Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple Begins Rejecting Apps With 'Hot Code Push' Feature (apple.com)

Posted by msmash on from the assuming-control dept.

Apple has long permitted "hot code push", a feature that allows developers to continuously deploy changes to their mobile apps and have those changes reflect in their apps instantly. This allowed developers to make quick changes to their apps without having to resubmit the new iteration and get approval from the Apple Store review team. But that's changing now. In response to a developer's query, Apple confirmed that it no longer permits "hot code push." The company told the developer: Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app's behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app's behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.

83 of 149 comments (clear)

  1. Yea but they don't by Anonymous Coward · · Score: 2, Interesting

    As someone who has worked on ios apps big and small, I will tell you the rules for big orgs are not the same vs small. If they want to "hot push" (ghey btw) a scheduled event in Disney Kigndoms, apple won;t say shit. If you want to "hot push" (ghey btw) an update to some pixel avatar app with 3 users, you get rejected.

    1. Re:Yea but they don't by queazocotal · · Score: 2

      What?
      Of course they don't.
      You make a new version of the app with all the content a week or whatever before, and allow it to get through whatever review process there is. At a known time, your app starts using those features.

    2. Re:Yea but they don't by iotaborg · · Score: 1

      Well yeah, the CEO of Disney sits on Apple's board. Of course there will be that sort of influence and exemptions.

    3. Re: Yea but they don't by queazocotal · · Score: 1

      So you don't tell the users until you get it approved.

    4. Re:Yea but they don't by Plumpaquatsch · · Score: 1

      etc

      There are plenty of MMOs for mobile devices (just not iOS)

      https://duckduckgo.com/?q=mmo+...

      --
      Of course news about a fake are Fake News.
    5. Re: Yea but they don't by PCM2 · · Score: 1

      And when your users start asking when you're going to roll out new content for your game, what do you tell them? Marketers have a tough enough time already.

      --
      Breakfast served all day!
  2. Pray I don't change it again by H3lldr0p · · Score: 2, Insightful

    Seriously, unless you're part of a big corp with big corp lawyers and money behind you why develop for Apple? You have to buy your way into their walled garden, give up a significant portion of sales to them, and be put through an obscured process to get approval to be published in a store. Which, if you're lucky enough to hit on something that's both novel and popular, is going to fill up with a bunch of clones within days of the first hint of success.

    If you're not doing it for the fun of being repeatedly punched in the face, what are you doing it for?

    1. Re:Pray I don't change it again by mccalli · · Score: 4, Informative

      Money. You're doing it for money, and that's where the app revenues are.

    2. Re:Pray I don't change it again by tepples · · Score: 1

      Why can't the application for accessing said service be a web application that runs in Safari for iOS?

    3. Re:Pray I don't change it again by rworne · · Score: 5, Insightful

      Let's see:

      I'm a one man shop that does App development as a hobby while simultaneously maintaining a full time job. Having someone handle 24/7 hosting and billing and a sort of rudimentary QA on the final product (so the users will trust it better) is something of value. In many cases, costs and time would be prohibitive for a new, small shop to do all these things itself. So they do something for that 30% other than rubber stamp it.

      Also, $99 is a pittance - how much do dev kits from Nintendo, Sony and Microsoft cost?

      Now another poster pointing out that the rules are different for larger companies that develop on Apple's platform - yes they are. I see competing apps that violate the backgrounding policies (for good reasons) that I could never get away with if I tried.

      One example is playing silent audio while streaming via DLNA from the iOS device to prevent the OS from putting the app to sleep after 10 minutes or so. A big company just does it and has done it for years without consequence. Another small developer in my niche needed to do this as well, but was forced by Apple to remove it unless there was a specific function for it. So the developer instead added a useless "visualizer" that made graphic effects to music picked up by the microphone which is then put in the background and hidden - just to get around the rules. I have not added DLNA streaming yet because of these headaches.

      --
      I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
    4. Re:Pray I don't change it again by Anonymous Coward · · Score: 1

      This isn't a change to the rules. The rules always stated that you weren't allowed to do out-of-band updates that don't go through the review process. They're just enforcing the existing rules better.

    5. Re:Pray I don't change it again by Orphis · · Score: 4, Insightful

      How much is an Apple computer? You can't compare the cost of the license without taking into account the hardware required.

    6. Re:Pray I don't change it again by BronsCon · · Score: 1

      I hope you're being sarcastic... Jailbreak = iOS. On Android, we call it rooting, because the OS allows it (though some manufacturers put in measures to attempt to prevent it). If your phone isn't made by one of those manufacturers, you don't need a different firmware; hell, even if it is, there's a good chance you might not.

