Tuesday, November 26, 2024

Mini vMac for iOS Rejected via Notarization

Jesús A. Álvarez:

Mini vMac for iOS won’t be coming to #AltStorePAL, it was just #RejectedByAppReview for notarization after an initial rejection and appeal.

You can of course still get it from GitHub and build it with Xcode or sideload the ipa with AltStore Classic.

Via Riley Testut:

Apple’s complete abuse of Notarization is going to be the reason the EC comes down hard on them, and it’s wild how ignorant they are 💀

[…]

Based on actual, real conversations we’re having with the EC rn, I am very confident that this is not going to end well for Apple — but it seems like they genuinely don’t realize this?

Apple’s rejection notice says:

Use of Apple’s software is limited to the terms of the license for such software. Apple does not license its Mac operating system software for use outside of an Apple-branded computer. Your app necessarily involves and promotes the use of Mac operating system software on devices other than Apple-branded computers and such use goes beyond of the scope of its license terms. Notarization of your app thus would contravene the terms of Apple’s software licenses. Additionally, your prominent use of Apple’s MAC mark in the app name; MACINTOSH in the subtitle, and a Macintosh graphic in the icon for an operating system software product improperly and confusingly suggests or implies that the app has an affiliation, endorsement, or sponsorship by Apple and is in contravention of Apple’s Trademark Guidelines.

However, even if it’s correct about these points, they do not seem to be violations of the notarization guidelines and should probably be adjudicated via a different process.

Khaos Tian:

Apple really treat Notarization process like an app review and explicitly call out the reason for rejection to be unrelated to what DMA permits is just providing written evidence of abusing process at this point…

Previously:

Update (2024-11-27): See also: Reddit.

9 Comments RSS · Twitter · Mastodon


"devices other than Apple-branded computers"

On which non-Apple-branded computers does iOS run?


@Plume Probably Apple doesn’t consider iOS hardware to be computers.


"What's a computer?"


Macs and iOS don't even run different chipsets at this point. Apple is just being Apple. Been a bad company for a long time now, 10 years maybe.


I’d love to have been a fly in the room where Apple employees (probably mostly lawyers) debated the pros and cons of doing this and still chose to do it.


This reveals a weakness of allowing Apple to notarize apps.

I thought the DMA meant they were supposed to act as a common carrier. To use a phone network analogy, they don't get to censor your conversation on the phone, but are allowed to ensure that you don't stick 10 Kilovolts into the phone network. In the same way Apple wouldn't get to censor what apps you want to provide, but would get to ensure your app couldn't break iOS security.

In that model, if they don't like vMac, they get to sue the creator for trademark or violation. However, a phone company isn't allowed to listen in to the conversation to find out that you're trash talking the phone company, so that it can then sue you. Here, however, Apple is clearly listening in, letting it sue you.

Therefore even if the EU forces them to notarize all apps, the fact notarization isn't purely a security check means that they're looking at what app developers are making. This allows them to know what all App Developers make and sue them if they so wish. This has a chilling effect on app development: you tell them who you are, so that you can notarize the app, and they, a trillion dollar company, get to sue your backside off, if they don't like what you're doing.

The only ways for the EU to remove this chilling effect, is to either ban notarization or make it an independent operation, run by a number of independent shops, which cannot be owned by Apple, or its subsidiaries (etc).

I wonder what Apple is trying to achieve by making this obvious.


I think everyone underestimated the ingenuity of Apples department of malicious compliance. The good news is that governments learn from each other so legislation is getting more and more blunt.
You are not allowed to take any percentage from devs.
You must allow third party payments.
Any developer license fees must be uniform regardless of how much money the developer makes.


Come on, Phil, is this is what you think Steve would have wanted: Europe taking your walled garden right out of your hands? You don't get any points for being more brazen.

There are more straightforward paths to giving us all sideloading. There are even paths avoiding that, but you already stormed past them.


So, obviously, yet another abuse of process.

There's no way that I can see insuring against this sort of thing but completely prying open the back-end APIs. This, of course, will not happen. There are too many interests, and too many stupid legislators who will heed them. :(

I'm not sure neutral arbitration would work that much better in the absence of a clear and accountable mandate, either—you'll just get another oligarchy deciding what does and doesn't count as "security".

Leave a Comment