Slashdot Mirror
Apple Can Remotely Disable iPhone Apps
mikesd81 writes "Engadget reports Apple has readied a blacklisting system which allows the company to remotely disable applications on your device. It seems the new 2.x firmware contains a URL which points to a page containing a list of 'unauthorized' apps — a move which suggests that the device makes occasional contact with Apple's servers to see if anything is amiss on your phone. Jonathan Zdziarski, the man who discovered this, explains, 'This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down. I discovered this doing a forensic examination of an iPhone 3G. It appears to be tucked away in a configuration file deep inside CoreLocation.'" Update: 08/11 13:07 GMT by T : Reader gadgetopia writes with a small story at IT Wire, citing an interview in the Wall Street Journal, in which this remote kill-switch is "confirmed by Steve Jobs himself."
I Am Rich app, anyone?
It's better than having a lot of malicious programs out there, using data or sending personal information, with no way of recalling them.
Shouldn't be used unless it's deemed "dangerous".
"I am rich" for instance is a legitimate app, although without much purpose. But let's be honest, a lot of apps in the app store has little or no purpose. A 12$ flash light, anyone?
Given the unpatched Kaminsky DNS stuff on desktop OS X, or even just spoofed ips, doesn't this mean that a malicious attacker might be able to spoof the apple "ban list" and disable core functionality? How long until this can be exploited with a list of the core os x daemons thus "bricking" the phone until ?
Here's a interesting DoS to cost people money with DNS poisoning.
ok can we please just get all the apple fans make their excuses early on. the iphone is a fiasco but nothing will take their blinkers off, so lets just let them get it off their chest early.
If you mod me down, I will become more powerful than you can imagine....
http://daringfireball.net/2008/08/core_location_blacklist : "An informed source at Apple confirmed to me that the âoeclblâ in the URL stands for âoeCore Location Blacklistâ, and that it does just that. It is not a blacklist for disabling apps completely, but rather specifically for preventing any listed apps from accessing Core Location â" an API which, for obvious privacy reasons, is covered by very strict rules in the iPhone SDK guidelines."
..Apple fanbois!
*ABSOLUTELY NOTHING* justifies phoning home without having asked the user at some point.
Explicitly.
Up front.
In his/her face.
"But it was there in the EULA" is a stupid argument. The "ohhh shiny!!11" crowd wouldn't have read it, and most reasonable people cannot be expected to.
Disclosure: I have a 4gb iPod Nano which I got for free. I'd rather have something else which wasn't bound to the fancies of Lord Steve, but currently cannot afford it..
[Slashdot Comments We Liked]
This story is more then 3 days old. Am I supposed to be surprised that Apple has this built in?
Sorry guys. This is brouhaha over nothing. The blaclist in question does NOT disable apps remotely but instead disallows listed apps form accessing the CoreLocation framework. See http://daringfireball.net/2008/08/core_location_blacklist
So how long before Net Share gets disabled?
Unfortunately I missed this app when it was on the App Store and I've been looking for a way to install it, but I suspect now that even if I succeed, that it will get disabled by Apple in the coming weeks/months.
iPhone newbie question:
Is there a way to install apps which have been removed from the App Store by somehow getting the binary?
Oh, come on don't you spoil our neat little flamefest based on mere guesswork and Anti-Apple bias with your boring and irrelevant facts, please.
I mean this if Slashdot, if you want news, please go to CNN.com. Ah, damned, they don't want their stories being diluted by facts either...
There are two rules for success:
1. Never tell everything you know.
No, there is indeed something rotten in all this. It's not the destination of the call home thing, it's the call itself. As stated before, there is no reason whatsoever it should call home without asking permission before.
This sort of problem is now years past the place where it can be solved by "voting with your dollars," or hoping that exposing the problem will create bad PR and shame the company into correcting it.
