Much ado about the iPhone's 'kill switch'

The discovery of a URL that appears to blacklist iPhone applications sent the Internet into a tizzy, despite the fact that the person who discovered it isn't sure how Apple intends to use it.

Tom Krazit Former Staff writer, CNET News
Tom Krazit writes about the ever-expanding world of Google, as the most prominent company on the Internet defends its search juggernaut while expanding into nearly anything it thinks possible. He has previously written about Apple, the traditional PC industry, and chip companies. E-mail Tom.
Tom Krazit
3 min read
The discovery of a "kill switch" inside the iPhone 2.0 software prompted much consternation and little fact-finding. Apple

Apple's iPhone "kill switch" has prompted much hand-wringing, despite the fact that no one knows exactly what it does.

Jonathan Zdziarski, an independent iPhone developer and author, recently discovered a URL while poking around inside the iPhone 2.0 software that downloads a list of "malicious" applications every so often to the iPhone, as noted by Ben Wilson at our sister site iPhone Atlas. Several outlets quickly seized on this detail as proof that Apple is poised to remotely disable any application running on the iPhone that it finds unpalatable.

Before we get into the ways in which Apple might use the blacklist, let's remember that we don't know a damn thing about how this actually works. "All we know is that the iPhone downloads a list of malicious URLs," Zdziarski said in an e-mail exchange Thursday morning. "For all we know, it could trigger world war 3, or it could cause some computer somewhere to spit out recipes for buttermilk pancakes."

There are several explanations for what Apple might be up to. One possibility is that Apple could use this function as a sort of recall notice for applications that were discovered to be malicious or potentially harmful after making it through the initial screening process.

Apple is requiring developers to sign their iPhone applications so that the authors can be tracked, and is vetting every single iPhone application before it is distributed through the App Store. But if Apple later realizes it has to revoke a developer's signature because that developer created a malicious app that slipped through the cracks, that would only prevent new installations of that application. It wouldn't do anything to help the users who have already downloaded that application, but a recall notice (and a refund) would indeed be helpful if the initial round of quality control fails.

Another possibility is that Apple could use this service like an antivirus application, which periodically downloads a list of known Trojans, malware, or other malicious applications and alerts the user. This is perhaps a little more far-fetched at this point, since Apple controls the iPhone development process so tightly, but perhaps one day they plan to open up the process more broadly to where iPhone applications can be distributed through something other than the App Store.

Larry Dignan at ZDnet points out that Apple could have included this function as a nod to enterprise customers who might want tight control over what applications are installed on their handsets. Many corporate IT shops don't even allow people to install unapproved applications on their PCs, and you can bet those folks would want to control what gets installed on one of their iPhones.

All iPhone applications are supposed to pass through the App Store, but what it something malicious slips through the cracks? CNET

And, of course, there is the possibility that Apple could use this blacklist to disable any applications that it decides are violations of its (or its carrier partners') terms of service, or ones that compete with current or future Apple applications. This theory is not entirely the work of paranoid conspiracy theorists, as Apple's tight-fisted control over the iPhone development process chafes many developers who might be tempted to strike out on their own with applications that go after Apple's core businesses, such as iTunes.

Zdziarski noted that any "truly malicious software is going to find a way to burrow deeper into the iPhone's operating system so that a simple mechanism like this wouldn't affect it... so really the only type of applications this could effectively kill off are applications that are annoying to Apple, but not malicious. That certainly calls for a lot more concern."

But the thing is, we just don't know. Until Apple explains why it has included this function, or an application appears on the blacklist and is wiped from someone's phone, it's all just the usual leaping to conclusions on a sleepy Thursday in August.