Apple Begins Rejecting Apps With 'Hot Code Push' Feature

Apple has long permitted "hot code push", a feature that allows developers to continuously deploy changes to their mobile apps and have those changes reflect in their apps instantly. This allowed developers to make quick changes to their apps without having to resubmit the new iteration and get approval from the Apple Store review team. But that's changing now. In response to a developer's query, Apple confirmed that it no longer permits "hot code push." The company told the developer: Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app's behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app's behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.

Yea but they don't

As someone who has worked on ios apps big and small, I will tell you the rules for big orgs are not the same vs small. If they want to "hot push" (ghey btw) a scheduled event in Disney Kigndoms, apple won;t say shit. If you want to "hot push" (ghey btw) an update to some pixel avatar app with 3 users, you get rejected.

Re:Yea but they don't

That's because a "hot code push" is designed for MMORPG's only. Any other game or app that wants to do this has no reason to.

MMORPG's have to push updates simultaneously to all devices and can't sit in a code review blackhole while timed events expire. So there are some games with MMORPG-like features that do this (some EA games, and several farmville clones), but there aren't any actual real MMORPG's out there for mobile devices.

Small games would never need to use this feature, since the only purpose it would have for a small game would be to sneak spyware or other rubbish into the game.

Re:Yea but they don't

No MMORPGs for mobile devices? Er, let me fix that for you:

https://play.google.com/store/apps/details?id=org.prowl.wintersunrpg
https://play.google.com/store/apps/details?id=com.foxcake.mirage.android
https://play.google.com/store/apps/details?id=com.mmo.android
etc

There are plenty of MMOs for mobile devices (just not iOS)

Re:Yea but they don't

[queazocotal]

What?
Of course they don't.
You make a new version of the app with all the content a week or whatever before, and allow it to get through whatever review process there is. At a known time, your app starts using those features.

Re:Yea but they don't

[iotaborg]

Well yeah, the CEO of Disney sits on Apple's board. Of course there will be that sort of influence and exemptions.

Re:Yea but they don't

Small games would never need to use this feature, since the only purpose it would have for a small game would be to sneak spyware or other rubbish into the game.

Nice non-sequitur you got there pal.

Re: Yea but they don't

How early do you start?

You submit a week before, you risk getting rejected

Re: Yea but they don't

[queazocotal]

So you don't tell the users until you get it approved.

Re:Yea but they don't

[Plumpaquatsch]

etc

There are plenty of MMOs for mobile devices (just not iOS)

https://duckduckgo.com/?q=mmo+...

Re: Yea but they don't

[PCM2]

And when your users start asking when you're going to roll out new content for your game, what do you tell them? Marketers have a tough enough time already.

Pray I don't change it again

[H3lldr0p]

Seriously, unless you're part of a big corp with big corp lawyers and money behind you why develop for Apple? You have to buy your way into their walled garden, give up a significant portion of sales to them, and be put through an obscured process to get approval to be published in a store. Which, if you're lucky enough to hit on something that's both novel and popular, is going to fill up with a bunch of clones within days of the first hint of success.

If you're not doing it for the fun of being repeatedly punched in the face, what are you doing it for?

Re:Pray I don't change it again

[mccalli]

Money. You're doing it for money, and that's where the app revenues are.

Re:Pray I don't change it again

Money.

Well said.

Re:Pray I don't change it again

It depends on your product and your business model. Sometimes your revenue doesn't come from selling the app, and you make it available for free, but you do want your customers to be able to access the service they paid for from their smartphones.

Re:Pray I don't change it again

Developers should care about muh freedom feelings, not their profit.

Re:Pray I don't change it again

Because nobody makes money on Android, and nobody owns Android devices.

Only iOS devices make money, and only iOS users are willing to spend money. Nobody on Android is willing to spend money when they can just run a jailbreak firmware and pirate the games.

Re:Pray I don't change it again

Because 98% of the devs never get punched in the face by Apple and false flags are few and far between?

Meanwhile I'm laughing at the poor sucks who are just finally getting graced to be upgraded to Nougat by their providers. Howl and complain about "teh wall3d ghardenz!!!111!!!" but at least I'm not at the mercy of several parties to keep my security and features up to date while dealing with a fragmented OS and hardware vendors who endlessly pass the buck.

Re:Pray I don't change it again

I think most apps individuals put up are just lottery tickets, hoping they get lucky but aren't expecting much, and also so they have something to show when applying for an iOS developer position for an actual company. If you expect to get rich quick from an app you spent a week putting together with minimal programming, design, or marketing knowledge these days, you're going to learn quickly that doesn't happen anymore.

Re:Pray I don't change it again

[jbolden]

The reason to develop for them is that Apple has a huge share of the 400m consumers who spend the most on applications.

As an aside, vertical applications don't have this problem. They aren't easy to clone as the developer often has to have business partnership relations with desktop / server / SaaS companies. You often don't have to give up a percentage as the app is included (free).

Re:Pray I don't change it again

Wikileaks says: Fuck your security.

Re:Pray I don't change it again

[tepples]

Why can't the application for accessing said service be a web application that runs in Safari for iOS?

Re:Pray I don't change it again

[rworne]

Let's see:

I'm a one man shop that does App development as a hobby while simultaneously maintaining a full time job. Having someone handle 24/7 hosting and billing and a sort of rudimentary QA on the final product (so the users will trust it better) is something of value. In many cases, costs and time would be prohibitive for a new, small shop to do all these things itself. So they do something for that 30% other than rubber stamp it.

Also, $99 is a pittance - how much do dev kits from Nintendo, Sony and Microsoft cost?

Now another poster pointing out that the rules are different for larger companies that develop on Apple's platform - yes they are. I see competing apps that violate the backgrounding policies (for good reasons) that I could never get away with if I tried.

