Is The iPhone App Kill Switch Really Such A Surprise?
from the this-is-Apple-we're-talking-about dept
There was a lot of fuss last week as some folks discovered a secret "kill switch" in iPhone software that allows Apple to retroactively "kill" an app that it allowed you to "buy" (but apparently, not really buy). Steve Jobs admitted over the weekend that the kill switch exists, with this gem:"Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull."Irresponsible? Really? That's why no other platform has a similar switch? Apparently, everyone else is irresponsible. The truth is more along the lines of this being a standard Steve Jobs offering, where he wants full control over how things are done -- even if it means removing apps you thought you had bought.
But the question is whether this is really a surprise or even a bad thing? While some are screaming "bloody murder" (or at least asking why people aren't screaming that), as others point out, if this is such a big deal, don't buy the iPhone. I agree that this isn't very smart on the part of Apple or Jobs. It certainly opens up an opportunity for competitors to point out that they don't maintain such a closed system, but it's hardly the end of the world. The more Apple makes decisions like this, the more likely people will be more open to alternatives that are coming to market -- and that's exactly what should happen. There's no "bloody murder" to scream. There's just a chance for the competition to come up with something better that doesn't give Steve Jobs the ability to pull a lever and make apps you thought you had bought disappear.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: competition, control, iphone, kill switch
Companies: apple
Reader Comments
Subscribe: RSS
View by: Time | Thread
Pull it... pull it... pull it
[ link to this | view in chronology ]
Re: Pull it... pull it... pull it
[ link to this | view in chronology ]
Re: Pull it... pull it... pull it
[ link to this | view in chronology ]
Re: Pull it... pull it... pull it
1. at&t has not fully patched their network for the DNS exploit. Given their size and the bureaucracy that all the big telcos are afflicted with, this is highly probable.
2. Apple has not patched or correctly patched the iPhone for the DNS exploit. Given how long Apple took and the fact they did not fix it correctly on their OS, chances are the phones are not patched. I could not find any indications on the interwebs that they have been.
What is known at this time about the 'lever'. The iPhone calls home to a URL that is hosted by Apple. There is no encryption or authentication required to see the response the phone would receive.
Apply DNS exploit to Apple's 'lever'. Specify in the black list the application that provides the phone functionality, the app(s) that allow network connectivity (Cellular and WiFi), the application that allows cellular access and if possible the apps that provide the docking function.
You have effectively bricked the iPhone with the only, again based on what is known, solution is to take it back to Apple.
I am by no means a clever hacker. This is all very simple and very visible information.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Windows Malicious Software Removal Tool
Two more:
ActiveX Kill-Bits
Both of these are included in Windows Updates and will automatically download and install/run, if you let your PC auto-update.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Refunds and liability
Sorry Stevie boy, that lever's gonna come back to haunt you. Darned if you and darned if you don't.
[ link to this | view in chronology ]
Re: Refunds and liability
You can demand all you want while Apple just basically tells you to go pound sand.
[ link to this | view in chronology ]
You DO realize your EULA likes absolves any lawsuits you might have long before the fact, right?
--=-=-=-=-=---
Anyway, how long do you think it'll be till somebody throws together a "kill-switch proof my phone" app?
[ link to this | view in chronology ]
Re: Kill Switch
[ link to this | view in chronology ]
Better than nothing...
Most cell phones that I have had had very limited apps available for the simple reason that the carrier wanted to sign off (and profit off) of everything that is on their network.
Sucks, but that is the way it has been. I am glad it is getting better, even if it is getting better on a trapdoor.
[ link to this | view in chronology ]
Re: Better than nothing...
The way phone cell phone networks work AT&T can ban any phone it wants to from it's network. It doesn't need any help from Apple or any kind of kill-switch to do that.
[ link to this | view in chronology ]
Apple needing the kill switch...
The kill switch at least gives them the opportunity to limit the damage by being able to remove said app pretty much everywhere, all at once (at least in theory).
In the real world, of course, the kill switch is going to be mis-appropriated either by a third-party, or it will be mis-used by Apple itself.
Really, the safest course would have been if Apple had NOT set themselves up as the arbiter of what can and can not run on the iPhone.
For me? No iPhone. Too many strings that lead to Cupertino.
[ link to this | view in chronology ]
Sure. Just try saying that when they all have a kill switch.
[ link to this | view in chronology ]
Now that corporations are increasingly holding the reins of power in sovereign nations, it is time to establish a set of ground rules for what sort of behavior is acceptable and what is not. We have to fight this battle on many fronts. There is the record and movie industry that tries to establish a new type of ownership for the products they sell. You can no longer do what you wish with an album, with a DVD, with a computer (see:Vista), with software, even after you have bought and paid for that product.
