Archive for Aug 25, 2020

Tuesday, Aug 25, 2020 [Tweets] [Favorites]

Developer Accounts Nearly Terminated

Zac Wood (via Paul Haddad):

Submitted a minor update for @AtticsApp after nearly two years on the App Store and @Apple has decided out of nowhere that I have been engaging in “a pattern of manipulative or misleading behavior” and has permanently terminated my account. No evidence or specific reasons given.

It started after a build got rejected without a reason last week. A couple of days after, I received a message very similar to the screenshot that my account is being terminated. I appealed, trying to get info on what exactly the problem is, and then got the last message

Despite not telling him what he’s accused of, Apple writes:

This appeal decision is final, and any subsequent appeals you file will be closed without review.

Nathan Lawrence:

I cannot tell you how often I’ve seen this or a similar message, whether in personally helping someone or in a news story - and how often those then get reversed, like they say won’t happen, because there was a mistake.

This costs Apple nothing, but it’s terrifying for us.

Zac Wood, after some help from running to the press, which “never helps”:

Attics has been approved and my account will no longer be terminated -- apparently my app had been copied across the App Store many times and it wasn’t caught that mine was the original.

Gui Rambo:

This is scary. It’s not the first time Apple bans a developer because copies of that developer’s app (the original) were found on the store. If Apple is not good enough to determine who’s the owner of the original app, they’re not good enough to make these types of decisions.

If you are an iOS developer and you see copies of your app in the App Store, it is now your job to monitor the store for such copies and alert Apple, otherwise your entire developer account is at risk.

Ironically, I know of at least one case where the developer rightfully pointed out copyright violations of their app in the App Store, but in the end Apple banned their account because they couldn’t figure out who was the developer of the original app. 🙃

Tom Angistalis (via Chuq Von Rospach):

This happened with @FilmNoirApp back in May. The app was only available in TestFlight and out of nowhere we receive almost exactly the same email after we asked why our account was going to be terminated. Of course they didn’t tell us at first what was the reason.

Tom Angistalis:

We wanted to have a good user experience and open all links in the app, does that mean that we are responsible for all third party content? What baffles me is that the review team didn’t say anything about it until a tweet got some attention

[…]

We changed all links to open in native iOS Safari app and that deemed acceptable. Now the real question why they can’t tell you exactly that but they also ignore your appeal?

We simply asked what was the issue and they responded back by saying that our account was going to be terminated and the app review team wouldn’t consider any more appeals.

Of course, the rules are applied unevenly, and other apps are allowed to display links directly in the app.

Previously:

Potential

Francisco Tolmasky (member of the original iPhone team):

Apple’s iOS rules would not have allowed for the invention of the web browser. Let that sink in. They would have rejected one of the most important technical innovations in the history of computing. Microsoft‘s bully tactic of making IE free seems quaint in comparison.

But here’s the kicker: think of all the other amazing ideas that haven’t gotten a chance to be invented because they aren’t allowed on mobile devices. Mosaic happened less than 10 years after the Macintosh. We very well might have already had a browser-caliber invention by now.

Just for people asking: the flagrant violations of AppStore policy that web browsers would be rejected for in this hypothetical are:

1) Running outside code
2) Allowing payments that circumvent Apple’s IAP
3) Allowing access to NSFW content

Loren Brichter:

This.

And honestly the very idea of a “Web browser” needs a competitor (see: Google), but can’t happen because it wouldn’t be allowed on the computer you all already have in your pocket.

Ben Thompson:

This is the chief reason why, if I had to choose a victor in this case, I would choose Epic; Apple is a brilliant company, but they hardly have a monopoly on invention and innovation. My overriding concern is that their monopoly on iOS (and duopoly with Google, which copies many of their App Store practices) will prevent the invention and innovation of others.

