Monday, November 27, 2017

The Mystery of the Phantom App Updates

Jeff Johnson:

Starting on November 17, many iOS and tvOS apps that had not been updated for a year or two years suddenly received phantom updates in the App Store, without any action by the developers of those apps. The version numbers of the apps did not change. For some of the updates, the release notes were the same as the previous update. For others, the release notes said, “This update is signed with Apple’s latest signing certificate. No new features are included.”


It’s conceivable that recompiling the Bitcode would result in the same assembly size as before, but in my opinion that’s unlikely. It’s even more unlikely that this would result in some kind of significant runtime performance gain, which would be the only good reason I can think of for shipping a new Bitcode compile, absent a new processor architecture. Most likely, the matching __text sizes indicate that the same machine instructions as before were simply encrypted with a new key.

Mystery unsolved. Mission unaccomplished. I’m still quite puzzled why Apple shipped all of these phantom app updates.

Update (2017-11-27): Timo Hetzel:

My tvOS app got the certificate update note, as it doesn’t have a previous update and lacks any release notes. That’s my guess.

1 Comment RSS · Twitter

I'm glad you wrote about this; I had no idea what was going on. Last week while away for Thanksgiving, I saw a "new" circa-2016 update for a last-updated-in-2016 app I'd just downloaded the previous week. The app had no visible version number inside, but I couldn't believe that an app I'd just downloaded the previous week hadn't installed the latest (year-old) version when I'd installed it. I was so confused and was afraid that either Apple had a massive bug or that the developer/app had somehow been compromised and eluded App Review. Neither filled me with confidence in the iOS App Store.

From Jeff Johnson's investigation, it still seems like a massive Apple bug to me, even if it maybe was by "design"—signing with a new cert that expires before the one that the app is already signed with, and various release note changes/non-changes, doesn't seem like what you want to do.

Leave a Comment