Feeds

Apple eyes kill switch for jailbroken iPhones

...for your own good

The Power of One Brief: Top reasons to choose HP BladeSystem

Apple has applied for a patent covering an elaborate series of measures to automatically protect iPhone owners from thieves and other unauthorized users. But please withhold the applause.

The patent, titled “Systems and Methods for Identifying Unauthorized Users of an Electronic Device,” would also protect Apple against jailbreaks and other unauthorized hacks to the device, which were recently excepted from copyright enforcement.

The application, which was filed in February and published Thursday, specifically describes the identification of “hacking, jailbreaking, unlocking, or removal of a SIM card” so that measures can be taken to counter the user. Possible responses include surreptitiously activating the iPhone's camera, geotagging the image and uploading it to a server and transmitting sensitive data to a server and then wiping it from the device.

Rest assured that this jailbreaking identification, the application would have us believe, is simply a means of protecting owners from unauthorized users.

“Access to sensitive information such as credit card information, social security numbers, banking information, home addresses, or any other delicate information can be prohibited,” the application states. “In some embodiments, the sensitive information can be erased from the electronic device. For example, the sensitive information can be erased directly after an unauthorized user is detected.”

But elsewhere, the patent betrays ulterior motives that are considerably more self serving.

“An activity that can detect an unauthorized user can be any action that may indicate the electronic device is being tampered with by being, for example, hacked, jailbroken, or unlocked,” the patent continues. “For example, a sudden increase in memory usage of the electronic device can indicate that a hacking program is being run and that an unauthorized user may be using the electronic device.

“'Jailbreaking' of an electronic device can generally refer to tampering with the device to allow a user to gain access to digital resources that are normally hidden and protected from users. 'Unlocking' of a cellular phone can generally refer to removing a restriction that 'locks' a cellular phone so it may only be used in specific countries or with specific network providers. Thus, in some embodiments, an unauthorized user can be detected if it is determined that the electronic device is being jailbroken or unlocked.”

The application describes plenty of bells and whistles. They include voice-printing of the owner to detect unauthorized users (what could possibly go wrong with that?), activating the accelerometer to detect if thieves are in transit – even a “heartbeat sensor.”

Ignoring the possibility that a false positive in Apple's proposed theft protection might activate the spy cam while the user is in the bath, or in the middle of some other intimate moment, this technology seems Orwellian for another reason: It gives Steve jobs and Co. the means to retaliate when iPhones aren't being used in ways Cupertino doesn't expressly permit.

But remember, it's for your own good. ®

Application security programs and practises

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.