digg

Facebook Connect Join Digg About

Hacker Claims Apple Can Spy On iPhone Users Remotely

informationweek.com Apple may have opened up the iPhone to third-party applications, but it is keeping a very close eye on those apps. According to hacker Jonathan Zdziarski, the iPhone can "phone home" to tell Apple what apps are installed, and if Apple doesn't like what it sees on your iPhone, it can kill the offending application.

Who dugg this? Made popular Aug 7, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

52 Comments

show profanity settings
expand all
  • serif69, on 08/07/2008, -8/+35Misleading title and description. According to the developer, the iPhone can get a list of blacklisted apps from a server and remove them. It doesn't send any information, just receive. Buried as inaccurate.
  • Chainheart, on 08/07/2008, -7/+22Watched The Dark Knight too many times, I guess
  • billbugger, on 08/07/2008, -1/+16You obviously aren't a software developer.
  • rivalius13, on 08/07/2008, -3/+16*looks cautiously at jailbroken iPhone*
  • SCHNOZAGIZ, on 08/07/2008, -0/+11Apple already knows what apps you downloaded on your phone. You get an iTunes receipt after every batch of app downloads.
  • d0nut, on 08/07/2008, -4/+13Just another reason to jailbreak your iPhone. Then you can stop it from phoning home! http://www.iphone-hacks.com
  • leerayIG88, on 08/07/2008, -1/+10of course...Ultra VNC on our iPhones.
  • nonsequitor, on 08/07/2008, -1/+9why did you copy my name? stop trolling with my name dammit!
  • cubs2234, on 08/07/2008, -1/+5Bruce Wayne: Using sonar to see? Just like a...
    [begins to say “Bat” then pauses]
    Lucius Fox: Like a submarine Mr. Wayne, like a submarine.
  • Abno, on 08/07/2008, -0/+4If those are thoughts you "originally organized", I'd hate to see your stream of consciousness rants.
  • Gee1004, on 08/07/2008, -5/+8Just don't buy the friggin iPhone. Problem solved. Case closed
  • ted_hosmann, on 08/07/2008, -0/+3srsly - I thought this was a no-brainer....download of apps + login name = simple database query
  • TwoSlick, on 08/08/2008, -0/+2blah blah blah.....

    Apple isn't spying on you. Your phone SENDS NO DATA to Apple, it just looks for that list every so often. If Apple were to try and appease the .0001% of people like you and require everyone to remove a malicious app, we'd all be screwed the first time something happened.

    It's a good last resort for malicious software, and if you don't think other smart phone providers do the same, I'll sell you the same ocean front property if you're interested. If you want to freak out so much, just jailbreak your phone and prevent the lookup.
  • david76, on 08/08/2008, -0/+2If you go to the URL in the article, it displays the following:

