Jump to content
9 posts in this topic

Recommended Posts

Apple CEO Steve Jobs has confirmed that the iPhone 3G has a kill switch that can remotely remove software from the devices.

 

Jobs told The Wall Street Journal that Apple needs the capability in case it inadvertently allows a malicious program -- such as an application that steals user's personal data -- to be distributed to iPhones through its App Store.

 

"Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull," Jobs said.

 

 

 

 

 

Link to the full story: http://news.yahoo.com/s/nf/20080811/tc_nf/61270

From Zdziarski's blog

 

So I post one little comment to a geek blog site about an "unauthorized apps" list downloaded by the iPhone, and every wanna-be-watergate journalist in the northern hemisphere emails me with conspiracy theories. Within just a few hundred small news articles, journalists have managed to regurgitate and paraphrase erroneous information to come up with some outrageous claims:
  • False The iPhone spies on its owner, reporting illegal applications back to Apple
  • False The "kill switch" was used to ban NetShare, I am Rich, and PhoneSaber
  • False The "kill switch" can delete applications from the iPhone
  • False The owner's GPS position is reported back to Apple
  • Confirmed? The iPhone's "kill switch" will kill any application Apple wants.

 

More here, including how to disable it on a jailbroken iPhone 3G

 

http://www.zdziarski.com/papers/killswitch.html

More here, including how to disable it on a jailbroken iPhone 3G

 

http://www.zdziarski.com/papers/killswitch.html

 

If Mr. Jobs said it, how you can believe it's a false affirmation?! Anyway, if in a certain moment, someone put a malicious apps in your phone remotely; I'm sure you will be happy Apple press the Kill switch and paff.

I hate to play Devil's Advocate here, but he DOES have a good point. The material in the app store IS all closed-source software; developers could very easily sneak malicious code in there to steal all sorts of readily-accessible information, and even send this data back home through the data connection. Think about what an application developer could harvest from your phone without you knowing:

 

Your personal info

All your contacts' personal info

Call logs

Voicemails

Text messages

Emails

Web browsing history (targeted advertising, anyone?)

Your current location (this is downright terrifying - a third party could circumvent the cancel/allow prompt for location awareness and literally track your every move through the GPS)

 

And before you say Apple checks all the applications: these kind of things can be trojan horse'd. Someone could make an application that appears perfectly legit and functions perfectly as advertised, but also does this stuff in the background, and no one would know it due to the closed source code.

 

EDIT: Just read the above article, and my speculation was correct. It's there to kill anything that hijacks the GPS.

I don't have to proof anything about Trojan cause recently, the news falls saying that a second Trojan Horse was created and in activity in the net. How? They use the Apple remote desktop and a breach on the code for opening the computer, and then taking remotely the control of the Mac. Even iSight is at risk. You see the portray... If it's happen in Mac, why not in the iPhone?

Well, Apple's stance has been (for the most part) that they arent concerned with jailbreaking, but more so unlocking. While the feds have said the iPhone customer has every right to unlock the phone since they are causing the phone to operate in a manner it was intended to do (which is to legally operate over a cellular connection), Apple has said it has a contractual obligation to back up AT&T and put a stop to the unlocking (and we all know they are getting a cut of the fees from AT&T too.)

×
×
  • Create New...