back to article Apple's secret iPhone app blacklist

A researcher has discovered a URL buried in the iPhone hardware that appears to point to an application blacklist - potentially allowing Apple to retroactively remove applications it decides no longer fit the bill. The URL, reported by iPhone Atlas, links to a file on apple.com called "unauthorizedApps" that seems to contain a …

COMMENTS

This topic is closed for new posts.
  1. Andy

    Sounds scary...

    ...but really, I think I'd be more worried if they didn't have this facility. So long as they don't use it except for apps that really are dangerous - as the test app would imply. The tethering app that got pulled hasn't appeared on that list, which is a very good indicator.

  2. Jiminy Krikett
    Flame

    Whoa there a god damned cotton picking minute!

    One assumes that there would be an automatic refund via iTunes for any paid app being automagically removed?

  3. Anonymous Coward
    Jobs Halo

    Well, if Steve says an app is bad...

    ...then that's good enough for me.

  4. Adam Starkey

    Sound idea.

    As long as such a tool isn't abused (and I'm sure Webster will be along to provide an articulate and insightful post explaining how it will be), it's essentially no different to any filtering technology that gets a blacklist from a remote source.

    What it does show is Apple are a little more realistic about their abilities to catch malware at the submission stage than their press might suggest.

  5. adnim
    Flame

    Owning hardware

    So who owns that shiny new iPhone? Well the consumer holds it in their hands and possession is 9/10ths of the law. ROFLMAO.

    I for one actually want control over the products and software I use. I want to determine what it does, what is run, where it may or may not connect and what it does or doesn't download and install.

    I must say the more that hardware and software systems come under the control of the manufacturer the more OSS should become the norm for the wise user. Jump on the iPhone sheeple, conform, consume, obey.

    Flame me by all means, after all you really need to defend that purchase don't you? Why did you buy it again? Because it offers something you cannot live without, or because it looks good and makes you feel cool when you whip it out at the pub/restaurant? Rhetorical question, I am sure lots of excuses can be bandied about concerning the essential, can't live without it iPhone.

    Flame cos i's flame baiting, come on and bite posers ;-)

  6. Webster Phreaky
    Jobs Halo

    So what?

    If, after the release of some App, the developer or Apple, finds that a it has a major bug that could cause data loss, instability or some other negative effect, then it makes sense to have a way of disabling it, until the fixed version is available.

    Not every iPhone or iPod touch user is going to actively keep up-to-date on the status of every app they have installed.

    Or, more worryingly, if a rogue application developer has implemented some 'hidden' nasty features in one of their apps, a trojan, if you like - it's even more important to have some way of disabling it.

    I don't see the problem. The facility is there, IF it's ever needed. I don't see why Apple would "retroactively remove applications it decides no longer fit the bill." - unless that app has some major negative effect on the smooth running of the device.

  7. Anonymous Coward
    Jobs Horns

    Of course

    Apple could use this to remove virus and security damaging apps to protect their customers...

    Oh yeah right they'll just use it as an extra level of control and to screw their users into giving them money.

  8. Urs Keller

    It's about security, stupid!

    You may call Apple paranoid, but they want to make damn sure that 3rd party apps don't compromise usability, battery life or other characteristics considered key by Apple. As they cannot test every 3rd party application to the full extent, some application may slip onto the iPhones that only after a while expose some undesirable behavior. And how do you stop such applications?

    Every operating system has an application launching service, and this service may call home when or before launching an application. Asking for a YES/NO information will be very fast even if not on 3G. Alternatively, a scheduled task may periodically check the apps that are installed.

    A suspect has to be considered innocent until proven to be otherwise.

  9. David Perry
    Flame

    Makes me glad...

    ...I rejected upgrading to an iphone on grounds of I couldn't tether to it via bluetooth (even moreso when I read here on El Reg that an application which would support that function was killed off, once let alone twice!). Sticking to sony ericssons from now on as I was assured by a helpful o2 staffer that the new W and C series phones tether nicely with HDSPA :)

  10. Anonymous Coward
    Anonymous Coward

    Remind me again....

    ....WHY would anyone want to buy into Apple's draconian business model?

    I used to think that MS was unpleasant to deal with - But no - MS is a kitten in comparison to Apple.