I don't know what parts of our constitution are still operative today, but if we can't get the public interested in privacy rights, get Congress interested in passing appropriate legislation, making "phoning home" against the law--and getting those laws enforced--then Apple and Microsoft and Sony and everyone else will continue to do whatever is technologically feasible, convenient, and supportive of their corporate goals.
It's naive to think that there are Good Companies and Evil Companies and that the answer is to put your faith in the Good Companies.
Of course, I do hope that exposing the problem creates bad PR and shames Apple into fixing it.
"How to Do Nothing," kids activities, back in print!
Search the internet and you'll find that the aforementioned blacklist is actually included in the Core Location service and it serves the only purpose to block certain applications to use it in order to protect the privacy of the user. So no iphone getting back to block your pirated applications. Let's move on boys.
if it in the end does the same, what difference does it make how you call it?
Assuming that is indeed correct, and I have no reason to believe one way or the other, why is Apple using a BLACKLIST for restricting applications' access to CoreLocation? Wouldn't a WHITELIST be much more appropriate?
Default Deny is a good security maxim and would seem to be very appropriate in this case.
(Not that it would prevent someone from spoofing the site in question)
The blacklist in question does not blacklist applications from running on the phone. It's a registry of applications which are denied access to the "Core Location" service - i.e, when you don't want the phone to use GPS or triangulation data for privacy reasons. Seems perfectly reasonable to me. I don't want apps broadcasting my location without permission.
... and then they built the supercollider.
The whole speculation on Core Location comes simply from the URL having clbl in it, which supposedly stands for Core Location Black List. There is no other evidence provided that this is only what it does, nor does it mean that Apple can't use it in some other form or that they're not working on a set of black listed applications they can retrospectively turn off. Apple have already shown how developer friendly they are by pulling applications from their store without warning.
Personally, I find a black list like this an exceptionally stupid and blunt way to deal with access to Core Location.
Couple of hours before this story got onto the /. front page, Engadget had this scoop:
http://www.engadget.com/2008/08/11/jobs-60-million-iphone-apps-downloaded-confirms-kill-switch/
Steve Jobs has confirmed the kill-switch, and defends it as a "responsible" way to make sure they can deal with it if a malicious app finds its way into the App Store.
Get with the times, editors!
sig:- (wit >= sarcasm)
Slashdot: Well, yeah, I mean it would stop bad apps from being runaway in the wild, right?!
Microsoft: Hey guys, lets make a cellphone, and have it phone home to see if there are any bad apps running on it!
Slashdot: WHAT DO YOU THINK YOU'RE DOING, OH MY STALLMAN, THE HUMANITY!!!!
512$ ought to be enough for anyone
It's not youPhone, it's iPhone. And so it phones.
Scandalous!
I record my sleeptalking
I never post in these threads, but I thought this one was worthy.. I'm a fan of neither company, but if this was MS instead of Apple - zomg.
More and more it feels like every iPhone belongs to Steve - people are just leasing it from him. There's just *no way* a phone should contact another server without the user knowing it or expressly permitting it, and there's absolutely no way in hell it should disable an application which the user deliberately installed, period. The end.
Where can I sign up for the really expensive phone with no buttons, locked into a single provider, that I can't modify or enjoy in any way (except the approved ways I suppose).
I'd really like one of those.
Imagine if you weren't allowed to use roads because a bus company complained about your driving 3 times. --skunkpussy
What? A simple HTTP GET to get a list of applications which can't have access to Core Location services? The simplest explanation is that it will protect user's privacy if an application includes something that gives away this information, and Apple included this as a means to stop rogue apps.
It's not as if it is sending a list of applications back, or other private information. Of course the articles and a lot of people are assuming that it does this and then getting all frothy and righteous about it.
There are currently 2000+ iphone applications. When polling a server should you a) return a list of 1999 good applications, or b) return a list of the 1 bad application...
One more thing to tell and remind us whom we can trust... Isn't it just another "didn't I tell you?", which RMS is classy enough not to spell out?