The fact that any consumers would accept this and actually buy an iPhone (or Vista, or a DVD, or...) is testament to the overarching power of the consumerist doctrine that is ruining the world.
[ link to this | view in chronology ]
Apple follows Microsoft
This ability in the 2002 Smartphone platform was launched in the Orange SPV and within 3 weeks there was a vulcan nerve pinch procedure posted on MoDaCo that would make the device accept unsigned code. Needless to say, most carriers from that point on had little interest in operating locked down Smartphones.
Those of us closer to the Microsoft Smartphone enjoy watching history repeat itself with the younger generation.
[ link to this | view in chronology ]
BAD BAD STEVE
Or maybe the sales won't fall. Maybe those outside of The geek circles really don't care. Until the kill switch impacts them, why worry about it?
Something tells me Apple engineering knows the kill switch has the potential of being misused (do you really think those guys aren't as smart as the average techdirt reader?) I have to believe these guys have contingency plans.
[ link to this | view in chronology ]
Re: BAD BAD STEVE
Do you really think the programmers at Microsoft aren't as smart as the average techdirt reader? How many thousands of errors and bad decisions went into the various incarnations of Windows?
Do you really think that developers are never overuled by marketing, accounting, legal, and management who have orders of magnitude less technical grasp of the problems and implications than they do?
Contingency plans? Why, there's no danger - security by obscurity protects them doesn't it? Think that MOST companies don't believe in this despite DAILY examples that it doesn't work?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Yep, good point.
[ link to this | view in chronology ]
nope
You DO realize that EULAs haven't faced any significant tests in court, right? Or that contracts won't necessarily get you out of gross negligence claims, right?
[ link to this | view in chronology ]
Re: nope
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Just don't buy one?
[ link to this | view in chronology ]
Good thing you added a question mark there, because a better statement would be that no other platform has a similar switch... AS FAR AS YOU KNOW. I'd say that the odds are good that Symbian and Windows Mobile (or any other plaform that accepts third party applications) has similar safeguards.
Of course now, thanks to all of the publicity, hackers know about it, and will attempt to develop work arounds. Thanks guys.
[ link to this | view in chronology ]
Re:
Oh, and I notice how you're trying to spin this as a "safeguard". Try being a little less of a tool.
[ link to this | view in chronology ]
Re:
Yeah sticking your head in the sand leads to much better security. Shhhh everyone be quite so no one will ever realise you can exploit a buffer overflow in unmanaged code . . .
[ link to this | view in chronology ]
Not worried
127.0.0.1 iphone-services.apple.com
to your /etc/hosts file.
Remember, it is a FreeBSD-based machine. :-)
[ link to this | view in chronology ]
Re: Not worried
127.0.0.1 iphone-services.apple.com
to your /etc/hosts file.
Do you have any idea how easy it would be for Apple to get around that?
[ link to this | view in chronology ]
Big Brother
http://kreuzer33.wordpress.com/2008/08/13/steve-jobs-confirms-iphone-kill-switch/
[ link to this | view in chronology ]
[ link to this | view in chronology ]
recriminations; the hidey hole of the obtuse
This issue is Apple's desire to "have it's cake and eat it too". The kill switch just demonstrates the lack of openness of Apple and provides yet another unnecessary failure point/attack vector, while simultaneously providing end users no benefit what so ever.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Rediculous
[ link to this | view in chronology ]
Re: Rediculous
[ link to this | view in chronology ]
[ link to this | view in chronology ]
You've been Steved!
2) Steve has a history of 'positive' interactions with customers. Apple ][ forever, 'the newton is an important part of our product line (said 3 days after the cancellation at an education trade show by Apple staffers), Any machine sold by Apple today will run OS X (the 20tha Annv. Mac sold then did not)
So just keep thinking Apple is special, somehow better than, say Microsoft.
I'll be waiting for you to come to your senses - over here. With Open Source based software.
[ link to this | view in chronology ]
Apple has always been . . .
[ link to this | view in chronology ]
From a Mac Owner
If Microsoft were to pull a stunt like this, people would be smashing their phones in the streets, but it's Apple, so it's OK.
[ link to this | view in chronology ]
Re: From a Mac Owner
[ link to this | view in chronology ]
Re: From a Mac Owner
This isn't to say that the Windows mobile platform is free of such things or that it even works particuarly well just that no one has stumbled across a kill switch yet. I'd be shocked if there wasn't one, though.
Still the iPhone is all about bling and how much people will pay for it.
ttfn
John
[ link to this | view in chronology ]
Simplistic Advice
Seems like a rather simplistic approach to the problem. After all, what if you're one of the millions of people who has ALREADY bought an iPhone with no knowledge that Apple built in the ability to turn your stuff off at its whim.
