Jonathan Zdziarsi, the author of iPhone Forensics has found that Apple can remotely disable apps installed on your iPhone. The iPhone OS has a blacklist URL that Zdziarsi says “suggests that the iPhone calls home once in a while to find out what applications it should turn off.”

The URL in question is https://iphone-services.apple.com/clbl/unathorizedapps

It was found in a configuration file inside of CoreLocation. It doesn’t seem that this list is just for apps that Apple has removed from the App Store, but instead is for applications that are actually malicious and that could be security vulnerabilities.

I don’t expect Apple to need to use this but if they do they will need a pretty good explanation for it. I don’t think they will just remove apps willy nilly but when they do it needs to be just cause.

iPhone Atlas

Update: According to John Gruber of Daring Fireball, this URL doesn’t necessarily disable apps completely but rather disable the apps ability to access CoreLocation features.