Now, mod me down freely. My karma can't get any worse...
It's probably in the terms and conditions of ownership, and thus every owner has given permission already.
It's not like Apple is collecting user information here. It's a HTTP GET as far as I can tell, with no information being supplied to Apple, just a list of applications that are bad and that the user shouldn't run for their own protection.
Going beyond this into the realm of assuming that apple are collecting user data, disabling applications they just don't like, etc, is stupidity on the level of people who believe in conspiracy theories.
That blacklist is about using CoreLocation API, not about disabling the applications completely. Application needs to ask the user if they want to use CoreLocation for obvious reasons, and apparently there it also keep a blacklist for security purposes.
Unless they're going to produce a "disabled apps" page for each individuals iPhone then of course this wouldn't allow them to do that.
Bad analogies are like waxing a monkey with a rainbow.
Wouldnt an app just jailbreak the phone, edit /etc/hosts to remap this to somewhere else (or see another way to disable it)? That would stop the app from being blacklisted on that phone (and all the others that would come after it).
Sure you have to get perms but if you can get a user to install malware that can be blocked its probably not that hard to get them to also enable it (or find an automated way around the "permission request").
Would that not mean its a trivial thing to make this whole concept of blacklisting moot? And if malware can disable it quickly and easily, would this not just be a wasted effort on apples part?
If the Beast gets wind of this concept, they'll start shutting down Quicken, Firefox, Thunderbird....
A cynic is a man who, when he smells flowers, looks around for a coffin. -H. L. Mencken
The combination of this and DNS cache poisoning attacks sounds bad. Of course, it could be checking some kind of server certificate, if Apple is smart. The "article" (more a rumor report) doesn't say...
One word: rental.
Here be signatures
Old news for nerds. Stuff from last week. (tm)
Hmmm, explains a lot - though I can see a lot of infringement cases come up. Including one against patent infringement lawyers. I wonder who'll represent Apple there?
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Well, YOU don't make the choice of when you want your leased phone to use GPS or triangulation data when it's phoning home behind your back, do you?
Technology -- No Place For Wimps! Grateful Dead and Jerry Garcia Chatroom -- http://www.wemissjerry.org
Or you could be talking out of your arse.
Bad analogies are like waxing a monkey with a rainbow.
But then let's not hear any philosophical issues as to why we should use Linux or MacOS instead of Windows. If you are a pragmatist about your tech gear and use whatever does the job you want the best at the best price, then great. That's a very unhypocritical position, and a rather practical one. However if you get all high and mighty when a company you don't like does something that has a philosophical downside but then downplay philosophical concerns for practical ones when a company you do like does something, well then you are a hypocrite.
I don't mind people from either camp: Those that feel that philosophical issues are the most important and if that causes practical problems, it's worth it and those that feel that practical use is what matters the most, never mind the philosophy behind it. However I can't stand people who are ok with anything so long as "their side" does it and yet cry foul when the "other side" does it. That is just fanboy crap right there.
Now I'm not accusing you of being this way, I've not read your posts, I don't know. I am just calling your attention to this. If you are truly a pragmatist, then let's not hear any bitching about things Microsoft does that are generally against a free and open philosophy, but don't matter in the practical world.
More and more its beginning to seem more like the !phone.
Mod me down, my New Earth Global Warmingist friends!
"Apple raised hackles in computer-privacy and security circles when an independent engineer discovered code inside the iPhone that suggested iPhones routinely check an Apple Web site that could, in theory trigger the removal of the undesirable software from the devices.
Mr. Jobs confirmed such a capability exists, but argued that Apple needs it in case it inadvertently allows a malicious program -- one that stole users' personal data, for example -- to be distributed to iPhones through the App Store. "Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull," he says." - http://online.wsj.com/article/SB121842341491928977.html?mod=rss_whats_news_technology
So - it IS for disabling apps - and we(you the iPhone owners) will just have to hope that they donøt disable something they shouldn't disable.
