{"id":29672,"date":"2020-08-04T16:33:49","date_gmt":"2020-08-04T20:33:49","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=29672"},"modified":"2025-04-08T10:08:12","modified_gmt":"2025-04-08T14:08:12","slug":"apple-remote-kills-long-time-developers-apps","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2020\/08\/04\/apple-remote-kills-long-time-developers-apps\/","title":{"rendered":"Apple Remote-Kills Long-time Developer&rsquo;s Apps"},"content":{"rendered":"<p><a href=\"https:\/\/appleinsider.com\/articles\/20\/08\/04\/apple-kills-long-time-mac-developers-apps-with-no-warning-and-isnt-responding\">William Gallagher<\/a> (also: <a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290509083288764428\">Charlie Monroe<\/a>):<\/p>\n<blockquote cite=\"https:\/\/appleinsider.com\/articles\/20\/08\/04\/apple-kills-long-time-mac-developers-apps-with-no-warning-and-isnt-responding\"><p>As Apple continues to <a href=\"https:\/\/appleinsider.com\/articles\/20\/08\/01\/developers-rail-against-apple-app-store-policy-in-wake-of-house-antitrust-hearing\">face controversy<\/a> over its App Store policies and fees, software <a href=\"https:\/\/software.charliemonroe.net\">developer Charlie Monroe<\/a> has told <em>AppleInsider<\/em> that the company has killed all his apps with no warning. Each of his ten macOS apps, and two that are also iOS, remain available to buy in the App Store, but Apple has stopped them launching.<\/p><p>[&#8230;]<\/p><p>&ldquo;Looking into it, I found that Apple revoked my distribution certificates, which generally kills the apps remotely.&rdquo;<\/p><p>&ldquo;When I sign in to my developer account, it asks me to enroll to the Apple developer program and I don&rsquo;t seem to be in the Apple developer program anymore,&rdquo; he continued, &ldquo;even though the apps that I have on the App Store are still available.&rdquo;<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/danielpunkass\/status\/1290684860626014210\">Daniel Jalkut<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/danielpunkass\/status\/1290684860626014210\">\n<p>Every Apple platform developer&rsquo;s worst nightmare. It&rsquo;s bad enough that a seemingly innocuous developer has been effectively banned from development, his apps rendered non-functional, but ... no explanation? That is just cold.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290704724027727889\">Charlie Monroe<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290704724027727889\"><p>In the morning no one got back to me. They did now, but only said on the phone they have no idea what&rsquo;s wrong and are passing the issue to internal team... &#x1F914;<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290697894929092608\">Charlie Monroe<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290697894929092608\">\n<p>macOS displays a message that the app &ldquo;will damage your computer&rdquo; just because the certificate was revoked, which IMHO is bordering with slander. Damages your name and brand. Aside from users unable to use your apps, of course.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/chockenberry\/status\/1290701249646456835\">Craig Hockenberry<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/chockenberry\/status\/1290701249646456835\"><p>The wording for the dialog and intent behind signed code is to protect from malware.<\/p>\n<p>If this action isn&rsquo;t based on that, Apple is the one that&rsquo;s damaging their name and brand.<\/p>\n<p>And if it is? At least give the developer a chance to rectify the situation.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/tempelorg\/status\/1290616648265859072\">Thomas Tempelmann<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/tempelorg\/status\/1290616648265859072\"><p>Can&rsquo;t run the long-installed app any more. Can&rsquo;t open the downloaded installer, not even with right-click + option key, even on High Sierra.<\/p><p>This means for us Mac devs that Apple not only has the power to make it near-impossible (at least for the layman) to run your publically available app, but they actually assume the right to do so as they please. They&rsquo;re judge, jury and executioner. Doesn&rsquo;t that scare you?<\/p><p>Apple&rsquo;s dev account was originally meant to be necessary only to sign your app, to ensure it can be checked against malicious modification. But now, it&rsquo;s become the stick by which Apple alone controls which apps can run on a Mac.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/nicklockwood\/status\/1290624299288625152\">Nick Lockwood<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/nicklockwood\/status\/1290624299288625152\">\n<p>I wish I could be a fly on the wall when decisions like this get made. Was this a snap judgement made in response to some automated alert, or an executive decision? Did someone suggest contacting the developer but get overruled? Or did nobody even consider it? So many questions.