    { "Date Generated" = "2008-08-08 00:41:13 Etc/GMT"; "BlackListedApps" = { "com.mal.icious" = { "Description" = "Being really bad!"; "App Name" = "Malicious"; "Date Revoked" = "2004-02-01 08:00:00 Etc/GMT"; }; }; }
  • inactive, on 08/08/2008, -0/+2If you are smart, there are better ways of solving the problem.
  • inactive, on 08/08/2008, -0/+1You are an idiot. Apple did not remove it from your phone.
  • iPoul, on 08/08/2008, -0/+1It also makes coffee.
  • bipolarruledout, on 08/08/2008, -0/+1Seriously? Any amount of privacy that you may have on nearly any network is enforced via the law and little if any technological actions enforce this. Damn near anything is ripe for abuse by anyone who happens to have access credentials within the company.
  • ertz, on 08/07/2008, -1/+2It's so unlikely for them to kill an app. I mean, if they had a problem with an application then they wouldn't let the app get in the store in the first place.
  • OutlawSamurai, on 08/08/2008, -0/+1And not only that, this list isn't for removing apps. This list exists to tell the Core Location service not to allow apps deemed malicious. That is to say, the apps that are blacklisted merely don't have access to your geographical location (determined from GPS/Cell towers/wi-fi location service). This list isn't even used to do anything to the malicious applications themselves. This list is merely used to deny access by malicious applications to Core Location services.
  • Robart, on 08/09/2008, -0/+1Apple=Microsoft
  • TwoSlick, on 08/08/2008, -0/+1Apple hasn't removed iPint from anybody's phone. Mine still has it, and you probably just deleted your copy on accident.
  • alefox, on 08/07/2008, -1/+2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . _________
    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ./ It’s a trap!
    . . . . . . . . . . . . . . . . _,,,--~~~~~~~~--,_ . . . . ._________/
    . . . . . . . . . . . . . . ,-‘ : : : :::: :::: :: : : : : :º ‘-, . . /. . . . . . . . . .
    . . . . . . . . . . . . .,-‘ :: : : :::: :::: :::: :::: : : :o : ‘-, . . . . . . . . . .
    . . . . . . . . . . . ,-‘ :: ::: :: : : :: :::: :::: :: : : : : :O ‘-, . . . . . . . . .
    . . . . . . . . . .,-‘ : :: :: :: :: :: : : : : : , : : :º :::: :::: ::’; . . . . . . . .
    . . . . . . . . .,-‘ / / : :: :: :: :: : : :::: :::-, ;; ;; ;; ;; ;; ;; ; . . . . . . . .
    . . . . . . . . /,-‘,’ :: : : : : : : : : :: :: :: : ‘-, ;; ;; ;; ;; ;; ;;| . . . . . . .
    . . . . . . . /,’,-‘ :: :: :: :: :: :: :: : ::_,-~~,_’-, ;; ;; ;; ;; | . . . . . . .
    . . . . . _/ :,’ :/ :: :: :: : : :: :: _,-‘/ : ,-‘;’-‘’’’’~-, ;; ;; ;;,’ . . . . . . . .
    . . . ,-‘ / : : : : : : ,-‘’’ : : :,--‘’ :|| /,-‘-‘--‘’’__,’’’ ;; ;,-‘ . . . . . . . .
    . . . :/,, : : : _,-‘ --,,_ : : : ||/ /,-‘-‘x### :: ;;/ . . . . . . . . . .
    . . . . / /---‘’’’ : # : : : : : | | : (O##º : :/ /-‘’ . . . . . . . . . . .
    . . . . /,’____ : : ‘-# : , : : : : ‘-,___,-‘,-`-,, . . . . . . . . . . .
    . . . . ‘ ) : : : :’’’’--,,--,,,,,,¯ :: ::--,,_’’-,,’’’¯ :’- :’-, . . . . . . . . .
    . . . . .) : : : : : : ,, : ‘’’’~~~~’ :: :: :: :’’’’’¯ :: ,-‘ :,/ . . . . . . . . .
    . . . . .,/ /|| | :/ / : : : : : : : ,’-, :: :: :: :: ::,--‘’ :,-‘ . . . . . . . .
    . . . . .’| |/ ‘/ / :: :_--,, : , | )’; :: :: :: :,-‘’ : ,-‘ : : : , . . . . . . .
    . . . ./¯ :| | : |/ :: ::----, :/ :|/ :: :: ,-‘’ : :,-‘ : : : : : : ‘’-,,_ . . . .
    . . ..| : : :/ ‘’-(, :: :: :: ‘’’’’~,,,,,’’ :: ,-‘’ : :,-‘ : : : : : : : : :,-‘’’ . . . .
    . ,-‘ : : : | : : ‘’) : : :¯’’’’~-,: : ,--‘’’ : :,-‘’ : : : : : : : : : ,-‘ :¯’’’’’-,_ .
    ./ : : : : :’-, :: | :: :: :: _,,-‘’’’¯ : ,--‘’ : : : : : : : : : : : / : : : : : : :’’-,
    / : : : : : -, :¯’’’’’’’’’’’¯ : : _,,-~’’ : : : : : : : : : : : : : :| : : : : : : : : :
    : : : : : : :¯’’~~~~~~’’’ : : : : : : : : : : : : : : : : : : | : : : : : : : : :



    now THAT was original
  • jmcool, on 08/08/2008, -1/+2This is actually way old news. This was discovered when the apple 2.0 sdk came out you boneheads. Just look at the sdk. You don't need to be a hacker to figure this out. Just a developer. And plus this "hacker" is just probably one of those jailbreak developer that made a cool light app woopy.
  • inactive, on 08/08/2008, -0/+1If they did they would lose their jobs and face prosecution.
  • inactive, on 08/08/2008, -1/+2You are an idiot.
  • nonsequitur668, on 08/11/2008, -0/+0Quit whining. You're spelling it wrong anyways, dullard.
  • waydee, on 08/07/2008, -2/+2Just imagine the comments if a similar system was found in Windows Mobile lol.

  • emerrill, on 08/08/2008, -2/+2So inaccurate.

    The site is not setup to spy on you at all, in fact it is specifically setup to not spy on you. If apple wanted to spy on you, that would just be a blank URL. The phone would post data to it, and the site would rurn the names of any apps to remove from that list. This site is setup so the iphone just fetches that page and disables any app that is on the list. The phone doesn't need to (and probably doesn't) send any data the other way.

    Also some people have been trying to claim this will affect jail broken apps, which makes no sense. Those apps don't go through the FairPlay checks to launch, so it seems unlikely that this would have any effect on them.
  • paulpas, on 08/08/2008, -1/+0It's a sad state of affairs that Apple would rather feed their customer to the wolves in the name of self-protection. That's the industry trend these days, so what should we expect?
  • cufford, on 08/08/2008, -2/+1Of course, you can't activate the "Ibrick" without phoning home to their servers, which then log your specific phone, all information associated with activating it, and then track everything that phone does from now till eternity.

    And yet you people still love this little capitalistic, over-priced toy that rips you off, invades your privacy, and keep you hostage to Apple's database forever after.

    Stupid, selfish tech geeks who just want to play with the latest toys, regardless of what the ramifications are.
  • Lancelot9201, on 08/07/2008, -2/+1To those that believe the "Secure" & "Stable" excuse I've got some ocean front property
    in Colorado I'm looking to sell. No one but "me" has the right to decide what, when or why I have a program on my iPhone. If I load something & it becomes an issue "I'll" remove it, not Apple. Plain & Simple, Apple is just wanting to spy on us & institute controls that they have no right to.. I'm so over this complete turn around in Apples business practices & reduced hardware quality control.
    Plus, we pay more for our computers but HP & Dell are able to push out processor upgrades 3 months
    ahead of Apple. That's just one of the reasons why I've sold my Mac Pro & installed OS X on a dell.
  • nosscaj, on 08/07/2008, -3/+2I guess that's what happened to iPint? Perhaps it's an over-raction, but I find it somewhat offensive for Apple to remove software from my device that I elected to install, without any notification what-so-ever. Would have at least saved me from, "hey, check this out! ...hm...wtf??? nevermind, I guess"
  • inactive, on 08/07/2008, -4/+2FAIL
  • Aaronontheweb, on 08/07/2008, -4/+2BUT OMG THIS IS A USER DRIVEN SITE AND IF YOU COMPLAIN ABOUT TOO MANY IPHONE STORIES THEN YOU CAN GEEEEEEEEEEEEEEEEEET OUT

    /sarcasm
  • bigbadboston, on 08/07/2008, -3/+1how is this any different from a Certificate Revocation List, fearmongerers?
  • homercles337, on 08/08/2008, -5/+3***** mactards, too stupid to prevent this ***** from happening.
  • Virgule, on 08/08/2008, -3/+1Two things: What is the URL exactly so can block it directly on my router?. Also, its nice the CAPTCHA was 'screw' mwwhahahhaaaa..ha.
  • MrKiTT3N, on 08/08/2008, -3/+1All cellphone companies do the same thing in the regards of recording your information of what and when you do....

    All text messages and phone calls are available to every tech user at ATT, in a moments notice they can pull up conversations of there ex-girlfriends and they do soo all the time.
  • inactive, on 08/07/2008, -5/+2On a side note, all modern phones are capable of having applications pushed from the provider without the knowledge of the average person. That is how various agencies are able to monitor conversations in a room without having to perform a "wiretap" since it is over IP and not the actual voice channel. There are apps that can record what is going on in the room and then upload them later if you were out of coverage or had the transmitter off.

    This is of course off topic from this article. The headline on this article is a little bit misleading in my opinion. Automating removal of blacklisted apps will reduce support calls.
  • Grolsch, on 08/08/2008, -3/+0I am not trying to be original you idiot, how can I be original with that? Its the first thing that popped into my mind when I've read the article so I posted it. GTFO
  • enishifty, on 08/07/2008, -3/+0i see no massive problem with this. all it seems to be saying to be is that its like an anti-virus application, drawing on resources from the internet, i.e the Apple server, and seeing what has been black listed, this holds true if thats what is truly happening, and it also depends upon what is on this 'black list'. but as to people that say that Apple are using this to 'spy' on their customers, its an irrational and paranoid response, why would Apple want to do that? it would make the iPhone less desirable, which is totally against any business ethic, to make one of your products undesirable. also, i think that if Apple wanted to spy on their customers, and didn't want them to know about it, they could probably find a more subtle way of doing it, don't you think?
  • magamiako, on 08/07/2008, -10/+5As was stated before in a less sensationalist headline, what's wrong with this? Essentially, they're trying to keep iphones as a "secure" and "stable" platform. And that's fine, if you want to jailbreak it run whatever apps you find on the internet including malware, by all means go for it.

    But the option is there, by default, for people who don't want to deal with that junk. And that's what this is for.