To sum it up: The blacklist IS for disabling apps!
Default allow means you're open for abuse. Doesn't matter that there's only 1 bad app (right now). Could be thousands next month. And I'm modded troll for saying this?
Strange... No "conspiracy haters" idiots writting on this topic yet? Ok, the blacklist is to disable use of GPS and related API... But I do not like too much, because if Apple can do this, who will stop then for blacklisting other software like "jailbreak" and any non-apple (but desired by user) software?
Religion: The greatest weapon of mass destruction of all time
So, Apple is my Mommy!?
Oh, come on don't you spoil our neat little flamefest based on mere guesswork and Anti-Apple bias with your boring and irrelevant facts, please.
I mean this if Slashdot, if you want news, please go to CNN.com. Ah, damned, they don't want their stories being diluted by facts either...
Yeah! And another thing, I'm getting a kick out of negative Apple posts getting +5 and positive ones getting -1 !
I'm going to church to today because I'd never thought I'd see this on Slashdot! There's all these wars and oil and food prices are through the roof. I think I saw this in a movie about the World coming to an end with that 'Growing Pains' kid all grown up. And my cat, it slept with a dog last night.
The end is nigh!
Reminds me of that 1984 television commercial vilifying IBM. When apple does it then all of a sudden they are doing it for their users. The irony is precious
If Apple wants to do crap like this, why not just create a host file entry to the offending "deleting website" to prevent the phone from accessing the site. Make it work much like the poor man's version of ad blocking by setting the offending URL to pair up with 127.0.0.1. After all there is no place like 127.0.0.1
How is this practically any different?
You know it's really sad when a poster doesn't even RTFA or read the RTFT(thread). Engadget, and now Slashdot.. Are people on the internet really that illiterate now and just follow the leader? After MANY posts (many by me and many by others) on Engadget, people STILL insist "APPLE IS GETTING SUED!" or "Ha! What are you fanboys going to say to this?" and the best one "Haha Same as the Microsoft WGA". Anyways I've already made too many posts and feel redundant, but rumors and speculation to get THIS far is simply sickening.
- I still can't sync iPhone's iCal or contacts to my employer's enterprise Oracle Calendaring system, a full year after the iPhone was released.
- The phone does crash. It has input method problems, particularly when auto-correct does something wrong and there's no means to turn it off.
- A (somewhat expensive) flashcard app I bought to study Simplified Chinese characters lost all of the cards I input due to the Apple 2.0.1 OS update. There is no mechanism in the app to save cards externally. Furthermore, it is buggy and crashes often. The app store is filled with crap and there's no mechanism for returns. Also, many reviews in the app store are clearly sales propaganda.
But, if jailbroken, the iPhone is the best smartphone on the market for IT folks. You get a shell and ssh with network anywhere in the city. That's very nice for when I have to fix a server nightmare while in the movie theater or out at a party. I sure wish Apple would sell me something like that so I wouldn't have to bother jailbreaking my phone. I'd also like a WIFI VOIP phone for campus wide communications off the cell phone network. A good laptop tethering solution, like most other smartphones offer. And, perhaps, a way to sync my calendar over the air with competing products - like, say, from Oracle.
Look. I didn't hack the phone to run Bittorrent or Skype over AT&T's wireless network. But I bought this phone to service work-flow. It must pay for itself in increased productivity, or I will consider this a wasted investment. Apple: Get your act together. Your App store sucks, with even suckier apps, and this customer is feeling pretty damn used and abused by the process. Furthermore, please pay more attention to your customer needs. I do not need to show off this nifty iPhone to everyone around. I do, however, happen to need a good handheld calendaring solution that is compatible with my employer's system.
I don't think the duress excuse will work.
Regardless, if apple even tried disabling one iphone 3g, their whole world will come tumbling down.
They can claim all the license restrictions in the world, that doesn't excuse disabling someone's mode of communication.