      Aside from that, my Android phone cost more than my wife's iPhone 6 Plus (does more, too). I paid for both. I've paid for a few hundred dollars in apps and more than that in in-app purchases, she uses free apps and doesn't make in-app purchases. Android users spend money; moreso than iOS users in some cases.

      Though, I guess my iPad Pro makes me an iOS user, too. Though, I use mostly free apps on that. Again, the iOS user in me spends less than the Android user.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    7. Re:Pray I don't change it again by BronsCon · · Score: 1, Interesting

      at least I'm not at the mercy of several parties to keep my security and features up to date

      No, you're at the mercy of one who left an attack vector you could drive a damn dump truck through open for years. What do you think "hot code push" is? It's a way to push any code you want past Apple's app review process. Submit the code without your malware, then hot-push it after approval.

      I've been telling you guys it was possible for years, as well, I just couldn't discuss the details until it was public. Though, on the old slashdot, I never would have had to spell out something so simple and obvious.

      The security company I reported it to (you didn't think I would go straight to Apple so they could use my ass, right?) showed me a page from a rather lengthy document they had already compiled regarding the issue and used the promise of seeing the rest of said document to coax me into signing an NDA. Of course, I obliged as I had no intent of making it public myself anyway... and I really wanted to see what apps they had found doing just this (with malware, I mean).

      That's still not public yet so, while I can't list specific apps, the fact that it's a non-zero number is obvious enough that I can share it. It's not only non-zero, it's non-trivial, and the average iOS user is bound to have one or more of them installed.

      Yes, Apple is going to stop allowing them through the app review process now, but they're not taking down existing apps that use the functionality. If those apps never release an update (or you don't install that update), you remain vulnerable. Again, this is a hole you could drive a truck through; once the truck is there, it's not leaving until it's good and ready to leave.

      For the record, I've known of this for four years. The security consultants I spoke with had taken it to Apple two years before I figured it out; which, by the way, took me all of two minutes once I had an iPhone on my hand and started looking into various libraries that exist for iOS development.

      The combination of huge and obvious just screams intentional. That Apple already has the ability to push whatever code they want screams state-sponsored. I'm not saying Google is any better with regard to Android, but I also don't have any illusions that they are.

      Enjoy your "security".

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    8. Re:Pray I don't change it again by BronsCon · · Score: 1

      typo... I meant to write "sue my ass", but we're talking about Apple, so I guess it works either way.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    9. Re:Pray I don't change it again by hesiod · · Score: 1

      Perhaps they want to secure the traffic with something better than HTTPS. Of course, I'd then have to ask why it's on a mobile device at all if it really needs that kind of protection.

    10. Re:Pray I don't change it again by angel'o'sphere · · Score: 1

      Because iOS users are more likely to pay for an App than Android users.

      And as long as I only sell Apps that cost below $3, I don't care that Apple takes a $1 as fee: I have no hassle with writing bills, sales taxes, credit card/debit card billing etc. And no hassle with: download, storage, bandwidth, license keys and and and

      You must be a user instead of a developer ...

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    11. Re:Pray I don't change it again by angel'o'sphere · · Score: 1

      I think most people that consider to write iOS Apps already have an Apple computer.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    12. Re: Pray I don't change it again by rworne · · Score: 2

      The Mac is a general purpose computing device. The dev tools (Xcode) are free. Yes, owning a Mac is a barrier to entry, same as a PC would be for other development targets, but Macs and PCs have many other uses aside from development.

      You can write iOS apps at zero cost to you and test them in a decent simulator on the Mac. If you think you have something, you can then fork over the $99 and put it on the App Store. If you own a PC instead of a Mac, then the cost of entry is based on your personal choice of computer and your target market. Obviously Android or Microsoft targets are more cost-effective for you if you run Windows, not so much for me (aside from Android).

      --
      I tried every decent and legal way I could think of to resolve the issue w/the business before I rented the chicken suit
    13. Re:Pray I don't change it again by tlhIngan · · Score: 1

      One example is playing silent audio while streaming via DLNA from the iOS device to prevent the OS from putting the app to sleep after 10 minutes or so. A big company just does it and has done it for years without consequence. Another small developer in my niche needed to do this as well, but was forced by Apple to remove it unless there was a specific function for it. So the developer instead added a useless "visualizer" that made graphic effects to music picked up by the microphone which is then put in the background and hidden - just to get around the rules. I have not added DLNA streaming yet because of these headaches.

