Late last week, Network World reported that Apple has quietly removed from iOS an application programming interface (API) that could detect jailbroken devices. The API had been used by several mobile device management applications to help corporate system administrators determine whether jailbroken devices that could pose a risk due to malware installation were running on their networks.
The new API was part of a bundle of mobile device management (MDM) APIs released in June with iOS 4.0. These APIs were available to third-party MDM applications, such as AirWatch or Sybase's Afaria. With the new APIs, these servers could access directly a range of features and information in iOS or on the device. But in the recently-released 4.2 version, the API intended for detecting jailbreaks has been either removed or disabled.
The report notes that jailbreaking is a constant cat-and-mouse game that could have seen procedures developed to defeat Apple's API, and thus the addition may have been of limited utility. It remains unknown, however, why Apple chose to disable it in iOS 4.2.
Jailbreaking is commonly employed to allow users to install unauthorized third-party applications to their devices or to make tweaks to their iOS systems. Due to the ability for jailbroken devices to have security features built into iOS circumvented, many corporate customers have been interested in keeping tabs on their employees' devices in order to ensure the integrity of their computing infrastructure. While third-party vendors have employed other means of working to detect jailbroken devices, Apple's removal of the dedicated API for revealing such information leaves questions about why the company has made such access more difficult.