<\/p>\n<\/blockquote>\n\n<p>Previously:<\/p>\n<ul>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2020\/06\/24\/new-app-store-review-processes\/\">New App Store Review Processes<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2019\/11\/20\/guilherme-rambo-locked-out-of-apple-developer-account\/\">Guilherme Rambo Locked Out of Apple Developer Account<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2019\/04\/22\/the-true-and-false-security-benefits-of-mac-app-notarization\/\">The True and False Security Benefits of Mac App Notarization<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2017\/05\/08\/handbrake-proton-trojan\/\">HandBrake Proton Trojan<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2016\/10\/05\/apple-removed-dash-from-the-mac-app-store\/\">Apple Removed Dash From the Mac App Store<\/a><\/li>\n<li><a href=\"https:\/\/mjtsai.com\/blog\/2016\/03\/07\/keranger-transmission-ransomware\/\">KeRanger Transmission Ransomware<\/a><\/li>\n<\/ul>\n\n<p id=\"apple-remote-kills-long-time-developers-apps-update-2020-08-05\">Update (2020-08-05): See also: <a href=\"https:\/\/news.ycombinator.com\/item?id=24049152\">Hacker News<\/a>.<\/p>\n\n<p><a href=\"https:\/\/twitter.com\/Ihnatko\/status\/1290723801668423688\">Andy Ihnatko<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/Ihnatko\/status\/1290723801668423688\"><p>THIS is what sucks about Apple&rsquo;s iron gatekeeper approach. One of my favorite apps suddenly fails to even launch, via a &ldquo;Binary is improperly signed&rdquo; error, apparently because Apple pulled the developer&rsquo;s account, and apparently without a word of explanation. EXPLAIN, Apple.<\/p><\/blockquote>\n\n<p>Why was there no human review or due process?<\/p>\n\n<p><a href=\"https:\/\/blog.charliemonroe.net\/a-day-without-business\/\">Charlie Monroe<\/a> (<a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1290874085740863489\">tweet<\/a>):<\/p>\n<blockquote cite=\"https:\/\/blog.charliemonroe.net\/a-day-without-business\/\"><p>After more investigation, I found out that the distribution certificates were revoked &#x2013; evidently by Apple as no one else has access to them and I was sound asleep when all this happened. Each macOS app these days needs to be codesigned using an Apple-issued certificate so that the app will flawlessly work on all computers. When Apple revokes the certificate, it&rsquo;s generally a remove kill-switch for the apps.<\/p>\n<p>[&#8230;]<\/p>\n<p>This is the message macOS shows to all users who try to launch my app. That it will damage their computer with a checkbox to report malware enabled. Average user immediately goes nuts.<\/p>\n<p>[&#8230;]<\/p>\n<p>Fortunately, possibly thanks to the traction the story got and all the support from everyone I got (for which I am infinitely grateful), after almost 24 hours after 10PM, I got my account re-instated.<\/p>\n<p>Apple has called and apologized for the complications. The issue was caused by my account being erroneously flagged by automated processes as malicious and was put on hold.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/JTWilliams_me\/status\/1290907684313731072\">JTWilliams<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/JTWilliams_me\/status\/1290907684313731072\">\n<p>I want to believe you, and I do believe you, but \n@Apple\n absolutely needs to say publicly and explicitly that they were wrong when they said it would damage the computer.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/al45tair\/status\/1290922317208576000\">Alastair Houghton<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/al45tair\/status\/1290922317208576000\"><p>Apple <em>really<\/em> needs to provide emergency telephone contact details to people whose accounts are put into this state. Ideally it&rsquo;d proactively get in touch to explain.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/DaveWoodX\/status\/1290903061158932482\">Dave Wood<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/DaveWoodX\/status\/1290903061158932482\"><p>Sounds like \n@Apple\n needs to look into their process for this. Make sure there are checks in place to prevent this happening to anyone else.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/9to5mac.com\/2020\/08\/05\/mistake-by-apple\/\">Ben Lovejoy<\/a> (<a href=\"https:\/\/twitter.com\/9to5mac\/status\/1291019930884804609\">tweet<\/a>):<\/p>\n<blockquote cite=\"https:\/\/9to5mac.com\/2020\/08\/05\/mistake-by-apple\/\"><p>It seems incredible that all this could happen without human intervention. Apple does, of course, have to act swiftly when there is a chance of malware in the Mac App Store, but you would have thought it would have pinged a human being to verify the situation before inconveniencing significant number of Mac users, and potentially doing permanent damage to a developer&rsquo;s reputation. Most app users will never know the story behind this, only that they bought an app, Apple told them it was malware, and they deleted it as instructed.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/jcieplinski\/status\/1291050399294787587\">Joe Cieplinski<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/jcieplinski\/status\/1291050399294787587\">\n<p>This was a big goof on Apple&rsquo;s part. I&rsquo;m glad it only lasted a day, but it should not have happened in the first place.