      Actually, Facebook (who did this for a few years) stopped because doing so drains the battery really quickly. A few developers were curious why they were getting really short battery life and discovered the Facebook app was running a lot because of this, and Apple had them stop.

      If you do use this trick, people do know since it has a marked difference in battery life.

    14. Re:Pray I don't change it again by mlyle · · Score: 1

      > and will continue going into them to keep them up to date.

      Yes, but they could give all that to you free, too. Why are they allowed to recoup tools R&D cost and not Apple?

      The marginal cost of all these things is low. Even the dev hardware from Nintendo, Sony, and Microsoft. The real cost is the initial development, the cost to build the first unit, and maintenance.

    15. Re:Pray I don't change it again by BronsCon · · Score: 1

      Apple fills in a date field. Hell, they don't even have a PERSON fill in the date field, it's done by the same script that processes your $99 payment. The other send out physical hardware and ongoing updates to that hardware and its firmware. Apple collects 30% off the top, which they can use to fund "R&D" associated with the database field that allows you to submit software for review.

      I might be cool with them charging some reasonable amount per submission. You know, to cover the cost of the review and, perhaps, a little profit. $20 per submission should cover that. I can see them actually losing money on the $99/yr license for any software that issues more than a handful of updates in a year; meanwhile, $99/yr might be cost-prohibitive for a one-man shop putting out a free app. It's a win-win for them to lower the fee and charge it per-submission, as the smaller shops can more easily absorb that $20 and the larger shops putting out more updates, and costing more than $99/yr in labor costs alone, would no longer represent a loss.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    16. Re:Pray I don't change it again by BronsCon · · Score: 1

      But the cost of physical hardware has everything to do with how much Sony, Microsoft, and Nintendo charge. I was making a comparison... and a joke.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    17. Re:Pray I don't change it again by BronsCon · · Score: 1

      Don't install Play services and use 3rd-party stores (like Amazon's) instead? Yeah, I can do that, actually. And yes, Apple most certainly can push whatever code they want; disclosed in the same NDA-bound document but publicly known enough that I can mention it here.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    18. Re: Pray I don't change it again by BronsCon · · Score: 1

      You've reviewed a decade and a half of comment history in 3 hours? I need a data analyst as efficient and capable as you, can you please send in your resume?

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    19. Re: Pray I don't change it again by lederhosen · · Score: 1

      It is not enough to have a mac, you need to have a recent >=~ 2010 mac to be able to use the latest OS and xcode. Now, if anything had happened with the mac line since 2010, maybe there would be a reason except to grab money, I *guess* you can develop android apps on a 386 with enough memory, but certainly on Apple hardware from 2010 that allows *much* more memory and power than the 2017 mac "pro".

    20. Re: Pray I don't change it again by BasilBrush · · Score: 1

      A 2010 Mac is not "recent".

      As a matter of fact I was developing iOS apps on a 2012 Mac until last year. Then I had to work on the Android version on one, and the Mac wasn't good enough. It would compile, but it took 10 minutes to do so. Obviously that's not practical. It's Android that required me to upgrade my Mac, not iOS development.

    21. Re:Pray I don't change it again by BasilBrush · · Score: 1

      $99 is just a token sum to keep out the complete time wasters. Like you.

    22. Re:Pray I don't change it again by BronsCon · · Score: 1

      Oh, so you know me, then? Nah, didn't think so. Why with the personal attacks?

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    23. Re:Pray I don't change it again by BronsCon · · Score: 1

      Very funny. Removig play services will remove 40% of your phone capabilities.

      Until you realize there are other app stores and *BAM* you've got that all back!

      Want to use Google Wallet app? Nope.

      You don't trust Google not to push malware to your phone, but you want to trust them with your financial credentials? Seems legit.

      Want to install any DRM apps? Forget about it

      Unless you use Amazon's store, or... well, there are others but I'm not familiar with them.

      If you only need phone for calling/receiving calls and web browser app, I guess it's fine.

      Right, then you wouldn't bother installing any of the other stores. But, if you want to do more... and I'm repeating myself here... you can install another store.

      Otherwise wake up and start realizing what kind of walled garden Google is creating with their play services.

      The kind where you can uninstall them and install something else?

      Apple doesn't even come close.

      As a user of both iOS (iPad Pro) and Android, I agree. My Android devices are much more capable; though my iPad Pro wins the tablet war on battery life alone.

