Mac App Store Apps 'Damaged' Following Security Certificate Bug

An anonymous reader writes: A slew of complaints are emerging against Apple after users were forced to delete and re-install Mac App Store apps in the wake of a major security management error. The problem manifested with the apparent expiry of security certificates which validated the apps, but even after the certificates were updated yesterday to expire in 2035, the problems were not resolved; some users were unable to verify the new certificates, and others could not even connect to the internet. In some cases the programs had to be reinstalled from scratch, deleting the user's existing settings.

It's not Apple's fault!

You're using the store wrong..

Valid for 20 Years

[andreas.hummelbrunne]

That can't be a good idea to make the certificate valid for 20 years.

Re: Valid for 20 Years

[bill_mcgonigle]

What happens in 20 years when the store is unavailable? Does the system require cryptographically-secure date validation from Mothership?

The classic emulator crowd of 2034 wants to know.

Re:Valid for 20 Years

[The-Ixian]

That is assuming that the certificate revocation system is working properly or even implemented at all.

Re:Valid for 20 Years

[macs4all]

That can't be a good idea to make the certificate valid for 20 years.

Why not, since they can be Revoked at any time?

Welcome to the world of the future.

Applications are now compiled to self destruct after their security certificates "expire".

No doubt, when the developers seek to recompile or rebuild their applications so they can distribute them again, they'll have to use a newer version of the SDK that only supports the most recent version of the host operating system, thereby forcing users to upgrade lest their programs begin to die out one by one. So much for "don't upgrade if you don't want to, nobody is forcing you to do that".

Recently, I've had the pleasure of dealing with a couple of operating systems from the past. OS/2 Warp 4.52 Server, Mac OS X Server 1.2v3 (yes, 1.2, not 10.2, I'm talking about the version that was born out of the ashes of OpenSTEP and NeXTSTEP), Windows Server 2003 R2, Windows XP, and the more newer Windows Embedded Standard 2009 POSReady (basically Windows XP SP4 with official support from Microsoft through to 2019).

In every case, I couldn't believe how fast things landed up running, how utterly minimalistic the user interfaces were, and how much power I had over the computer. For the first time in a long time, I felt like I was interacting with a set of tools that were designed to get shit done and stay out of my way. Sure, some of them were a bit of a pain in the ass to setup and configure (OS/2 and Mac OS X Server in particular), but hey- they come from an era of computing where people were actually expected to know what the fuck they were doing.

Of course, when I returned home later that day, I had a pile of unavoidable updates sitting on my Windows 10 box that absolutely had to be installed, cause it was my "free" upgrade from Windows 7 and what not. My iMac was bitching about some other updates as well, plus I had to deal with this very issue because I'd foolishly downloaded and installed a couple of apps from the Mac App Store. Later that same night, Adobe Flash Player got locked out of Safari again so I had to update that, and then I landed up spending another 20 minutes trying to disable SIP on a 10.11 install off an external disk drive because apparently OS X doesn't think you need to be able to write to places like /usr anymore (so much for a Unix-like system).

I'm kinda getting tired of all this modern day technology that panders to the idiot masses who can't be trusted with something as simple as file folders. I want hardware, I want tools, that do what I tell them to do, when I tell them to do it. I don't need any of this hand holding nanny bullshit or this security nonsense that's "for my own good". Kinda makes me wish I still had my Thinkpad T61, Nokia 8801, HP hx4705 Pocket PC, and my iPod Classic. Pretty old stuff by today's standards, but it all worked, and barring hardware failures I could have kept that stuff running forever. Life is way too short to be worrying about what idiotic GUI overhaul next year's software is going to carry or what updates Microsoft or Apple are trying to shove down your throat today.

Re:Welcome to the world of the future.

[Flavianoep]

Just use some GNU/Linux, or better, GNU/Hurd, if you want so much stand apart from the "masses".

Re:Welcome to the world of the future.

