Apple Can Remotely Disable Apps Installed on Your iPhone

Illustration for article titled Apple Can Remotely Disable Apps Installed on Your iPhone

By now, we're well aware that Apple can make apps vanish without a trace (or explanation) from the App Store. But Jonathan Zdziarsi, the author of iPhone Forensics, says that Apple can actually remotely disable apps installed on your iPhone. Apparently, there's a blacklist URL in the iPhone's OS that he says "suggests that the iPhone calls home once in a while to find out what applications it should turn off."

Advertisement

He says he found the URL (https://iphone-services.apple.com/clbl/unauthorizedApps) "tucked away in a configuration file deep inside CoreLocation" while doing a forensic examination of the iPhone 3G. It appears to be reserved for disabling actually malicious apps, not ones that Apple just doesn't like and might've yanked from the store. After all, no apps have shown up the list yet, and NetShare, the tethering app that is currently pulled from the store remains operational on all the phones we have it installed on, even after a sync.

Advertisement

But effectively invading one's phone is different than removing something from their virtual store shelves. If they ever use this exceptional-maybe egregious-power, Apple would have to explain why. The standard silence simply wouldn't cut it. [iPhone Atlas via MacRumors]

Share This Story

Get our newsletter

DISCUSSION

carrercrytharis
CarrerCrytharis

@s017jrs: Right, yes, but then why does the phone have a URL that says 'unauthorized apps'? In fact, why would the phone need a URL at all? If all you're doing is sending a 'wipe all data' signal from Apple headquarters to the phone, then why does the phone need to access a URL?

I suppose this is useful in case a genuinely malicious application slips by Apple's much-vaunted vetting process; what I'm arguing is that this is not equivalent to being able to wipe a phone's memory remotely.

It's possible I've missed some key point; if so, feel free to correct my misunderstanding.