Daniel Jalkut:
I’m seeing more of a scam directed at customer support addresses, where the scammer pretends to be a customer who is having trouble with the app, and asks you to look at a screenshot of the problem, which is a link to a page that coaxes you into running a nefarious program on your computer.
John Brayton:
I just got this one yesterday. It initially asked about a cookie consent dialog on my website. (Of course my websites do not have cookie consent dialogs.)
Other Mac developers have reported this, too. I haven’t gotten this one yet, but I’ve seen some targeted messages that seem to be AI-generated.
Previously:
E-mail Mac macOS Tahoe 26 Phishing Security Spam
Riley Testut:
In April of last year, we launched AltStore PAL in the European Union as one of the first official alternative app marketplaces on iOS thanks to the Digital Markets Act. We launched with just 2 apps — my Nintendo emulator Delta and clipboard manager Clip — yet Apple immediately changed their App Store rules to allow emulators worldwide for the first time ever.
[…]
By far our number one request, we’re planning to launch AltStore PAL in more countries later this year in response to various regulatory changes around the world. Specifically, we plan to launch in Japan, Brazil, and Australia before the end of the year, with the UK to follow in 2026.
[…]
Using ActivityPub, we plan to federate apps, app updates, and news alerts from AltStore to the open social web. Each AltStore source will receive its own ActivityPub account, which can then be followed by any other open social web account. You’ll be able to like, boost, and reply to everything, and most importantly all these interactions will appear natively in AltStore.
[…]
Pace Capital is investing $6 million USD in AltStore in exchange for 15% equity. We will use this money to hire a few employees and build out a team, giving us the necessary bandwidth to finalize Fediverse integration and expand AltStore worldwide, while also releasing betas and app updates on a more regular basis.
[…]
Alternative app marketplaces are needed more than ever now, with new reasons for them popping up every week. If there’s one constant though, it’s that Apple simply cannot be trusted to be the sole distributor of apps on the iOS platform.
Even with app marketplaces, though, Apple still controls distribution through code signing and notarization. There is no equivalent of the Mac’s Gatekeeper override.
Previously:
ActivityPub AltStore App Marketplaces Code Signing Digital Markets Act (DMA) Emulator European Union iOS iOS 26 Mastodon Notarization
Wiley Hodges:
I used to believe that Apple were unequivocally ‘the good guys.’ I passionately advocated for people to understand Apple as being on the side of its users above all else. I now feel like I must question that.
[…]
The event that represented a turning point for that skeptical view of Apple was the stand against the FBI over the San Bernardino case. You took a risky stand that was in keeping with the principles you had articulated for the company. The result was bigger than the one case: that act of lawful, principled defiance of government intimidation and jawboning helped to convince people that Apple’s actions and stated ideals were in alignment; that the company was walking the walk as well as talking the talk.
[…]
Acceding to a government ‘demand’ without demanding that the government follow legal process in order to back up its request (or at least shedding light on how the government did follow such process) raises the question of how easily Apple will accede to other requests.
[…]
Will Apple give data on the identities of users who downloaded the ICEBlock app to the government? Will Apple block podcasts that advocate points of view opposed to the current US administration? I imagine and hope that these are ridiculous questions, but without a clearer demonstration of Apple’s principled commitment to lawful action and due process, I feel uncertain.
Via John Gruber:
But, exactly as many critics of the App-Store-as-exclusive-distribution-point-for-native-software model have long warned, it’s proven to be a choke point that Apple was unwilling to defend.
I don’t think the problem is really Tim Cook or whoever at Apple made the ICEBlock decision last week. The current situation is just the symptom of a decision made long ago: for Apple to be a choke point for app distribution. If your solution to government overreach is to depend on the right person being in charge, who will say no, you’ve already lost.
Apple understands this with customer privacy. If you don’t want to have to give up user data, you design the system to store as little of it as possible, and you try to store everything else in such a way that you can’t actually access it. There have been flaws in the execution, but Apple has clearly articulated this principle and worked towards it. What you don’t do is upload the user’s most private data to iCloud, encrypt it with a password that only Tim Cook knows, and hope that he’ll never access it, because you trust him. Maybe he wouldn’t, but he won’t be there forever, and ultimately there’s not much Apple can do if it gets a legally valid request for something it can easily provide.
Yet that’s what Apple’s done with app distribution. They designed a system with a kill switch, and now people are surprised and upset that they used it. The problem is not that they pressed the button this one time when you didn’t want them to. The problem is that there is a button and Apple likes having it. They value it more than your right to use your own device as you see fit. They justify it by saying that the button is there for your protection.
Hodges is asking Tim Cook and his team to “more clearly explain the basis on which” they pressed the button, but I don’t think that’s the right question at all. If we were talking about privacy, would you be satisfied with a secure golden key accompanied by an essay about when it would be OK to use it? Would you even take such a proposal seriously?
The lesson of San Bernardino is not really that Tim Cook said “no.” It’s that he could say “no” because asking Apple to exploit an iPhone/iOS backdoor (build an “entirely new operating system,” as Apple put it) was different from asking Apple for data that it already had. (The FBI asked for that, too, and Apple provided it, as I believe it should have.) But Apple realized that the backdoor made the system insecure and removed it in subsequent iPhones. Now, at least in theory, no one has to rely on Cook saying “no” because he can’t say “yes.” Obviously, the analogy with app distribution is that the only way to prevent the kill switch from being used is to remove it.
Previously:
App Store App Store Takedown ICEBlock iOS iOS 26 Privacy Sideloading Tim Cook
