Newsflash: Both Palm and Apple have been caught in the act of tracking and stealing personal information though the mobile devices. Palm does it right from the Palm Pre’s WebOS, while Apple leaks personally identifiable information (PII) from the their own AppStore app and allows multitudes of third party apps to be published on the appstore that do the same. Remember, Apple asks to see the source code of every app before publishing, so they know when an app phones home or uses a spyware-type library to send PII to an information collection agency (they prefer to be called an “analytics company”, I prefer to call them “spyware shop”).

In the ironic twist, the very argument Apple planned to use against jailbreaking in court, “jailbreaking is a security threat“, now works against them. Jailbreaking is the only way to protect privacy. Only jailbroken devices now have a mechanism to protect users privacy, via Saurik’s PrivaCy and iPhoneHome‘s “sbsettings-toggle” cydia package.

I am a little uneasy about PrivaCy, as, according to Saurik, it was developed with cooperation from the very companies it is intended to block. iPhoneHome, on the other hand uses a very old technique. It replaces the /etc/hosts file with the one resolving nefarious hosts to 127.0.0.1. It also comes with a very handy sbsettings toggle, just in case you hit your head and suddenly feel inclined to share your current location, gender and the date of birth with an information collection agency.

All in all, it looks like it is really the time now for a release of a personal firewall for iPhone, one capable of detecting data leaks from, and an occasional intruder to the device. I’d love to have one for Ubuntu though too, wireshark is a little heavy-weight and who knows what would happen if certain space-tourists from South Africa are pressured by a mighty corporation.