
Apple fails to block porn and gambling “enterprise” apps - sharcerer
https://techcrunch.com/2019/02/12/apple-porn-gambling-apps/
======
mikenew
> The situation shows further evidence that Apple has been neglecting its
> responsibility to police the Enterprise Certificate program

Really? We're there now? It's become Apple's "responsibility" to police every
last corner of iOS? I feel like this should not be viewed as "Apple prevents
developers from distributing their controversial apps" but rather "Apple
prevents users from running controversial apps". If I want to have porn apps
on my phone that is my business and no one else's.

This debate has been going on since the start of the App store, but now that
macOS is steadily becoming more iOS-like and mobile devices are increasingly
becoming people's only computing platform, it's becoming more important. For
example, Apple removed an app that notified the user whenever a US drone
strike caused fatalities because "it was objectionable to some users". There
are a lot of objectionable things that are really important. Apple blocks VPN
apps in China, for example, and since there's no other way to install apps
besides compiling it yourself (which has to be done on a Mac, and even then
the code signature expires after a week) there really isn't an option for
almost everyone in China.

Apple is continually praised for their stance on privacy, but privacy doesn't
mean so much when you don't have freedom. And Apple is hostile towards user
freedom.

[https://gawker.com/apple-kills-drone-strike-news-app-for-
bei...](https://gawker.com/apple-kills-drone-strike-news-app-for-being-too-
crude-1733402994)

~~~
freedomben
> _Really? We 're there now? It's become Apple's "responsibility" to police
> every last corner of iOS?_

I find it disgusting, but really Apple is the only one to blame for that when
they started aggressively policing and removing apps, and then marketing to
customers based on that. I've heard people on HN state ad nauseam that they
love that Apple does this, and that it's one of the reasons they live in the
Apple ecosystem. They want to be protected from running apps that might do
something objectionable (according to Apple's standard), and are absolutely
willing to trade their freedom for some security.

I obviously don't agree with this at all (I refer you to Cory Doctorow's War
on General Purpose Computing:
[https://www.youtube.com/watch?v=gbYXBJOFgeI](https://www.youtube.com/watch?v=gbYXBJOFgeI)
) but it is a position I can understand.

~~~
Wowfunhappy
Apple could have it both ways. Keep the App Store, but make sideloading
possible—without this stupid certificate program. Make it semi-difficult:
maybe users have to tap their version number twenty times or something. Just
keep the avenue open.

It does not harm _your_ security if _other_ people are able to sideload apps.
Apple should just flip the damn switch.

~~~
MaxBarraclough
I figure part of it is the way malware plays out in PR terms. The headlines
would read _iOS malware steals private data_ , not _Moron sideloads malware
onto iPhone, subverting the appstore they already paid to curate_.

Personal responsibility doesn't play much of a role in the media response to
these incidents, so Apple are well motivated to prevent customers getting root
access to their own devices. (To say nothing of the lucrative appstore
business model.)

I recall sideloaded Android malware getting this kind of silly response.
Hardly Google's fault if you go out of your way to compromise your device, but
it can still make for bad publicity.

As it is, the only 'open avenue' on iPhone is to use the browser.

~~~
Wowfunhappy
You're not wrong, but it doesn't excuse Apple's actions. Mac OS seems to get
along well enough, as does Android despite some occasional bumps in the road.
(The Android ecosystem has legitimate security issues regarding un-updatable
devices, but that's not relevant here.)

We should all be pushing Apple to make their products more open, not asking
them for be more stringent. I really do think that if public sentiment shifted
in just the right way, we could see Apple allow sideloading. Steve Jobs is
gone, and Apple is pushing the iPad as both a PC replacement and a STEM
education device. Both efforts are hampered by an inability to run custom
apps.

This TechCrunch article really bothers me. They are a tech-specific site, and
should not be running the type of headlines you describe. The fact that
companies break Apple's guidelines is newsworthy and fine to report on, but if
Apple deserves any blame here it should be for making this crap necessary in
the first place.

------
0x0
As an iOS developer, I sometimes receive emails from some brazen enterprising
person with poor spelling and grammar inquiring about the possibility to
"borrow" our company creds for registering an iOS enterprise developer
certificate, usually with some nonsense explanation like "helping them out
with their beta testing needs" (as if testflight doesn't even exist) and that
"it won't impact your app store apps" (ha!).