  11. Jodo Kast
    Go

    MS doesn't offer this service

    MS doesn't offer a service like this. They want all developers to work hourly; they do not want developers to share in the profits.

    Period.

  12. Anonymous Coward
    Jobs Halo

    Ok own up...

    Who hacked Webster Phreaky's account?

  13. alphaxion

    I gave you a title, "..." is a valid title dammit!

    or maybe just a way to cripple any SIP app for the ipod touch?

    don't want to give people a reason to go for the cheaper device now, would we? ;)

  14. Anonymous Coward
    Jobs Horns

    Anyone else notice

    That the arguments from apple supporters saying why apple stuff is so great and everything they do is for your own good are usually the exact same ones the same people usually throw at microsoft as a criticism

  15. Steve

    @ So what?

    What have you done with the real Webster?!

    Or did your racist, islamaphobic rant against Obama use up all of today's bile?

  16. ton

    yeh right

    "A suspect has to be considered innocent until proven to be otherwise."

    apple is not a suspect, apple is a moneymaking machine. Does not matter, the fact that is was hidden and not launched as a "security measure" says a lot

    guess some people (usualy the ones paranoid about big companies) still see apple as a hippy outfit only interested is speading love and good will

  17. Steven

    I will just call my malicious app

    Bracket, semicolon, quote backslash. Should bugger up their ascii..

  18. Adam Starkey

    re: Anyone else notice

    >That the arguments from apple supporters saying why apple stuff is so great and everything they do is for your own good are usually the exact same ones the same people usually throw at microsoft as a criticism

    Yeah, that'd be why I allow MS's malicious software removal tool to run on my Windows boxes, wouldn't it?

    What's with the legions of idiot fanboys on the Reg comments section? I used to think the Mac fanboys were annoying, but the Windows fanboys are beyond insufferable; there's so damn many of them.

  19. Anonymous Coward
    Jobs Halo

    Apparently Apple can actaully polish a turd...

    .. so long as it's got an official apple logo on it, people will bow down before it and hail it as the greatest turd, the apple turd, a turd of breathtaking beauty and outstanding design. A turd that has indeed been polished!

    "Man, that polished turd is the mutts!"

    "Give me that polished turd lovin'!"

    "Steve Jobs makes the best dang turd in town! It's so good, I queued for six days just to get one!"

    Nutty.

  20. aldude
    Paris Hilton

    @Adam Starkey...

    ... sounds like a faboy to me.

    Here's a good example: MS was apparently so evil for forcing users to use perfectly good software like IE and WMP that they were even forced by the courts to release a version of Windows XP that didn't include WMP.

    On the other hand, Apple forces everyone (at least, everyone who isn't a techie and a good deal more who are) to use iTunes and a bunch of other software, and apparently this is perfectly acceptable.

    Paris, cos I feel as confused by this as she presumably does about everything.

  21. Jamie Kephalas
    Alien

    Prophet David Ike?

    Dialing home you say?

    where's David Ike when you need him?!

  22. Andy
    Flame

    Never use Apple

    Flame me if you want, but at least with M$ or Symbian you have some semblance of control over your phone/PC, and can install whatever you want, whenever you want without having to have permission from MS/Nokia. You can choose whether to remove those apps too!

    The control over who can develop and sell these apps mean that there is a real chance of competition on MS/Symbian phones, in terms of both app quality and price, whereas Apple force developers to sell via iTunes, so no competition there then - Apple will sell whichever apps make most money for them.

    M$ & Apple are both the same - screwing as much money as they can out of everyone they can think of - the only difference is that M$ has historically been better at it - M$ use their market position (which even their customers don't like) - Apple rely on their religeous fanatics who still love Saint Jobs after being screwed.

    **Wanted both Jobs & Gates with horns icons together**

  23. Anonymous Coward
    Flame

    @Urs Keller

    "It's about security, stupid!" - Apple have proven many time in the past that they have no concept of security. this backdoor it there is to illegally control what you can run on your useless piece of shiny plastic called the iphone.

    "A suspect has to be considered innocent until proven to be otherwise." - Apple have been found guilty of various crimes many times in the past. Apple is anything but innocent.

    Anti-Virus - Program design to prevent malicious applications from running (and cause harm) on a operating system. That is what will protect your iPhone from "bad" application. Apple pathetic attamps at controlling your iphone is not design for that. it is design to PREVENT you from using applications of your choice.

