
 Apple tells app developers to disclose or remove screen recording code - jbegley
https://techcrunch.com/2019/02/07/apple-glassbox-apps/
======
have_faith
I think we are approaching a transitionary period where lines by various
companies are starting to be drawn in the sand with regards to privacy and
user hostile design choices. It's still a little blury, but as the lines
become clearer users will start to shift. And either by choice or regulation
the lines will be drawn. Apple's hand is being forced in some cases, but
usually in a direction they are already heading. Google will find the balance
much harder due to the nature of their revenue model.

~~~
paulryanrogers
Actually I'd say Apple is swinging only toward user choice where it suits
them. The recent change to the default media player for play-pause away from
the last app and to Apple Music is one example. Dropping Do-not-track from
Safari is another.

~~~
mrexroad
Expedia's privacy policy [0] is a perfect example of why DNT, in current form,
does nothing more than misalign customer expectations around privacy.

"Do-Not-Track Signals and Similar Mechanisms. Some web browsers may transmit
"do-not-track" signals to websites with which the browser communicates.
Because of differences in how web browsers incorporate and activate this
feature, it is not always clear whether users intend for these signals to be
transmitted, or whether they even are aware of them. Participants in the
leading Internet standards-setting organization that is addressing this issue
are in the process of determining what, if anything, websites should do when
they receive such signals. We currently do not take action in response to
these signals. If and when a final standard is established and accepted, we
will reassess how to respond to these signals."

[0] [https://www.expedia.com/p/info-other/privacy-
policy.htm](https://www.expedia.com/p/info-other/privacy-policy.htm)

~~~
Nition
"Some cars are now coming straight from the factory with 'do not track'
stickers already applied. As such, we cannot know for certain whether an
individual driver actually wants to be tracked. What does Do Not Track really
mean anyway? We have therefore chosen to attach tracking devices to all
vehicles that visit our premises."

"Some letterboxes have 'no junk mail' signs attached, but it's often unclear
whether these were even placed by the current occupant. The current resident
may be completely unaware that they're missing out on our great deals.
Therefore we have chosen to deliver to all addresses regardless of signage."

What an incredible way of thinking. You could rationalize anything this way.

~~~
rutthenut
Agree entirely. Take a clear statement. Say it isn't clear what someone may
want from that statement, claiming it is confusing when it really is not. Do
what is clearly the opposite intention, blaming deliberate stated confusion.
Grrr.

------
makecheck
When the average app can send dozens of megabytes with no one blinking an eye,
lots of stuff can slip though.

I’ve long said that platforms need to _enforce_ limits, _hard limits_ , on all
I/O. And in order for something to get an exception, the system should have a
big, obvious, inconvenient work-around that places plenty of blame directly on
the developer (e.g. “The application Foobar is using an extremely abnormal
amount of your battery power, and has used your Internet service more
extensively over the past hour than any other app on your device. We recommend
uninstalling this program completely, or select one of the throttling choices
below:”.)

And frankly, there is no shortage of reasons why we should do this: to prevent
abuses like this latest one, to prevent draining batteries, to avoid expensive
data plan overages, etc. (and heck, to save the planet, because stupid simple
things should not require a pile of natural resources to download to your
device).

I’m truly sorry if your overblown JavaScript framework can’t draw 3 lines of
text on the screen without transferring an entire 1990 operating system’s
worth of code over the network for each paragraph. Yet if devices start
enforcing really tiny limits (my vote is, oh, 2 _kilobytes_ of data), I bet
your organization will finally figure out what data is really important. Good
luck.

~~~
banachtarski
I can't say I agree at all with this hyperbolic reaction. How about people
just be judicious about what they install and who they trust as always. I'm
for privacy as much as the next person but not when it infringes on an open
platform to the degree that you suggest, and Apple already overreaches in
terms of censorship and control IMO.

~~~
mikejb
> How about people just be judicious about what they install and who they
> trust as always.

