Chicago (IL) – An iPhone enthusiast discovered a kill switch that enables Apple to wipe a malicious or unauthorized iPhone application even after it has been paid for and installed on a user’s iPhone. It did not take long for the information to spread and questions over the secrecy and purpose of the feature are being asked. While some argue that the blacklisting feature isn’t in best interest of iPhone users, others believe it is effective weapon that can quickly kill potential malware and viruses hidden in legitimate applications. And yes, you guessed it right, Apple has not said anything yet.

Not everyone can sell every application through the AppStore. In fact there is a thorough approval process in place, which apparently is designed to create a high-quality and especially clean place to shop for iPhone software. Registered iPhone developers have to submit their applications to Apple for an approval before the company makes it available to iPhone users through the App Store digital delivery mechanism. But there is also something Apple has not talked about.

What was unknown so far is that the company created additional hidden tools to blacklist misbehaving applications from iPhone, even after an application has been purchased and installed on a user’s handset. The finding first published in this iPhone Atlas article claims that the CoreLocation API (responsible for location-based features) in the firmware points to a secure URL on Apple’s server. The online location contains a placeholder for a list of unauthorized applications, strongly suggesting it is meant to be used to blacklist unauthorized or malicious iPhone applications.

The space is currently empty, but that doesn’t mean that Apple will hesitate to remotely kill any application that breaks the company’s rules. Similarly how IT administrators can remotely wipe a corporate iPhone in the case it is stolen, Apple can use the kill switch to delete applications from all iPhones in the wild. It is believed that the iPhone system software checks the blacklist in pre-determined intervals, but there is no proof that the current firmware performs such checks. However, the existence of firmware hooks and the blacklist site suggest that some kind of kill mechanism exists.

It will be interesting to see reactions of users who purchased an application when they find it removed from their handset over the air by Apple. Will Apple offer refunds in such cases?

The company apparently can also retroactively revoke developer’s certificate at any given time since it is the only authority that issues a unique digital certificate to each developer. Revoking a certificate would render all applications from one developer unusable as the handset refuses to run unsigned applications. Jailbraking a handset circumvents this check in order to enable installation of non-approved applications. Apple has previously praised Nokia for signing Symbian applications with digital certificates, acknowledging that this is "the way to go." BlackBerry applications are also digitally signed.

The kill switch is currently believed to be a security measure designed to protect users from applications with critical flaws that could led to data loss on the iPhone. But no one knows for sure. No one besides Apple.

So, Apple, want to let us in on your kill switch idea?

What are your thoughts? Do you feel comfortable with Apple having control over applications on your iPhone or do you believe this is a step too far? Let us know by writing a comment below.