<\/p>\n<p>False positives happen with automated systems. Apple needs a faster way to detect and reverse them. A lost day of revenue can be A LOT of money to an indie.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1291051653718843393\">Charlie Monroe<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/charlieMonroe\/status\/1291051653718843393\"><p>The lost revenue is not that big of a deal IMHO. One can deal with one day of revenue falling out. As I note in the blog post, the more damaging is the alert notifying a user that the app will damage their computer. I&rsquo;ve worked hard to earn some reputation and this damages it.<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/sixcolors.com\/link\/2020\/08\/developers-app-store-account-erroneously-flagged-as-malicious\/\">Dan Moren<\/a>:<\/p>\n<blockquote cite=\"https:\/\/sixcolors.com\/link\/2020\/08\/developers-app-store-account-erroneously-flagged-as-malicious\/\">\n<p>Apple might like to disingenuously compare itself to a brick and mortar store, but is there really an analogous case where something like this happens overnight to an independent supplier, with little ability for recourse?<\/p>\n<\/blockquote>\n\n<p id=\"apple-remote-kills-long-time-developers-apps-update-2020-08-10\">Update (2020-08-10): <a href=\"https:\/\/eclecticlight.co\/2020\/08\/09\/last-week-on-my-mac-heavy-hand-on-the-kill-switch\/\">Howard Oakley<\/a> (<a href=\"https:\/\/twitter.com\/howardnoakley\/status\/1292355155573252096\">tweet<\/a>):<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2020\/08\/09\/last-week-on-my-mac-heavy-hand-on-the-kill-switch\/\">\n<p>There&rsquo;s also the curious question as to why Apple revoked the certificate, rather than pulled one or more of Charlie&rsquo;s notarizations. When it introduced notarization, one of Apple&rsquo;s justifications was that it would provide finer control, rather than the huge and heavy-handed kill switch of revoking a certificate and blocking everything signed with that. Perhaps Apple didn&rsquo;t really mean that after all, but just wanted another level of control over your Mac?<\/p>\n<p>Apple has since apologised to Charlie Monroe for its error. It hasn&rsquo;t released any statement to reassure other developers that it&rsquo;s changing anything which might prevent such as catastrophe from happening again, nor has it explained to the billions who run third-party software on Apple products how it&rsquo;s going to prevent a recurrence &#x2013; which could readily prevent any Apple user from using their software on their computer or device.<\/p>\n<p>[&#8230;]<\/p>\n<p>Apple will no doubt try to ride this one out in silence, as it usually does in matters of security. For developers and users, that doesn&rsquo;t answer these fundamental questions.<\/p>\n<\/blockquote>\n\n<p>I&rsquo;m <a href=\"https:\/\/twitter.com\/mjtsai\/status\/1292462255011962881\">not convinced<\/a> that notarization-based blocking would work in case like this (but with actual malware), so it&rsquo;s not clear what <a href=\"https:\/\/developer.apple.com\/videos\/play\/wwdc2018\/702\/\">Apple was referring to<\/a> when it <a href=\"https:\/\/twitter.com\/howardnoakley\/status\/1292467371400200194\">said that<\/a> notarization &ldquo;provides a much better experience&rdquo; than revoking the certificate.<\/p>\n\n<p>There were so many failures here:<\/p>\n<ul>\n<li>Faulty automated system<\/li>\n<li>Lack of human review<\/li>\n<li>Blocking all the apps instead of just the particular binaries that were under suspicion<\/li>\n<li>Lack of communication with developer<\/li>\n<li>Alert saying that the apps <em>would<\/em> damage your Mac, when there was no evidence of that<\/li>\n<li>Lack of communication with users, afterwards, that the software was not in fact dangerous<\/li>\n<li>Lack of public acknowledgement of the problem with an explanation for how Apple will prevent this from happening again<\/li>\n<\/ul>\n\n<p><a href=\"https:\/\/twitter.com\/lapcatsoftware\/status\/1292461063078850561\">Jeff Johnson<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/lapcatsoftware\/status\/1292461063078850561\">\n<p>The crazy thing about the Charlie Monroe situation is that not only is there no phone # to call Apple to find out why your Developer ID cert is revoked, there&rsquo;s no # to call to report your cert was compromised! You can&rsquo;t even revoke it yourself, unlike your Mac App Store cert.<\/p>\n<\/blockquote>\n\n<p><a href=\"http:\/\/mikezornek.com\/posts\/2020\/8\/apple-gatekeeper-developer-id-program-needs-a-transparency-report\/\">Mike Zornek<\/a>:<\/p>\n<blockquote cite=\"http:\/\/mikezornek.com\/posts\/2020\/8\/apple-gatekeeper-developer-id-program-needs-a-transparency-report\/\"><p>I can&rsquo;t help but think not only should Apple turn off its automated execution of such bans but they should also move to a more nuclear-launch type system where at least two people need to turn their key. This is an incredibly destructive event for the third-party vendor like Charlie. It&rsquo;s unprofessional of Apple to have this connected to an automated system.