That sounds good, but how well does it work? I'd you find an app that solves a
use case for you - what factors do you use to determine whether you trust this
developer? How can the average iPhone (/smartphone) user apply this?

~~~
banachtarski
It works great. Even my parents learned what to install and not install on
their windows PC. The key being that the safety features are all on by
default. But for those of us that need to run software off the beaten path, we
can.

~~~
mikejb
I'd love to teach my parents, but I'm still challenged by giving them
indicators to determine what should or shouldn't be installed. I actually find
it hard to do myself, so maybe you can help. For example: My mom likes to play
Sudoku. How should she go about to determine whether it's fine to install this
app:
[https://play.google.com/store/apps/details?id=com.easybrain....](https://play.google.com/store/apps/details?id=com.easybrain.sudoku.android)
? How can she (or I) determine whether this data is uploading data collected
on her phone or doing some other sort of shenanigans?

------
desc
It's a good thing that platform providers are locking down this sort of thing.

The problem is a culture of 'it's ok, everyone else does it, the world runs on
it, maybe things need to change, but we need to find an alternative equivalent
first.'

No.

It was always wrong. It was never justifiable. Permission was never requested,
only assumed.

If you are recording my screen without making it abundantly clear up-front
that you are doing so and why, and without allowing me to decline _without_
providing any additional identifying information, you are automatically
unworthy of my trust, not only now but forever. The people who thought this
was acceptable are unfit to make such decisions, now and forever.

In short: fuck you and your advertising.

Why is this sort of bullshit even allowed to be technologically possible?
Because someone profits. Screw their thumbs until it isn't. You want to make
money from the people using your software? You get it from them, specifically
from them, by providing a worthwhile product. You should be punished for
selling them to someone else.

Unless you can teach them the value of that which you ask in exchange for your
product, you are committing fraud.

You don't get to benefit from the information you siphon from people who don't
understand the value of it. You know exactly what you've done and always did;
no second chance is warranted.

~~~
s3r3nity
Devil's advocate question: do you (should you) have to agree to be video-taped
before entering a store on security cameras? What if you had to do that for
every single store?

> In short: fuck you and your advertising.

Nah, I don't want to pay for every single site I visit. Content is not just
given out for free. Are there limits to what counts as too much? Sure, and
that's the type of discussion we should be having.

> You should be punished for selling them to someone else.

That's not how online advertising works. Rather, it's would be the equivalent
of someone on your block knowing that your house is a 3-bedroom 1-bath, but
know nothing about the people that live inside.

~~~
brandonmenc
> I don't want to pay for every single site I visit

I do - if the content is good, the price reasonable, and the transaction
frictionless.

And if that's what it takes to get rid of intrusive advertising and user
tracking, sign me up.

~~~
chillacy
You'd also have to pay more than what you're worth at status quo today.

By some estimates your data's worth $240, assuming you're an exactly average
user: [https://medium.com/wibson/how-much-is-your-data-worth-at-
lea...](https://medium.com/wibson/how-much-is-your-data-worth-at-
least-240-per-year-likely-much-more-984e250c2ffa)

Since not every user will pay or can afford to pay, and presumably heavier
users are worth more, you might have to pay thousands, or tens of thousands
(in case you bought a house or something based on targeted ads).

You can sort of simulate this today: imagine if you were to bid past all other
ads shown to you for every ad slot on every site, then you could replace them
with an empty picture. That might get expensive.

~~~
inetknght
> By some estimates your data's worth $240

Thanks for putting a price point on the amount that people^H^H^H^H^H^H^H
advertisers will pay to ruin my freedom. I value it much more than they.

------
minimaxir
> “Your app uses analytics software to collect and send user or device data to
> a third party without the user’s consent. Apps must request explicit user
> consent and provide a clear visual indication when recording, logging, or
> otherwise making a record of user activity,”

Every big app collects analytics without such disclosure (and definitely no
visual indicator). I honestly can't think of a counterexample.

If Apple's declaration is taken literally, this will have massive fallout on
the analytics ecosystem.

~~~
threeseed
Not every big app. Every app.

It can often be difficult to determine root cause of an issue when you are
just given a stack trace. I suspect we will soon see two patterns arise: (1)
Popups when the app launches to get consent and (2) Screen recording that
still happens but only phones home if an exception occurs and where they get
consent at that point.

And what does this mean for core metrics like Google Analytics ?

