Slashdot Mirror
Apple Blocks Google From Running Its Internal iOS Apps (theverge.com)
Apple has now shut down Google's ability to distribute its internal iOS apps, following a similar shutdown that was issued to Facebook earlier this week. From a report: A person familiar with the situation tells The Verge that early versions of Google Maps, Hangouts, Gmail, and other pre-release beta apps have stopped working today, alongside employee-only apps like a Gbus app for transportation and Google's internal cafe app. UPDATE: Apple has restored Google's Enterprise Certificate so its internal apps will now function.
So... as usual the summary (and even TFA in this case) had me confused about what is going on here. At first I thought Google was redistributing Apple's internal iOS apps. I thought maybe they were embedding iOS apps within their own apps or something. Anyway here's what this is about.
An enterprise developer license for iOS allows a developer to sign an app for limited *internal* distribution of an app. This is for testing and enterprise use internally within the company the license was issued to. This is in contrast to apps intended for public distribution, which as we know can only be done through the iOS App Store, and which requires Apple to approve the app.
What Facebook and Google have been doing is publicly distributing what should be internal-use-only apps to the public - apps that would not be approved by Apple for various reasons (including privacy issues) - through their enterprise developer license. So it's clearly a violation Apple's terms, and it sounds like both FB and Google are doing the overreaching data collection through these special apps.
Apple has reacted, disabling the signing keys for these apps so they no longer function.
Better known as 318230.
Oh, you mean instead of following the letter of the contract you signed, you do something that violates that contract, and when you are caught, and the other party terminates their part of the contract, it is their fault?
You are a special kind of stupid, aren't you?
How was Apple supposed to know? The whole point of enterprise apps is that enterprises can run anything they want on any of their devices without going through Apple. The users who were involved in this stuff were installing provisioning profiles that identified their devices as belonging to Facebook and Google. Given that Apple isn't privy to employee records at Facebook and Google, they have no way of telling whether provisioning profiles are being abused, so again I ask: how was Apple supposed to know?
By all indications, Facebook and Google agreed to the same license as everyone else, and the license is anything BUT ambiguous, given that it's subtitled "for in-house, internal use applications" and then only gets more explicit about how it's intended to be used from there. I ran through a lot of the details about the license in a comment yesterday.
How do you figure? The enterprises affected so far have all been caught redhanded in the act of flagrantly misusing a "for in-house, internal use applications" license to intentionally deploy applications externally. The only enterprise level purchases who should be quaking in their boots are purchasers acting in bad faith.
This should demonstrate to enterprise level purchasers the peril in becoming involved with Apple, who are historically an enterprise-hostile vendor.
Or perhaps it will demonstrate that Apple won't let them get away with abusing their internal use certificates that allow less restricted use of device resources in order for those licensees to take further advantage of public end users and violate Apple's software license agreements.