    The real evil empire is the no obvious one.. it is the one who prevent you by any means (legal or not) from enjoying products (that have been proven many times to be of inferior design and quality) that they have sold to you as inflated price.

    Apple is only good one thing: find peoples with lots of money who also are extremly simple minded and stupid and then sell them lower quality, badly design gadgets at very high price....

  24. Carlo Graziani

    This _Is_ A Security Hole

    Dan Kaminsky must be laughing his ass off today. All that is required is to poison iphone-services.apple.com in the cache of a few DNS servers, and presto-bango, iphones are queuing up to to slurp up delicious malware posing as firmware, or whatever it is that Apple plans to serve up on this channel.

    I guess iPhone owners don't really own their own phones anyway. Now they can look forward to having them ged pwned as well.

  25. Kenny Millar

    In what way

    ...is that ANY different from the 'Malicious software removal tool' that gets downloaded to every Idiot-PC every time MS does a software update?

  26. Crash
    Jobs Horns

    Say What?

    Microsoft has this service up and running for better than five years now. 18000+ in Apps. So what exactly are you speaking of Jodo Kast?

    Man these comments on here, research before please. The air is thick enough around this reality distortion fieled Jobs puts out.

  27. David Halko
    Thumb Up

    Sounds like a good way to remove Malware post-distribution

    If Microsoft distributed third party applications across all PC's wirelessly, one would expect them to have a similar blacklist infrastructure... <sarcasm>Not like anyone has ever seen a virus, work, or Trojan Horse on a Microsoft PC?</sarcasm>

    If you think about it, Apple is in the unique position to distribute software to their equipment for free from their users & 3rd party vendors.

    If someone secretly embedded Malware into an application which subsequently was deployed into 2 million iPhone's, this mechanism would be a reasonable way to address the security issue quickly.

    I suspect Apple customers are probably quite happy that Apple had considered security implications before releasing a capability as powerful as free wireless third-party application distribution to their platform.

  28. Adam Starkey

    @aldude

    >Paris, cos I feel as confused by this as she presumably does about everything.

    You certainly are confused, or at the very least you can't read.

  29. J

    @Carlo Graziani

    Hm... I does not seem so to me. At least not in the way you describe, injecting malware into people's phones. I might be mistaken, but from reading the article this looks like nothing more than a file containing app names. Maybe for **removal** of apps present on the device (can that be done automatically, without user's permission? I have no iPhone or Touch, so I have no clue). What makes you think that the list of apps would enable remote **installation** of malware?

  30. J
    Jobs Horns

    Anyway...

    Well, if I can be accused of any fanboysm it would be the Linux-related one. And I am still happily using my 1st gen Nano, which does all I want it to do (play music).

    But I have to agree: if it was Microsoft hiding some "interesting" feature like that in one of their products, there would be huge uproar. No matter what their "future intentions" might be -- since **we don't know them**!

    Yes, it can be a good feature if done properly and with decency. But for some reason I'm not putting any money on it. I still want a 32 GB Touch though.

  31. DJ
    Jobs Horns

    One more thing...

    "You suckers didn't REALLY think you OWNED those phones, did you?"

    PT Barnum proved right again.

  32. Cody

    This is great

    This is actually a great feature. Apple is providing a true integrated experience. So they do not want you making inappropriate use of your iPhone, which might lead to a scrappy and fragmented experience and make you unhappy.

    They also do not want rogue unintegrated apps floating around, so they need to be able to remove inappropriate apps from your phone, since they would lead to inappropriate uses.

    I have been using Apple products for 20 years now, and am very happy with this. I do not understand what all you nay sayers and denigrators of Apple are talking about. Apple is great!

  33. Maurice Shakeshaft

    Caveat emptor

    or whatever the Latin is for "buyer be aware".

    I can't dream of ever buying an iPhone. I just want to make and receive calls and texts. No music, pictures, diary, up/down/side/back-loads. But it's nice to know that there are people out their who look into these things as it opens ones eyes to the potential greed and malevolence of suppliers that can be dressed up as "user protection".