One example is playing silent audio while streaming via DLNA from the iOS device to prevent the OS from putting the app to sleep after 10 minutes or so. A big company just does it and has done it for years without consequence. Another small developer in my niche needed to do this as well, but was forced by Apple to remove it unless there was a specific function for it. So the developer instead added a useless "visualizer" that made graphic effects to music picked up by the microphone which is then put in the background and hidden - just to get around the rules. I have not added DLNA streaming yet because of these headaches.

Re:Pray I don't change it again

This isn't a change to the rules. The rules always stated that you weren't allowed to do out-of-band updates that don't go through the review process. They're just enforcing the existing rules better.

Re:Pray I don't change it again

Ahhh. The wonders of the false sense of security that apple instills in it followers.

Re:Pray I don't change it again

[Orphis]

How much is an Apple computer? You can't compare the cost of the license without taking into account the hardware required.

Re:Pray I don't change it again

[BronsCon]

I hope you're being sarcastic... Jailbreak = iOS. On Android, we call it rooting, because the OS allows it (though some manufacturers put in measures to attempt to prevent it). If your phone isn't made by one of those manufacturers, you don't need a different firmware; hell, even if it is, there's a good chance you might not.

Aside from that, my Android phone cost more than my wife's iPhone 6 Plus (does more, too). I paid for both. I've paid for a few hundred dollars in apps and more than that in in-app purchases, she uses free apps and doesn't make in-app purchases. Android users spend money; moreso than iOS users in some cases.

Though, I guess my iPad Pro makes me an iOS user, too. Though, I use mostly free apps on that. Again, the iOS user in me spends less than the Android user.

Re:Pray I don't change it again

[Psicopatico]

400 milli-consumers? Wow that's fucking awesome!
Oh, wait a minute... is it Imperial or Metric consumers?

Re:Pray I don't change it again

[BronsCon]

at least I'm not at the mercy of several parties to keep my security and features up to date

No, you're at the mercy of one who left an attack vector you could drive a damn dump truck through open for years. What do you think "hot code push" is? It's a way to push any code you want past Apple's app review process. Submit the code without your malware, then hot-push it after approval.

I've been telling you guys it was possible for years, as well, I just couldn't discuss the details until it was public. Though, on the old slashdot, I never would have had to spell out something so simple and obvious.

The security company I reported it to (you didn't think I would go straight to Apple so they could use my ass, right?) showed me a page from a rather lengthy document they had already compiled regarding the issue and used the promise of seeing the rest of said document to coax me into signing an NDA. Of course, I obliged as I had no intent of making it public myself anyway... and I really wanted to see what apps they had found doing just this (with malware, I mean).

That's still not public yet so, while I can't list specific apps, the fact that it's a non-zero number is obvious enough that I can share it. It's not only non-zero, it's non-trivial, and the average iOS user is bound to have one or more of them installed.

Yes, Apple is going to stop allowing them through the app review process now, but they're not taking down existing apps that use the functionality. If those apps never release an update (or you don't install that update), you remain vulnerable. Again, this is a hole you could drive a truck through; once the truck is there, it's not leaving until it's good and ready to leave.

For the record, I've known of this for four years. The security consultants I spoke with had taken it to Apple two years before I figured it out; which, by the way, took me all of two minutes once I had an iPhone on my hand and started looking into various libraries that exist for iOS development.

The combination of huge and obvious just screams intentional. That Apple already has the ability to push whatever code they want screams state-sponsored. I'm not saying Google is any better with regard to Android, but I also don't have any illusions that they are.

Enjoy your "security".

Re:Pray I don't change it again

[BronsCon]

typo... I meant to write "sue my ass", but we're talking about Apple, so I guess it works either way.

Re:Pray I don't change it again

[BronsCon]

Also, $99 is a pittance - how much do dev kits from Nintendo, Sony and Microsoft cost?

The value of the hardware and R&D time that went into them and will continue going into them to keep them up to date.

How much does the binary field in your Apple account record cost, again? $99? If that's the price Apple pays for a bit, I see why they have to charge so much for their hardware.

Re:Pray I don't change it again

[hesiod]

Perhaps they want to secure the traffic with something better than HTTPS. Of course, I'd then have to ask why it's on a mobile device at all if it really needs that kind of protection.

Re:Pray I don't change it again

[angel'o'sphere]

Because iOS users are more likely to pay for an App than Android users.

And as long as I only sell Apps that cost below $3, I don't care that Apple takes a $1 as fee: I have no hassle with writing bills, sales taxes, credit card/debit card billing etc. And no hassle with: download, storage, bandwidth, license keys and and and

You must be a user instead of a developer ...

Re:Pray I don't change it again

Fix your math with knowness. Since the dev license expires in a year, I'm sure that bit is a 4-byte or 8-byte date field (depending on what database backend Apple uses). Still, your joke is somewhat funny.

Re:Pray I don't change it again

[angel'o'sphere]

I think most people that consider to write iOS Apps already have an Apple computer.

Re:Pray I don't change it again

[BronsCon]

I hadn't considered the expiration, thanks for pointing that out. We'll assume an 8-byte field, since I'm sure Apple plans on being around past 2038, in which case I estimated Apple's storage costs 64x higher than I should have. Still, they must pay a lot more for it than I do! ;-)

Re:Pray I don't change it again

[omnichad]

You're not even pedanting right. "m" is meter. If, ignoring all English-language precedent and convention you're going to assume it's a unit of measure, then it's 400 meters of consumers.

Re:Pray I don't change it again

"what are you doing it for?"

Money.

" why develop for Apple?"

Because their users spend money.

"You have to buy your way into their walled garden, give up a significant portion of sales to them, and be put through an obscured process to get approval to be published in a store."

And it's still more money made than from Android users.

" is going to fill up with a bunch of clones within days of the first hint of success"

That happens in every marketplace.

Re:Pray I don't change it again

"Jailbreak" means to break out of the "jail" that the carrier has locked your device into.

