The iPhone “kill switch” is a necessary evil
To protect the iPhone from malicious software, Apple made a controversial choice.
Last Wednesday the iPhone Atlas Web site noted the discovery of code in the iPhone operating system that linked to a page on Apple’s Web site. Dubbed the “kill switch,” the code appears to be part of a system that would allow Apple to zap an iPhone app remotely.
Detected by Jonathan Zdziarski, an iPhone developer and author of two books on the iPhone, the page looked like the framework for a blacklist of iPhone apps, though it listed no programs.
For the terminally curious, the page generates this odd string of data:
{ "Date Generated" = "2008-08-12 19:11:39 Etc/GMT"; "BlackListedApps" = { "com.mal.icious" = { "Description" = "Being really bad!"; "App Name" = "Malicious"; "Date Revoked" = "2004-02-01 08:00:00 Etc/GMT"; }; }; }
Later posts by Zdziarski suggested the kill switch might be directed only at programs trying to access the global positioning software, which could transmit the location of the iPhone to a cybercriminal.
After several days of speculation in the blogosphere as to the legitimacy of Zdziarski’s claim, Monday’s Wall Street Journal obtained verification from Apple CEO Steve Jobs himself: “Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull.”
Since then the debate has focused on whether the kill switch oversteps the bounds of Apple’s authority. Many believe it’s a violation of privacy. Others worry Apple would wield the kill switch to nuke a legitimate app.
That Apple would zap legit apps customers have purchased strikes me as unlikely. After all, Apple has veto power over every piece of software in the App Store. Unless an app contained malicious code that escaped detection, Apple would have no reason to kill it.
Besides, Apple suffered enough of a PR black eye over the MobileMe/iPhone 3G launch fiasco. Why would it create another one by killing valid iPhone apps?
I think the kill switch is exactly what it appears to be: an emergency-use-only tool for Apple to prevent malware from getting a toehold on the fledgling iPhone platform.
Recall that when the iPhone debuted in June 2007, it was closed to developers precisely because of Apple’s malware fears. And though Apple announced in October it would make an SDK available, that SDK was not released until the following March, with security concerns cited as the cause of the delay.
From Steve Jobs’ October announcement: “There have been serious viruses on other mobile phones already, including some that silently spread from phone to phone over the cell network. As our phones become more powerful, these malicious programs will become more dangerous. And since the iPhone is the most advanced phone ever, it will be a highly visible target.”
So a kill switch fits the pattern of Apple’s previously demonstrated paranoia over iPhone vulnerability.
I also wonder how the iPhone community will react when a clever hacker sneaks some nasty code into an otherwise innocent-looking app and it slips by Apple’s screening process. It’s inevitable.
And just as predictably angry iPhone owners will expect Apple to come to the rescue.
At that point millions of iPhone owners will be grateful for the kill switch, regardless of how they feel about it now (yes, I’m talking to you, Dan Gillmor).
While I understand why it makes people uneasy, putting a kill switch in a device otherwise defenseless against malware seems to me a wise precaution.
Opinions?
in iPhone
| Permalink
| Comments (14)
Comments
Wait a second.
Because of it's Unix underpinnings, Mac OS X is a extremely virus resistant, right? I thought the iPhone was running OS X. So how can the iPhone be a prime hotbed for viruses, yet Mac OS X be virus free?
Posted by: Peter | August 14, 2008 5:06 PM
Peter,
Your comment about viruses, OS X and what the article states are not relevant to the point about how malware operates. Any statement made about "virus" is intended as a simple way of explaining malware and not something that will cause a Windows-like takeover of the phone and chain reaction.
Malicious code could be an application that secretly starts monitoring something you do on the phone and not propagating itself to other phones. Think keylogger that sends info back to an evil place.
Hopefully this will clear things up.
Posted by: Jim | August 14, 2008 11:00 PM
There are viruses for Macs . . . it's just there aren't many people interested in creating them|circumventing Unix crap to make it much of an issue.
There are ways of circumventing any security measures on any platform . . . whether anybody bothers to do so really depends on some mixture of the determination, expertise, cleverness, & resources of given hypothetical circumventer.
As a developer [with kind of, uh, incidental knowledge of hacking]—even if I had some decent reason to believe that Apple had malicious|totalitarian intentions—I don't find the "kill-switch" alarming or worrisome or whatever. If there are people smart enough to create something, chances are there's somebody out there of equal or greater intelligence who can create something that outsmarts the original. Once something exists, those who discover it are in an infinitely superior position to circumvent it . . . simply because code is a set of defined parameters & that's kind of a cheat sheet to how it operates & once you know how something operates, well . . . you know exactly what you've got to get around.
[I apologise if this is somewhat inarticulate. My poor migraining skull is busy attempting to collapse into itself—or seems to be, for all intents & purposes—so I can't think very clearly. I think I've kind of repeated my points at least three times, quite possibly more . . . I just can't tell how obvious & thereby inelegant it is. Heh. Again . . . ’pologies.]