  34. Carlo Graziani
    Thumb Up

    @J

    I believe the point is, nobody outside of Apple knows what the "phone home" functionality does, since nobody has decompiled the firmware. All we know is that there's a URL encoded in there, and that currently residing at that URL is a text file with a list of apparently blacklisted apps. I personally find it very unlikely that this is the only functionality available over this channel --- it wouldn't surprise me at all if a change in the data available at the URL could trigger a download/update of some sort.

    Leaving aside the trust implications of Apple screwing with people's phones without letting them know about it, they're doing the usual incompetent security job of it that is rapidly becoming the familiar signature of Apple software distribution. Given what we know about DNS weaknesses, at a minimum they need to hard-code a list of IP addresses, if they want phones to check back with them automatically. This may be less flexible than using DNS, but that inflexibility is better than creating a whole new class of mobile-phone botnets.

  35. Barry Rueger
    Coat

    48 Megs of iPhone update?

    What I want to know is why Apple keeps DEMANDING that I download and install a 48 meg iTunes update whose sole feature is to make it iPhone compatible. I don't own an iPhone, I am certain never to buy one, yet I am forced to add this to my system.

    Which, like every iTunes update, and nearly every of the weekly Apple updates, requires a reboot.

    Honestly, MS at least gives you the option of refusing an update that you don't want.

    (Mine's the one with the cheapo LG phone in the pocket that (horror!) is used as a phone and nothing else, on a Virgin pay-as-you go plan no less.)

  36. james

    suggest apps that might be included ...

    Who else is waiting for netshare to disappear from their phone? Just me?...

  37. Anonymous Coward
    Boffin

    @Cody

    You are exactly why at Apple, we made light of the "Think Different" campaign of the late '90's by joking that we'd be shocked to see an Apple customer "Think", much less "Think Different".

  38. Robert Oakes

    Caveat Emptor

    Is what buyer beware means in Latin.

    Personally i have no problem with what apple are doing to do, for instance what if a app posed as a free game secretly logged data and internet usage and sent back the information when connected to the net - would it not be better for apple to remove that app??

  39. Kanhef
    Joke

    Webster Phreaky defends Apple

    More signs of the apocalypse soon to follow.

  40. the enemies of god
    Stop

    apple isn't m$

    unless the "app" they remove is the one that unlocks your iphone

    (or the one in your tinfoil hat that keeps the voices at bay)

  41. Crash
    Jobs Horns

    Comment to Apple

    Now let me get this straight. After the initial process of 1-3 mos of diligent code proding by Jobs and company, through the vaunted security of Mac, several of you think this is about malware protection? Think about that for a minute. I dont think so. This is strictly about Jobs obsessive heavy boot control issues.

    Do you really want to know why 95% of the pc sold are window configured? We like choice! You figure it out.

  42. Crash
    Jobs Horns

    Oh my....

    "Apple is great!" The Koolaide is strong in this one!!

  43. David Austin

    title

    Don't see this as any worse than ActiveX Killbits in IE. Could be a good emergency app killer.

    But, we all know apple like to be in control, and I'm a little sceptical after the stunt they pulled with Safari and Apple Update.

    Bottom line: Nothing wrong with the idea - it's how they use it that will be the decider of this being a good or a bad feature.

  44. Anonymous Coward
    Flame

    your are mostly all nerds!

    If you are all as amazing and clever as most of you seem to think, why are you stuck in two bit jobs, obviously no girlfriend to speak of (come to mention it no life) and spending you days expressing how apple/ms/a.n.other sucks/got it wrong/are better than the other and how you'd do it so much better? Stop bitching and whining and do it if you're that good! At least gates and jobs had the balls to have a go. They are now of course incredibly rich - unlike you losers.

  45. Crash
    IT Angle

    Rich is all subjective...

    I'm rich....why arent you?"your are mostly all nerds! "

  46. Anonymous Coward
    Thumb Down

    @ MS doesn't offer this service

    I know, its a shame software developers like adobe and autodesk dont have to give microsoft 30% every time they sell a product.

    And when someone makes a free alternative microsoft cant blacklist it to make sure they get their money for the pay version.

  47. Rolf Howarth

    Avoid Apple

    Avoid Apple because of the Draconian control they can exercise if they choose by all means... except Nokia, Palm, RIM etc. all have exactly the same feature. Why does no-one make a fuss about that though, I wonder?

  48. Graham Lockley

    @your are mostly all nerds!