~~~
0x0
I have published several apps on the App Store and none of them make use of
any analytics or screen recording or any telemetry, really. So your statement
"every app" is categorically wrong as far as I can understand it.

~~~
bhelkey
What kind of metrics can you get from Apple. Clearly number of downloads, but
how about things like Daily Active Users?

~~~
zeroimpl
And if your app has any kind of online component, there's probably an HTTP
request hitting your server whenever the user launches the app. So even
without explicit telemetry in the app, you can easily get decent data from
your web server's logs.

------
heywire
I think many people would be surprised by the amount of analytics data leaving
their phone _all the time_. I recently was doing some work where I had my
iPhone proxied through mitmproxy on my laptop, and was blown away by just how
much data was being sent. Some apps were sending a request to one or more
analytics firms every single time I touched a UI control. I would set up a pi-
hole and VPN to block this stuff, but I'm sure the app developers will just
start tunneling the requests through their own hosts. Maybe some day one of
these open source phones will actually be viable.

~~~
aaaaaaaaaaab
I wish the AppStore review team would simply reject any app that generates
unnecessary network traffic for no good reason.

They don’t even need to MITM the traffic. Just the fact that an app makes
network requests when using a supposedly offline feature should immediately
get them rejected.

And iOS should introduce a visible network activity indicator that can’t be
manipulated by applications, like they do for location tracking.

~~~
SomeHacker44
I would love a Little Snitch for iOS.

~~~
LeoNatan25
[https://guardianapp.com/](https://guardianapp.com/)

~~~
elektor
I use this app. So far, it blocked 1108 data trackers and 3 locations
trackers.

------
pablo-massa
And when browsers will protect users against activity recording without
consent?

For example Hotjar [1], I did a review [2] of the product a year ago and I
could not believe the creepy surveillance level of this tool.

For me, manually disable JS or install content blockers will not get
mainstream appeal for the regular users who just want to browse the web (and
didn't know that maybe are being recorded).

This should be blocked by default on every browser.

[1] [https://hotjar.com](https://hotjar.com)

[2]
[https://www.youtube.com/watch?v=FDgybTvnhjY](https://www.youtube.com/watch?v=FDgybTvnhjY)

~~~
randormie
It's creepy indeed. Not only do they collect all your actions (key presses
included) but I believe they also send the activity to their servers via HTTP,
rendering the SSL on the page that includes their script, useless.

~~~
CraftThatBlock
If it's a HTTPS page, wouldn't that be blocked due to mixed content though? Or
is HTTP requests from a HTTPS-loaded script allowed?

~~~
djsumdog
Modern browsers should block all backend/javascript http communication if the
main request is made over HTTPS, unless you specifically disable it with a
Content Security Policies.

~~~
inetknght
Better to just disable javascript altogether. Sure, there's no dynamic loading
of garbage, but I didn't want that anyway. If your back-end server can't
render HTML then you need to build an app.

At least with native desktop apps I can put that garbage into a VM or
container. Load whatever you want. I can then apply my own
firewall/containerization/VM rules.

------
ascar
I wonder if this move is related to this recent story [1] from theappanalyst,
which reveals not just a privacy, but also a security nightmare.

The article even seems to mention it _" Even though sensitive data is supposed
to be masked, some data — like passport numbers and credit card numbers — was
leaking."_

[1]
[https://news.ycombinator.com/item?id=19102036](https://news.ycombinator.com/item?id=19102036)

~~~
saagarjha
It's almost certainly a response to that.

~~~
ascar
It just seems to be really fast. The article appeared on HN 21 hours ago.
Unfortunately there is no date on the blog post itself.

