Apple's secret iPhone app blacklist
Cloak-and-dagger app wipes imminent?
A researcher has discovered a URL buried in the iPhone hardware that appears to point to an application blacklist - potentially allowing Apple to retroactively remove applications it decides no longer fit the bill.
The URL, reported by iPhone Atlas, links to a file on apple.com called "unauthorizedApps" that seems to contain a test entry called "Malicious" and described as "Being really bad!" Such a database of blacklisted applications would only make sense if all iPhones were regularly connecting to it and comparing the list to their installed applications, though what action the handset would take if it found a match is unknown.
Jonathan Zdziarski, author of iPhone Forensics, found the URL in the firmware, so it's possible that the functionality hasn't been activated yet even if the file is live.
Apple is in a pretty unique position among mobile phone manufacturers - the way that the iPhone is tied to iTunes enables the company to make changes to the vast majority of handsets in a way more akin to Windows Update than anything previously seen on a mobile phone. Nokia can do much the same, but only the technically-literate tend to use the Nokia Update Tool, while (almost) every iPhone user is running iTunes and few of them will reject an upgrade.
So even if iPhones aren't calling home today, they surely will in the future. And once Apple deems an application to be malicious then the icon could simply vanish from the interface as though it had never been - more reminiscent of the original Mac ads than intended, surely. ®
Sponsored: 2016 Cyberthreat defense report