[supercrisp]

I don't think it's just protecting against idiot users. It's also about shoving us into the "cloud" where we can be somehow monetized, either by network access, storage volume, or information collection. Why else would iPhoto drop local networking except to put your photos in Apple's servers? Or Android Marshmallow require you to allow MTP every time you hook up a USB cable except to make noncloud file exchange a little bit more of a PITA? Sure there's "curation" at the Apple Store, but there's also control, information gathering, the possibility of add revenue and so on. I guess I sound cynical, but I'm not sure you can actually be cynical enough about all this.

Re:Welcome to the world of the future.

[PopeRatzo]

My iPhone's getting old, too.

Re:Welcome to the world of the future.

[Lord_Jeremy]

Bzzzt! Mac and iOS applications can be re-signed using a new private key/certificate pair without recompiling. This is especially useful for the dozens of enterprise iOS apps that I've built for customers. These apps are signed with an Apple Enterprise Distribution cert so they can be installed directly on devices without using the app store or going through the approval process. Their provisioning always expires after one year though so I have an automated method of unpacking the apps, replacing the old provisioning file, repacking and resigning them. Existing devices with the apps can just have new provisioning files pushed to them over the air. (I've been in this business for almost three years)

SIP is an extremely effective security feature, but of course it's also extremely annoying. /usr/local is where you should be writing to. Or /opt/local in the Unix style. Either of those locations are whitelisted for writing. As are all the system-level locations that users are supposed to put various plugins, extensions, or configurations. Furthermore, disabling SIP just requires booting off the recovery partition and running one command in Terminal.

The intent of these features like code signing and SIP is absolutely NOT about pandering to the idiot masses. Apple isn't worried that some moron is going to open up /System/Library and say "hey who put all these files here? off to the trash you go!" They're more concerned that your flash player updater is tainted and when it asks for root to install an internet plugin it also installs malware or patches your launchd with a rootkit. Kext and application signing makes it relatively trivial for them to protect virtually all Mac users from malware. Unless you've disabled Gatekeeper the OS will refuse to run anything for which the signing cert was revoked. SIP makes the system virtually immune to any sort of malicious system patching such as key loggers or rootkits without a serious kernel exploit. These methods don't guarantee perfect security but they do make it much harder to attack OS X, as well as make updates to OS X more effective at protecting against existing malware.

Re:Welcome to the world of the future.

[Lord_Jeremy]

Photos doesn't support local networking because it's an entirely new application and Apple is notorious for being extremely minimalist when they redesign things. Their product design team was tasked to come up with the "perfect" photo app and that means older features that very few people use go out the window. Apple really really really doesn't care about information monetization, it's just not part of their business model. It does genuinely seem like their leadership believes protecting user privacy is more valuable to them than the snooping. If you use a Mac and iPhone or iPad you should just use iCloud Photos. It makes your photo organization and synchronization much easier and from my perspective there are little to no downsides.

As I think would be evident, Apple is obsessed with design. I just read a reviewer talking about the new Apple wireless keyboard/mouse/trackpad combo. They basically said that compared to others you can buy, it's a shitty keyboard because the design is so unique. But the unique design is obviously exactly what they were going for and there are a lot of customers that will appreciate it. If you want to be cynical about Apple, then you just need to be scared that they'll make things that are focused on design over functionality. They may even redesign something YOU liked because THEY didn't like it.

Re:Welcome to the world of the future.

[david_thornley]

Apple works hard on usability and sometimes misses (hockey puck mouse, anyone?). The Apple idea is that functionality is what their customers can use easily, rather than what someone like Linus can use easily, and with that criterion they do try for functionality.

Re:Welcome to the world of the future.

[Zaphoddd]

Um. Photo's doesn't support local networking because they know the dollars come when you put yourself in the middle. Why do you think companies love cloud infrastructure? Because Data centers are fun to run? Because they want to protect people for local events? Because storage is order of mag cheaper than its ever been? *** They want to be squarely in-between people and their data. And once the data is firmly encased in the cloud, they will set up a toll booth. *** They will then modulate the terms and prices so as to exact the maximum profit over the longest term.

In what bizarro universe does it make more sense to look at your photos with TV by first sending them to a data center in North Carolina? It makes no sense. Unless you know that 75% of users will stay with a service where all their photo's are. Even through service changes, TOS changes, and price increases.

