Maintaining a high level of consumer security on iOS is a huge cornerstone to what makes Apple the company it is. Tim Cook believes that we’re at the ‘golden age of surveillance’, and that Apple’s level of encryption impacts the wellbeing of U.S. citizens. It’s no surprise that users who care about security want to be up to date on the latest practices and methods that guarantee that. That may just be one of the reasons Stefan Esser’s timely app, System and Security Info, is climbing the iOS App Store’s Top Charts (all the way to the top of the paid apps chart in the US).
The iOS app made by international IT security company SektionEins, showcases the currently running processes on iOS using a security point of view. The general overview of the app shows CPU, memory, and storage utilization, but its strength comes in its security detection. Under the Process List, the application will show users all currently running processes on the iOS device. This is akin to Activity Monitor on the Mac. While not as detailed due to the limitations set forth by iOS, it will give an individual an idea as to what is currently actively running on their device.
The Security section is one that will almost immediately pique anyone’s interest. The Jailbreak section will clearly list out if a jailbreak has been found on the iOS device, and what jailbreak method may have been applied: everything from checking for Pangu to simply running a check if Cydia is present. Some may postulate the argument that they would be fully aware if their device was jailbroken, but that argument is the very reason why this app exists. If someone got a hold of your device, for even an hour, they could silently install un-verified third-party apps or even jailbreaks without you ever knowing. Hiding a Cydia installation or third-party application on a jailbroken device is easy enough. A user could theoretically be running a jailbroken device, an un-verified third-party app (masquerading as an official app), and never know. The System and Security Info application hopes to find and make users aware of this as it may occur.
Within the application, the Anomalies section is aptly named as it surfaces strange anomalies not expected to be running on a basic iOS installation. This area checks for CodeSigning validation issues, and makes sure that no unexpected debuggers are attached. In my case, the application did find an anomaly, but that itself was a bug that Esser has confirmed an incoming fix for.
On Twitter, Esser posits that the amount of time the bug-fix update is going through the review process may prove that the application will be removed from the App Store soon. This brings up an interesting idea: will Apple remove iOS applications that directly put security into the hands of the user?
It feels like a catch-22 situation. If Apple were to remove the app from the App Store after it has gained notoriety, users may feel that Apple is saying, “You don’t need any more security (or knowledge of that security) beyond trusting our own.” If they leave the app in the App Store, then users can begin to question, “Why isn’t there an official method to check my security or validate that I am secure?”
Time will tell what Apple decides to do, and that decision will most likely come soon. As of this writing, the app is currently sitting at the top of the Paid Top Charts even ahead of Minecraft: Pocket Edition.
System and Security Info is available in the iOS App Store for $0.99 and is compatible with iPhones and iPads.
Update 05/10/2016 12:45 PM EDT: System and Security Info is now ranked #1 in the iOS App Store’s Paid Top Charts.
Update 05/14/2016 PM EDT: System and Security Info is no longer available in the iOS App Store.
Esser’s latest tweets indicate that there is some discrepancy as to the reasons why it has been pulled. At first it appeared to be pulled because the application was showing the device’s process list, but a later rejection indicates that it was because it was using another application’s icon. Potentially the most important rejection notice that the application received was linked to Apple’s App Store Review Guidelines, specifically 2.19 and 22.2.
2.19 Apps that provide incorrect diagnostic or other inaccurate device data will be rejected
22.2 Apps that contain false, fraudulent or misleading representations or use names or icons similar to other Apps will be rejected
Apple’s rejection of this application as violating 2.19 is perplexing because according to Esser, they are only calling APIs that already implemented in every iOS application. Nothing he used wasn’t anything any other app developer could use to see running system processes. This comes back to my original point of Apple’s catch-22 with security. The information the application surfaces, is already there, just not apparent to a normal user. Does Apple believe that showing or not showing this is better for the end user experience?