Denim Group has been acquired by Coalfire. Learn More>>

Apple Can Disable iPhone Apps Remotely?


I saw an article on Engadget indicating that Apple may have the ability to remotely disable iPhone applications.  I saw a similar article on MacRumors a couple of days ago.

We have done some development for mobile devices in the past – specifically with Windows Mobile.  One of the big issues we saw with organizations trying to deploy Windows Mobile applications is that they were caught in a “dead zone” between the software platform provider (Microsoft), the device maker (Samsung, HTC, etc) and the network provider (T-Mobile, AT&T, etc).  Whenever anything went wrong everyone could just point at other providers in the chain and act like nothing was their fault.

One of the interesting things about Apple iPhone is that these three components are all provided the same way for everyone (in the US at least).  Apple provides the software and hardware, and AT&T provides the network.  That is good for application developers because it makes it more reasonable to expect that your applications are going to work the same wherever you deploy them.  Same hardware.  Same software platform.  Same network.

However another issue we had developing enterprise Windows Mobile applications was that the enterprise management tools were still developing – it was tricky to automatically provision and de-provision devices, applications, settings, etc.  It looks like iPhone applications can be automatically de-provisioned – the only problem is that Apple is the organization pulling the strings rather than an enterprise’s IT department.

To paraphrase and somewhat mangle the words of Bruce Schneier: “When people say ‘security’ what they really mean is ‘control.'”

Contact us for more information about building security in to your iPhone applications.

dan _at_

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *