Security Experts:

Apple Pulls Jailbreak Detection App from App Store

Over the weekend, Apple removed from the App Store “System and Security Info,” a newly published utility designed to provide users with information on the security of their devices.

Developed by Germany-based SektionEins GmbH and published in the official storefront last week, the tool offers information on running applications and processes on iOS devices. Its most important functionality, however, was the ability to detect device jailbreaks and anomalies, which allowed security concerned users to check for potential privacy issues and security threats.

SektionEins founder Stefan Esser posted parts of the conversation with Apple on Twitter, revealing that Apple viewed the program as misleading. Additionally, the tech giant suggested that the program was containing “false, fraudulent or misleading representations” or using “names or icons similar to other apps.”

In the notice sent to the developer, Apple also said that the application was pulled because it provided “potentially inaccurate and misleading diagnostic functionality for iOS devices to the user.” Furthermore, the note says that the tool could “mislead or confuse” users and that the developer should review the “app concept and incorporate different content and features.”

"Here. It basically says: we do not want our users to have the impression iOS could have security holes," Esser Tweeted. "go away."

In an email to SecurityWeek, Esser said that, in his opinion, the real reason behind Apple’s move is that the company wants to uphold the illusion of “unbreakable iOS.” He also explained that, while there are numerous system information tools in the store that offer similar functionality, they are not advertised as security utilities, which doesn’t make them targets.

The developer reveals that the removal of System and Security Info was part of an entire saga that started when the application made it to the headlines. Since then, Apple kept the developer from pushing updates to fix bugs but it did allow fraudulent programs to be published in the store, although they abused SektionEins’ logo and name to gain fraudulent sales/downloads.

“It is pretty obvious from the sales curve and the update freeze of our app that Apple decided on Monday we are unwanted content and then waited until the weekend and the media hype is over to terminate us silently,” Esser says.

In the end, it appears that the functionality in SektionEins’ tool was what determined Apple admins to remove it, but not before the developer was asked to fix some issues and resubmit it a few times. According to Esser, other programs that show device information remain in the store because they are those that actually display fake information.

“There are countless of system information tools in the store that show infos. Some of them actually fake these infos and have all your device data in files they have to update every time a new device comes out. They show you fake data that they grabbed from a website. Or all those battery monitors that show you the cycle count of your battery can only do this by using private API. Apple is aware of this but they do not terminate them,” Esse said.

SektionEins has been long focused on exploring iOS jailbreaks and the manner in which Apple patches vulnerabilities, and Esser explains that, over time, they unmasked several flaws that Apple did not fix correctly. In some cases, Apple had to issue up to 4 updates to properly patch an issue, mainly because of bad review of security issues.

The developer also revealed that Apple initially contacted the company by phone to announce they would be removing the app, and that they provided a different reason for the takedown.

“However the official take down notice is very different from what they said on the phone. On the phone they called “accessing the processlist” a privacy violation. Question is WHO's privacy are we supposedly violating for showing the processes that run on your smartphone to you and only you,” Esser told SecurityWeek.

The developer will try to make the application available once again to iOS users, because it offers useful functionality. In the end, anyone would certainly be happy to be able to check if their device has been silently compromised, which is exactly what System and Security Info was meant to do.

“We will of course continue to update the App if we get re-listed. Chances of that are slim because Apple just doesn't want security apps in the store to uphold the illusion of “unbreakable iOS.” In case the app does not get re-listed we are evaluating other options to make this very useful security info tool available through other means,” Esser said.

Some reminded that this is not the first time Apple has yanked an application for possibly similar reasons.

Nearly four years ago, Apple removed an app created by Bitdefender that tells owners of iOS devices which applications may be accessing more information than they need, and identified potentially “misbehaving” apps.

Related: New iOS App Detects Compromised iPhones

view counter