"Root" means to gain root access to the device's operating system.

You can both jailbreak and root both iOS and Android devices.

My phone cannot be jailbroken or rooted. I bought an unlocked Lumia 950XL. And since it's running Windows, it assigns Administrator (root equivalent) privileges to the first user to set it up. Its tamper-resistance doesn't come from disallowing admin access, but from lacking a lot of tools to do anything to the phone in the first place. It's the first phone I've owned that ever felt both wide open to user fiddling and simultaneously safe from user breakage.

Re:Pray I don't change it again

How is this relevant?

Re:Pray I don't change it again

[BronsCon]

Ask the person who originally asked the question I was answering how their question is relevant. My answer is relevant because the question was asked.

Re: Pray I don't change it again

[rworne]

The Mac is a general purpose computing device. The dev tools (Xcode) are free. Yes, owning a Mac is a barrier to entry, same as a PC would be for other development targets, but Macs and PCs have many other uses aside from development.

You can write iOS apps at zero cost to you and test them in a decent simulator on the Mac. If you think you have something, you can then fork over the $99 and put it on the App Store. If you own a PC instead of a Mac, then the cost of entry is based on your personal choice of computer and your target market. Obviously Android or Microsoft targets are more cost-effective for you if you run Windows, not so much for me (aside from Android).

Re:Pray I don't change it again

The "cost" of a date field record has nothing to do with how much Apple charges for a developer membership.

Re:Pray I don't change it again

[tlhIngan]

One example is playing silent audio while streaming via DLNA from the iOS device to prevent the OS from putting the app to sleep after 10 minutes or so. A big company just does it and has done it for years without consequence. Another small developer in my niche needed to do this as well, but was forced by Apple to remove it unless there was a specific function for it. So the developer instead added a useless "visualizer" that made graphic effects to music picked up by the microphone which is then put in the background and hidden - just to get around the rules. I have not added DLNA streaming yet because of these headaches.

Actually, Facebook (who did this for a few years) stopped because doing so drains the battery really quickly. A few developers were curious why they were getting really short battery life and discovered the Facebook app was running a lot because of this, and Apple had them stop.

If you do use this trick, people do know since it has a marked difference in battery life.

Re:Pray I don't change it again

"secure the traffic with something better than HTTPS"
Hilarious!

Re:Pray I don't change it again

I agree with most of your post but the end paragraph us pure troll.

"That Apple already has the ability to push whatever code they want screams state-sponsored."

Seriously? Apple has no ability to push whatever code. User can choose to not update any application or even OS. Google OTOH *can* push whatever code into Android with google play services. And you as user can't do shit about that.

One of many reasons I dumped my Android devices and went with iOS.

Re:Pray I don't change it again

[mlyle]

> and will continue going into them to keep them up to date.

Yes, but they could give all that to you free, too. Why are they allowed to recoup tools R&D cost and not Apple?

The marginal cost of all these things is low. Even the dev hardware from Nintendo, Sony, and Microsoft. The real cost is the initial development, the cost to build the first unit, and maintenance.

Re: Pray I don't change it again

You know you can opt to not automatically update an Android, right? It is not exactly difficult. I don't recall but it may even default to not automatically updating.

Re:Pray I don't change it again

[BronsCon]

Apple fills in a date field. Hell, they don't even have a PERSON fill in the date field, it's done by the same script that processes your $99 payment. The other send out physical hardware and ongoing updates to that hardware and its firmware. Apple collects 30% off the top, which they can use to fund "R&D" associated with the database field that allows you to submit software for review.

I might be cool with them charging some reasonable amount per submission. You know, to cover the cost of the review and, perhaps, a little profit. $20 per submission should cover that. I can see them actually losing money on the $99/yr license for any software that issues more than a handful of updates in a year; meanwhile, $99/yr might be cost-prohibitive for a one-man shop putting out a free app. It's a win-win for them to lower the fee and charge it per-submission, as the smaller shops can more easily absorb that $20 and the larger shops putting out more updates, and costing more than $99/yr in labor costs alone, would no longer represent a loss.

Re: Pray I don't change it again

Your comment history shows no such prior allegations. In short, I strongly suspect you're being dishonest and for no reason other than an ego boost. I am not sure why making false claims of grandiosity would boost your ego but some people are mentally ill and don't always make sense to me.

Re:Pray I don't change it again

[BronsCon]

But the cost of physical hardware has everything to do with how much Sony, Microsoft, and Nintendo charge. I was making a comparison... and a joke.

Re:Pray I don't change it again

[BronsCon]

Don't install Play services and use 3rd-party stores (like Amazon's) instead? Yeah, I can do that, actually. And yes, Apple most certainly can push whatever code they want; disclosed in the same NDA-bound document but publicly known enough that I can mention it here.

Re: Pray I don't change it again

[BronsCon]

You've reviewed a decade and a half of comment history in 3 hours? I need a data analyst as efficient and capable as you, can you please send in your resume?

Re: Pray I don't change it again

[lederhosen]

It is not enough to have a mac, you need to have a recent >=~ 2010 mac to be able to use the latest OS and xcode. Now, if anything had happened with the mac line since 2010, maybe there would be a reason except to grab money, I *guess* you can develop android apps on a 386 with enough memory, but certainly on Apple hardware from 2010 that allows *much* more memory and power than the 2017 mac "pro".

Re: Pray I don't change it again

[BasilBrush]

A 2010 Mac is not "recent".

As a matter of fact I was developing iOS apps on a 2012 Mac until last year. Then I had to work on the Android version on one, and the Mac wasn't good enough. It would compile, but it took 10 minutes to do so. Obviously that's not practical. It's Android that required me to upgrade my Mac, not iOS development.