      In Apple products core system apps obey the same rules as other apps.

      Or so the settings screens tell you.

      You want to disable GPS for Find My iPhone but leave Find My iPhone on?

      I'm not sure why you'd do that, it would render the feature nearly useless, but sure. No problem.

      Try that with google's shit.

      Found the option. Done. I don't trust it any more or less than the same option in iOS; if either company wants to give a false sense of security, they easily can.

      They think that their core components are allowed to do whatever they want whenever they want

      You haven't looked at Android since Gingerbread, have you? There have been 8 major versions released since then; and iOS was no better back then, either.

      Including stuff that invades your privacy.

      You mean like sending wi-fi locations, visible cell towers, GPS location, and speed? Yes, you can disable that by turning off location services (and, thus, disabling maps functionality); but you can also do the same on Android.

      Again, if you trust the settings screen to do what you tell it to.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    24. Re: Pray I don't change it again by BronsCon · · Score: 1

      Because I don't care enough whether you believe me or not to skim through well over 100 pages of comment history to find it. If you do, have at it.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    25. Re: Pray I don't change it again by Miamicanes · · Score: 1

      > Seriously, unless you're part of a big corp with big corp lawyers
      > and money behind you why develop for Apple?

      Ok, here's a challenge: write an Android-only app to collaborate or organize some kind of group activity, then try to get any real-world group (besides literal Android developers) to USE it. The moment somebody realizes it can't be used by group members with iPhones & iPads, your app will become dead and irrelevant to that group, unless it's LITERALLY a group overwhelmingly comprised of Android users (or whose leaders can get away with brushing off the complaints of iOS users). To be viable and be taken seriously now, you HAVE to support both platforms.

    26. Re: Pray I don't change it again by Miamicanes · · Score: 1

      Because browser-based webapps fscking SUCK compared to any halfway-competent native app. Javascript is dog-ass slow on mobile devices, and the user experience is AWFUL. Go ahead, go compare the experience of using walmart.com, amazon.com, or homedepot.com to the experience of using their native apps. It's a night & day difference. The webapps are a minefield of continually-reflowing content with a knack for changing the spot you were trying to touch 250ms ago into some goddamn other link. My blood pressure usually goes up by at least 40mmHg due to frustrated rage whenever I'm forced to use some awful webapp on a mobile device (especially when content reflows the moment before I touch the screen, triggering something that takes 30 seconds or more to recover from).

    27. Re:Pray I don't change it again by BasilBrush · · Score: 1

      Because whining about the $99 in every iOS development thread for the last 10 years *is* time-wasting. It's a trivial sum. If you think it's significant, then you are not a developer, you're a time waster.

    28. Re: Pray I don't change it again by sexconker · · Score: 1

      I've been reading and trolling Slashdot for quite some time. I don't recognize you or any such allegations you claim to have made.

      Put up or shut up.

      But beyond your little jerkoff session, of COURSE Apple can push code to devices without user intervention. Anyone who ever thought otherwise is a fool.

    29. Re:Pray I don't change it again by BronsCon · · Score: 1

      First of all, I'm not whining about it, nor have I been doing so for the last 10 years, or in every iOS development thread.

      Second, as an iOS developer, I've paid it. Many times over. That doesn't mean I don't understand why others complain about it, which is what I was explaining above, in response to a direct question.

      So, as I said before: you know me, then? Nah, didn't think so. Why with the personal attacks?

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    30. Re: Pray I don't change it again by corychristison · · Score: 1

      The issue is 3 things in my opinion:

      1) shitty developers that don't understand how to actually build web applications anymore. They rely on 10 different monolithic libraries to render a simple page that basic html/css would do fine without the JS.

      2) stupid bosses that want to track every touch you make, every link you click, and every scroll you make. Each action needs to phone home every time you do one of those things.

      3) poor optimization on the browser side. Honestly Firefox runs freaking great on my two year old Android based device. On the other hand, Apple devices have exactly one browser engine you can use. I suspect they keep it bloated and slow to push developers to build "Apps" so they can get their cut of the revenue.

      I develop custom, web based, business software for a living. Mobile accessible and mobile friendly are a necessity these days, and I somehow manage to pull It off without any of the performance issues you mentioned above.

    31. Re:Pray I don't change it again by tepples · · Score: 1

      I thought Progressive Web Apps could access device functionality, such as the camera, microphone, location, orientation, etc. Or is Apple deliberately withholding device functionality from JavaScript? To which particular "functionality not available to a browser" are you referring?