Cell phones could be a lifeline. Disabling due to a so-called license restriction is an actionable offense.
They would be well advised to explain this one appropriately.
They're using their grammar skills there.
... that as soon as someone dares to post something other than the usual expressions of paranoia and criticism, other less free-minded individuals accuse him of sheep mentality, or drinking the kool aid? Someone else has to see the irony in that!
You know, there is a difference between trolling and pointing out the flaws in your reasoning. Just saying.
There is a marked difference between contacting a party on a pay per month internet fee as opposed to a pay per connection cell phone. Also, it should be noted that, in the case of the windows pc, that a competent end-user will result in this being avoided all together. This is not the same as your case at all. In fact, it looks like Apple using the "malicious app remover" as a cover up to remove "malicious software" as they see fit. I wonder if the service agreement states they can do this and charge you for the connection fee. Are they going to reimburse people that purchase software that is later deemed "malicious"? After spending 512$... One should be able to put whatever the hell one pleases on it. They should offer it as a free app that can be installed if the end-user wishes to like windows does.
> Or you could be talking out of your arse
I could, I suppose, although I admit that the physical reality is that even musical flatulence is beyond me. Your speculation, albeit much funnier than mine, shows nothing whatsoever about whether this is true; if that were your goal, you probably should have suggested ways in which DNS might not be connected, the simplest being that the alleged URL of the blacklist server is coded with a fixed IP address.
But considering the amount of real info the "article" had, everything which was posted here was speculation.
Default allow means you're open for abuse. Doesn't matter that there's only 1 bad app (right now). Could be thousands next month.
No it doesn't. The set of installed applications on the phone is known. The allow/deny is a subset of that and can be inferred no matter which set is pulled from the server. The only question is which set to pull, e.g. the one that sends the least data.
heck even windows phones home when you do a search.
Also this approach is slightly different from phoning home, it's checking a list which is on the internet, it doesn't actually provide apple with any data about your phone/application list/who you are (which is what phoning home is about.)
Also, maintaining a blacklist is no different from a virus scanner downloading updates on the latest malware.
He can use Spotlight to find it.
This is my signature.
soid st egr.hyTa rsiugm usnin
Any questions?
Could you imagine if someone managed to hack that site and put up a list of all known iPhone apps...
I suspect it would be a very temporary inconvienence. I'd worry more about hacking their webmail servers and deleting your web page or their email servers and deleting your mail enmasse. This list appears to be a blacklist / remote disable - not a remote uninstaller. It probably just blocks execution. Once the app is removed, execution is allowed again. You still have the app on your Mac/PC plus your iPhone until you choose to remove it. Even if it were removed, since all apps can be redownloaded for free, it's still not a complete loss.
Oh, come on don't you spoil our neat little flamefest based on mere guesswork and Anti-Apple bias with your boring and irrelevant facts, please.
I mean this if Slashdot, if you want news, please go to CNN.com. Ah, damned, they don't want their stories being diluted by facts either...
If you want facts go to the Onion [theonion.com] for pete's sake!
Err, where did you get the idea that this killed iPhones?
It's a list of applications that the iPhone shouldn't run because they're malicious. There's nothing about killing iPhones remotely here.
Of course, the ITWire story itself is written with so much hyperbole and bullshit and speculation it is easy to get caught up in it and lose sight of the simple explanation. Apple run an application store and thus have some responsibility over the contents on that store. If they let some bad software on by accident, they need a way to ensure that end users can't run it.
All the rest is conspiracy theory non-story verbal wankery.
Oh, come on don't you spoil our neat little flamefest based on mere guesswork and Pro-Apple bias with your boring and irrelevant facts, please. ;-)
Okay, I got Linux installed. So where's the free beer everyone keeps talking about??
Let the race to first blocked app begin!!
Eclipse PDE and Me
Really, I think it's time we took these jerks to task. I am so sick of these corporations trampling our use.