Re:Pray I don't change it again

Usually people who want to develop iOS apps already prefer Apple products. Macs and macOS are still very useful for web and mobile app developers and developers usually earn enough money to be able to pay the Apple tax. You can also run Linux and Windows on a Mac but can't run macOS on a PC without going out of your way to make sure you have the best hardware specifically for that and it still being buggy af. Yeah, of course it sucks Apple charges more than competitors and does some annoying things, but that's what they've been doing since they started. We can nitpick all of these major tech companies, but most people put up with the negatives if the positives of using their products, for what they need to do, outweigh the negatives.

Re:Pray I don't change it again

[BasilBrush]

$99 is just a token sum to keep out the complete time wasters. Like you.

Re: Pray I don't change it again

Please read more carefully. No, you cannot opt out to automatically update google play services.

Re:Pray I don't change it again

"And yes, Apple most certainly can push whatever code they want; disclosed in the same NDA-bound document but publicly known enough that I can mention it here."

If this is publicly known can you provide any sources? I did not know about that. Otherwise it sounds like BS.

Re:Pray I don't change it again

[BronsCon]

Oh, so you know me, then? Nah, didn't think so. Why with the personal attacks?

Re:Pray I don't change it again

"Don't install Play services and use 3rd-party stores (like Amazon's) instead?"
Very funny. Removig play services will remove 40% of your phone capabilities. Want to use Google Wallet app? Nope. Want to install any DRM apps? Forget about it. If you only need phone for calling/receiving calls and web browser app, I guess it's fine. Otherwise wake up and start realizing what kind of walled garden Google is creating with their play services. Apple doesn't even come close.

In Apple products core system apps obey the same rules as other apps. You want to disable GPS for Find My iPhone but leave Find My iPhone on? No problem. Try that with google's shit. They think that their core components are allowed to do whatever they want whenever they want - including stuff that invades your privacy.

Re: Pray I don't change it again

Says a person who clearly hasn't earned a living for the last 4 years via selling iOS apps or working ar development houses with iOS offerings.

I bet your lack/miss of understanding sure distorts your perspective, understanding of this situation. You are not credible.

Re: Pray I don't change it again

How about you instead link to your comment(s) where you've been telling us it was possible for years?

Re:Pray I don't change it again

No. It's about access to the API on the device, because it provides functionality not available to a browser.

Re:Pray I don't change it again

[BronsCon]

Very funny. Removig play services will remove 40% of your phone capabilities.

Until you realize there are other app stores and *BAM* you've got that all back!

Want to use Google Wallet app? Nope.

You don't trust Google not to push malware to your phone, but you want to trust them with your financial credentials? Seems legit.

Want to install any DRM apps? Forget about it

Unless you use Amazon's store, or... well, there are others but I'm not familiar with them.

If you only need phone for calling/receiving calls and web browser app, I guess it's fine.

Right, then you wouldn't bother installing any of the other stores. But, if you want to do more... and I'm repeating myself here... you can install another store.

Otherwise wake up and start realizing what kind of walled garden Google is creating with their play services.

The kind where you can uninstall them and install something else?

Apple doesn't even come close.

As a user of both iOS (iPad Pro) and Android, I agree. My Android devices are much more capable; though my iPad Pro wins the tablet war on battery life alone.

In Apple products core system apps obey the same rules as other apps.

Or so the settings screens tell you.

You want to disable GPS for Find My iPhone but leave Find My iPhone on?

I'm not sure why you'd do that, it would render the feature nearly useless, but sure. No problem.

Try that with google's shit.

Found the option. Done. I don't trust it any more or less than the same option in iOS; if either company wants to give a false sense of security, they easily can.

They think that their core components are allowed to do whatever they want whenever they want

You haven't looked at Android since Gingerbread, have you? There have been 8 major versions released since then; and iOS was no better back then, either.

Including stuff that invades your privacy.

You mean like sending wi-fi locations, visible cell towers, GPS location, and speed? Yes, you can disable that by turning off location services (and, thus, disabling maps functionality); but you can also do the same on Android.

Again, if you trust the settings screen to do what you tell it to.

Re: Pray I don't change it again

[BronsCon]

Because I don't care enough whether you believe me or not to skim through well over 100 pages of comment history to find it. If you do, have at it.

Re: Pray I don't change it again

[Miamicanes]

> Seriously, unless you're part of a big corp with big corp lawyers
> and money behind you why develop for Apple?

Ok, here's a challenge: write an Android-only app to collaborate or organize some kind of group activity, then try to get any real-world group (besides literal Android developers) to USE it. The moment somebody realizes it can't be used by group members with iPhones & iPads, your app will become dead and irrelevant to that group, unless it's LITERALLY a group overwhelmingly comprised of Android users (or whose leaders can get away with brushing off the complaints of iOS users). To be viable and be taken seriously now, you HAVE to support both platforms.

Re: Pray I don't change it again

[Miamicanes]

Because browser-based webapps fscking SUCK compared to any halfway-competent native app. Javascript is dog-ass slow on mobile devices, and the user experience is AWFUL. Go ahead, go compare the experience of using walmart.com, amazon.com, or homedepot.com to the experience of using their native apps. It's a night & day difference. The webapps are a minefield of continually-reflowing content with a knack for changing the spot you were trying to touch 250ms ago into some goddamn other link. My blood pressure usually goes up by at least 40mmHg due to frustrated rage whenever I'm forced to use some awful webapp on a mobile device (especially when content reflows the moment before I touch the screen, triggering something that takes 30 seconds or more to recover from).

Re:Pray I don't change it again

Not really.
If Sony, etc thought that giving the dev kits away helped make more money in the long run, they'd do so.
Conversely, if they wanted to set a barrier to entry or make sure developers were serious, they'd price it much higher than the cost of goods.

Re:Pray I don't change it again

You cannot remove GPS permission from google play services. If you remove google play services you don't have access to Wi-Fi based location and google maps.
And stop the other app stores bullshit. It is ridiculous. Do you use Google Mail? I do (as do most people). Are you saying the app will work without other google core components? Yeah, didn't think so.