    >obviously no girlfriend to speak of

    Umm sorry to disapoint but I DO have a girlfriend, I just hope to christ the wife doesnt find out !!!

    :)

    Seriously, its called argument/debate/banter, you should try it sometime. Reading El Reg is only the same as picking up a newspaper every day, you spend 30 mins or so browsing the stories and another 30 mins chuckling at some of the comments.

    Of course your 'losers' comment suggests you are a mega-rich head of a multi-national company, no ?

  49. heystoopid
    Paris Hilton

    Ifoney , your Back Door is wide open !

    An open Back door , just what NSA needs to turn the device into a fully fledged active mobile self bugging machine , now where are the open side windows for the wayward socialites to escape from , that be the question ?

  50. Neoc

    @Adnim

    "possession is 9/10ths of the law. ROFLMAO"

    Ah, yet another taken-out-of context quote which has made its way into the cosmic consciousness. The other one is "people only use 10% of their brain".

    Yes, possession *is* 9/10th of the law - but the original quote was pointing out the fact that 9 out of 10 items in the Law books dealt with how to decide who owned what. This may have changed since then to "litigation is 9/10th of the Law". ^_^

    As for the 10% bit, it had to do with the early MRIs where doctors found that *at any point in time* about 10% of an average person's brain was active. Not the same 10%, not "only 10% ever used". The active parts kept on changing as the victim... er, subject... was asked to do different tasks.

  51. Rob Cooper
    Gates Halo

    Quelle Surprise

    I dont know why people act all suprised when they see this sort of behaviour from Apple.. I have never seen so much lock in from one company (and no, MS are no where NEAR as bad as Apple for product lock in).

    You buy your overpriced iMac, iPod, iPhone, iCantThinkForMyself all of which will only work as they should with each other, failing to realise that Apple are ALL about control.

    Always remember, just because MS aren't perfect, it doesn't make Apple good.

    MS are bad for smothering the market, yes, but they are getting better, more open. They are starting to realise they cant go on pissing off the masses and losing market share. I can happily go home to my "buggy, bloated OS" and do what the hell I want with it, connect pretty much any device, whatever.

    Apple seem to be going the other way, more closed doors, more lock in, less interop. I just feel for the many people that have shelled out a lot of cash for a crappy over-hyped product by a crappy over-hyped company.

  52. adnim

    @Neoc

    I understand now, yes I fell for the misconception. Thanks for pointing it out, education is a fine thing, I might get myself one someday ;-)

    I was aware of the truth behind the 10% brain usage assertion. I do feel however that the average consumer only has 10% of the neuronal connections found within the brain of a normal healthy sheep.

  53. Ascylto
    Pirate

    English Language

    "Apple is in a pretty unique position ..."

    Sorry, you're not allowed "pretty unique". Something is either unique or it isn't ... you're not allowed modifiers!

    Your Friendly Pedant.

  54. Anonymous Coward
    Stop

    Dunno what all this fuss is about...

    The iPod Touch, for example, in it's "pristine" just out of shop condition, was a cute gimmick and a usefull device in some cases if you knew how to use it.

    You could play music, and movies, and load photos at a 1/10 de-compression rate (really, why the hell are all photos uploaded by iTunes on the device 10 times the original size, even though the device supports normal compression rates - see Camera Roll in iPhone, which uses normal JPG/TIFF files), you could browse the net in a thoroughly enjoyable way and you could read your mail - hell, you could even read books, by mailing DOC files to yourself, and opening the attachment from Mail in Safari (the auto font was a bit on the smallish size).

    But really, this got old fast - it just became another gadget, and started to get left at home more and more often.

    Then, jailbreaking came up - the Installer and afterward Cydia apps appeared, and the BSD or Debian subsystem (depends on your app, Cydia puts a Debian subsystem i think).

    And the iPod Touch basically became a mobilePC (as in personal computer, i always find it stupid when people say "PC or Mac", when both are PC).

    I have a console on it (Terminal), Vim, Lynx, and all the godies of Linux under the hood, accessed through the console, and a ton of other apps on the surface, installed through Installer or Cydia.

    I can forgo iTunes syncing most of the time - except for music - i upload all movies, documents and photos to the device through other means, put them wherever i want, and access them whenever i want, with different apps than those Apple provided.