You want to do this type of crap. Then give us the phone and the service free.
I pay good money for both my hardware and my media...so leave it the !@#$% alone Apple/AT&T.
- The Saj
After being the main driver behind establishing DRM technologies in the market place, Apple is now trying to firmly establish remote control over people's phones and the software they can install on it.
None of the other smart phone vendors can do this. I can install whatever I like on my Palm, Nokia, or Windows Mobile device, and none of those companies nor my cellular provider can do anything about it.
If Microsoft did anything like this, they would be torn apart in the press and investigated by the justice department. But somehow, when Steve Jobs does this, it's supposed to be OK?
Apple is using a pretty face to push some of the most evil technologies around. Apple must be stopped.
All major smart phones in existence, other than the iPhone, only contact the servers and services that the user wants them to contact.
Nokia, Microsoft, and Palm cannot remotely disable the phone. They can't remotely push updates on the phone. They don't control where users download applications from. You don't even need to use them with their desktop software. And all of them are available unlocked and on many carriers.
Only Apple's iPhone has mandatory tie-ins with the phone maker's desktop software, servers, store, and preferred carrier.
Apple has truly innovated here: in taking away control from users and setting a very bad precedent.
EvilApp(tm): I'm going to secretly log your geospatial location and travel history (and how many times you've used a public toilet in the last week) using the built-in CoreLocation API and send the information to my creators for their nefarious purposes.
Core Location Blacklist: Oh no you don't!
If Apple is doing this with the iPhone, what's stopping them from doing a similar type of thing with their OS X operating system? Could there possibly be any similar type of function in OS X that has yet to be discovered? If there was, I think that the backlash would be mammoth.
Confirmed. It's a kill switch. http://www.engadget.com/2008/08/11/jobs-60-million-iphone-apps-downloaded-confirms-kill-switch/
No, I'm sure this is just the tip of the iceberg.
You're still within the first 30 days. If you don't like the EULA, take the phone back.
Diress ? Assuming you mean duress, then what exactly was the duress ? A desperate need to own the iPhone 3G ? Or did the assistant literally hold a gun to your head.
I bought a 3g iphone on day 0 and was presented with 12 page att contract and a 15ish page Apple agreement, AFTER SWIPING MY CARD! I COULD NOT POSSIBLY READ THEM THERE, before signing the touch pad. I started to scan the Apple agreement, as I have never seen an agreement like that from MS, Nokia or RIM...and the Apple employee informed me that there was no time for that because the line needed to move. so no, it is not reasonable to say "IT WAS IN THE EULA!"
Interesting possibility. If Apple/AT&T has truly created a scenario where you are:
1) ...only allowed to purchase the phone from a physical store ...forced to sign a contract prior to purchase ...charged for the phone before you get to read the contract completely
2)
3)
This issue could probably be called into question. Especially depending on exactly how Apple/AT&T "enforces" where and when you get to read through the contract to your satisfaction. A good test of this would be to intentionally hold up a line specifically to read through the contracts in this manner to gauge their response. If they went so far as to throw you out or call the cops, such a claim would seem fairly legitimate.
8==8 Bones 8==8
You mean:
sudo echo "bad.guys.ip.address iphone-services.apple.com" > /etc/hosts
?
Correction: Apple Can Remotely Disable iPhone Apps from the App Store. Cydia and Installer are a-okay.
Attention deficit disorder is a complicated issue, spanning several major... HEY LET'S GO RIDE BIKES!
... a really simple cure to the entire situation: don't use an iPhone. Yes. I know that they are incredible. They're are a wonderful device and beautifully designed. To be quite honest, I want one myself! The cost, and the thought of the contract that goes with it have kept me from purchasing one. Besides, what is a person really purchasing a phone for: to use a phone, or to be a member of the "in" crowd? There *are* alternatives. How about OpenMoko? http://www.openmoko.com./ They even have a developers site set up: http://wiki.openmoko.org/wiki/Main_Page.
if you want news, please go to CNN.com. Ah, damned, they don't want their stories being diluted by facts either...