When I read the report I was hoping that it will have serious consequences for
Glassbox and similar services. Good that Apple is taking action so fast. I
hope Google kicks in soon too.

~~~
saagarjha
I think there was some associated press coverage for the last couple of days,
of which that article was on the tail end of.

------
guessmyname
I appreciate and welcome this requirement from Apple.

Some time ago I built something I call “Network Blackhole”.

The project intercepts HTTP traffic from applications that I installed in
either my MacBook or iPhone. An excellent example of this is Crashlytics [1],
Segment [2], and Sentry [3], which are among a list of popular web services
that many developers use to report bugs and crashes in their software, and the
famous Google Analytics, which I hope I don’t need to explain what it is used
for.

With the help of Little Snitch [4] a popular network monitor for macOS, I
detect when an app tries to connect to one of these services, or similar. Then
I execute a tool written in Go like so: “blackhole example.com” which does the
following:

1\. Inserts domain into /etc/hosts

2\. Create an HTTP web server (in Go)

3\. Adds a match-all endpoint to the server

4\. Creates an SSL certificate with mkcert [5]

5\. Creates an Nginx virtual-host for the server

6\. ???

7\. Profit

In the end, and after 1-2 minutes, I have all the traffic to that domain
gracefully redirected to a black hole, reducing the amount of data that I leak
to 3rd-party websites.

However, don’t get me wrong, I understand the purpose of these services, I
haven’t said they are evil or anything like that. I would probably use them
myself if I had to, but I certainly would add an alert to ask for explicit
consent from the user to send this information to a service that I won’t even
have control over. If one of them leaks my customer’s data, I will be the only
one facing the consequences.

I hope I don’t have to add another domain to my network black hole anymore.

[1] [https://crashlytics.com/](https://crashlytics.com/)

[2] [https://segment.com/](https://segment.com/)

[3] [https://sentry.io/](https://sentry.io/)

[4] [https://help.obdev.at/littlesnitch/](https://help.obdev.at/littlesnitch/)

[5]
[https://github.com/FiloSottile/mkcert](https://github.com/FiloSottile/mkcert)

~~~
dmacedo
You have two links labelled [4], and also didn't share your tool; which was
the more interesting content of your comment ;)

~~~
guessmyname
Thank you, I add the missing link.

Unfortunately, I cannot share the tool because it contains multiple zero-days
for apps that make use of Paddle [1] and Devmate [2] to grant and validate
software licenses. It also contains zero-days for apps developed in
partnership with Panic [3] and MacPaw [4]. I’ve been in contact with some of
the developers of these apps to patch their software, and until they all
release security updates I cannot share the code with the world.

[1] [https://paddle.com/](https://paddle.com/)

[2] [https://devmate.com/](https://devmate.com/)

[3] [https://panic.com/](https://panic.com/)

[4] [https://macpaw.com/](https://macpaw.com/)

------
tokyodude
Seems like a poorly thought out policy. It should be another permission. "App
ABC would like to capture your screen Y/N"

Also IMO if Apple was really serious about privacy they'd remove the
permission for apps to use your camera and see all your photos and instead
require apps to use a system camera a UI (so the system takes the picture, not
the app) and similarly if an app wants a photo from your library it should be
required to use some system photo selector so that the app can only see the
photos you select for it.

As it is, every app that asks for camera permission can use the camera anytime
it wants for any reason.

Similarly any app that asks for permission to see your photos can see all of
your photos anytime it wants.

Neither of those is compatible with the idea that Apple is a privacy first
company.

Note that if Apple enforced those you wouldn't need to grant most apps camera
and photo library permissions since they wouldn't get access to the camera
data unless you took a picture while in the app or select photos.

I get it might suck in that gating the camera to system only means
experimental camera apps are out. Maybe they could find a way to add secure
hooks or maybe they need to add a new permission that hopefully security
conscious people would rarely grant which is "Can this app access the camera
anytime it wants for any reason including spying on you?"

Similarly only using the system photo selector would mean apps can't make
fancier photo selectors but again, you could add permission for that if it's
really important. For example Dropbox/Google/Flickr/Facebook upload all your
photos features would need a "Can this app spy on 100% of the photos on your
device?"

AFAIK access to depth data currently requires no permission. Seems again that
that's not a privacy-first policy.

Also, Apple is apparently yanking the ability for for webpages to access
orientation data. Why should apps be any different?

