always feel like somebody's watching me ..." - Rockwell
jupiterthunder @ Aug 7th 2008 11:06AM
@v3xx
Obviously not everyone frequents the "many other blog sites" to which you refer. Besides that, when was the last time a story on Engadget wasn't sourced from someplace else? I'm sure a lot like me come to get tech news, not tech scoops.
puhsitch @ Aug 7th 2008 11:08AM
There's really nothing to defend or attack right now. Apple has a web page that keeps track of malicious software; that's it. Until someone finds code on the iPhone that actually does something with that information, everything being said is just speculative FUD.
Techie @ Aug 7th 2008 11:27AM
It's the new and improve Apply Internet QOS haha....
Snitch @ Aug 7th 2008 11:29AM
So you want Apple to be responsible for the Apps you buy at the app store but you don't want them to Govern them????? WTF, how are they suppose to disable malicious apps????? uhhhh Genius.
Prasand J. @ Aug 7th 2008 11:36AM
@ etechshop
You don't own the phone, unless you paid the early termination fee. Until then you're just leasing or renting it ... AT&T, or the provider owns the phone. The same way there are limits to what you can do to a car that you're leasing, there will be limits on a phone you're leasing.
I imagine those that ranked you high suffer from the same ... "this is my car" delusion.
.
FuzzyCat @ Aug 7th 2008 11:54AM
echo "iphone-services.apple.com 127.0.0.1" >> /private/etc/hosts
CraigJ @ Aug 7th 2008 12:03PM
FTA "This *suggests* that the iPhone calls home once in a while..."
"...but by all *appearances*, this has been added to disable..."
I believe Apple is capable of doing this, however, Suggestions and appearances do not impress me. Have you considered that this guy is just looking for attention? Has he been able to sniff packets?
Like I said, it's possible, but I want more than suggestions and appearances before I get concerned.
StarChild @ Aug 7th 2008 12:19PM
@etechshop
You got it all backwards... Once you buy the iPhone, Apple owns YOU. If you look at it that way everything becomes clear.
Geoff Laughton @ Aug 7th 2008 12:44PM
Another problem that has arisen...2.0.1 disables your ability to put movies on your phone that you rip from your own DVDs. The only movies you can sync in 2.0.1 are those you buy from iTunes! This is in addition to, on my phone anyway, having all kinds of new bugs emerge in the mail program.
CraigJ @ Aug 7th 2008 1:04PM
@Geoff.
Then explain to me how I was able to rip Ronin and Pulp Fiction last night and put them on my 2.0.1 iPhone.
Maybe the problem is the user, not the firmware...
IndiaTech @ Aug 7th 2008 1:05PM
@Steffen
Dude it's not a question whether you are doing anything shady or not, it's the question of privacy. I don't do anything shady in my apt but it still doesn't give cops the right to enter my apt anytime they want or place a bug in my apt. In any case since it is MY phone I have the right to do anything I want with it. If I want to install a malicious app then I should be allowed to. Apple can however NOT service my phone in such case and if the app hacks into Apple's system then surely they can sue my ass over it. Apple should be looking at protecting their system more robustly NOT installing snooping software / code. I mean they should focus their efforts in fixing Mobile Me and having lesser down times on their online store.
@Prasand
ETF has nothing to do with Equipment Discount. ETF is a contract term. No you are not leasing the equipment from ATT. You still have to pay the ETF even if you DONT buy any equipment from ATT. You just buy the line. Original iPhone users paid the full price on the phone and yet have to pay ETF even if they disconnect. Since ATT didn't pay the full price on the phone, it cannot be called as leased equipment and they don't itemize this in their bills. Also, if you move out of ATT coverage area, you can disconnect their service, not pay the ETF and still keep the equipment.
That is why a court in CA recently ruled that ETFs are illegal in CA.
mymaclife @ Aug 7th 2008 1:35PM
@ Indiatech
If you want privacy don't live in the USA, Apple are the least of your worries.
BiggerX @ Aug 7th 2008 1:28PM
OMG! Good thing there are no Microsoft fanboys around to trounce on this unfortunate news.
puhsitch @ Aug 7th 2008 1:31PM
@CraigJ: That was exactly my thought. I don't know what's up with my comment's low rank business. It's hurting my delicate ego.
Prasand J. @ Aug 7th 2008 1:57PM
@ IndiaTech
I guess your "knowledge" on the matter limits and prevents you from understanding the "concept".
Would you have comprehended it if I said, "you don't own the network that the web based product runs on, and thus can't do whatever you want"? -- Regardless of how we spin it, the person isn't free to do whatever they want ... short of disabling all web / network features, and using it as a PMP ... and even then at the end of the day, they'd still have to pay for that. The technicalities of a ETF, subsidy or whatever one wants to address ... doesn't negate the fact, that one can't do every and anything they want. -- Whether it's Apple disabling an app that violates something, or an ISP that disables network connectivity.