    As soon as you get it out of your head that it's "Apple trying to stop people from writing software for the phone!" Then you might see it a bit more clearly.
  • scooby0110, on 08/07/2008, -8/+3Yeah, we get it. It's a trap! It was funny the first time someone did it, not everytime someone posts something new on digg. Buried for unoriginality.
  • briLo, on 08/07/2008, -9/+4"According to hacker Jonathan Zdziarski....," really? Hackers willing to drop their name? I smell a poser!!!!
  • inactive, on 08/07/2008, -7/+2Not that I don't love Apple getting the boots put to it, but grow the ***** up.
    Even the article author admits that it's probably to nuke malware that MAY spread. "BUT APPLE PUT IN A SYSTEM THAT THEY MIGHT ABUSE!" This seems to be the quintessential civil rights argument these days - as soon as the potential for something exists, we need to MAKE SURE it can't happen!
    Yes, Apple may have the TECHNICAL CAPACITY (according to "a hacker") to remove application from their phones. It doesn't mean they're going to, and it doesn't mean they want to. Just ***** wait and see. The sky isn't falling.
  • Grolsch, on 08/07/2008, -10/+4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . _________
    . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ./ It’s a trap!
    . . . . . . . . . . . . . . . . _,,,--~~~~~~~~--,_ . . . . ._________/
    . . . . . . . . . . . . . . ,-‘ : : : :::: :::: :: : : : : :º ‘-, . . /. . . . . . . . . .
    . . . . . . . . . . . . .,-‘ :: : : :::: :::: :::: :::: : : :o : ‘-, . . . . . . . . . .
    . . . . . . . . . . . ,-‘ :: ::: :: : : :: :::: :::: :: : : : : :O ‘-, . . . . . . . . .
    . . . . . . . . . .,-‘ : :: :: :: :: :: : : : : : , : : :º :::: :::: ::’; . . . . . . . .
    . . . . . . . . .,-‘ / / : :: :: :: :: : : :::: :::-, ;; ;; ;; ;; ;; ;; ; . . . . . . . .
    . . . . . . . . /,-‘,’ :: : : : : : : : : :: :: :: : ‘-, ;; ;; ;; ;; ;; ;;| . . . . . . .
    . . . . . . . /,’,-‘ :: :: :: :: :: :: :: : ::_,-~~,_’-, ;; ;; ;; ;; | . . . . . . .
    . . . . . _/ :,’ :/ :: :: :: : : :: :: _,-‘/ : ,-‘;’-‘’’’’~-, ;; ;; ;;,’ . . . . . . . .
    . . . ,-‘ / : : : : : : ,-‘’’ : : :,--‘’ :|| /,-‘-‘--‘’’__,’’’ ;; ;,-‘ . . . . . . . .
    . . . :/,, : : : _,-‘ --,,_ : : : ||/ /,-‘-‘x### :: ;;/ . . . . . . . . . .
    . . . . / /---‘’’’ : # : : : : : | | : (O##º : :/ /-‘’ . . . . . . . . . . .
    . . . . /,’____ : : ‘-# : , : : : : ‘-,___,-‘,-`-,, . . . . . . . . . . .
    . . . . ‘ ) : : : :’’’’--,,--,,,,,,¯ :: ::--,,_’’-,,’’’¯ :’- :’-, . . . . . . . . .
    . . . . .) : : : : : : ,, : ‘’’’~~~~’ :: :: :: :’’’’’¯ :: ,-‘ :,/ . . . . . . . . .
    . . . . .,/ /|| | :/ / : : : : : : : ,’-, :: :: :: :: ::,--‘’ :,-‘ . . . . . . . .
    . . . . .’| |/ ‘/ / :: :_--,, : , | )’; :: :: :: :,-‘’ : ,-‘ : : : , . . . . . . .
    . . . ./¯ :| | : |/ :: ::----, :/ :|/ :: :: ,-‘’ : :,-‘ : : : : : : ‘’-,,_ . . . .
    . . ..| : : :/ ‘’-(, :: :: :: ‘’’’’~,,,,,’’ :: ,-‘’ : :,-‘ : : : : : : : : :,-‘’’ . . . .
    . ,-‘ : : : | : : ‘’) : : :¯’’’’~-,: : ,--‘’’ : :,-‘’ : : : : : : : : : ,-‘ :¯’’’’’-,_ .
    ./ : : : : :’-, :: | :: :: :: _,,-‘’’’¯ : ,--‘’ : : : : : : : : : : : / : : : : : : :’’-,
    / : : : : : -, :¯’’’’’’’’’’’¯ : : _,,-~’’ : : : : : : : : : : : : : :| : : : : : : : : :
    : : : : : : :¯’’~~~~~~’’’ : : : : : : : : : : : : : : : : : : | : : : : : : : : :
  • Fetching more discussions...
    Show 51 - 55 of 55 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.