But I don't trust google to manage my whole phone with my gmail credentials. On Android using Gmail means being logged with Google credentials on your phone and having all apps access to these auth parameters. On iPhone it is isolated to the only app I need - Mail. I don't need google tracking me via account I'm logged into device every time I browse web.

You can easily disable Wi-Fi based location on iOS.

Not sure why would I keep "Find My iPhone" and remove its GPS access? Find My iPhone enables device iCloud lock. You know the thing where if someone steals your phone it's worth the components cost if that. Why disable GPS? Because I don't care where my phone is when it's stolen (knowing that last location was under bridge in some shady neighborhood doesn't exactly help). At the same time I don't trust Apple (or any company) with my location. I consider it privacy invasion. I can disable that no problem on iOS. Can't do that without crippling phone on Android.

Gingerbread? Please! I've been with android till version 4.4. Up until google stopped supporting it on my Nexus device 1 year after I bought it. I had to modify a fucking kernel for my phone so that the piece of shit doesn't overheat. I have 4 years old iOS devices that are running latest Apple OS with all relevant security fixes. Google doesn't give two shits about your security. All they care about is invading your privacy and making $ from it. Fuck google.

Re:Pray I don't change it again

[BasilBrush]

Because whining about the $99 in every iOS development thread for the last 10 years *is* time-wasting. It's a trivial sum. If you think it's significant, then you are not a developer, you're a time waster.

Re: Pray I don't change it again

[sexconker]

I've been reading and trolling Slashdot for quite some time. I don't recognize you or any such allegations you claim to have made.

Put up or shut up.

But beyond your little jerkoff session, of COURSE Apple can push code to devices without user intervention. Anyone who ever thought otherwise is a fool.

Re:Pray I don't change it again

[BronsCon]

First of all, I'm not whining about it, nor have I been doing so for the last 10 years, or in every iOS development thread.

Second, as an iOS developer, I've paid it. Many times over. That doesn't mean I don't understand why others complain about it, which is what I was explaining above, in response to a direct question.

So, as I said before: you know me, then? Nah, didn't think so. Why with the personal attacks?

Re: Pray I don't change it again

[corychristison]

The issue is 3 things in my opinion:

1) shitty developers that don't understand how to actually build web applications anymore. They rely on 10 different monolithic libraries to render a simple page that basic html/css would do fine without the JS.

2) stupid bosses that want to track every touch you make, every link you click, and every scroll you make. Each action needs to phone home every time you do one of those things.

3) poor optimization on the browser side. Honestly Firefox runs freaking great on my two year old Android based device. On the other hand, Apple devices have exactly one browser engine you can use. I suspect they keep it bloated and slow to push developers to build "Apps" so they can get their cut of the revenue.

I develop custom, web based, business software for a living. Mobile accessible and mobile friendly are a necessity these days, and I somehow manage to pull It off without any of the performance issues you mentioned above.

Re:Pray I don't change it again

[tepples]

I thought Progressive Web Apps could access device functionality, such as the camera, microphone, location, orientation, etc. Or is Apple deliberately withholding device functionality from JavaScript? To which particular "functionality not available to a browser" are you referring?

Re:Pray I don't change it again

[Hognoxious]

Submit the code without your malware, then hot-push it after approval.

It doesn't even need to be that.

"It's only a two line change, it doesn't need the full testing & QA rigmarole". We've all done that, right?

Re:Pray I don't change it again

[BronsCon]

I'm just writing about what I've confirmed, but yes, that would probably work as well.

Especially if you originally submit with:

if (false) {
//malware code here
}

Then it literally is just a two line change.

As an aside, it seems Slashdot has fallen on the "neither" side of the tabs/spaces argument, as I tried both and it seems to want to eat my indentation regardless. Yes, my code is properly indented.

Surprised

[tonyyeb]

Surprised they ever allowed developers to do this? Surely in defiance of the objective of it being checked in the first place if you can just change it once approved.

Re:Surprised

They have allowed developers to do this for a while -- but they have not 'long allowed' it, for sure.

so each new map needs to wait for the app store

[Joe_Dragon]

so each new map in a game needs to wait for the app store review system to push it out?

Re:so each new map needs to wait for the app store

A map is data not code.

Re:so each new map needs to wait for the app store

[fred6666]

the distinction between code and data can be blurry

Re:so each new map needs to wait for the app store

It's not though. If it has any instructions that are executed, it is code.

Re:so each new map needs to wait for the app store

[Joe_Dragon]

so any game

with map scripts in new maps needs the review
pinball games each new table needs the review
driving games needs a review for a new track
games with levels needs an review to add new levels?

Re:so each new map needs to wait for the app store

If you don't separate your data updates from your code updates, then yes. But you should also go back to programming school.

Re:so each new map needs to wait for the app store

[Joe_Dragon]

not that but under apples rules that data = code

Re:so each new map needs to wait for the app store

[angel'o'sphere]

A map is data, not code.

Or you seriously did something wrong.

Re:so each new map needs to wait for the app store

[omnichad]

In case they didn't spell it out plainly enough, lots of games are developed using a scripting language for the level data themselves. Going back as far as the old Sierra adventure games. I'm not sure if code that runs through an interpreter counts as a violation, though they could easily write an "interpreter" that passes just about anything as a live command if they set it up that way from the start.

Re:so each new map needs to wait for the app store

[BradleyUffner]

A map is data, not code.

The line is fuzzy. What if the "data" for your map says that when the user walks over a specific location, call a specific function? What if those functions can accept information about the state of the game at that point? What if that map data can contain multiple function calls? At some point that map data starts to look like a script, and scripts look an awful lot like code.

Re:so each new map needs to wait for the app store

[angel'o'sphere]

As long as the code is already in the App ... there is no problem.

Oh me, oh my...

[Quakeulf]

The apple doesn't fall far from the tree.