There are limits.
Even with the things you own.
.
rDub @ Aug 7th 2008 2:31PM
@ Prasand J.
I completely agree that with your “you don’t own the network” line … however think of it this way:
I don’t own the roads I drive on and frankly I understand the need for cops of the roads to protect myself and other drivers … what I have a problem with is the idea that one particular car manufacturer is installing a cop in MY car instead of putting them out on the road where they belong.
IndiaTech @ Aug 7th 2008 2:35PM
@Prasand
I was just disagreeing with your statement "You don't own the phone, unless you paid the early termination fee." Even if I agree that I don't own the phone but I am just leasing it, it still doesn't give ATT or Apple the right to snoop into my phone. Take apt renting for example. Yes, I don't own the apt. But it still doesn't give the landlord any rights to come into my apt and do what ever they want. Yes, if I break things surely they can charge me.
And yes, ATT owns the network. But NOT the equipment which connects to it. Yes, ATT CAN prevent my iPhone or any other phone from connecting to their network if they detect I am running some undesired app or code. Say, teethering apps. But they cannot tell me NOT to install that app on my phone. Big Difference. By connecting to any network the network owner doesn't own the equipment.
Yes, I cannot do whatever I want on a public network but I can surely do whatever I can with the phone I own.
Anthony H. @ Aug 7th 2008 3:20PM
Nuttybar's inbox should be hurting by now..
SOOPERGOOMAN @ Aug 7th 2008 3:46PM
I don't even like apple and this is NOW even more reason to not like them. I figure a simple browser redirect using a proxy server and hosting a rewritten page to list all of them active. Simple really when you think for two minutes.
I LOVE THE CAPS LOCK KEY @ Aug 7th 2008 4:24PM
@etechshop
It's just as bad as COMMUNISTcast censoring your internet connection.
Joe Anstine @ Aug 7th 2008 4:58PM
@Prasand J.
I paid cash for my car. It is indeed MY CAR. And no you are not leasing it (the iPhone). You got a discount on it because you sign up for a contract which guarantees the phone carrier an income for the next how ever many years. Do you even listen to yourself when you talk (or type)? Clearly apple wants to control what apps are on the iPhone because it means for them....get ready for it....MORE MONEY. Leasing it would require payments for the phone and not for the actual cell phone service.
That's why huge corporations suck so much. They screw the consumer at every corner and with some clever advertising and a largely uninformed population, they get away with it. The iPod phenomenon (yea, it is just that) is nothing more than good advertising. THAT'S IT.
There are better MP3 players than the iPod, better cell phones than the iPhone (the Nokia N95 8GB for example), and MUCH better computers than Mac's all for a fraction of the cost of the Apple product. It is all about the money, and when dealing with a money hungry corporation like Microsoft, Apple, ect. you are going to lose your privacy.
Wait and see what happens with your DVR's...they've been collecting information on you and what you watch for years now. Soon they will collaborate with car companies, clothing, electronics, ect. and have advertisements directed at you depending on what you bought.
Apple is and will monitor what apps you have and control which ones will work, ect. its not about mal-ware. that is the biggest load of b.s. you could ever take from Jobs if you excuse the fact that he says his products are worth the price.
Prasand J. @ Aug 7th 2008 6:25PM
I replied, but it posted at the end of the blog. So go there "if" you want to see it.
CAT @ Aug 12th 2008 11:37AM
This is no more or less than a "iTrojan" by Apple themselves!
More serious than let's say Apple partner T-Mobile spying on their customers (at least there they had not financial damage in the first place, but a massive attack on their privacy)
Also its existence being known and confirmed is likely to add a target to all sorts of hackers or "wizkids" trying to trigger such a switch with their own software on iPhones...
And you are absolutely right, the "we do this for your protection" argument is about as sound and serious, as Russia's reasons behind bombing Georgia even further into stone age.
javaper @ Aug 7th 2008 10:13AM
Remember the movie Anti-trust. thats the way its gonna go one of these days
Bender @ Aug 7th 2008 10:17AM
i'm not a bit surprised by this, i was kinda expecting apple to do something like this (assuming it is true). but than again i'm sure any cell phone company that wants to see what you have will simply do it so why bash apple and not all of them simply for being capable? I'm not very fond of the way apple works but this is an issue that other companies should also be screened for and i'm sure we'll find other steve jobs out there wanting in on our privacy.