This same week we witnessed Microsoft unilaterally change their terms of service - on the Unlimited plan they sold just the week before. "By unlimited - we mean very limited." Why would you trust 'the Cloud'?

1. They could disappear tomorrow . Wikipedia lists about 40 photo sharing sites, about 18 of which are recently defunct.
2. They secure your data with "hope and good will".
3. They are unnecessary. The shortest distance between the laptop and the tv is through Cupertino and Washington
4. The terms of the agreement you make with them could not be more one sided. Essentially: we may change anything, at anytime.

Its not a question of 'design' its a question of long term profit around access to data.
As far as the Cert issue - you are being conditioned by Apple and Microsoft to let them be the gatekeeper of your personal devices. Its simple, the same way your drill calls Craftsman before it lets you put in a new drill bit. The same way your Chevy, sends a message to Detroit with your picture and gps info, every time you take a trip. The same way your fridge keeps an inventory of what you put in it, and sends that back to LG everytime you open the door. The same way the police in your town track your license plate at 12 different intersections across town, and photograph and build a map of where you've gone, storing forever. In the same way your ISP decodes all your traffic and logs it with your local government.

Its normal for your computer to verify every application you run with them. Because they know. And they know best. You should just trust them. And their ability to turn off apps from 3000 miles away is good for you and for all of us. Because those bad hackers can't defeat that process, and us good corporation would never mess up or make mistakes. And its not like you need have programs to run, or would ever need to use a program when you're offline. And if they don't want you to run it, then you shouldn't run it anyway.

You willfully accept any problems the company purposefully or accidentally imposes.

Web serfers

The joys of not controlling what you supposedly own.

Re:Web serfers

[dilvish_the_damned]

The joys of not controlling what you supposedly own.

Some people wax poetic for yesteryear of scratched CDs and lost keys.
And some don't.

Re: Apple "security" in action.

I'll bet the 8 people using GNU/HURD are really grateful they don't have to contend with this drama.

Mac App Store Apps...

[Flavianoep]

Was that title written by the "apps apping apps" guy?

Annoying lack of communication from Apple

[hackertourist]

I noticed something odd was going on when yesterday morning my OS wanted me to sign into the App Store to 'validate' a program I purchased recently.

Now I have to read about the cause on a news website instead of hearing directly from Apple (you know, the people who already have my email address along with those of all their customers).

Re:Annoying lack of communication from Apple

[macs4all]

I noticed something odd was going on when yesterday morning my OS wanted me to sign into the App Store to 'validate' a program I purchased recently.

Now I have to read about the cause on a news website instead of hearing directly from Apple (you know, the people who already have my email address along with those of all their customers).

More people would bitch about "being spammed" than would appreciate the notification, of that I am sure.

And when was the last time Microsoft or your friendly Linux Distro, sent you such a Notification?

Re:Annoying lack of communication from Apple

[macs4all]

And when was the last time Microsoft or your friendly Linux Distro, sent you such a Notification?

I didn't pay for Windows 10 and I didn't pay for any linux or BSD I've ever used so I don't really expect much in terms of proactive service.

Hey, dumbass: First off, why should the cost of the OS make a difference?

But more to the point: Apparently you don't realize that OS X is also FREE, and has been for the past three Major Releases.

. Oh, and before you start bleating about how Macs are so expensive, blah, blah, that they should come with free OS Updates for life, blah, blah; realize that nowhere has Apple promised that, EVER.

Stupid fuck.

Re: Apple "security" in action.

[arglebargle_xiv]

Oh come on now, you're exaggerating things just a bit there.

There can't be more than three people using HURD. Four, tops.

Re: Apple "security" in action.

[behrooz0az]

Holly shit, I know half of the people using hurd.

So much bullshit in this summary

[BitZtream]

Let's start with user settings. User settings are neither stored with the app not digitally signed or encrypted. They are buried in a semi hidden folder that resides in the users home directory. Deleting an app doesn't delete your settings. It can't. Intentionally.