Of course these emails go straight to the junk folder, but it is very apparent
that there is a demand and a black market for iOS enterprise distribution
certificates, and people are willing to beg, borrow and probably steal such
certificates in any which way they can.

~~~
rubicon33
Who is simultaneously a programmer AND dumb enough to fall for that?

It's basically the same as someone randomly emailing you asking for your
password.

~~~
darkpuma
Dishonest people. Con artists often target the dishonest and greedy; people
who understand that something is a pyramid scheme but think they can get out
with a profit before it collapses. Or perhaps in this case, somebody who
thinks the future business potential for their enterprise cert won't be as
profitable as selling use of it to shady people.

------
b_b
It seems ironic to me that the HN crowd seems to support these circumvention
of Apple's insular app distribution strategy, but on the other hand also
supports Apple's clamp down on efforts to stop privacy violating apps.

For my part, I guess I would prefer that Apple at least open up iOS devices to
both the app store and allowing users to install non-App Store apps, the
Android model. This would probably satisfy both casual and more tech-savvy
users. Unfortunately, I don't see Apple doing this any time as they are all
about profits, and this strategy has been working very well so far.

~~~
Youden
I don't think there's really any irony here, these are just two different
concerns:

\- I want Apple to do the job we pay them for and ensure that their store
doesn't distribute malware.

\- If I buy a device I want to be able to run whatever I want on it.

~~~
chii
The question is whether these two goals conflict with each other.

Full freedom to run whatever you want also means being able to install
malware.

------
coupdejarnac
I've seen at least one company use the Enterprise program to circumvent paying
Apple 30%. One company I know preloads their app on an iPad, resells the iPad
and associated hardware, and charges a subscription to use the app.

~~~
Swenrekcah
Good for them, Apple’s 30% is more akin to extortion than a fair distribution
fee.

~~~
ehsankia
It's not only a distribution fee. Someone had to develop the frameworks, the
APIs, the OS and all the other systems that allows for your App to exist.
These things aren't free and take resources to make and run. We can argue
about the exact % but people often take all the work that goes behind the
scene for granted. Same for Youtube and any other platform. We're just so used
to having it all for free that we forget the sheer amount of work that goes
into making and maintaining the platform.

~~~
Operyl
Ok. But that’s also baked into the cost of the device at sale. If we’re
talking about the App Store, bandwidth, redistribution, etc that it provides
sure. But .. I don’t agree with your listed examples.

~~~
sokoloff
I disagree. Apple works on its development ecosystem in part because they know
doing so drives App Store revenue. It's not like "Oh yeah, we build all these
dev tools, documentation, and libraries, but that's only because we sell the
hardware. If we shut down the App Store tomorrow, we'd keep making all the dev
tools with the same level of investment."

~~~
Wowfunhappy
I assume this is why there aren't any dev tools, documentation, or libraries
available for macOS. Developing for the Mac must be absurdly difficult!

Edit: This was sarcasm.

------
anth_anm
> Without proper oversight, they were able to operate these vice apps that
> blatantly flaunt Apple’s content policies.

Good.

~~~
FabHK
Are you jokingly referring to the fact that they were flouting (ie, ignoring)
the rules, while the article seems to say that they were ostentatiously
displaying (ie, flaunting) the rules?

Or are you just saying that it's good thing that they could operate apps
against Apple's rules?

~~~
anth_anm
It's good that they challenge the walled garden approach and Apple's
particular brand of moralism.

I don't need porn or gambling on my phone. I think it's entirely reasonable
for adults to make that choice.

------
rvanmil
We’ve been slowly moving away from enterprise certificates at our customers
and using the “Custom Business Apps” route in Apple’s app store instead. It is
a much more streamlined experience, no certificates to worry about and easier
distribution. You will have to deal with app review but so far this has not
been a problem at all.

We’ve also seen Apple deny requests for enterprise certificates without reason
(and they wouldn’t give it after asking), which makes me think they might even
want to get rid of this channel in the long term.

------
mrweasel
I'm still not entirely sure why Apple cares about porn, they have people
credit card information, that should be sufficient for age verification, in
most cases. Gambling may provide Apple with some legal issues in most
countries.

It's clearly a large market, and with 30% percent cut of subscriptions, it
could be a lucrative business for Apple.

~~~
atonse
They like to tightly control the message with regards to their brand, and
that's one of clean, white, bleached happiness.

This stance has also hurt them with original content. A lot of great original
content on other networks has had graphic violence or nudity, and they've
stayed away, instead pushing bland shows that nobody seems to care about.