"not in compliance"

Haha-ha-haha, your walled garden is run by legalist tryants!

For Good Reason

... Disney has a content policy / brand / reputation that is very similar to Apple's, so Apple knows that the user experience will not be poor. Some random developer on the other hand can make the app do the opposite of what it was intended using hot push.

Re:For Good Reason

[dgatwood]

"Could" is the operative word. By this same logic, every adult male has the tools required to commit rape. Therefore, any time a single adult male is out on the streets after dark without being part of a large group, we must incarcerate him to ensure that he doesn't use those tools for that purpose. See how silly that reasoning sounds when shifted into a different problem space?

Rationally, Apple should penalize developers that abuse this capability to deliberately ship features that they know would be rejected by Apple, such as using private SPIs, egregiously violating app store rules, etc. Anything short of that line is probably a reasonable thing to do (e.g. patching functions to fix a serious crash more quickly). Punish the app when the developer uses the feature in a way that harms users, and not before.

Re: For Good Reason

[Shepanator]

Wow, that's one hell of a false equivalence argument.

Re:For Good Reason

[FatdogHaiku]

...See how silly that reasoning sounds...

That's the whole point of drawing a false parallel and then appling reductio ad absurdum, right?

Re: For Good Reason

[dgatwood]

How is that false equivalence? The original argument is that the only thing preventing everybody from doing bad things is oversight by other people. That's prima facie absurd. Most people will do the right thing even without being watched by other members of their peer group, police, etc. In much the same way, most developers will not abuse the ability to hot patch their code merely because they have that ability.

Re:For Good Reason

[parkinglot777]

I actually agreed with the parent logic, but the reason for Apple to do this, for me, is to save their behind in the future. The prevention is not about what's going on right now (most people are doing the right thing), but it is to save their own behind in the future from even one misused case. The breech through the Internet is a lot more difficult to stop, let alone the cost to detect. Even those who are doing the right thing could make a mistake and open a hole to those who are looking to exploit.

Anyway, I don't defend Apple of doing so, but I am trying to understand why they do it.

Re: For Good Reason

The original argument is that the only thing preventing everybody from doing bad things is oversight by other people. That's prima facie absurd.

It's also the primary argument for having a tightly curated, closed ecosystem App Store model like Apple has.

Re: For Good Reason

[dgatwood]

It's also the primary argument for having a tightly curated, closed ecosystem App Store model like Apple has.

No, not really. You're conflating "someone" with "everyone" here. The closed ecosystem provides a benefit because the odds are high that someone will do something bad. Bans on hot-patching provides a benefit only if you assume that everyone will do something bad. This difference is subtle, but critical.

Apple has a number of protections to prevent malicious apps from causing harm—blacklisting an app so that it won't even launch, removing the app from the store, banning the developer from submitting new apps, etc., all of which are made possible by that closed ecosystem. These allow Apple to provide oversight that prevents bad people from doing bad things, and are necessary because it isn't absurd to believe that some people will try to do so. What's absurd is assuming that all developers (or even a large percentage of developers) will risk destroying their reputation and livelihood to do bad things unless Apple nit-picks every single submission into the ground.

More to the point, curation is about minimizing the risk of getting complete junk apps, not about preventing bad people from doing bad things in app that only become visible after the fact. There's nothing Apple can realistically do in an app review that could detect malicious code, because it is entirely trivial for an app to ask a server what to do and then either behave normally or maliciously depending on the response. That behavior could be hard-coded into an app, and Apple would never realistically be able to detect it. The only way you could prevent a malicious developer from doing that would be to ban apps that make Internet requests. Thus, banning hot patching cannot possibly have any effect on whether malicious developers can create apps that cause harm, because it isn't necessary for apps to use hot patching to cause harm. It isn't really even all that helpful.

What hot patching can do is allow developers to flagrantly ignore app store policies. And it makes sense for Apple to crack down on developers who use it in that way, in much the same way that it makes sense for police to arrest people who commit crimes. It doesn't make sense to ban the technology under the theory that if Apple doesn't crack down constantly, the developers will all run amok, in much the same way that it doesn't make sense for police to arrest everyone because a few people might commit crimes.

Recipe for disaster

[JustAnotherOldGuy]

"Apple has long permitted "hot code push", a feature that allows developers to continuously deploy changes to their mobile apps and have those changes reflect in their apps instantly. This allowed developers to make quick changes to their apps without having to resubmit the new iteration and get approval from the Apple Store review team."

Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

Who thought having this capability was a good idea?

Re:Recipe for disaster

[Ronin+Developer]

Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.

Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.

Re:Recipe for disaster

Not so much that is was permitted as that the existing rules were not actively enforced.

Re:Recipe for disaster

[BitZtream]

It has NEVER been allowed for the exact reasons you state and a whole bunch more.

NEVER.

It has been against the rules since DAY ONE and that was NEVER changed.

The only 'allowed' before was that Apple wasn't detecting it and stopping it. They are now detecting it and stopping it.

It was never 'permitted'.

Re:Recipe for disaster

[Anubis+IV]

Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.

Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.

Enterprise apps don't have to go through the review process because they aren't in the App Store in the first place. They're distributed privately, with the enterprise signing each app using a cert and each employee's device being configured to accept apps signed by that cert. Updates can be deployed directly to employee devices, as a result.

As for apps using this feature, I know that a variety of games download content updates outside of the App Store, though if I had to guess, I'd wager that when Plants vs. Zombies 2 and Final Fantasy Record Keeper say they're downloading new content, it's just a package of art assets and the like that the existing executable knows how to parse. If it is arbitrary code, however, I'd also wager that I'll suddenly see those games issuing a lot more frequent updates, given that FFRK pushes out content updates 1-2 times per week as it is.

Re:Recipe for disaster

[thomn8r]

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

It's called Windows Update

Re:Recipe for disaster

[cfalcon]

> In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

That's absolutely the risk.