~~~
jammygit
I naively thought that was how computers worked when I was younger. It still
feels weird that it isn't the case

~~~
kkarakk
define younger, computers use to be the wild wild west where you could do
anything. nowadays companies are locking up things left and right - if you
don't have technical expertise you mostly can't do anything except corrupt
your OS

------
aaaaaaaaaaab
Oh no, how will we track user engagement now? I need those engagement numbers
for my promotion case by May, thanks Apple! >:(

On a more serious note: it’s nice to see that Apple is finally cracking down
on these shady analytics SDKs. I’m _this_ close to forgiving the headphone
jack thing...

~~~
glitchc
I, too, am thrilled with this development. Feel happy for supporting Apple,
bought an iphone after years of Android because of their vocal and
increasingly militant stance on privacy.

Let’s ban the entire Google analytics framework while we’re at it, including
in Safari. Then we’re getting somewhere.

------
derekdahmer
As a product developer, screen recording has been a game changer for finding
UX bugs. There's no real replacement for watching your users use your app in
real world scenarios.

It seems apple is only banning screen recording tools that send data to "third
party" servers so hopefully there are open source self-hosted alternatives
that we can use instead.

~~~
effingwewt
Ok, then you pay some people to be a sample group who will allow you to do so,
not just keep it under the hood and pray you aren't found out. Things like
thjs are exactly why every app should make network requests approved by the
user.

~~~
DelightOne
Could you give people In-App purchases for free in exchange for the allowance
to work together to improve UX?

------
samwestdev
My company app screen record everything (using repro.io). I've tried to talk
with my superiors but they don't care. Is there a way to report the app to
Apple?

~~~
exodust
You want to report your company's app? That's unusual. I don't see any winners
in that scenario.

~~~
shard972
The people?

------
SmellyGeekBoy
As an Android user since the original Samsung Galaxy I only have this to say -
I'm literally browsing the iPhone section of the Apple website right now.

------
TheSpiceIsLife
> explicit user consent

Is this possible?

Opinion:

 _Explicit consent_ can only be given if a person fully understands what
they're agreeing to. The weight of evidence suggests that once personal
identifying information is out in the wild it can't be retracted.

While the banks, police, and media continue to refer to such a concept as
_identity theft_ , I don't believe it's possible for _anyone_ to give
_explicit consent_ to their data being _leaked_ and used by people with ill-
will.

Edit: leaked, or intentionally sold to bad actors. Or the parties collecting
the data in the first place are bad actors themselves.

------
ProAm
Why doesnt the Apple app review team catch this prior to deployment?

I thought that was the big thing about having to use the app store was Apple
kept it locked down tight to prevent this from happening?

~~~
0x0
Because the app review team only evaluates a compiled binary, it is fairly
easy to obfuscate nefarious activity. It could be as simple as serving
different javascript from your backend to a [JSContext evaluateScript] call
based on a flag you set after the app is approved, for example.

~~~
eridius
Of course, serving up javascript from your backend to a [JSContext
evaluateScript] call is itself a violation of the app store guidelines.
Interpreted code not executed as part of a web page rendered by WebKit either
has to be bundled in the app itself, manually entered by the user, or has to
be in the context of a learning app with a slew of restrictions around the UI
(basically, the exception for Swift Playgrounds).

~~~
saagarjha
Apple's guidelines around this are pretty clear, but almost everyone that
tries to use this to A/B test seems to get through app review. I'd really
rather this just be outright banned, but it looks like the current policy is
annoyingly lenient.

------
sephoric
I specifically put a disclaimer on my website (sephware.com) that my apps
don't even collect, let alone sell, any of your data. Ironically my app
(Autumn) was rejected and not allowed on the App Store, even when I filed an
appeal, because it uses Accessibility, despite there being a good handful of
apps of the same type on the App Store that were grandfathered in before that
rule, many of them long abandoned and receiving recent poor reviews with the
users asking for them to be updated. I have aimed for Autumn to be not only
one of the more polished and aesthetically pleasing apps on the App Store, but
among the most ethically conservative also.