Posted by: Catca | August 15, 2008 12:02 AM
Much ado about nothing. People worry that Apple will abuse this power. But why should they? There every incentive is to only use this to protect their customers and the integrity of the iPhone.
Firemen have the right to kick in my door or break down my windows and walls and flood my house. But I'm not really expecting them to do it unless there is a fire. Same with Apple.
Posted by: Falkirk | August 15, 2008 12:40 AM
Who believes that this kill switch has been installed to protect the users ?
http://www.iphone-3g-mobile.com/APPLE-IPHONE/APPLE-CAN-KILL-YOUR-IPHONE-WITH-THE-KILL-SWITCH-INCLUDED-IN-THE-FIRMWARE
Posted by: indra | August 15, 2008 8:54 AM
I understand the comment qualifying malware as other than what we've come to know as a virus. And I know theoretically you could have a virus created for OS X, in fact there are many reports of just that. However, I find it surprising that I have never read any report of a widespread virus infecting OS X - so those that want us to believe that it is easy to create a virus in the wild on Apple devices need to explain why it hasn't ever happened. And the old explanation that OS X is not a sufficiently visible target no longer holds water with the dramatic rise of the iMac, MacBook Pro and iPhone. Just thoughts from a very satisfied Apple user who is very happy that Apple is looking to protect its users.
Posted by: John B. Kendrick | August 15, 2008 10:01 AM
Why does everyone have such a fascination with the Iphone?? Other than it being a neat little toy for people to play with while their bored, why the obsession? Why are their articles about a function in the phone that no one would ever worry about unless some hacker brought it to the world's attention? I just don't get it people. It's just a PHONE!!!!!!
Posted by: Richard | August 15, 2008 4:53 PM
Can you imagine, the condemnation and anger that would be pointed at microsoft if they attempted to put such an option on the windows operating system or its other software? I understand that they (Apple) have a serious and valid concern about malware, but there is a much better way of dealing with it then a remote kill switch as it were, that they didn't even feel neccessary to tell the owners of the device about. You simply block the application from executing and notify the phone owner of the situation and give him a option of what to do. Delete the app, re-enable the app, whatever that may be. But reserving the option, secretly, to kill unwanted applications seems a bit "Big Brotherish" to me. I own the phone, not apple, and they shouldn't have that ability. They should have put safegaurds in place like the ones mentioned above not a secret delete function.
Posted by: Jeff Egan | August 15, 2008 9:13 PM
Ithink it's a good took to protect end user IF it was meant for that purpose. How we all know that Steve Jobs is a control freak. The question still remain is this Kill switch to protect end users or to have control over any application?
Posted by: Oscar | August 15, 2008 10:58 PM
Can you imagine, the condemnation and anger that would be pointed at microsoft if they attempted to put such an option on the windows operating system or its other software? I understand that they (Apple) have a serious and valid concern about malware, but there is a much better way of dealing with it then a remote kill switch as it were, that they didn't even feel neccessary to tell the owners of the device about. You simply block the application from executing and notify the phone owner of the situation and give him a option of what to do. Delete the app, re-enable the app, whatever that may be. But reserving the option, secretly, to kill unwanted applications seems a bit "Big Brotherish" to me. I own the phone, not apple, and they shouldn't have that ability. They should have put safegaurds in place like the ones mentioned above not a secret delete function.
Posted by: Jeff Egan | August 15, 2008 11:41 PM
What do you mean "if" Microsoft attempted such an option? I've had Vista refuse to boot more than half a dozen times because it thought it had been tampered with. And Microsoft isn't trying to protect me, just to protect its own profits. But there is no condemnation or anger at Microsoft.
Posted by: Dan Holdgreiwe | August 16, 2008 9:18 PM
You really think Apple is sitting there, secretly plotting to delete all the good apps????
For what reason?
They are making MILLIONS by selling those apps.
Posted by: Debby | August 17, 2008 7:40 PM
No, this is not necessary. I am quite capable of removing apps that I am persuaded are a problem myself. My judgment and interests are not necessarily the same as the judgment and interest of Apple and AT&T and it is MY PHONE. I would also point out that AT&T is already known to have spied illegally on Americans and can do this and other things any time the government asks. Do you really trust AT&T or its partners with the ability to censor your own phone? What is to stop Apple from using this ability to retaliate against all who "jail break" their phone to make it act like they rather than Apple wants?
This is Evil. I am very likely to sell by iPhone as a result of this and other Apple shenanigans. They do not have my interests at heart.
Posted by: stjoan | September 8, 2008 7:22 PM
2 reasons for no mac viruses:
Unix security
Low market share
I am an apple geek and i even believe that when there is a large mac market share, there will be viruses for it.
Think 100 for macs vs. 100000 for windows
Posted by: Jordan | October 18, 2008 10:23 PM