<\/p>\n<p>Additionally, if Gatekeeper is truly about protecting the users, I don&rsquo;t see why we can&rsquo;t have a transparency report listing the identifiers that have been disabled and why. A lot of <a href=\"https:\/\/overcast.fm\/+KxFFOGVu8\/31:37\">people keep saying Apple does not abuse this power<\/a>, but there is no proof to this; it is a closed system. We only know of Charlie&rsquo;s situation because he posted it on Twitter. Considering it wasn&rsquo;t too long ago when the App Store Guidelines down right <a href=\"https:\/\/twitter.com\/benthompson\/status\/1275072296001007617\">threatened you about going public<\/a> I don&rsquo;t know if we can give Apple the benefit of the doubt here.<\/p>\n<\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/emrakul2002_2\/status\/1292377177954979840\">Emrakul2002<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/emrakul2002_2\/status\/1292377177954979840\"><p>This happened months ago with the game League of legends as well<\/p><\/blockquote>\n\n<p><a href=\"https:\/\/twitter.com\/potrebka\/status\/1292627687425466369\">A.J. Potrebka<\/a>:<\/p>\n<blockquote cite=\"https:\/\/twitter.com\/potrebka\/status\/1292627687425466369\">\n<p>Can&rsquo;t wait for Apple to accidentally revoke BMW&rsquo;s certificate so no one can open or start the cars.<\/p>\n<\/blockquote>\n\n<p id=\"apple-remote-kills-long-time-developers-apps-update-2020-08-12\">Update (2020-08-12): <a href=\"https:\/\/blog.charliemonroe.net\/a-day-without-business\/\">Charlie Monroe<\/a> (<a href=\"https:\/\/twitter.com\/charlieMonroe\/status\/1293490016115621888\">tweet<\/a>):<\/p>\n<blockquote cite=\"https:\/\/blog.charliemonroe.net\/a-day-without-business\/\"><p>Here is a quote from Apple:<\/p>\n<blockquote><p>We appreciate your patience while we continued our investigation into why your Developer ID certificate was erroneously revoked and to examine ways in which we could assist you. We determined that your app Downie 4 was erroneously identified as malicious due to invalid logic in our malware detection system. This triggered the revocation of your certificate under Section 5.4 of the Developer Program License Agreement. This should not have happened and teams across Apple have been working diligently to figure out a solution.<\/p>\n<p>Earlier today, we successfully un-revoked your Developer ID certificate. Users who were affected by the initial revocation will have app functionality restored when their OCSP cache refreshes (typically within 2 hours).<\/p><\/blockquote><\/blockquote>\n<p>See also: <a href=\"https:\/\/coreint.org\/2020\/08\/episode-430-a-little-bit-of-controversy\/\">Core Intuition<\/a>.<\/p>\n\n<p id=\"apple-remote-kills-long-time-developers-apps-update-2020-08-24\">Update (2020-08-24): <a href=\"https:\/\/pxlnv.com\/linklog\/monroe-apple-developer-account\/\">Nick Heer<\/a>:<\/p>\n<blockquote cite=\"https:\/\/pxlnv.com\/linklog\/monroe-apple-developer-account\/\">\n<p>Apple said in an apology email to Monroe that it is &ldquo;taking action to make sure this doesn&rsquo;t happen in the future&rdquo;, but what does that mean? Why isn&rsquo;t this being communicated more broadly to developers who might reasonably be spooked by this incident?<\/p>\n<\/blockquote>","protected":false},"excerpt":{"rendered":"<p>William Gallagher (also: Charlie Monroe): As Apple continues to face controversy over its App Store policies and fees, software developer Charlie Monroe has told AppleInsider that the company has killed all his apps with no warning. Each of his ten macOS apps, and two that are also iOS, remain available to buy in the App [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2020-08-04T20:33:52Z","apple_news_api_id":"4054fb59-afcd-4927-981b-e5320c4349c1","apple_news_api_modified_at":"2025-04-08T14:08:15Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAACQ==","apple_news_api_share_url":"https:\/\/apple.news\/AQFT7Wa_NSSeYG-UyDENJwQ","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[91,2749,466,1965,465,31,1667,30,32,39,1666,504,1227],"class_list":["post-29672","post","type-post","status-publish","format-standard","hentry","category-technology","tag-appstore","tag-apple-developer-account","tag-codesigning","tag-downie","tag-gatekeeper","tag-ios","tag-ios-13","tag-mac","tag-macapp","tag-macappstore","tag-macos-10-15","tag-malware","tag-top-posts"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/29672","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=29672"}],"version-history":[{"count":8,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/29672\/revisions"}],"predecessor-version":[{"id":29864,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/29672\/revisions\/29864"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=29672"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=29672"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=29672"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}