    32. Re:Pray I don't change it again by Hognoxious · · Score: 1

      Submit the code without your malware, then hot-push it after approval.

      It doesn't even need to be that.

      "It's only a two line change, it doesn't need the full testing & QA rigmarole". We've all done that, right?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    33. Re:Pray I don't change it again by BronsCon · · Score: 1
      I'm just writing about what I've confirmed, but yes, that would probably work as well.

      Especially if you originally submit with:

      if (false) {
      //malware code here
      }

      Then it literally is just a two line change.

      As an aside, it seems Slashdot has fallen on the "neither" side of the tabs/spaces argument, as I tried both and it seems to want to eat my indentation regardless. Yes, my code is properly indented.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  3. Surprised by tonyyeb · · Score: 4, Insightful

    Surprised they ever allowed developers to do this? Surely in defiance of the objective of it being checked in the first place if you can just change it once approved.

  4. so each new map needs to wait for the app store by Joe_Dragon · · Score: 1

    so each new map in a game needs to wait for the app store review system to push it out?

    1. Re:so each new map needs to wait for the app store by fred6666 · · Score: 1

      the distinction between code and data can be blurry

    2. Re:so each new map needs to wait for the app store by Joe_Dragon · · Score: 1

      so any game

      with map scripts in new maps needs the review
      pinball games each new table needs the review
      driving games needs a review for a new track
      games with levels needs an review to add new levels?

    3. Re:so each new map needs to wait for the app store by Joe_Dragon · · Score: 1

      not that but under apples rules that data = code

    4. Re:so each new map needs to wait for the app store by angel'o'sphere · · Score: 1

      A map is data, not code.

      Or you seriously did something wrong.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
    5. Re:so each new map needs to wait for the app store by omnichad · · Score: 1

      In case they didn't spell it out plainly enough, lots of games are developed using a scripting language for the level data themselves. Going back as far as the old Sierra adventure games. I'm not sure if code that runs through an interpreter counts as a violation, though they could easily write an "interpreter" that passes just about anything as a live command if they set it up that way from the start.

    6. Re:so each new map needs to wait for the app store by BradleyUffner · · Score: 1

      A map is data, not code.

      The line is fuzzy. What if the "data" for your map says that when the user walks over a specific location, call a specific function? What if those functions can accept information about the state of the game at that point? What if that map data can contain multiple function calls? At some point that map data starts to look like a script, and scripts look an awful lot like code.

    7. Re:so each new map needs to wait for the app store by angel'o'sphere · · Score: 1

      As long as the code is already in the App ... there is no problem.

      --
      Cost free eBook I read (by iBook/Kobo/Amazon/ObookO/Gutenberg etc.): "The Green Odyssey" by Philip Jose Farmer.
  5. Oh me, oh my... by Quakeulf · · Score: 1

    The apple doesn't fall far from the tree.

  6. Recipe for disaster by JustAnotherOldGuy · · Score: 5, Interesting

    "Apple has long permitted "hot code push", a feature that allows developers to continuously deploy changes to their mobile apps and have those changes reflect in their apps instantly. This allowed developers to make quick changes to their apps without having to resubmit the new iteration and get approval from the Apple Store review team."

    Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

    In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

    Who thought having this capability was a good idea?

    --
    Just cruising through this digital world at 33 1/3 rpm...
    1. Re:Recipe for disaster by Ronin+Developer · · Score: 1

      Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.

      Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.

    2. Re:Recipe for disaster by Anubis+IV · · Score: 3, Informative

      Hot fixes such as this should be limited to enterprise apps only - i.e. apps that don't affect the world.

      Was the hot fix permitted for all apps or just enterprise apps? If the former, then it should be definitely be removed.

      Enterprise apps don't have to go through the review process because they aren't in the App Store in the first place. They're distributed privately, with the enterprise signing each app using a cert and each employee's device being configured to accept apps signed by that cert. Updates can be deployed directly to employee devices, as a result.

      As for apps using this feature, I know that a variety of games download content updates outside of the App Store, though if I had to guess, I'd wager that when Plants vs. Zombies 2 and Final Fantasy Record Keeper say they're downloading new content, it's just a package of art assets and the like that the existing executable knows how to parse. If it is arbitrary code, however, I'd also wager that I'll suddenly see those games issuing a lot more frequent updates, given that FFRK pushes out content updates 1-2 times per week as it is.

    3. Re:Recipe for disaster by thomn8r · · Score: 2

      In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      It's called Windows Update

    4. Re:Recipe for disaster by cfalcon · · Score: 1

      > In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      That's absolutely the risk.