Alex Hern:

One of the under-discussed downsides of Apple’s growing insistence that it take 30% of all commerce that occurs on or near iOS is that it massively entrenches the privacy-violating ad-funded business model that Apple professes to be fighting

No 30% cut for Apple if I fund my business by selling my customers’ personal data!

Rasmus Andersson:

Dropbox is an example of a product and company that would not have existed if it wasn’t for hackable OSes. Innovation inside Apple’s sandbox only allows “innovation” that Apple has already thought of and allowed. Totally fine for consumption but terrible for innovation.

And backup apps and emulators and Little Snitch.

Jason Fried:

If the [Apple-HEY] decision would have gone the other way, I was considered quitting, and basically retiring. […] Here’s why: I didn’t get into business — I didn’t start a business — to be told what to do by another business. […] We’re self-funded. We do everything our own way so that we can do it our own way. And to be in an industry where if Apple forced us to have to give them 30% of our business and not be able to interface with our customers the way we want, I don’t want to be in that industry.

Manton Reece:

Apple’s total control over iPhone app distribution and payment is preventing developers from doing their best work. The App Store started with good intentions, to help users, but the rules have become twisted, corrupted as Apple gains power.

Jason Snell:

I can’t tell you how many developers I’ve talked to who have similar stories.

Patrick Wardle:

Creating an open-source tool for macOS in 2020:

💻 Buy Mac ($1000+)
🎟️ Create Apple Dev. Account ($99/yr)
🏢 Create company (Entitlement pre-req!)
🤞 Beg for Entitlement(s)
🎫 Create/Install Signing Profile
📝 Write code (yay!)
🔐 Sign w/ Profile
📦 Notarize w/ Apple

(User) Installing an open-source tool for macOS in 2020:

⚠️ “Ok” on Gatekeeper alert
⚠️ “Ok” on System Extension Blocked alert
⚙️ Open System Preferences
🔓 Authenticate
✅ “Allow” in System Preferences
⚠️ “Allow” in Filter Network Content alert

Rosyna Keller:

For a normal open source tool/app, these additional steps aren’t needed.

It’s part of adding high-friction UX for methods that malware authors would use in the past to gather massive amounts of user/confidential information.

It’s a tradeoff because these features meant to protect users also add friction that make the products harder to use, which makes them harder to sell and more expensive to support. That, plus the delay and uncertainty of being able to get an entitlement, mean that fewer such products will be developed. We’ve come a long way from the early days of Mac OS X where the developer tools were included on the disc, and anyone could start writing code and sharing their work with people.

Various Mac operations get slower, and now I often see UI freezes and high CPU use caused by the security subsystems. There’s more potential for bugs, both because of the more complicated interaction between apps and the OS and because of problems with the OS itself. The steps Wardle describes seem obscure but straightforward enough, once you know them. But that’s the happy path. I’ve seen countless cases where a security-related file or database got messed up, and it was difficult for the user to fix it because of System Integrity Protection. Sometimes the cause of the wedging remains a mystery, and the only solution seems to be to reinstall macOS.

Development is more complicated because the security stuff is always changing and is often undocumented. New requirements are added in late August, months after the first WWDC build. One of the changes in Big Sur makes it much slower to develop my Mail plug-in. Previously, notarization was only necessary when shipping software to customers. Now, I need to notarize the plug-in each time I make a new build to test on my own Mac. In the best case, after writing some scripts to automate the process, this adds a few minutes to each build cycle. Yesterday and this morning, something was wonky with the notarization server, and notarization took almost an hour.

See also: Accidental Tech Podcast.

Previously:

Update (2020-08-26): Jeff Johnson:

Yesterday I had to reinstall the Big Sur beta (because Software Update was hosed). The installer app silently froze for a very long time on launch.

XProtect

Update (2020-08-27): Francisco Tolmasky:

One of the most troubling kinds of replies I got to this was that Apple would “of course” know how important the browser would be and make an exception. Setting aside the improbability of this, this defense of the rules is that Apple will break the rules at the right times.