You're absolutely right. People should go to Fox News instead.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Hardly the case...
The Blackberrys have the ability to be remote wiped of all data, for example.
And although no mention has really ever been made of it, I see no technical reason why other carriers like US Cellular couldn't easily "revoke/kill" purchased apps on their users' phones either? They use a DRM mechanism where they issue you a "key" when you download the app. Seems like a forced download of an update could cause all the apps to need a fresh key in order to keep running? (Unlike Apple, who has the whole iTunes store with actual user accounts on it though, you're screwed if your physical phone breaks with US Cellular. All your apps are just lost, period. You don't get to re-download them using some user acct. that "remembers" what you paid for previously.)
I fully understand and expect that my mobile phones are subject to more control by carriers than a "stand alone" device like my personal computer. If your #1 worry is getting to run whatever you want on your iPhone, vs. actually USING it as a CELLPHONE - then fine. Just re-flash the thing with whatever code you like. It's not a "non user updatable" device, obviously ... as all the "jailbreaks" prove.
A virus that is transmitted to all nearby phones via bluetooth that repeatedly calls 911 or some other number...
I'm sure that creative folks here can think of things that would be even worse...
Should there be a way to pull from all phones simultaneously? Even if its never used, would probably discourage such malware from ever being written.
Reality has a liberal bias
Get people to accept it on their phones, and this 'feature' will be accepted on peoples desktops. "to protect us against evil hacker viruses" or some other such nonsense.
Then its our documents.....
---- Booth was a patriot ----
I thought it was AT&T's job to disable iPhones with their crappy coverage.
Have gnu, will travel.
revocation appears to be certificate based
Did they really say that?
It appears to actually be based on the 'package name' (or whatever they call it):
{ "Date Generated" = "2008-08-11 16:32:49 Etc/GMT"; "BlackListedApps" = { "com.mal.icious" = { "Description" = "Being really bad!"; "App Name" = "Malicious"; "Date Revoked" = "2004-02-01 08:00:00 Etc/GMT"; }; }; }
The guys at Management Alternatives Limited have already taken down the page for their blacklisted app.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I will never understand why the geek community gives Apple a free pass. It seems to me like they're a far more worrisome company than Microsoft and seek not just to embrace DRM, but innovate in the onerous field and extend it to the masses.
Comment removed based on user account deletion
It's my phone, not yours, so you don't get to decide what is and isn't acceptable to me. Arrogant fuck.
http://www.macrumors.com/c.php?u=http%3A%2F%2Fdaringfireball.net%2F2008%2F08%2Fcore_location_blacklist&t=1218475803
DaringFireball.net clarifies that the published blacklist url likely only blocks malicious apps from accessing the iPhone's Core Location functions. Core Location allows applications to detect the user's location through GPS and Wi-Fi triangulation.
An informed source at Apple confirmed to me that the âoeclblâ in the URL stands for âoeCore Location Blacklistâ, and that it does just that. It is not a blacklist for disabling apps completely, but rather specifically for preventing any listed apps from accessing Core Location â" an API which, for obvious privacy reasons, is covered by very strict rules in the iPhone SDK guidelines.
So what if it exists? It's a tempest in a teacup. Apple has always controlled its gizmos more tightly than anybody else, in the name of mediating the user experience. If you don't like it, you go use someone else's gizmo instead.
Anyway, as lax as the approval process seems to be for their App Store (NetShare, IAmRich, etc.) it is probably a good thing they have a malware kill switch; sooner or later they'll probably end up approving some malware by accident.
Editor Emeritus and Senior Writer, TeleRead.org
I for one would really, really like to have some central authority able to disable botnets, viruses, worms, trojans and other such malicious software on Windows instantly all by remote control.