      > Who thought having this capability was a good idea?

      I think it is for online games and other situations where a bug might otherwise mean a server outage until it could go through a code review. It's still a terrible idea.

      Anyway, I would suspect that the timing of this is not a coincidence, given the vulnerabilities alluded to in the news recently.

    5. Re:Recipe for disaster by chispito · · Score: 1

      Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

      In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      Who thought having this capability was a good idea?

      The same people who invented JavaScript?

      --
      The Daddy casts sleep on the Baby. The Baby resists!
    6. Re:Recipe for disaster by mad7777 · · Score: 1

      Who thought having this capability was a good idea? Well... the inventors of the worldwide web, for one thing. Remember that old thing? It allowed users to download content and code (ok, it's Javascript, but it's still code), without anyone's permission. It was called the open internet. What a weird idea!

      --
      Might makes right irrelevant.
    7. Re:Recipe for disaster by Jeremi · · Score: 1

      In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      Isn't this also true for Javascript-embedded-in-a-web-page?

      In both cases, the only thing standing between the user and catastrophic fiery death is the security of the execution environment -- either the sandbox keeps the malware from causing damage, or it doesn't. At least in the Apple Store case, the downloaded code is authenticated as coming from a known/registered developer, so there is some (slim) chance of them being held accountable for anything negligent/malicious they might do to your phone.

      --


      I don't care if it's 90,000 hectares. That lake was not my doing.
    8. Re:Recipe for disaster by whh3 · · Score: 1

      Is it just me or does this seem like a recipe for disaster, ripe for abuse in the worst possible ways? And not just by the developer, but by anyone who hacks the developer's tool chain or system.

      In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      Who thought having this capability was a good idea?

      The same people who invented JavaScript?

      Or major developers like Mozilla and LibreOffice Microsoft and ...

      The list could go on forever. The point of this functionality is that, as users, the programs we run can immediately be patched with the latest updates so that security threats, when discovered, can be mitigated immediately. Consider that Apple might sit on an update for several weeks while it reviews changes. At the same time, the user is exposed to the security vulnerability that the developer is attempting to close.

      I completely agree that this is not without serious risk. Users are going to be exposed to the possibility that these hot fixes are dangerous per se and could expose the user to malicious behavior. However, the upside is tremendous and to not recognize that possibility is short sighted.

      --
      remove nospam. to email!
    9. Re:Recipe for disaster by JustAnotherOldGuy · · Score: 1

      In other words, you could push the most intrusive, malevolent, destructive code to a user's device at will with no oversight.

      It's called Windows Update

      Yep, before you could simply say "no", but thanks to Microsoft, the "no" button has been removed.

      "Install updates? Click 'Yes' to continue or 'Yes' to continue."

      --
      Just cruising through this digital world at 33 1/3 rpm...
  7. They are worried about the CIA by jafiwam · · Score: 3, Insightful

    Seems like the timing of this might be related to the information released by WikiLeaks about what the CIA has been doing. Being able to get into just about any mobile or IoT device for example.

    1. Re:They are worried about the CIA by seoras · · Score: 1

      Or that this news story gave them the excuse, or just cause, to do what they've been wanting to do for a long time.
      Apple must have been too afraid of upsetting any of the large publishers to have let it go on for so long.
      It smacks more of opportunistic timing than of being reactionary.

  8. Developers care about eating by mveloso · · Score: 2

    You can't eat open source revenues. Most of the open source devs work for some corp or another, after all.

  9. I see that... by BronsCon · · Score: 2, Interesting

    Apple is finally closing the back door that allowed malware to get passed the app review process, though they won't admit that's why. I can talk about it now that it's finally being fixed, I'm just astonished that it's taken them this long!

    And all of you thought I was crazy for saying it was possible.

    --
    APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    1. Re:I see that... by BronsCon · · Score: 1

      Whoever modded this interesting, thank you for countering the troll mod. No trolling going on here. Maybe a little flamebait at that link, though, if complete honesty about something people don't want to hear can be considered flamebait.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
    2. Re:I see that... by BasilBrush · · Score: 1

      To back up the claim that you've been saying this for 4 years, you'd have to do a link to a post of yours from 4 years ago. Not one from today.

    3. Re:I see that... by BronsCon · · Score: 1

      I wasn't attempting to back up the claim that I said it 4 years ago; in fact, I didn't say it here until, if I recall correctly, some time last year when I had an iOS fanboi up my ass with how insecure Android is (but he can't talk about it because NDA) while iOS is supposedly perfectly secure. Of course, as I was (and still am) under NDA, I stayed a bit more tight-lipped than he did about it.

