The iPhone ¿kill switch¿ is a necessary evil

To protect the iPhone from malicious software, Apple made a controversial choice.

Last Wednesday the iPhone Atlas Web site noted the discovery of code in the iPhone operating system that linked to a page on Apple's Web site. Dubbed the "kill switch," the code appears to be part of a system that would allow Apple to zap an iPhone app remotely.


Detected by Jonathan Zdziarski, an iPhone developer and author of two books on the iPhone, the page looked like the framework for a blacklist of iPhone apps, though it listed no programs.

For the terminally curious, the page generates this odd string of data:


{ "Date Generated" = "2008-08-12 19:11:39 Etc/GMT"; "BlackListedApps" = { "com.mal.icious" = { "Description" = "Being really bad!"; "App Name" = "Malicious"; "Date Revoked" = "2004-02-01 08:00:00 Etc/GMT"; }; }; }

Later posts by Zdziarski suggested the kill switch might be directed only at programs trying to access the global positioning software, which could transmit the location of the iPhone to a cybercriminal.

After several days of speculation in the blogosphere as to the legitimacy of Zdziarski's claim, Monday's Wall Street Journal obtained verification from Apple CEO Steve Jobs himself: "Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull."

Since then the debate has focused on whether the kill switch oversteps the bounds of Apple's authority. Many believe it's a violation of privacy. Others worry Apple would wield the kill switch to nuke a legitimate app.

That Apple would zap legit apps customers have purchased strikes me as unlikely. After all, Apple has veto power over every piece of software in the App Store. Unless an app contained malicious code that escaped detection, Apple would have no reason to kill it.

Besides, Apple suffered enough of a PR black eye over the MobileMe/iPhone 3G launch fiasco. Why would it create another one by killing valid iPhone apps?

I think the kill switch is exactly what it appears to be: an emergency-use-only tool for Apple to prevent malware from getting a toehold on the fledgling iPhone platform.

Recall that when the iPhone debuted in June 2007, it was closed to developers precisely because of Apple's malware fears. And though Apple announced in October it would make an SDK available, that SDK was not released until the following March, with security concerns cited as the cause of the delay.

From Steve Jobs' October announcement: "There have been serious viruses on other mobile phones already, including some that silently spread from phone to phone over the cell network. As our phones become more powerful, these malicious programs will become more dangerous. And since the iPhone is the most advanced phone ever, it will be a highly visible target."

So a kill switch fits the pattern of Apple's previously demonstrated paranoia over iPhone vulnerability.

I also wonder how the iPhone community will react when a clever hacker sneaks some nasty code into an otherwise innocent-looking app and it slips by Apple's screening process. It's inevitable.

And just as predictably angry iPhone owners will expect Apple to come to the rescue.


At that point millions of iPhone owners will be grateful for the kill switch, regardless of how they feel about it now (yes, I'm talking to you, Dan Gillmor).

While I understand why it makes people uneasy, putting a kill switch in a device otherwise defenseless against malware seems to me a wise precaution.


Recommended on Baltimore Sun