This is a truly (sigh) 1984 mentality. The rules don’t even matter, why even bother arguing their logic? Apple will just make the right decision when necessary, regardless of the rules. Disregard that Apple can’t realistically spend that much time considering each submission.

Would anyone accept a bad law because they know that judges, in all their wisdom, would know when to not apply it? Do we think that AppStore reviewers are better judges of the future potential of every app they see than legal judges are of our own laws?

Ross Boucher:

I mean, they explicitly made a rule to block other browsers, so I’m not sure why anyone thinks they would have allowed the first one.

Brian Armstrong:

Apple has been very restrictive and hostile to cryptocurrency over the years. They’re still blocking some functionality right now, including the ability to earn money with cryptocurrency by completing tasks, and unrestricted dapp browsers.

Update (2020-09-14): Brian Armstrong:

I feel like Apple customers should be made aware: the crypto apps you use on iOS are not missing some features you want because the teams haven't gotten to them, those features are being censored by Apple.

UTM (via Tanner Bennett):

UTM is a full featured virtual machine host for iOS. In short, it allows you to run Windows, Android, and more on your iPhone and iPad.

But it’s not allowed in the App Store.

Update (2020-12-04): Francisco Tolmasky:

Although largely unintentional, “everything is an App” (vs. “everything is a file”) really sucks. Simple stuff like “I’d like a widget that just has my current media so I remember to pick up on it, whether audiobook, tv show, podcast, or movie” becomes nearly impossible to make.

A conceptually simple goal is transformed into a convoluted mess of both technical challenges and political challenges. App “prisons” for data really lend themselves naturally to siloing information. They’re like more advanced, yet in many ways less featureful, cable channels.

And from a user perspective, it’s like going to a library that is globally sorted by publisher.

Court Rules on Epic’s Temporary Restraining Order

Manish Singh (Hacker News, MacRumors):

A district court denied Epic Games’ motion to temporarily restore the Fortnite game to the iOS App Store, but also ordered Apple to not block the gaming giant’s ability to provide and distribute Unreal Engine on the iPhone-maker’s ecosystem in a mixed-ruling delivered Monday evening.

U.S. District Court Judge Yvonne Gonzalez Rogers said Apple can’t retaliate against Epic Games by blocking the gaming firm’s developer accounts or restrict developers on Apple platforms from accessing the widely used Unreal Engine tools.

This seems like the right call to me. The order is here.

John Gruber:

For good play-by-play livestream coverage of the hearing, I suggest reading Sarah Jeong’s thread on Twitter.

Florian Mueller:

Judge Gonzalez Rogers reminded attendees of the fact that a TRO needs to be replaced by a preliminary injunction (PI) after 14 days--unless extended by consent--or it simply goes out of effect. Therefore, even if Epic obtained a TRO now, Apple could still try to prevail with respect to Unreal Engine a couple of weeks later--and this goes both ways, so whatever Epic doesn’t win immediately, it could still pursue in the next round. The PI hearing has been scheduled for September 28, so the TRO decision will be in effect for about a month.

[…]

With respect to Fortnite, however, the case appears clear to the judge. She told Epic’s counsel that they “didn’t tell Apple you had code in there [for an alternative payment system]” and noted that “this was not an insignificant breach, hence the reason we are here.” Counsel for Epic argued that her client merely “ceased complyi with an anticompetitive contract” or, more narrowly, “an anticompetitive provision.”

[…]

The judge expressed concern over Apple having taken an overreaching step by announcing the termination of a developer agreement that “has not been breached.”

Apple:

We thank the court for recognizing that Epic’s problem is entirely self-inflicted and is in their power to resolve. Our very first priority is making sure App Store users have a great experience in a safe and trusted environment, including iPhone users who play Fortnite and who are looking forward to the game’s next season.