      Beyond that, I honestly don't care if you believe me; at least not enough to be bothered to go through over 100 pages of comment history to look for proof. Page 100 goes as far back as the beginning of February 2016; I may have said it before then, I may have said it after then, and if it really bothers you that much you can look it up yourself.

      I've seen you around and generally respect your positions, but I'm not above telling you when you're wrong, nor am I low enough that I feel the need to bend over backward to prove it. I'm sure you've seen me around, as well, enough to have already foreseen this type of reply.

      --
      APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
  10. so much for supporting iThingies by mad7777 · · Score: 1

    In one fell swoop, Apple just broke all Meteor apps, and probably any other hybrid framework.

    So I suppose we're all supposed to develop iOS apps using Apple-proprietary technologies now? No thanks. I'm old enough to remember the open internet, before the invasion of the phone-pokers.

    What I'm trying to wrap my head around is where they draw the somewhat arbitrary line between downloading content and downloading functionality. I mean, any app that connects to the internet has the potential to download not just user comments, pictures, videos, and HTML, but also code, which might be executed on the client. What if my server pushes an image of a QR code to every client, which allows them to pay with bitcoin, thereby bypassing the 30% appstore surcharge? What if I want to display a web page in my app, which, by its very nature, is not approved by Apple's draconian bureaucrats??

    --
    Might makes right irrelevant.
    1. Re:so much for supporting iThingies by BasilBrush · · Score: 1

      Web content, including Javascript is an explicit exception to the rule banning downloading code.

      And if Apple know you're charging a fee, via whatever method, to get around app store fees, then they'll reject the app.

  11. Re: For Good Reason by Shepanator · · Score: 1

    Wow, that's one hell of a false equivalence argument.

  12. Edgy fucks always ruin it for everybody by 0xdeadbeef · · Score: 2

    It is apparently in response to something called Rollout.io, and looking at what it does, holy fucking hell, how the fuck has such a thing existed as long as it has, and why did those dumb fucks think Apple would be cool with them hot-patching code?

    What concerns me is

    This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior or call SPI [sic],

    which means no method swizzling and no introspection, which is absurd. You can't even implement many idiomatic Objective-C patterns without respondsToSelector. Maybe the key is "arbitrary parameters", though in that case, they should be looking for calls to NSSelectorFromString, not these methods.

    This is also seems to rule out calling a web service through a JavaScript front-end published by the server. And hell, most jailbreak checks call dlopen. Apple will be screwing over anti-cheat and anti-piracy techniques so they can enforce their own security theater.

    1. Re:Edgy fucks always ruin it for everybody by balbeir · · Score: 1
      Yeah that rollout.io thing looks like it's designed to circumvent the apple app store rules. Very robust business plan.

      "We're hiring". Probable not any more.

    2. Re:Edgy fucks always ruin it for everybody by BasilBrush · · Score: 1

      That kind of dynamic programming is more or less dead when you switch to Swift anyway.

  13. Re:For Good Reason by FatdogHaiku · · Score: 1

    ...See how silly that reasoning sounds...

    That's the whole point of drawing a false parallel and then appling reductio ad absurdum, right?

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
  14. Facebook? by R.Mo_Robert · · Score: 1

    The description of "hot code push" sounds like something Facebook and Messenger are doing on iOS. They both change the location of buttons (and occasionally some functionality)--like moving the Messages icon in the Facebook app to the top left and replacing it with a useless Marketplace icon--without needing to submit a new app, among other continual and usually annoying changes in Messenger itself. (Or at least the change isn't obviously correlated with a new app version; they don't write real changelogs, instead using a generic "we continually update this app" nonsense, and the app continues to function like it did before...until one day when it doesn't.)

    I'm sure there are potentially malicious uses of hot code push rather than just annoying ones like certain apps seem to be doing, but if it makes them stop doing it too, I'll be happy enough.

    --
    R.Mo
    1. Re:Facebook? by BasilBrush · · Score: 1

      I don't know specifically about those apps. But many apps do it as a natural result of them being little more than web-apps running in web-view.

    2. Re:Facebook? by R.Mo_Robert · · Score: 1

      I don't know specifically about those apps. But many apps do it as a natural result of them being little more than web-apps running in web-view.

