It appears we can all breathe a big sigh of relief when it comes to our iPhone apps. According to John Gruber (Daring Fireball), that suspicious looking URL
discovered in firmware 2.x which appeared to be set to deactivate applications may be something slightly more innocuous. According to Gruber -- via "an informed source at Apple" -- the "clbl" in the aforementioned URL stands for "Core Location Blacklist" and is actually used to stipulate that specific pieces of software don't have access to... you guessed it... Core Location. Gruber argues that this makes sense, as the API is covered by fairly strict rules in Apple's SDK. So it looks like (at a glance) this was much ado about nothing -- thanks to a little misinterpretation by Jonathan Zdziarski -- though we
are considering getting hot under the collar that Apple reserves the right to deny Core Location access. How dare they?
[Thanks, Paul]
posted Aug 8th 2008 9:03AM
So it just disables an app that tries to get into Core Location? Fair enough.
Last week I was trying to use Maps with iPhone v1 in Disneyland, and the Maps app went crazy and crashed back to home menu.
It did this the entire time I was in the Anaheim park from 7am through 7pm, but once I was out of place the Maps app started working again.
Weird coincidence or deliberate sabotage?
And omg like one time I drove under a bridge and had no cell service and I was like OMG and when I came out I had cell service
inf0rm teh fbis!
Mickey hates you.
But of course there were 5-bars of strong GSM signal all the time -- and v1 iPhone gets its location from cell towers -- and no other location in US or any other country has ever crashed Maps to black screen and then home menu ... even when under a bridge ... usually Maps simply reports that it cannot find location.
I still don't like the idea that they can reach into my phone and disable an app I've already bought, even if it's for my own protection, and even if I agree with their judgment (which I might not). Just tell me and I can decide and disable it myself. Blacklists and phoning-home should be opt-in -- or at least opt-out -- not mandatory and secretive.
Read the damn post!
I use mine in Disneyland all the time with no problems. Also, Google Maps has complete satellite imagery of Disneyland. did you get your phone wet on Splash Mountain?
http://maps.google.com/maps?f=q&hl=en&geocode=&q=disneyland&ie=UTF8&ll=33.812029,-117.918899&spn=0.005803,0.011609&t=h&z=17
You're right ... Mickey must simply hate me. It's prolly because Mini kissed me.
"So it just disables an app that tries to get into Core Location?"
No. It disables that app's ability to USE CoreLocation. It doesn't do anything to the app itself.
Hmm... who would've thought. I basically guessed this when this was announced, just not the specifics. The person who made the original claim had ZERO proof that the iPhone actually calls home, and had ZERO proof that the iPhone software had a feature in it to pro-actively disable applications without your consent.
Reporting at it's worst. The headline on Engadget, MacRumors, etc. made it sound as if this was proven and true. And we wonder why society is in such a state of panic all the time. Get your facts straight or at least be a semi-responsible writer and inform people your audience that this is SPECULATION, and adjust the title accordingly.
Yeah, instead of removing apps its just there to make sure you dont get for free what apple wants to rip you off for. Totally harmless! And people eat this stuff up...
Thanks a lot, Gruber, for raining on the Apple-hating troll parade. Now they've all gone slinking back into their dank little holes.
Oh well, they'll always have "Apple stuff is overpriced!" to soothe their bitter souls.
"Oh well, they'll always have "Apple stuff is overpriced!" to soothe their bitter souls."
http://www.tomshardware.co.uk/apple-mac-leopard-windows-vista,review-31192.html
I'm not at all surprised that Engadget conveniently left out the "we totally flamed the fires with horrible copy-paste reporting on someone else's assumptions of someone else's assumptions based on pure speculations" part of this would-be "correction" ...
not really surprised in the least.
We though News outlets worrying about ratings was bad... these days of racking-up-the-hits-is-all-that-matters is easily just as bad a situation, or sometimes much worse.
This sounds exactly like what I said yesterday, on the first Engadget post:
"Alex @ Aug 7th 2008 2:35PM
Some of you people are so stupid. This isn't even a confirmed fact yet, instead it is still a rumour.