    Reading books on the device is now a pleasure - i actually got so used to it, i find it hard to return to dead-tree format. Of course, the screen is still kinda small for this, but untill i get an e-ink device this will have to do.

    Still, one tap page changing, being able to adjust the colors of the background and font, the font itself, and so many other things do count a lot.

    The Maps application in itself, would only have been useful when tethered to a Wi-Fi connection - not so after jailbreaking, when i could install Maps Offline, and just Save/Restore map caches, from those made by the device itself, to caches made by you on your PC (if you make a Google Maps cache on your PC, it takes some space - Helsinki, from up-above view to maximum zoom, Map view without Satellite, takes 180 MB).

    There are countless other applications that you can install after jailbreaking, and all of these have made the iPod Touch a device that never leaves my pocket.

    So, don't bother with an expensive combination of an iPod Touch and a substandard phone, when you can just have the iPod Touch, and after jailbreaking have one of the best PDA's on the market.

    In time, someone will also provide solutions for its greatest failures - the lack of copy/paste, the need to upload unsupported files through Wi-Fi only, as the cable is only used by iTunes, and the greatest failure of all, lack of multi-tasking.

    And yes, i am very very very bored right now, otherwise i wouldn't have bothered to type this much.

  55. Anonymous Coward
    Jobs Halo

    iRobotPhone

    Automatic updating of technology from a central source? I've seen that in a film about a nightmare future...

  56. Jared Earle
    Stop

    NOT what is being reported.

    The blacklist isn't an app-killer.

    It's a "Core Location Blacklist"; a list of applications that are not allowed to access Core Location.

    http://daringfireball.net/2008/08/core_location_blacklist

    Way to over-react, guys. Thanks for displaying your religions.

  57. Nameless Faceless Computer User

    Dude - it's a phone

    I guess I'm alone. I have no desire to install any application which would incur the wrath of Apple or my cell phone service provider. The primary use of my iPhone is to make phone calls and maybe listen to tunes and vids during a long idle period. The most radical thing I intend to do is install my own battery.

  58. John Bailey
    Alert

    Just a minute! I smell something fishy..

    If this is to stop malware and viruses and trojans (oh my) then why is it on the iPhone?

    Isn't one of the standard boasts of the fruit logo persuasion that Apple doesn't have malware, and as the iphone is an Apple product, it can't possibly be sullied by such a thing.

    And if the reason why you can only buy apps from the Apple store is to maintain the sanctity of the platform, and not allow badly written apps to degrade the experience, then how the hell is it ever going to need any security system to blacklist Apple approved apps?

  59. paul
    Jobs Horns

    iphone without itunes

    I run linux - Im tempted to buy an 2G iphone from a friend (i like the screen) as he is getting 3G (typical apple fanboy - anything made by jobs he has to have).

    Anyway - Im looking forwards to trying to get it work without iTunes.....

  60. Treacle
    Alien

    I for one...

    I for one welcome our new iOverlords...

  61. Anonymous Coward
    Paris Hilton

    i bet...

    stevie boi is ROTFL - talk about dumb ass user base... its like taking candy from a baby

    paris - all iDiots together.

  62. Anonymous Coward
    Paris Hilton

    Dailymail readerships all around?

    Read your EULA/contract, you will probably find apple reserve the right to do what ever they want?

    I cant believe that all these liberal Guardian reading types are happy for some one to control there phone on the basis "if you have nothing to hid and do no wrong, you have nothing to fear from an invasive authoritarian regime”, I wonder if they are so happy on the CCTV cameras dotted around Britain spying on them just in case they doing something bad!? (After all, if you have nothing to hide)

    Imagine that guardian reading apple users and "Daily Mail" readers... what strange bed fellows.

  63. J
    Happy

    @Rob Cooper

    "I can happily go home to my "buggy, bloated OS" and do what the hell I want with it, connect pretty much any device, whatever."

    Depending on what you want, you could surely be breaking the terms of the EULA then (I hope you read that, didn't you?), and a BSA representative would be happy to reeducate you whenever possible.

    You can NOT do "what the hell you want" with Windows. Specially Vista, I've heard (but not experienced), since it has some strong-handed DRM thing that seems to cause trouble even for legit content, in many cases. Or so I've heard. I don't care, actually.

This topic is closed for new posts.

Other stories you might like