      Yeah, I think Facebook tried that with their early iOS app (or at least they said it was "HTML5"), but I believe a few years ago they rewrote it to be "native." Not sure if they've gone back or what (or just hybridized), but both it and especially Messenger keep changing more than you'd expect for a typical app.

      --
      R.Mo
  15. Re: For Good Reason by dgatwood · · Score: 1

    How is that false equivalence? The original argument is that the only thing preventing everybody from doing bad things is oversight by other people. That's prima facie absurd. Most people will do the right thing even without being watched by other members of their peer group, police, etc. In much the same way, most developers will not abuse the ability to hot patch their code merely because they have that ability.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  16. Good. It levels the playing field on store ratings by seoras · · Score: 1

    If you publish on iTunes App store, as I do, you'll know that releasing a new version has the knock on effect of lowering your installs due to 2 things that happen on each new release:
    1) iTunes App's have 2 ratings. An all time rating and a current version rating which goes to 0 on updates causing your app to lose popularity with installers.
    2) iTunes keyword ranking is affected by current rating, not significantly, but enough to drop you a few places and 1/2 your installs until (1) improves again.
    The App store is stagnating because of this. I see too many rivals who update every year or two. It creates complacency.
    "Hot push" would have been for security reasons, which I'm all for. It does also have a nice side effect of preventing ratings gaming.
    Apple's rumoured to be making App ratings more like Google Play in iOS 10.3.
    I do hope so.

  17. Re:For Good Reason by parkinglot777 · · Score: 1

    I actually agreed with the parent logic, but the reason for Apple to do this, for me, is to save their behind in the future. The prevention is not about what's going on right now (most people are doing the right thing), but it is to save their own behind in the future from even one misused case. The breech through the Internet is a lot more difficult to stop, let alone the cost to detect. Even those who are doing the right thing could make a mistake and open a hole to those who are looking to exploit.

    Anyway, I don't defend Apple of doing so, but I am trying to understand why they do it.

  18. Re: For Good Reason by dgatwood · · Score: 1

    It's also the primary argument for having a tightly curated, closed ecosystem App Store model like Apple has.

    No, not really. You're conflating "someone" with "everyone" here. The closed ecosystem provides a benefit because the odds are high that someone will do something bad. Bans on hot-patching provides a benefit only if you assume that everyone will do something bad. This difference is subtle, but critical.

    Apple has a number of protections to prevent malicious apps from causing harm—blacklisting an app so that it won't even launch, removing the app from the store, banning the developer from submitting new apps, etc., all of which are made possible by that closed ecosystem. These allow Apple to provide oversight that prevents bad people from doing bad things, and are necessary because it isn't absurd to believe that some people will try to do so. What's absurd is assuming that all developers (or even a large percentage of developers) will risk destroying their reputation and livelihood to do bad things unless Apple nit-picks every single submission into the ground.

    More to the point, curation is about minimizing the risk of getting complete junk apps, not about preventing bad people from doing bad things in app that only become visible after the fact. There's nothing Apple can realistically do in an app review that could detect malicious code, because it is entirely trivial for an app to ask a server what to do and then either behave normally or maliciously depending on the response. That behavior could be hard-coded into an app, and Apple would never realistically be able to detect it. The only way you could prevent a malicious developer from doing that would be to ban apps that make Internet requests. Thus, banning hot patching cannot possibly have any effect on whether malicious developers can create apps that cause harm, because it isn't necessary for apps to use hot patching to cause harm. It isn't really even all that helpful.

    What hot patching can do is allow developers to flagrantly ignore app store policies. And it makes sense for Apple to crack down on developers who use it in that way, in much the same way that it makes sense for police to arrest people who commit crimes. It doesn't make sense to ban the technology under the theory that if Apple doesn't crack down constantly, the developers will all run amok, in much the same way that it doesn't make sense for police to arrest everyone because a few people might commit crimes.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  19. So, by BitztreamNotARealNam · · Score: 1

    How's life in the hypocrite lane?

  20. Uber by jtara · · Score: 1

    Anyone else notice the correlation between this and Uber walking-back Greyball?

    I suspect Apple threatened the nuclear option. Greyball would definitely qualify for removal from the App Store on the broader issue here of undisclosed/changing app behavior as well as just plain out-and-out fraud.

    I would have rather seen Uber removed from the App Store, though, than whatever back-room deal was made. There was no second chance, for example, for Kepeli/Dash. (Dash is an offline API documentation reader app. The author got bounced permanently when he let his sister use his developer account and she allegedly posted fraudulent reviews for her own app.)