Maybe that'll change. But I'm not holding my breath, because I think this is a
core value coming straight from Tim Cook.

~~~
chipotle_coyote
I think it's a little too early to definitively say that Apple's forthcoming
video streaming service only has "bland shows that nobody seems to care
about," given that we haven't actually seen any of those shows yet. (Remember,
"Carpool Karaoke" and "Planet of the Apps" predate this planned service and
the hiring of ex-Sony execs to oversee it.) There are conflicting reports
about whether that service will allow over PG-13 content, and if it doesn't,
then sure, that's potentially a problem -- it limits what creators are going
to be able to do, which in turn may limit the creators you can attract. But
given that 18 of the top 20 box office hits of 2018 were PG or PG-13, it's
pretty clear you can make content that people care strongly about within those
limitations.

~~~
lozenge
But do enough people want to subscribe to a service that doesn't have any edgy
content? (No drug use, no graphic violence, no sex, no political
documentaries).

~~~
chipotle_coyote
Well, two responses come to mind.

First, a bit flippantly: I bet Disney's services are going to do just fine. :)

Second, less flippantly: I'm not sure we should conflate "no R/X/MA material"
with "nothing edgy," nor should we necessarily conflate "edgy" with
"interesting." And, again, we don't _really_ know what limits Apple has put on
creators for this service; they have some pretty big names lined up in terms
of writers, directors, stars, and properties. It's certainly true that a fair
amount of what they're producing sounds explicitly family-friendly, but being
able to say "we have original programming created for us by Sesame Workshop,
Peanuts Worldwide, and Oprah Winfrey" seems like it could carry some weight.
(And I'm personally interested in several of the more adult-sounding science
fiction shows.)

------
graphememes
Ah, yes, we should all bow and curtsey to the TechCrunch's journalist's idea
of Apple's responsibility. Apple should immediately start cracking down on
what users decide to run on their devices, and lick this journalist's boots
for his generous thoughts on the matter.

------
untog
I feel like the answer here is simple: Apple removes the apps and monitors
this stuff more strictly in the future. The creators of the apps make
progressive web apps.

~~~
freehunter
Progressive web apps which unfortunately don't work on iOS.

~~~
untog
Safari supports them now. Not the full API, but enough for a porn or gambling
app to get by (but then, so is a non-progressive web app, I'm not sure what
they're doing that really warrants a native app)

~~~
phreack
Push notifications, most likely

------
tobyhinloopen
Why cant we have porn or gambling apps on our iPhone though... cmon apple.

I get that you don’t want them in the store but at least add an adult store or
something

------
trhway
>Apple offers a lookup tool for finding any business’ D-U-N-S number, allowing
shady developers to forge their Enterprise Certificate application.

no kidding. Next would be DNB itself : [https://www.dnb.com/duns-
number/lookup.html](https://www.dnb.com/duns-number/lookup.html)

While DUNS are practically "SSN for enterprises", Techcrunch probably thinks
that DUNS are used as a security-by-obscurity tool/measure in the same way as
SSN is used. Fortunately for all of us - it isnt.

------
outsidetheparty
How thoughtful of TechCrunch to include a list of URLs for all of the porn and
gambling apps they found.

(Seriously, I find that editorial decision pretty surprising. The table of
certificate holders and their types of business seems journalistically
relevant; download links maybe less so.)

~~~
intopieces
In the age where anyone can say “fake news” and immediately cast doubt on the
veracity of a journalist’s claims, it makes sense to be super transparent
here.

------
jmull
They say this like it's a bad thing.

------
GeekyBear
Since this is an option that seems to get ignored in these discussions, if you
are an end user and you want to use unsigned apps, jailbreaking your device
allows you to do this.

After jailbreaking, you can use a third party App Store like Cydia to find and
install unsigned apps.

[https://www.wikipedia.org/wiki/Cydia](https://www.wikipedia.org/wiki/Cydia)

Doing this does not prevent you from using Apple's App Store or it's apps.

~~~
chii
Jailbreaking often voids your warranty.

If it's already out of warranty,then ok. But know the risks.

~~~
GeekyBear
It's no more difficult to restore the device to factory defaults than it is to
jailbreak it.

[https://ios.gadgethacks.com/how-to/unjailbreak-your-
iphone-r...](https://ios.gadgethacks.com/how-to/unjailbreak-your-iphone-
restore-back-factory-settings-0155798/)

------
Ahmedb
There is a huge aftermarket for iOS Entreprise certificates. They either get
stolen or attacker get their hands on the users credentials.

------
caffed
Mobile Safari is the worst offender.

