Developers could potentially use hidden features to skirt Apple’s App Store rules, according to a new report. Citing iPhone developer Jelle Prins’ application Lyrics as an example, Wired reports that Apple may not have the ability to thoroughly test iPhone applications for secret features, exposing a potential loophole for developers to slide objectionable content and possibly even malicious code past the company’s watchdogs. Prins’ Lyrics app was originally rejected due to objectionable language in the lyrics of some songs, and was accepted only after Prins added a profanity filter.
However, Prins hid the ability to turn the filter off in the app’s About page, letting users access the very content that got the app rejected in the first place.
“It’s almost impossible for Apple to see if there’s an Easter egg because they can’t really see the source code,” Prins said. “In theory a developer could make a simple Easter egg in their app and provide a user with whatever content they want.” Nullriver CEO Adam Dann expressed concern over the potential harm a wave of hidden content could cause, saying, “If people start putting in naked pictures of their ex-girlfriend as an Easter egg to get revenge, or something like that, that isn’t quite right[.] It has the potential to really mess things up for everybody.” iPhone forensics expert Jonathan Zdziarski pointed out that hidden code could also potentially be used to invade a user’s privacy by secretly accessing the microphone, camera, or Address Book.
“It’s not impossible to write code that looks innocent and acts innocent until you throw some kind of switch,” Zdziarski said. “It’s not hard to get that sort of thing past Apple…. It’s the equivalent of a doctor using a magnifying glass to try and find germs.”.