~~~
ryandrake
If your app is using the Accessibility APIs, is it actually an assistive app,
meant to help people with disabilities? I’ve seen apps get rejected for using
Accessibiliy but not actually being accessibility apps.

------
ggm
I'm waiting for the reveal of what Apple does with state actors, and I am
waiting for the evidence there can be anything close to 'sunlight on
certificates' or other forms of transparancy around what they do. So, yes, we
win when Apple fights for our privacy. What I need to understand is what we
lost in this, and what compromises lie underneath, and how much the state(s)
at large secured wins which we aren't winning on, they are.

Key escrow for instance. Insights into phone use. Monetisation of information
feeds forbidden to third parties.

I still prefer signal to iMessage.

------
skarz
This is a really dumb move. It's not like Apple was previously unaware of
this, there were entire venture backed companies built entirely around being
able to do this and they've been around for years.

Despite seeming scary, this is actually the most benign form of data
collection. People have this naive notion that companies have this obsessive
desire to track them as an individual. Working at tech companies, this could
not be further from the truth. I do not give a shit about you as an
individual, I care about you as a collection of attributes that I can
correlate with the attributes of the rest of the user base. The only time I
care about you as an individual is if you're reaching out to our customer
service as an individual with a problem and I want to help diagnose it.

The problem with screen recording data is remarkably useless for anything else
because it's too high fidelity to be aggregated. If I want to serve you more
personalized ads or manipulate you into purchasing something, there are other
tools that are far more appropriate for the purpose.

The only reason Apple is doing this is for PR reasons, to help signal to
everyone that they're a privacy conscious business. But they're doing this by
leveraging people's misunderstanding of how data collection is done and
banking on emotional fears rather than actual damage.

------
landonxjames
Several friends and I recently noticed the red navigation bar indicating
screen recording for a couple seconds after closing instagram. At the time I
wrote it off as nothing, but now I wonder if even apps that big are doing
similar things.

------
duxup
I think this needs to be clarified more.

At the same time as appreciative I am about Apple's privacy stance, it really
worries me that they're the only large company that seems to care.... and when
they don't, who will?

------
tomelders
They should just ban first, explain later, in this scenario. The app
developers know full well what they're doing, and the remedy should be
punitive for scumbag outfits that operate like this.

------
stevepotter
I've used screen recording systems in both web and mobile and found them to be
very valuable tools. And I've only ever used them to troubleshoot and improve
the product. Never shared the data. That said, I've always been disturbed that
it was considered fine to do. I think Apple's move is great. I hope other apps
stores do the same. I think it should be done for text-based analytics like GA
as well, as they get so detailed that it's pretty much the same as screen
recording.

------
thisisweirdok
Hah, you think that's bad just look at all the sites that use Hotjar. Some
entry-level UX person at thousands of companies can see you typing in all your
credit card data.

~~~
gammateam
Or Fullstory! Way back in 2016 that analytics package could already show you
the full screen and every click on someone using a website or native
ios/android mobile app.

All so you can "optimize your A/B testing" lol.

But don't worry, there won't be a Netflix documentary or Congressional
subpoena till 2025, LOONNNNG after your startup's exit. Until then, Zuckerburg
gets to be the face of this general disdain and luckily gets to honestly have
no idea about what is going on, because third parties integrated into his apps
are the ones doing all the recording, user monitoring and data sharing.

------
fipple
I see this more of a perf thing than a privacy thing. Since most apps connect
to a remote backend, any app developer can create backend tooling that
perfectly recreates a user session from server logs, with local actions logged
locally and uploaded on the next request. But they’re usually too lazy to, and
waste my bandwidth by uploading logs directly from my phone to a third party.

------
dep_b
Perhaps Apple was already waiting for an outrage like this. It allows them to
be “forced” to shut down third-party logging. Which only hurts competitors.
What can Google say? “Well....on Android we’re not a third-party...”?

They’ve kicked out tracking already on Safari. This is the next step. It makes
Google’s software look like spyware.

------
z3t4
I think apps that do recording/tracking should be forced to have a message
similar to tobacco products. I think users should be able to do whatever they
like with their devices, so I'm against closed ecosystems. But users should at
least be able to make informed decisions.

------
wundersoy
Let’s pretend that clicktale or something similar doesn’t exist on the
majority of big websites

------
piyush_soni
I don't understand why it is sending 'notices' to developers. Why can't it be
a proper permission like all others - which the users have to explicitly allow
when an app tries to do that? _That_ will be proper security.

