Previously, some MDM vendors had created their own series of OS checks to detect jailbreaks, analogous to those performed by an anti-virus application on a PC, to discover if a jailbreak had occurred.

But the new detection API gave these applications direct access to information in the OS. In theory, the iOS device then "confesses" that it has been jailbroken, thereby triggering automatic responses such as alerting the helpdesk or shutting down access to corporate Exchange e-mail.

"We used it when it was available, but as an adjunct," says Joe Owen, vice president of engineering at Sybase, which offers the Afaria device management software. "I'm not sure what motivated their removing that....I've not had anyone [at enterprise customer sites] talk to me about this API being present or being removed."

In practice, Apple's idea of using an API-based query turned out to be much more complicated than it sounds. "It's an interesting concept - asking the OS to tell you if it has been compromised," Owen says. "Because a smart attacker might first change that very part of the OS. Jailbreaks often get better and better at disguising the fact that anything has been compromised."

When that happens, the API in effect either lies about or is simply unaware of the jailbreak.