For all that we know, Apple could use this URL to block certain applications from using the CoreLocation feature, as the "clbl" might indicate on the URL: https://iphone-services.apple.com/clbl/unauthorizedApps. "Clbl" could stand for "CoreLocation Black List", blacklisting applications from using it. "
http://www.engadget.com/2008/08/07/iphone-hacker-says-the-device-calls-home-to-apple-allows-apps/4#comments
I'm so glad that I was right - and so many paranoid internet readers were wrong.
I'll rank you up for that.
I wasn't about to defend Apple on this one, because without more information, I was willing to believe they might try to blacklist apps from running on the phone... but the "OMG teh sky is falling crapple teh sux0rz" from the anti-Apple crowd was even more rabid and uninformed than normal.
The original post on engadget straight up said the guy had NO CLUE what it was for, but that didn't stop people from going apeshit.
Gosh! That is just 'SO' 'Apple'!
Exactly!
Engadget creates panic. Engadget dispels panic.
Thanks guys, another great round of iPhone stories.
So what happens if you delete that file or modify the URL? I'm sure hackers will have some fun with it.
Wouldn't it still have to call home to retrieve that file? Not that I care that much, but I'm just sayin'.
nope.
you need a better understanding of what the phrase "call home" means.
How much did Apple pay Gruber to post this message....
Idiot. Just read Daringfireball for a while. Gruber is brilliant and I have no reason to question his integrity.
I know I shouldn't feed Trolls but people like you just make me so angry. Just because your little, ugly brain doesn't understand anything beyond "Apple=evil" you spread your ignorant, hurtfull and insulting BS.
Please, go away.
And you people believie this.... this so called explanation makes completely no-sense.
So... they say it is 'dont access Core Location list" for apps.
And since the Core Location is so valuable to Apple they are going to put those hundred apps into the blacklist, run that lenghty check every time app will start or so, and those who will be allowed to access Core Location will not be here. Really interesting.
If the Core Location is so valuable they should disable core access by default and make a white list (ie. only allow these).
are you saying that BLACK lists are inferior to WHITE lists??!?!
...racist!
@ Serge
Be careful!
http://negative99.com/politics/dallas-city-council-is-an-intellectual-black-hole/
If they made a whitelist the list would probably include almost every app on the store right now. A blacklist like this is specifically for disabling core location for applications that use location based information in a particularly malicious way. If you think about it, the most dangerous thing on this phone is the ability to know where you are at all times. I cannot envision a clear example where this would become necessary, but I bet Apple has, and they don't want to be held liable if the location based software on the iphone ends up getting someone killed, maimed, or robbed.
I want a Japanese list.
Sorry, but "preventing Core Location access" just isn't as exciting to blog about as as "Apple can fuck up your iPhone to delete Apps Remotely". How many fucking clicks can you get from "Core Location Access"?
Of course the blogosphere went with the other story. Lets see how many of them a) re-report it like Engadget, or b) pretend they never tried to stir up shit yesterday.
If i where an apple i wouldn't want anyone eating my core either ...
Ya know like all you im waiting for some one to say a smart ass remark, so I can have a lil giggle maybe a laugh. Thus far I have yet to see the comment that will make me regret drinking all that water ....
I posted this on Gizmodo, so I am posting it here as well.
I am rather disappointed that Gizmodo, Engadget, and other blogs sensationalized this. Any fear present in iPhone users was a direct result of irresponsible blogs interjecting their unsubstantiated doomsday scenarios.
The biggest hint was that this was found inside the CoreLocation framework. That alone should have quashed any further speculation, at least until something official hit. Instead, we got, "Apple could remotely disable applications." And the crazy fest ensued.
Gizmodo, Engadget, and others have done this in the past with other bits of information that they irresponsibly report on to drive traffic. Others have asked for it, but can you be a little more responsible with the news you receive?
You should be a PC user, and experience the full effect of their reporting.
It's awesome.
@Kevin -- I understand your arguments, but you should understand that we're not reporting on stuff like this to "drive traffic," we're reporting on it because it's news that is relevant to our readers which comes from a reputable source. The original story was not covered as fact, rather as a possibility, and we were quick to hit this follow-up when we saw it. This isn't sensationalism, it's how news moves now -- you either sit on the sidelines, or you move quickly and get information to readers. If you want to wait around until "something official hit[s]" to get your news, check into the mainstream media outlets.