You can't really 'update' a cert once it's been used, so if something expired all apps with that cert in they're chain of trust would need to be resigned to validate them. There is no way to magically make apps signed with the old cert work with a new one. That would be a massive whole in the entire PKI process.

I'm not saying something didn't break, but the summary is 100% factually incorrect.

Re:So much bullshit in this summary

[Maury+Markowitz]

Crap, I wrote the exact same thing before seeing this post.

Wasted a lot of my time

[daq+man]

So, the thing that got hit for me was 1Password. So I couldn't log into websites because 1Password wouldn't run. Fortunately I could use the synced copy on my phone and type in the passwords by hand but the whole reason for using a password manager is so that I can use passwords that are long sequences of random characters which are no fun to type by hand! I found that it was an App store problem from the Mac Rumors website. Running the App caused a box to pop up saying the App was corrupted, to delete it and re-install. So I followed the instructions and, guess what? I couldn't re-download from the App store!

This whole idea of having software that quits working based on some random policy is useless. I want software that I buy and is there when I need it. Not checking if some certificate has expired or that I paid a subscription or some other BS.

I've been using Macs since 1985, yes I use Windows and Linux too but Macs were always what I used at home because I could write a file five or ten years ago and still open it. That's fading away. Notice I wrote "what I used at home", I'm shopping around.

Let's score this

[Maury+Markowitz]

"some users were unable to verify the new certificates, and others could not even connect to the internet. In some cases the programs had to be reinstalled from scratch, deleting the user's existing settings."

Ok, let's look at this...

1) some users were unable to verify the new certificates

Sure, I buy that.

2) others could not even connect to the internet

I call BS, App certs do not have any use whatsoever in the TCP stack. I'm sure people had problems, but it wasn't due to this.

3) the programs had to be reinstalled from scratch, deleting the user's existing settings

I call BS on that too. The app settings are in a text file in the user directories, you can go and open them in your favorite text editor right now. Re-installing an app does not overwrite these settings, which is *the whole reason* they're done this way. It is possible that app did that, but that's a bug in the app and has nothing to do with certs.

Crappy reportage.

Re:Let's score this

[_xeno_]

I call BS, App certs do not have any use whatsoever in the TCP stack. I'm sure people had problems, but it wasn't due to this.

If the app in question is a VPN app, then it's entirely possible that they literally could not connect to the Internet with the app disabled.

Alternatively what's meant is that they couldn't connect to the Internet at the time and were therefore locked out of their legitimately purchased apps until whatever time they could connect to the Internet. Not everyone has a 24/7 Internet connection. (Seems unlikely for someone who can afford the huge expense of an Apple product, but whatever.)

I call BS on that too. The app settings are in a text file in the user directories, you can go and open them in your favorite text editor right now. Re-installing an app does not overwrite these settings, which is *the whole reason* they're done this way. It is possible that app did that, but that's a bug in the app and has nothing to do with certs.

I could have sworn part of removing an app via the App Store (or via Launchboard or whatever it's called) is that it deletes all the app's data as part of the process, just like it does under iOS.

Re:Let's score this

[MachineShedFred]

On OS X, there are two places (by convention) where it is always safe for an application to write anything, because of the file permissions system. Those are:
  ~/Library/Application Support
  ~/Library/Preferences

The first location is meant for user-specific plugins and metadata per application (e.g. ~/Library/Application Support/Firefox/Bookmarks). The second is the place that user-specific preferences and settings get written, in a reverse-DNS style filename for the app so that it doesn't get stomped by other apps: ~/Library/Preferences/com.apple.iTunes.plist for example.

Neither of these things are deleted if you delete the app, which is stored under /Applications/MyCoolApp.app. It's been this way since NeXTSTEP, and it sure didn't change at the launch of the App Store.

Re: Apple "security" in action.

[Maury+Markowitz]

I wrote about the HURD in Dr. Dobbs circa 2000.

Good to see the user base has doubled.

Re:Still not as buggy as fallout 4

[MachineShedFred]

Spoken like someone trapped in an elevator.

Re:Apple "security" in action.

[MachineShedFred]

Has to be a troll. Reasoning:

... real operating systems such as GNU/Hurd...

Not OK.

[American+AC+in+Paris]

I like Apple. I think that Apple does a lot of things right, and that a lot of criticism of Apple is motivated by historical grudges (on the part of techies) and petulance (on the part of business types.)

That said, this is a stupid, bad mistake. Happily, it's a hiccough, and not likely to have long-term technical ramifications. Unhappily, it's a really, really stupid oversight that should be basically automated--if not by a script, then by a business process.

I believe that walled gardens are an important part of a computing ecosystem where the vast majority of the population consists of casual users. That said, you can not afford to make stupid, easily avoidable mistakes in maintaining it.

I've made my peace with the fact that devs are expected to make an extra slog to get our stuff into the walled garden, and I understand why that is. We do that so that our users can live in a space that they don't need to cultivate themselves any more than they want to. But if we're willing to put up with that extra slog ourselves, It's not okay for our users to have to deal with this sort of thing, too.

Re:I finally broke away from Apple and Mac's

[macs4all]

El Capitan was simply a abortion compared to what used to be a solid OS X. What happened to it Apple???

Not excusing El Capitan, or Apple; but people who have used Apple OSes for longer than a version or two, know that it is best to resist the temptation to Upgrade to a new "Major Release" of OS X until it gets a few "Point Releases" (usually about 4) under its belt.

I suspect the reason for this is not that Apple OS Devs. can't write code; but that Apple, unlike Microsoft, actually pretty much continuously (at least pretty much annually) makes significant changes to OS X (99% of the time in the name of "improvements" or "new features"). This means that, everytime there is a switch from one "Cat" to another (or recently, one "Landmark" to another), a whole bunch of stuff under the hood (and some UI stuff) gets changed. All things being equal, this means that each time that happens, some people run into issues, hate some changes, etc.

Think about it: The parade of new stuff in OS X touted in every WWDC is generally pretty eye-popping. I dare say, other than the reviled Interface-Formerly-Known-As-Metro, there really haven't been as many changes in Windows for the past 4 or 5 Major Releases, as there are in OS X from one Major Release to another.

So, as I said, because of this more rapid progress (and most of it is actually "progress"), most OS X Users "in the know" simply wait a bit until the bugs get ironed out, THEN decide if they want to upgrade.

For example, I'm still rocking 10.9 "Mavericks" on my main MBP; because of the WiFi issues in Yosemite (which finally got ironed out), and the multiple issues in El Capitan, many of which are ironed out as of 10.11.1 (but I'm still going to wait a bit more).

It's the same old story: Those on the bleeding edge occasionally get hurt. And it is still true: Nobody FORCES you to Upgrade. A little common sense (and a look at "history") goes a long way to a happy computing experience, regardless of Platform.

And if you think you "Traded Up" by switching from OS X to Windows 10...

Pro Tip...

[zarmanto]

It is actually possible to delete an app without deleting the associated data -- it's just not particularly user friendly, as it requires a full device backup-and-restore operation. In short: perform a backup of all device data to a computer* (as opposed to iCloud). Then, find the synced copy of the problematic app binary on your computer -- likely, buried somewhere within the iTunes Media folder. Delete that binary from your computer -- but not from the iOS device -- perform a full wipe of the iOS device, and restore from the backup you just made. iTunes will be unable to reinstall the app itself for you, but it will restore the data associated with that app. Then, simply re-download a fresh copy of the app from the App Store, and you should be good-to-go, with no data loss.

* Note that I've only personally tested this procedure on a Mac; it's possible that some steps are slightly different on Windows based computers.

Re:Pro Tip...

[BasilBrush]

Note for others: That information is about preserving iPhone app data using a Mac as a tool. As such it has nothing to do with this slashdot story about Mac apps from the Mac App Store.

Re:Still not as buggy as fallout 4

[Miguelito]

First game I've had that's crashed on my PS4... twice now.

At least it's been a full day apart and pretty rare, and still enjoyable overall.

Re: It's a non-issue.

[BasilBrush]

Worst thing ever. I may need counselling.