> Who thought having this capability was a good idea?

I think it is for online games and other situations where a bug might otherwise mean a server outage until it could go through a code review. It's still a terrible idea.

Anyway, I would suspect that the timing of this is not a coincidence, given the vulnerabilities alluded to in the news recently.

Re:Recipe for disaster

[chispito]

Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

Who thought having this capability was a good idea?

The same people who invented JavaScript?

Re:Recipe for disaster

[mad7777]

Who thought having this capability was a good idea? Well... the inventors of the worldwide web, for one thing. Remember that old thing? It allowed users to download content and code (ok, it's Javascript, but it's still code), without anyone's permission. It was called the open internet. What a weird idea!

Re:Recipe for disaster

There are two problems devs are trying to solve:
1) Unless you can force users to upgrade, or unless you can turn off features, you're stuck with broken, buggy clients.
Often the percentage of these is high.
Other than stranding these users, or "hotpushes", can you think of another way to solve the problem?
2) Developer velocity
For larger apps, the amount of things that change in the app is large. Since risk is related non-linearly with the amount of change, waiting a week for the next version of the app incurs much more risk (for the user, for the dev) than getting the app's changes out there more often.

There is away Apple could solve this problem: Approve apps daily or faster.

Re:Recipe for disaster

This is only the mechanism. The real problem is the same one Google experienced with the Chrome store.

That is, people would sell their popular apps/extension to 3rd parties.. Who would then load them up with malware that would get pushed during automatic updates. Effectively a bait and switch.

Re:Recipe for disaster

[Jeremi]

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

Isn't this also true for Javascript-embedded-in-a-web-page?

In both cases, the only thing standing between the user and catastrophic fiery death is the security of the execution environment -- either the sandbox keeps the malware from causing damage, or it doesn't. At least in the Apple Store case, the downloaded code is authenticated as coming from a known/registered developer, so there is some (slim) chance of them being held accountable for anything negligent/malicious they might do to your phone.

Re: Recipe for disaster

Interesting how you contradict yourself and act as if you're making a point or proving something.

In short, it was allowed. It was against the rules but it was allowed, as in it was not prevented.

Re:Recipe for disaster

[whh3]

Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

Who thought having this capability was a good idea?

The same people who invented JavaScript?

Or major developers like Mozilla and LibreOffice Microsoft and ...

The list could go on forever. The point of this functionality is that, as users, the programs we run can immediately be patched with the latest updates so that security threats, when discovered, can be mitigated immediately. Consider that Apple might sit on an update for several weeks while it reviews changes. At the same time, the user is exposed to the security vulnerability that the developer is attempting to close.

I completely agree that this is not without serious risk. Users are going to be exposed to the possibility that these hot fixes are dangerous per se and could expose the user to malicious behavior. However, the upside is tremendous and to not recognize that possibility is short sighted.

Re:Recipe for disaster

What do inventors of WWW have in common with Javascript?
Yeah, right. NOTHING. Good troll though.

Re:Recipe for disaster

[JustAnotherOldGuy]

In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

It's called Windows Update

Yep, before you could simply say "no", but thanks to Microsoft, the "no" button has been removed.

"Install updates? Click 'Yes' to continue or 'Yes' to continue."

They are worried about the CIA

[jafiwam]

Seems like the timing of this might be related to the information released by WikiLeaks about what the CIA has been doing. Being able to get into just about any mobile or IoT device for example.

Re:They are worried about the CIA

[seoras]

Or that this news story gave them the excuse, or just cause, to do what they've been wanting to do for a long time.
Apple must have been too afraid of upsetting any of the large publishers to have let it go on for so long.
It smacks more of opportunistic timing than of being reactionary.

Developers care about eating

[mveloso]

You can't eat open source revenues. Most of the open source devs work for some corp or another, after all.

I see that...

[BronsCon]

Apple is finally closing the back door that allowed malware to get passed the app review process, though they won't admit that's why. I can talk about it now that it's finally being fixed, I'm just astonished that it's taken them this long!

And all of you thought I was crazy for saying it was possible.

Re:I see that...

[BronsCon]

Whoever modded this interesting, thank you for countering the troll mod. No trolling going on here. Maybe a little flamebait at that link, though, if complete honesty about something people don't want to hear can be considered flamebait.

Re:I see that...

[BasilBrush]

To back up the claim that you've been saying this for 4 years, you'd have to do a link to a post of yours from 4 years ago. Not one from today.

Re:I see that...

[BronsCon]

I wasn't attempting to back up the claim that I said it 4 years ago; in fact, I didn't say it here until, if I recall correctly, some time last year when I had an iOS fanboi up my ass with how insecure Android is (but he can't talk about it because NDA) while iOS is supposedly perfectly secure. Of course, as I was (and still am) under NDA, I stayed a bit more tight-lipped than he did about it.

Beyond that, I honestly don't care if you believe me; at least not enough to be bothered to go through over 100 pages of comment history to look for proof. Page 100 goes as far back as the beginning of February 2016; I may have said it before then, I may have said it after then, and if it really bothers you that much you can look it up yourself.

I've seen you around and generally respect your positions, but I'm not above telling you when you're wrong, nor am I low enough that I feel the need to bend over backward to prove it. I'm sure you've seen me around, as well, enough to have already foreseen this type of reply.

so much for supporting iThingies

[mad7777]

In one fell swoop, Apple just broke all Meteor apps, and probably any other hybrid framework.

So I suppose we're all supposed to develop iOS apps using Apple-proprietary technologies now? No thanks. I'm old enough to remember the open internet, before the invasion of the phone-pokers.

What I'm trying to wrap my head around is where they draw the somewhat arbitrary line between downloading content and downloading functionality. I mean, any app that connects to the internet has the potential to download not just user comments, pictures, videos, and HTML, but also code, which might be executed on the client. What if my server pushes an image of a QR code to every client, which allows them to pay with bitcoin, thereby bypassing the 30% appstore surcharge? What if I want to display a web page in my app, which, by its very nature, is not approved by Apple's draconian bureaucrats??

