Wednesday, June 16, 2021

Tightening the Mac App Store Screws Again

Timo Perfitt:

caching server utility is henceforth REJECTED from the app store. calling an apple command line tool to call another apple tool via XPC is FORBIDDEN and just because we have a TEMPORARY EXCEPTION it does not it should be USED.

i should appeal. i literally have no idea when temp exceptions are appropriate. is it when app wants to show preferential treatment to a specific developer?

[…]

i call an apple tool as a normal user and get back json about caching servers on the network. i then format the data and display it to make it a useful IT tool. NOT ALLOWED.

I can see where Apple’s coming from because it probably didn’t intend this XPC interface to be public API. But it would be nice to have a clearer policy of when you can use the com.apple.security.temporary-exception.mach-lookup.global-name entitlement and when you can’t. There are definitely apps in the store that use it (including Microsoft Word). This particular use seems harmless, and the app sounds useful.

Maxwell Swadling:

Unfortunately Apple is no longer accepting updates to Max Inspect, my app for inspecting entitlements, signing, etc. of Mac apps all in one place.

Max Inspect also uses that entitlement and has been in the Mac App Store since 2018. Now it can no longer be updated due to an unannounced change to an unwritten rule. As far as I know, there is no other API for checking an app’s notarization status. (Apparency uses it, too.)

Remember when Phil Schiller suggested that the Mac App Store should be the “go-to place” for developer tools? That can’t happen if the existing tools get kicked out.

Previously:

7 Comments RSS · Twitter

Are there actually devs that get software through the mac app store? I go directly to the web and look them there. If an app is only available on the app store I will grudgingly use it.

Old Unix Geek

Oh goodie: the EU wants to force side-loading. Tim doesn't like that.

https://www.cnbc.com/2021/06/16/apple-ceo-tim-cook-rips-eus-proposed-digital-markets-act.html

I do. Makes you wonder whether they'll have side-loading in the EU but not in the US.

Old Unix Geek

Quoting


"Developers

This is an area where I think the Mac App Store could really grow and excel. We know all the developers, we know the tools they use. We could invest more in being the go-to place for all your development needs. It isn't a giant market, and there might not be a ton of revenue in it, but it should be growing and worth investing in it for the Mac platform."

Is a famished vampire squid really supposed to spend time on such a small opportunity? Seriously? Obviously not. Me thinks the answer is in the email itself.

Old Unix Geek

@Bri Bri

Quite.

Not in the App Store and no idea what API it uses but Objective-See's "WhatsYourSign" also checks signing & notarization.

I don't know how they can fairly resolve this disconnect without some kind of "developer mode" (see also: https://daringfireball.net/2020/02/my_2019_apple_report_card).

Like, yes, there are security and privacy implications to any app being able to perform arbitrary Mach lookups. (See, for example, when Twitter created a list of all your installed apps. For fingerprinting? For targeting? Because they wanted to know how many people use their competitors? Perhaps all of the above.)

But you can't square that mindset with making MAS "the go-to place for all your development needs". Unless they implement a toggle, it's either a relatively safe place, or one that's well-suited for tinkerers. One or the other.

Old Unix Geek

Perhaps what they really need is 2 modes:

1/ "I don't want to read or understand anything, don't explain it to me, just ban things that might be bad for me".

2/ "Explain to me what permissions this thing wants, what letting it have access would imply, and present its argument why it says it needs them. Let me not agree to those I don't want." i.e. Little Snitch on steroids. Also provide a history of whether company X has misbehaved in the past. And have as one of the alternatives in this mode, on a per-app basis, "I don't want to read or understand anything, don't explain it to me, just ban things that might be bad for me". Allow the user to set the permissions temporarily, permanently, or remove them. And keep an easy to navigate record of what each app did when.

Then Twitter would either work in mode 1, or have to explain why it needs to know what your installed apps are, in mode 2.

Most people would use mode 1 all the time. I would use mode 2, but default to "I don't want to read or understand anything, don't explain it to me, just ban things that might be bad for me" for things like Twitter.

What I don't like about a single "power user mode" is that I would trust my Haskell compiler a whole load more than I would trust Twitter.

Also if Apple has to explain why an App is banned, they won't be banning things just because it makes their life convenient.

Leave a Comment