Josh @ Aug 7th 2008 10:17AM
rachel leigh cook is hot
High Ranks make you sterile @ Aug 7th 2008 10:28AM
@Josh:
I'd have to agree... indeed, "She's All That" and more
High Ranks make you sterile @ Aug 7th 2008 10:29AM
^ what a lame comment
yode @ Aug 7th 2008 5:45PM
^ what a lame comment
BIlly G @ Aug 7th 2008 10:14AM
*waits for fanboys to somehow twist this topic into a smear against Microsoft*
ElfHerder @ Aug 7th 2008 10:26AM
Hey, you and NuttyBars - your pre-emptive fanboy trashing comments are just as fucking annoying as an actual fanboy comment would be - if there were any in this thread. Can you all kindly spare us your substance-less comments and shut the fuck up?
On topic - I agree partially with Olly here, but then I also think of the tethering app that came out last week which was first discontinued and then was back in the App store. What are the chances they could decide after you've paid your money for that app that they decide it does go against their ToS and they take it off your phone? I could definitely foresee that as a problem.
BIlly G @ Aug 7th 2008 10:32AM
Holy shit, comments on a blog. Serious fucking business.
Don't get your panties all knotted up little one, we're just injecting a bit of humor into the comments.
Mike Cerm @ Aug 7th 2008 10:34AM
Remember when Apple fans used to criticize Microsoft for WGA? Between all of the stupid restrictions and, now, the back-door monitoring on the iPhone, Microsoft looks good, by comparison.
happy_penguin @ Aug 7th 2008 11:00AM
Looks good or looks the same?
Alberto @ Aug 7th 2008 11:12AM
Man, I remember a time when you can just copy and paste programs from Apple to Apple. Now look at Apple..power hungry, control driven.
F this. We are seeing history in the making. A brand that stood for the rebels and free thinkers is now becoming "the Dictator". The very thing it stood up against.
I would spit on my Apple desktop, but it cost me an arm and leg to get it. But i will spit on Jobs...for being power hungry and greedy.
Jobs! I spit on you! And I Spit t your Apple logo. *F" you.
UnixSystemsEngineer @ Aug 7th 2008 11:34AM
I still can copy and paste almost all apps -- well, except stuff like Office.
Adding/removing software remains infinitely more logical and functional than certain other OSes.
... and now back to your iPhone comments..
Ender Wiggin @ Aug 7th 2008 1:05PM
@Steve Jobs
I spit in your general direction!
dBs @ Aug 7th 2008 2:36PM
@alberto
"You Either Die A Hero, Or Live Long Enough To See Yourself Become The Villain"
white_ultras @ Aug 7th 2008 10:15AM
"Calls home" does that mean like they can spy on you? Is that like the dreaded "Troyan horse" that calls home or something?
Could that possibly mean class action suit?
Ignacio @ Aug 7th 2008 10:29AM
The article is wildly misleading, it doesn't *send* any data regarding which apps you have installed, it simply downloads a page (an xml file) from that URL to check if there is any know trojan/malware/etc that was discovered after passing undetected in the first screening before appearing in the App Store.
In any case, I think that even if your phone finds out that one of its installed apps is listed in that page, it will most likely simply warn you and offer you the choice of disabling/removing said app, I doubt it will simply wipe the app off without confirmation.
Again: the phone *doesn't* send any info about your apps, it simply downloads a list of dangerous apps to check against, much like an antivirus virus definition file.
Hold McGroin @ Aug 7th 2008 10:30AM
Class action suit? Hahahhaha, nope iPhone owners are screwed because there's probably a tiny little sentence in the EULA for the App store that authorizes this kind of stuff.
You guys bought a locked and crippled device, now you get to live with it for 2 years. Maybe you'll vote with your dollars in the future instead of buying into the next fad.
Hold McGroin @ Aug 7th 2008 10:34AM
"Again: the phone *doesn't* send any info about your apps, it simply downloads a list of dangerous apps to check against, much like an antivirus virus definition file."
Fanboy. Since Apple has to authorize all apps, the ONLY thing this is for is app recall and breaking jailbreak apps. Your phone is crippled and Apple controls it. You're trying to spin this into a positive by regurgitating Apple's official response, when it's a way to make sure you only use your phone in an approved manner. Haha, you don't own your phone.
Andrew @ Aug 7th 2008 10:35AM
From the looks of it, Apple doesn't get any information actually sent to them (unless there's another mechanism in there there nobody has noticed.. yet). It simply checks via URL to see what apps it should not run anymore (Tethering.. GPS apps maybe?). I don't see how disabling the internet wouldn't fix this
Tes @ Aug 7th 2008 10:40AM
@Andrew...
Yes...disable the internet so you can continue using your internet tethering app unabated.
Andrew @ Aug 7th 2008 10:43AM
@Hold McGroin
Because every piece of software that's been checked, and certified, for use has 0 bugs, no vulnerabilities, security holes and always does everything it was intended to do..