~~~
standardsam
How would that be technically possible? All the app needs to do is log the
user’s taps and swipes and then replay those inputs on a copy of their app.

------
tqi
Do any of the first party iOS apps (imessage, safari, podcasts, etc) collect
analytics data?

~~~
saagarjha
They do.

------
driverdan
This is one of the reasons why I won't own a computer I can't root. On my
Android phone I'm running AdAway which blackholes ad and tracking hostnames.
This is currently impossible on iOS without using your own external DNS
server.

~~~
chillacy
I suspect companies will move to owning their own endpoints and having the
info forwarded to google/mixpanel on the backend. Though to be honest I’m
surprised it hasn’t happened yet.

------
kccqzy
But what about these "recordings" in a web app that Apple has no control over?
As far as I can tell, grabbing a screenshot of a canvas element and sending it
to a server is still doable without being reprimanded by Apple.

------
laythea
Is this not hypocritical? I assume Apple does similar (analytics)?

~~~
saagarjha
Recording people's screens without disclosing that they're doing so? No, not
really.

~~~
laythea
Disclose, like in the small text that nobody reads?

------
amelius
> "What happens on your iPhone, stays on your iPhone"

Users might get into serious trouble with this kind of mis-information. Apple
should rephrase their slogan.

------
superfamicom
I've personally used FullStory.com to debug some especially spurious bugs in
many a browser. I do with it was opt-in only but I haven't seen such a system.

------
dreamcompiler
Yet another reason why I'll happily interact with your business on the web,
but I won't download your app unless it's obviously essential.

~~~
stevepotter
Same thing for web - [https://www.fullstory.com](https://www.fullstory.com)

------
paulryanrogers
Why not refuse to load sites in Safari which do similar mouse and click
tracking?

Does Apple.com?

(Real question. I'm guessing because it's too common or too CPU intense.)

~~~
comex
Because there's no centralized approval process for websites, you'd have to
find a robust technical means to detect such tracking, which is pretty
difficult. Identifying a particular domain or filename wouldn't work well
because it could be trivially evaded – although if that's what you want,
content blocker apps can do that.

------
LoSboccacc
They raising voice now to cover the obvious question underneath, how did such
app bypass their precious review and approval system?

------
chrisper
I think if the next iPhone will have USB-C, I will switch over from Android.

The general app quality on iOS seems to be much better than Android.

------
ValleyOfTheMtns
Why not provide this as something the user has to give permission for, similar
to providing access to the microphone or camera?

------
ryanmt
I can't even read this because of the leading space tripping up my eyes!

------
lifeisstillgood
Is this really a response to the Air Canada teardown yesterday?

That went viral quickly

------
buremba
..and many analytics startups die in one night.

------
umvi
Click-baity title. Should say "Apple tells app developers to disclose or
remove screen recording code" which is much more reasonable than a heavy-
handed forced action.

~~~
evv
The article mentions that Apple forced a developer by threatening to take away
app store distribution:

> Apple gave the developer less than a day to remove the code and resubmit
> their app or the app would be removed from the app store, the email said.

~~~
criddell
I'm sure the developer was happy to get some time, but as a user I would
rather see any app that's violating the agreement removed immediately.

------
endofcapital
This is a thing? What?

------
byron_fast
I guess they could have made that impossible to begin with. But, you know,
reasons.

~~~
gok
How would you do that? If code can render something to a screen, how would you
prevent it from rendering to a video?

~~~
byron_fast
The point is to not make it so easy. It doesn't need to be easy, or
automatable.

~~~
mikestew
You can make it hard as you like, but if it's still _possible_ then someone
will wrap it with a nice API and documentation, maybe even sell it and make
bank, and you're back to where you started.