Re:so much for supporting iThingies

So I suppose we're all supposed to develop iOS apps using Apple-proprietary technologies now?

You were ALWAYS supposed to develop iOS apps using Apple-proprietary technologies. I'm not sure how you could have ever thought otherwise.

Re:so much for supporting iThingies

[BasilBrush]

Web content, including Javascript is an explicit exception to the rule banning downloading code.

And if Apple know you're charging a fee, via whatever method, to get around app store fees, then they'll reject the app.

It's bitztream

The autism-hating, custom EpiPen-hating, Musk-hating Slashdot troll!

Webview wrapper

So... My app is mainly a webview that displays a webapp from a remote server, and the webapp is hosted by various people who bought the hardware that runs it. I have the power to push a new webapp without telling Apple, and customers will get it when they pull in their updates. I would rather have the webapp there, accessible by vendor-neutral browsers too, than put it all in the IPA. Does that make my iOS app rejectable now?

Edgy fucks always ruin it for everybody

[0xdeadbeef]

It is apparently in response to something called Rollout.io, and looking at what it does, holy fucking hell, how the fuck has such a thing existed as long as it has, and why did those dumb fucks think Apple would be cool with them hot-patching code?

What concerns me is

This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior or call SPI [sic],

which means no method swizzling and no introspection, which is absurd. You can't even implement many idiomatic Objective-C patterns without respondsToSelector. Maybe the key is "arbitrary parameters", though in that case, they should be looking for calls to NSSelectorFromString, not these methods.

This is also seems to rule out calling a web service through a JavaScript front-end published by the server. And hell, most jailbreak checks call dlopen. Apple will be screwing over anti-cheat and anti-piracy techniques so they can enforce their own security theater.

Re:Edgy fucks always ruin it for everybody

[balbeir]

Yeah that rollout.io thing looks like it's designed to circumvent the apple app store rules. Very robust business plan.

"We're hiring". Probable not any more.

Re:Edgy fucks always ruin it for everybody

[BasilBrush]

That kind of dynamic programming is more or less dead when you switch to Swift anyway.

Facebook?

[R.Mo_Robert]

The description of "hot code push" sounds like something Facebook and Messenger are doing on iOS. They both change the location of buttons (and occasionally some functionality)--like moving the Messages icon in the Facebook app to the top left and replacing it with a useless Marketplace icon--without needing to submit a new app, among other continual and usually annoying changes in Messenger itself. (Or at least the change isn't obviously correlated with a new app version; they don't write real changelogs, instead using a generic "we continually update this app" nonsense, and the app continues to function like it did before...until one day when it doesn't.)

I'm sure there are potentially malicious uses of hot code push rather than just annoying ones like certain apps seem to be doing, but if it makes them stop doing it too, I'll be happy enough.

Re:Facebook?

[BasilBrush]

I don't know specifically about those apps. But many apps do it as a natural result of them being little more than web-apps running in web-view.

Re:Facebook?

[R.Mo_Robert]

I don't know specifically about those apps. But many apps do it as a natural result of them being little more than web-apps running in web-view.

Yeah, I think Facebook tried that with their early iOS app (or at least they said it was "HTML5"), but I believe a few years ago they rewrote it to be "native." Not sure if they've gone back or what (or just hybridized), but both it and especially Messenger keep changing more than you'd expect for a typical app.

Good. It levels the playing field on store ratings

[seoras]

If you publish on iTunes App store, as I do, you'll know that releasing a new version has the knock on effect of lowering your installs due to 2 things that happen on each new release:
1) iTunes App's have 2 ratings. An all time rating and a current version rating which goes to 0 on updates causing your app to lose popularity with installers.
2) iTunes keyword ranking is affected by current rating, not significantly, but enough to drop you a few places and 1/2 your installs until (1) improves again.
The App store is stagnating because of this. I see too many rivals who update every year or two. It creates complacency.
"Hot push" would have been for security reasons, which I'm all for. It does also have a nice side effect of preventing ratings gaming.
Apple's rumoured to be making App ratings more like Google Play in iOS 10.3.
I do hope so.

Android doesn't give two shits about malware

At least Apple is doing something about this type of adware/malware. Is it inconvenient for developers? Sure. But I'll take secure applications as a consumer.

Android doesn't give a shit about malware or applications downloading binary code from non google update servers? You disabled updates? Tough luck, we'll just slip this code in. In fact google is doing this with their play services. You can't even disable the autoupdate for google services. Google is like malware.

Re:Good. It levels the playing field on store rati

Make your application not suck and the ratings will come. Stop gaming the iTunes ratings.

What is a "hot push"?

What are the limits of a "hot push", so if my CMS sends a new title image, is that a hot push? Or if I create a new level for my game? Or if I add an extension to my photo editor?

Why was this allowed in the first place...

and what can I do to identify such apps already installed on my machine and purge them?

Biggest culprits

Yeah, I'm pretty sure they are going to ban Dropbox now that they went public with Stormcrow being used on mobile devices https://blogs.dropbox.com/tech/2017/03/introducing-stormcrow/ to turn on/off features after app review. Or maybe not.

So,

[BitztreamNotARealNam]

How's life in the hypocrite lane?

Uber

[jtara]

Anyone else notice the correlation between this and Uber walking-back Greyball?

I suspect Apple threatened the nuclear option. Greyball would definitely qualify for removal from the App Store on the broader issue here of undisclosed/changing app behavior as well as just plain out-and-out fraud.

I would have rather seen Uber removed from the App Store, though, than whatever back-room deal was made. There was no second chance, for example, for Kepeli/Dash. (Dash is an offline API documentation reader app. The author got bounced permanently when he let his sister use his developer account and she allegedly posted fraudulent reviews for her own app.)