The company is justifying this with an all-too-typical "for your own good" argument, claiming that if an app were to slip through that turned out to be malicious, there needs to be a remedy. Well, my calendars, contacts, personal info and data are all just as vulnerable on my desktop Mac as they are on my phone. Does Apple think it has the right to remotely control my home computer without my consent also? Would anyone stand for that for even a minute?
It's ironic that the company that made its name with an ad highlighting the perils of "1984" is rapidly turning into Bog Brother right before our eyes.
[ link to this | view in chronology ]
Re: Simplistic Advice
I remember being in college when the original Macintosh computer was announced. The Apple reps came to campus trying to convince students to pre-purchase them and had a question and answer session with a lecture hall full of us. One of the questions asked of the reps was if the Macintosh would be an open platform the way the IBM PC was and the reps assured us all that it would be completely open in every way. That turned out to just be another great big lie from Apple and convinced me to stay away from their products. Yet, some people continue to believe anything Apple tells them.
[ link to this | view in chronology ]
buncha kno nothin's bitchin and moanin
While you're waiting around for Android, and thinking you have a really cool crackberry, the iPhone ROCKS and your penis is just plain tiny.
I am a 25 year tech support guy, and I appreciate the fact that Apple designed a way to kill an app that a developer has hidden a trojan, or delayed payload in. I WANT them to respond.
To those who are bitchin and moanin about suing them if they kill an app you pay for... do ya really think (are you that stoopid?) that Apple's gonna kill a legitimate app?
If you don't like Apple's (quality) control, go play with your knoppix or mandriva to your heart's content. But quit wastin' MY time with your inane drivel. Go give your employer their money's worth instead of spending your day trollin tech forums.
[ link to this | view in chronology ]
Re: buncha kno nothin's bitchin and moanin
Spoken like a true iBling sportin iPhone owner . . . LMAO
[ link to this | view in chronology ]
ScrewU is the only one here that makes sense.
How many of you were told that Windows phones home to verify that you didn't borrow it before you bought it? Who knows what else it does?
"Apple's genius is in marketing"? You guys wouldn't have squat if it wasn't for Apple's genius. Windows began as a poorly implemented version of the Mac OS. Every good feature that is added to Windows is a poorly implemented vesion of a feature that Apple came up with. Billy has never come up with an original though in his life. He stole DOS and he's been stealing ever since.
I'm on my 2nd iphone by choice. My original battered and abused iPhone still works. So anybody who went through 3 iPhones in 8 months is an idiot.
"There's no encryption or verification"? I didn't see that part. Could you please post a link?
You guys think you're gonna hack Apple's server and take our iphones down? Let's see it.
[ link to this | view in chronology ]
Yes, Really
[ link to this | view in chronology ]
Re: Yes, Really
[ link to this | view in chronology ]
Re: Yes, Really
Maybe you want Microsoft or Apple to "play daddy" and protect you from the "mean ole world", but not all of us do. I also dare to say that MOST of us, dont want things like this "snuck" into our devices without any disclosure.
If Apple wanted to market a "more secure" product, they could have done that and given the consumers the knowlege they need to make an informed choice. Apple instead chose to keep this wonderful security feature . . . secret?
[ link to this | view in chronology ]
Control Panel, Administrative Services, Services - Stop and disable Automatic Updates.
That is no longer a possibility.
See - you mentioned the key part of that; "if you let your PC auto-update" the significant difference is that in all these cases used to 'justify' Apple's position on this - the user has ultimate control.
That's not the case with the iPwnU - errr iPhone :)
[ link to this | view in chronology ]
You MS losers only see what you want to
http://www.pcworld.com/article/135814/vista_prevents_users_from_playing_highdef_content.htm l
You can't decide what security software you can run on the computer that you own? Microsoft has decided that they will decide what security software you can use on your computer. Did they tell you about this?
https://forums.symantec.com/syment/blog/article?message.uid=305835
You guys all say that you don't have a kill switch. How many of you are familiar with and understand every bit of code that Windows installs on your computers? There could be all kinds of BS that Billy-Boy has stashed among the millions of lines of code? Not to mention that they can put stuff in there that you can't see. MS has some really good engineers. You don't think that they could hide something that takes a long time to find? It's a lot easier with the compact OS on the iPhone.
Besides, I read an article (I'll have to track it down) that said that Steve Jobs publicly "alluded" to the existance of the kill switch. long before it came out. I believe it was in March but I can't say for sure.
You guys go ahead and continue in LaLa land believing that MS isn't pulling anything behind your backs or hiding anything from you. We'll see where that goes.
[ link to this | view in chronology ]