We agree with Judge Gonzalez-Rogers that ‘the sensible way to proceed’ is for Epic to comply with the App Store guidelines and continue to operate while the case proceeds. If Epic takes the steps the judge has recommended, we will gladly welcome Fortnite back onto iOS. We look forward to making our case to the court in September.

Colin Cornaby:

It’s worth noting how bizarre Apple’s argument was. They demand their contracts be dealt with as absolutes, but when asked why they are terminating the dev tools contract that isn’t breached, they go “well we break routinely break contracts when we feel like it”

Frank Reiff:

It’s shocking to hear that Apple’s legal team are gunning for all Unreal Engine developers and do not seem to care much whether thousands of blameless developers’ livelihoods are impacted, just so that they can make a stronger move against Epic.

Ben Thompson:

The problem for Epic — and, I suppose, for me — is that to this observer it seems exceedingly likely that Apple is going to win this case, last night’s decision notwithstanding. Current Supreme Court jurisprudence is very clear that businesses — including monopolies — have no duty to deal with third parties, and if they do choose to deal with them (or are even compelled to), that they can choose the terms on which to do so. The only exceptions are if the monopoly in question changes the rules in an unprofitable way with the express purpose of driving out a competitor, or if any company — not even a monopoly — changes access to after-market parts and services.

In short, what is needed are new laws built for the Internet, which is why it was encouraging that Congress is holding hearings about these issues, and also frustrating that Apple received relatively little attention.

[…]

Here is what I believe the App Store has fundamentally wrong: its current organizing principle is digital versus analog; anything that is digital has to have in-app purchase, while anything that is analog — i.e. connected to the real world — can monetize however it pleases. […] The better organizing principle is whether or not the app developer has marginal costs.

Michael Love:

There’s a lot of good stuff in here, but I have to take issue with the idea of allowing external / lower-commission purchases if an app has ‘marginal costs’; while a reasonable principle in theory, I think it would be completely impossible to apply in practice.

Dave Wood:

The obvious answer is just to move iOS to a macOS like system but it’s just as obvious Apple isn’t willing to do that. My proposal is a compromise that I believe offers a fair direction forward for all parties involved.

[…]

More than that, my biggest complaint with Apple is the power they have to decide if another company should be allowed to provide their product/service. They are able to block any app that competes with them (now or in the future), is innovative in any way Apple hadn’t considered, or that goes against their values. Apple shouldn’t be allowed to project their values onto their customers.

[…]

The key difference being that Apple accepts anything that isn’t illegal or a valid security issue, but not every accepted app gets listed in the App Store. An app that has been accepted, but excluded from the store can be installed by a user that has a direct link provided by Apple upon approval. Side note: this gives Apple a great opportunity to optimize the App Store since they can remove the millions of junk/neglected apps and only present the best apps to users.

Previously:

Another MacBook Pro Flexgate Lawsuit

Hartley Charlton:

The second class-action complaint argues for violation of competition, false advertising, and consumer fraud laws. Apple is also accused of violation of the Song-Beverly Consumer Warranty Act, the Magnuson-Moss Warranty Act, and breach of express and implied warranty, in addition to fraudulent concealment and unjust enrichment.

Plaintiffs are seeking a range of relief measures, damages, and court fees. They also hope a judgment will compel Apple to identify and declare all defective MacBook Pros.

Why didn’t Apple just make the repair program available to all the affected models?

Previously:

Update (2021-04-16): Sami Fathi (tweet, 9to5Mac):

As reported in a paywalled report from Law360, Judge Edward Davila sided with the plaintiffs by agreeing that testing the laptops before their release would have informed Apple engineers of the issue. Hence, the company knowingly sold the laptops with the defect.

[…]

According to Talehspour, Apple deliberately deleted comments and threads from its Apple Support Community Forum, which often serves as a go-to place for crowdsourcing information on potential issues with Apple devices. Talehspour accues Apple of deleting comments that outlined “ Flexgate “ and the issues around the display. The judge says that if the accusation is true, it will act as further proof that Apple was aware of the issue.