Joshua,
The mainstream media outlets?
http://www.telegraph.co.uk/connected/main.jhtml?xml=/connected/2008/08/08/dlapple108.xml
"Software developers have found a line of code buried in the iPhone's operating system that could enable Apple to remotely delete applications stored on the device that it no longer approves of."
:p
@Joshua
Well, at least you're kind enough to your readers not to blame them for not being able to understand that the original article didn't say apple was doing anything. I don't know how many more synonyms for maybe the guy could've used.
It wasn't a misinterpretation by JZ. It was a blog titled as to intentionally misread jumped on by a bunch of readers who refused to accept what the article actual said.
Yeah it was much ado about nothing, because that is exactly where you intended to take it.
Can the blogger and the troll be one in the same?
Why would you assume I am not a PC user? Since you seem to be interested, I am indeed a PC user. My comments don't apply only to Apple stories, they also apply to all the ridiculous sensational "journalism" happening at these blog sites.
@ Joshua
This is not an issue about how news moves, it is an issue with your blatant sensationalism. Engadget did not simply report on the issue, you added in the extra about disabling apps which there was no evidence for. I can think of no other reason why Engadget, or the other sites would do this other than traffic. You could have simply given the details and researched it to get down to the bottom of it. That is not what you did however.
Again, I would have no problem with a simple report on the matter. Explaining what was found, where it was found, etc. That would have been great. Instead it was postulated that they would be disabling applications, despite the face that this was found inside the CoreLocation framework, meaning it would likely having some to do with that. And as Alex stated here, and apparently in the original post comments, the URL even hinted at this being a CoreLocation only function.
I am sure others have said, and I won't be the last, but instead of trying to get the stuff out there as fast as possible spend some time getting it right. If you post accurately and fairly, I think you will keep more readers. This post is essentially a retraction, which you shouldn't have to do. It also proves my point.
@jupiterthunder @Kevin -- Not really sure what you two are talking about. Here is Jonathan's quote:
"This suggests that the iPhone calls home once in a while to find out what applications it should turn off. At the moment, no apps have been blacklisted, but by all appearances, this has been added to disable applications that the user has already downloaded and paid for, if Apple so chooses to shut them down."
So your assertion that "It wasn't a misinterpretation by JZ," or that we "added in the extra about disabling apps" is 100% wrong.
It's almost surprising how unsurprised I am.
...
The police have two-way radios and guns. They are watching you and plotting to kill you all! Quick, stop supporting those evil people that are keeping you safe!
...
Utter stupidity.
It could be a way for Apple to stop applications that use Core Locations even if they are installed skipping AppStore (i.e. on a jailbroken iPhone).
Think of TomTom or Garmin, premium applications that could be tempted to avoid leaving the 30% at 1 Infinite Loop. Or Apple might be planning an official one-and-only-one turn-by-turn GPS application.
Um, no. Clearly companies would prefer to not have to pay Apple 30% for selling their applications via the App Store but I can't see Garmin or TomTom requiring users to jailbreak their iPhones to install their software. Equally, if Apple were to make themselves the sole provider of navigation software on the iPhone then I expect they'd find themselves in court for anti-competitive practices if they were locking the competition out. This is the sort of thing that got Microsoft when they started abusing their position as manufacturer of Windows to push their own application on users at the expense of competing Windows apps. Within reason Apple has to play by the same rules as any iPhone developer.
It would be nice if core location worked consistently in the first place.
Well here's something all of you may be interested into .. the fatty old is 123Greetings.com is going 2.0 !!
http://blog.123greetings.com/2008/08/07/123greetings-20-a-sneak-peak/
More like 1.5
Maybe im the only idiot who doesnt know, but what the hell is Core Location?
Apple's set of APIs that control how Applications access the GPS, cell tower, and wi-fi location stuff on the iPhone and Touch.
Since Engadget didn't explain the term before usage, I Googled it and found a reasonable blog entry explaining:
http://kellylab.berkeley.edu/blog/?p=269
OK, this is starting to look like a pro Apple can't do anything wrong thread... oh well here we go...
So most peeps here are ok with Apple using your paid for bandwidth to verify that an app isn't touching their private spots, then if they don't like it they disable it?
If you really think it stops there your bloody silly... I'd bet this gets used to take your jail broken iPhone and disable your app installer....
really I'm just guessing.... but....