This could solve many common user problems instantly. Why do you think this might be a bad thing? Oh, they might disable BitTorrent? Probably hard to do - smart people able to use BitTorrent just might be able to work around it. Whereas your neighbor Joe Sixpack just might be able to have their spambot software turned off remotely.
Think about it.
Somehow, I don't think Apple's agenda is protecting users from malware. This is the same company who can't bother its beautiful mind with DNS security holes, Safari flaws, etc., etc., etc.
What they have done is bricked jailbroken iphones.
Looks like Apple has become the Big Brother they used to heave hammers at, and that the nice, friendly, easy-going Mac guy is just a front. So what else is new?
The solution is pretty obvious. Don't believe ads. Go open source.
Disclaimer: IANA iPhone developer
Would it be possible for an app to defeat the blacklist somehow, perhaps by hijacking DNS or otherwise intercepting the network stream ? I could even see customer demand for this sort of thing, so people could continue using blacklisted apps. This is all assuming that Apple would use it for censorship, which is always very tempting for a big company with many big friend$ in the media industry.
-Billco, Fnarg.com
And Apple taketh it away. ...and people STILL love their iPhones. It's hard not to sound like a troll or flamebait, but you know? If happiness can be found in this way, there must be something wrong with me since there's more people who are happy with their Apple stuff than there are people like me.
Just think about what would happen if this was Bill @ MS pulling this with their software. WOW wouldnt that be a bitch. g
...the user could decide for him/herself whether that application is worth running notwithstanding its relatively poor performance. Amazingly, the user may even have a better idea of his or her personal requirements than a large corporation which does not actually own the device in question.
The willingness of people to defend Apple in situations where they would be prepared to hunt down and kill the equivalent executives at Microsoft or Sony continues to stun me.
Read Pynchon.
Now I hate to be the one to point this out and I'm probably going to take a massive karma hit... but only in true Apple fashion can they add this "feature" and get away with it.
Remember the Windows Genuine Advantage fiasco? Microsoft got slaughtered on this very site for it, yet you all sit back and take this from Apple? If Microsoft had released the iPhone instead, and you all suddenly found out there was a Phone Home function, don't you think someone would be up-in-arms about it?
At what point does anything Apple do become evil? When is it you suppose people will figure out they don't like receiving? Must Apple start sacrificing virgins to pagan gods and donating directly to the Al Qaeda Slush Fund before people realise they're not the golden-haired child?
If this kind of behaviour is not tolerated from Microsoft, why do we accept it from Apple?
There is no knowledge that is not power.
After I successfully ported the Easywriter program to the IBM-PC, I was offered a $35K contract by IUS to port Easywriter to the LISA but Apple was mad a John Draper, and they refused me the Pascal development system and allowed as how I could write the application in basic if I wanted to. I lost the contract. My first example of Apple deciding who could have an app on their equipment, and it wasn't me. After that I avoided Apples until Vista reared its ugly head. I have decide to give Apple another chance hoping they are less evil than Microsoft. Time will tell.
Your Iphone is in the hands of Apple, not you. What other backdoors are in place to your phone? Could apple see your e-mails, corp data, personal files if the wanted? Pulling apps off your phone is one thing, Apple getting sued for copyright violation and providing information about your personal data is another.
"The RIAA is suing Apple for allowing users to download copyrighted programs via their app store. Apple has since pulled these programs, but legal correspondent X says that may not matter..."
Modding me -1 troll doesn't make me wrong.
I'm seeing otherp hones coming onto the market with similar functionality that aren't as tightly controlled as the iPhone. I'll get one of those. The iPhone lacks a video camera and voice command capabilities.....so not very interesting to me.
Only boring people are ever bored.
Classic rebuttal. Too bad it misses the point.
You can pay me to write a patch for Slashdot or another open source project but you couldn't pay to have a patch written for a closed-source project. Not everyone codes, but everyone uses money.
Wow it looks he came back and modded us offtopic as well.