Friday, July 30, 2021 [Tweets] [Favorites]

Safari Extension Rejected Because Developer Not “Reputable”

Thomas Reed:

We had a free Safari app extension rejected by an App Store reviewer last night, because such software is only allowed from “reputable companies.”

[…]

We are reputable enough to have the kext signing entitlement and the EndpointSecurity entitlement. We constantly hear about Apple support reps recommending us. But the reviewer knows none of that. What are the qualifications of an App Store reviewer, exactly?

[…]

The irony there is that there are a bunch of shady antivirus apps on the App Store from developers nobody’s ever heard of. How are they “reputable” when Malwarebytes is not?

First, Reed and his company very much are reputable, and their products have even been recommended by Apple itself. Second, Apple claims to treat developers the same. Third, how can a new developer ever get started if being reputable is a prerequisite? (Note that Safari App Extensions can only be distributed through the Mac App Store.)

Previously:

Update (2021-08-02): See also: Hacker News.

Thomas Reed:

Hey, great news! The appeals process worked much faster than it did last time I had to use it, and Browser Guard is live on the store!

[…]

My last experience with a rejection that required appeal didn’t go so nicely. We ended up having to spend a couple months ripping a feature out and replacing it with something lesser… when other apps were already doing the thing we wanted to do. This was a few years ago, tho.

Stephane Philipakis:

And the “ptsd” lingers a long time after experiencing that type of rejection from the app review. It’s definitely something tough as a business or even a dev to feel that powerlessness. You tend to self limit yourself which is not good for the product or the users in the end.

11 Comments

This reeks of outsourcing.

Or, because this is Cupertino, “youth” and ego.

Cook replaced old and experienced with young and cheap and this is yet another marker that Apple isn’t hiring or bringing their best to App Review.

FWIW, it appears that after a lot of social media pressure, Apple changed their mind 10 hours later:

https://twitter.com/thomasareed/status/1420831606227488772

>FWIW, it appears that after a lot of social media pressure, Apple changed their mind

But remember folks, going crying to the media never works!

>The irony there is that there are a bunch of shady antivirus apps on the App Store from developers nobody’s ever heard of. How are they “reputable” when Malwarebytes is not?

I'd go further and say that Malwarebytes is just about the only non-shady antivirus company! Certainly its the one I use on my folks or friends computers when they get themselves in to trouble.

> Leo

This doesn't reeks of outsourcing, it reeks of hypocrisy.

Harald Striepe

Mistakes happen. Appeal and push it up the chain. They are dealing with millions of submissions.

@Harald I don’t think “mistake” is really the right word for this. It’s not just that the reviewer was wrong in this case, but that this shouldn’t even be a possible reason for rejection.

@ Harald - Not only are they not dealing with "millions" of submission, most of those so called submission are actually update to existing apps. And most submission to the App Store are actually Games. All of these are well documented in the Epic cost case.

Not only is Apple not dealing with "millions" of submissions, but I expect that the overwhelming majority of bad submissions are automated fakes, detectable with fairly straightforward computational means.

[…] “Safari Extension Rejected Because Developer Not ‘Reputable’“—”First, Reed and his company very much are reputable, and their products have even been recommended by Apple itself. Second, Apple claims to treat developers the same. Third, how can a new developer ever get started if being reputable is a prerequisite?'” […]

Kevin Schumacher

Thomas Reed represents Malwarebytes, no?

This same Thomas Reed representing this same Malwarebytes? https://mjtsai.com/blog/2020/02/13/2020-state-of-mac-malware/

Michael Tsai: "So the words 'threat' and 'malware' also have unexpected definitions that include potentially unwanted apps and adware.

[Thomas Reed's quote] sounds unnecessarily alarmist compared with the contents of the report, and I remain convinced that for most users Apple’s built-in security measures are sufficient. I’ve seen far more Mac problems caused by anti-virus software than actual viruses."

Jason Snell: "I do think you and your employer are stoking fear and that Malwarebytes benefits from that fear."

João Carlos de Pinho: "According to the PDF, the overall detections on Windows machines in 2019 was 50.5 million (including adware, trojans, backdoors, spyware, worms, etc.). On the Mac platform, the top 2 threats alone (NewTab and PCVARK) had more than 50 million detections in 2019. The other Mac threats added 30 million detections to this total. So, the overall detections on Windows is 50.5 million; on the Mac side, 80 million. Does this sound believable, when we know that Macs represent only 10% of the computer market share?"

Still "very reputable"?

@Kevin I disagree with some of Malwarebytes’ opinions/writing about malware, but I do think they’re reputable as a developer. And theirs is probably the only anti-virus software that has not been a major source of problems, in my experience.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment