When companies centralized and controlled app downloads, they did it primarily to make more money. Now their greed ends in the loss of real human rights. When America was founded, the fourth pillar of government was the free press, i.e. the gatekeepers of information. Today, capitalism and naked avarice have broken the back of this key democratic institution, and the effects on society in the U.S. and abroad will be continue to ripple for years to come.
It's like Obama was fond of reminding tech CEO's when they'd start pontificating on leadership... “Government will never run the way Silicon Valley runs because, by definition, democracy is messy. This is a big, diverse country with a lot of interests and a lot of disparate points of view. And part of government’s job, by the way, is dealing with problems that nobody else wants to deal with.
“Sometimes I talk to CEOs, they come in and they start telling me about leadership, and here’s how we do things. And I say, well, if all I was doing was making a widget or producing an app, and I didn’t have to worry about whether poor people could afford the widget, or I didn’t have to worry about whether the app had some unintended consequences … then I think those suggestions are terrific."
> Today, capitalism and naked avarice have broken the back of this key democratic institution, and the effects on society in the U.S. and abroad will be continue to ripple for years to come.
How do you interpret that China, a pseudo-capitalist country, bans skype and its because of the greed and avarice of private capital.
This is textbook china. It was before and there is no reason it won't be this way for decades to come.
Because if iOS didn't prohibit installation of apps from anywhere but it's app store then this would be much less problematic.
But Apple does, because it decided at the start of the platform that being able to take a 30% cut and defend it's own weak services applications from competition was worth more than the inevitable human rights problems a closed app platform presents.
Clearly the ability to take a cut of all app sales was a huge part of that decision, but was far from the only one. Security and easy of use are also very important. My grandma can install apps on her tablet no problem. But telling her to go to {domain}.com => downloads => download the 64bit windows executable and then find the file and run it, is a totally different story. Not to mention how many people will just google the name of the app, click the first link, and look for any link that says download and click next, next, next until they've succesfully added a bunch of spyware and 7 more IE tool bars.
Clearly Apple's decision is based on paternalism, which most people don't appreciate when it's combined with government power. Compare:
"Clearly the ability to eliminate opposing viewpoints was a huge part of the Chinese government's decision, but was far from the only one. Stability and economic prosperity are also very important. My grandma can obey simple laws. But telling her to go to research contradictory political perspectives and decide the correct course of action is a completely different story. Not to mention how many people will just vote for the candidate that pushes their emotional buttons, and read whatever crap on Facebook and click next, next, next until they've elected Donald Trump."
The core problem with trusted computing is that users are never allowed to install their own root certificate. My grandmother should be able to install a root that someone she trusts controls, which will include but not be limited to the OS vendor.
"Hey grandma, run this and click Ok. Nevermind, just let me see it for a minute." Don't be a ridiculous strawman, everyone has friends or family they trust that are better aligned to their cause than multinational hardware vendors.
How do you make sure that grandma only does this if you tell her but not if the app she wants to watch that movie in or that email with your brother's address in the from field tell her to?
In the world of Linux distribution, they can have multiple independent repositories. When adding another one, you usually import their PGP key to establish trust. When you install Google Chrome on Linux, you will add another repository that will be responsible for further Google Chrome updates.
In the Android world, multiple app stores exist. There are stores by Amazon, Yandex, Baidu, etc.
If Apple wanted, similar mechanism could be made for iOS too.
You say that Apple is doing this for its own financial interest yet on the other hand Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws, and are just as bad if not worse since their system of persistent user tracking is far more insidious.
Don't like Apple? Don't buy their products. Your involvement with them ends there. Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.
You must elaborate that more, because I can't see it.
> Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws,
Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.
> and are just as bad if not worse since their system of persistent user tracking is far more insidious.
Not sure about their tracking, but they do not have an equivalent of Play Services on the devices. If you want to be really sure, use F-Droid or apps stores with the principles of F-Droid.
> Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.
That's not true. When you use Google Search, Gmail or Youtube, it's you who entered the URL into the location bar. You can stop doing that exactly the same way, like you can not purchase Apple products.
>Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.
This is a non-issue that people have brought up countless times. First of all, are we in agreement that app stores and other legal entities have to obey local laws? So your point is moot. Side loading is possible on iOS. You don’t even need to own a Mac to develop for iOS. [1,2,3,4] There is also the open web to fall back on.
And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off. [5] And please educate yourself about modern ad tracking [6]
> This is a non-issue that people have brought up countless times.
Does not make their argument right or correct.
> First of all, are we in agreement that app stores and other legal entities have to obey local laws?
Proactive censorship, company policies or business interests do not align to local laws 1:1. Porn, BitTorrent, gab.ai or countless other banned applications are not illegal, yet you are not going to be able to install them on your Apple device.
> Side loading is possible on iOS.
By jailbreaking?
> You don’t even need to own a Mac to develop for iOS.
We are not talking about development, but about loading a binary on the device and running it. TWO DIFFERENT THINGS.
> And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off.
On Android devices with Play Store (aka Google proprietary app) installed. And they apologized for that, and are removing it.
> And please educate yourself about modern ad tracking
If you are concerned about ad tracking and you don't use any adblocker, at least educate yourself about capabilities of the current browsers[1].
>Proactive censorship, company policies or business interests do not align to local laws 1:1. Porn, BitTorrent, gab.ai or countless other banned applications are not illegal, yet you are not going to be able to install them on your Apple device.<
"Banned applications are not illegal"; that's an oxymoron.
Side loading has been done on iOS. Refer to Apple Developer Enterprise Program. [1] Cardiogram has also successfully side-loaded apps on iOS. [2] But it seems I won't be able to convince you since you cannot agree that a curated marketplace has value and that people desire this.
>We are not talking about development, but about loading a binary on the device and running it. TWO DIFFERENT THINGS.<
Refer to the two links cited below.
>On Android devices with Play Store (aka Google proprietary app) installed. And they apologized for that, and are removing it.<
That's a SEPARATE Google tracking issue (hur hur) in April 2017. Did you even read the link I posted? It was discovered 2 days ago now.
Ultimately, Apple has to obey the law in China. The "wisdom" of allowing side-loading to sidestep public policy issues exposes a wide target that is prone to abuse and leads to bad outcomes.
> "Banned applications are not illegal"; that's an oxymoron.
I don't follow your logic there, care to elaborate? Banning is done by Apple; legality is determined by courts, based on laws. Has any of these apps ruled illegal by court? Of course not. As I already wrote, company policies are not 1:1 map to laws, there's much more that goes into them, especially things like business interests and partnerships, but also things like ideology or subjective moral judgement.
> Refer to Apple Developer Enterprise Program. [1]
You can't be serious. So your grandmother is going to found a company, then get a DUNS number, so she can sideload an app?
The second link says exactly nothing about sideloading. On contrary, it has big Apple Store button.
> But it seems I won't be able to convince you since you cannot agree that a curated marketplace has value and that people desire this.
For convincing, it helps to have valid, logical arguments.
You don't seem to understand, that curated marketplace and sideloading are not mutually exclusive. Those, who want that marketplace, can choose from curated selection. Those, who want to sideload, can. In your model, where the curation is enforced on everyone, it is being turned into control for what's allowed and what is not.
> Ultimately, Apple has to obey the law in China. The "wisdom" of allowing side-loading to sidestep public policy issues exposes a wide target that is prone to abuse and leads to bad outcomes.
Ultimately, by allowing side-loading they are not responsible for whatever the user side loads at all, because they do not control this distribution channel. Just like Microsoft is not responsible for whatever you run on your Windows machine and Linus Torvalds is not responsible for whatever you run on your Linux machine.
>I don't follow your logic there, care to elaborate? Banning is done by Apple; legality is determined by courts, based on laws. Has any of these apps ruled illegal by court? Of course not. As I already wrote, company policies are not 1:1 map to laws, there's much more that goes into them, especially things like business interests and partnerships, but also things like ideology or subjective moral judgement.<
This is literally the third line of the article: "We have been notified by the Ministry of Public Security that a number of voice over internet protocol apps do not comply with local law. Therefore these apps have been removed from the app store in China."
>You can't be serious. So your grandmother is going to found a company, then get a DUNS number, so she can sideload an app?<
You said you can't side-load apps and that's the proof that you can. This is how companies deploy apps that are not on the App Store. And this has nothing to do with grandparents, it's two separate things. I remain unconvinced that it's easier to sideload an app from dubious sources than downloading from a sanctioned App Store.
>The second link says exactly nothing about sideloading. On contrary, it has big Apple Store button.<
The App Store is the official way to get into the Cardiaogram program. You can join the mRhythm study which is not offered on the App Store. They send you an email link and you tap on the link. Then you download the profile and the app. And that's how you sideload apps.
So I've provided 2 real-life examples of how side-loading is done on iOS.
>You don't seem to understand, that curated marketplace and sideloading are not mutually exclusive. Those, who want that marketplace, can choose from curated selection. Those, who want to sideload, can. In your model, where the curation is enforced on everyone, it is being turned into control for what's allowed and what is not.<
I agree that in an ideal world, having both a curated marketplace/walled garden and the option to sideload would be good. In practice, the closest to this idealized model is actually iOS and not Android, because Android even in its most "official" form is sponsored by a company whose business is to spy on its users (refer to earlier citation about being busted by Quartz). We can keep arguing in circles about "open source" and "code audits" but Ken Thompson pretty much shut that down with his Turing award lecture. [1] As of a few days ago, Google has consistently been shown to be untrustworthy.
> This is literally the third line of the article: "We have been notified by the Ministry of Public Security that a number of voice over internet protocol apps do not comply with local law. Therefore these apps have been removed from the app store in China."
Meanwhile, we moved the discussion from a narrower issue of the article to a wider issue of sideloading in general.
> You said you can't side-load apps and that's the proof that you can. This is how companies deploy apps that are not on the App Store. And this has nothing to do with grandparents, it's two separate things. I remain unconvinced that it's easier to sideload an app from dubious sources than downloading from a sanctioned App Store.
You still can't in general. Only in very specific, narrow situations, blessed by Apple. Your feelings about ease of side loading vs. app store are irrelevant, as we are talking about running software that Apple for various reasons might not approve of.
> In practice, the closest to this idealized model is actually iOS
In practice, you can run only things that Apple approves. Not good enough.
>Meanwhile, we moved the discussion from a narrower issue of the article to a wider issue of sideloading in general.<
Refer to earlier explanation of tiresome.
>You still can't in general. Only in very specific, narrow situations, blessed by Apple. Your feelings about ease of side loading vs. app store are irrelevant, as we are talking about running software that Apple for various reasons might not approve of.<
What are these "narrow" and "specific" situations you speak of? If you wish to distribute apps in jurisdictions where they are banned, I don't see why Apple is obliged to help you break the law. As for the side-loading capability, I have yet to encounter anyone who has had problems with Apple restricting their ability to side-load while enrolled under their enterprise program. Hell you can even use TestFlight to push your "beta" apps to "beta-testers" in perpetuity.
>In practice, you can run only things that Apple approves. Not good enough.<
Besides the links provided earlier, you can also have your own runtimes on iOS. e.g. Filemaker, Wolfram are doing this. [1] Python has been on iOS for at least 5 years. [2]
In all seriousness, this was an unintentionally hilarious comment. You can be against walled gardens, but one of best arguments for their existence is because grandmas in general can't be trusted to install root certs.
Google pretty much solved this issue with sideloaded apps.
Nobody is stopping you from downloading only from the store. But if you want, you can also download from outside of the store. As a bonus, Google even checks those apps for malware (but like any antivirus, it's mostly based on signatures + some relatively weak machine learning that won't stop original new malware until it gets reported by someone).
The Play Store may also be slightly less secure than the App Store, but that's mainly a factor of Google not doing any manual reviews. But this is a different issue. My point is that there's no reason why Apple couldn't allow sideloading, too.
Trading some freedom (to run whatever code/apps. you want) for the security afforded by a centrally run repository is definitely a reasonable one to make, but the same mechanisms can be co-opted and used in ways that aren't in the users' interests.
It's a difficult line to draw IMO - providing _any_ way to bypass it opens the non-technical user up to malicious software (to varying degrees), but if all platforms (or even just all the major ones) become so locked down, IMO that's a big loss in itself.
That's because Windows does not have any sandboxing, although that seems to be changing with Windows 10 version 1709.
iOS apps are still sandboxed just like apps from the App Store when you sideload them using Xcode. That's all you would need to install Skype, and sandboxing is what keeps iOS secure, not the App Store. The App Store review is mostly about weeding out obvious junk and enforcing Apple's business model.
> Because if iOS didn't prohibit installation of apps from anywhere but it's app store then this would be much less problematic.
I love Android and I love the fact that I can sideload apps from f-droid or elsewhere. But I've seen firsthand that (by children, e.g.) sideloading apps can result in a cascade of horrible device security problems.
We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
In any case, I don't think Apple's decision is strictly motivated by "being able to take a 30% cut". Apple has shown a commitment to security in their public statements and their devices' design. However, I'll grant that profit was certainly part of the motivation.
> We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
Or we could just take the time tested solution from the desktop world and you could give your kids non-admin accounts that doesn't let them install random stuff. The android security model is nothing but security theater in practice.
> We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
I don't. It should be available to non-technical users. It needs to be available to non-technical users. If anything, Android is too complex already.
>I don't. It should be available to non-technical users. It needs to be available to non-technical users.
Why should it be available to non-technical users? What will they possibly gain from being able to be tricked into installing a keylogger on their phone?
I don't think it's a given that full permissions on a device imply that a user will be able to run their device the way they want to. Permissions are necessary but insufficient. The other part is knowledge and ability. With permission but not knowledge, the user experience gets worse not better.
No, but the user will be able to run their device in the way that they want to. I'm not supporting no protections, but you should always let the user override those protections at the end of the day if they so choose.
How do you convince yourself that one of the(if not the) biggest government in the world forces a company's hand by force is not to blame, but the company who is the victim of such force is actually at fault.
Super Mario Run is a 220mb app, and it was downloaded 40 million times in 4 days. That's 8.8 petabytes of data transferred, for one app in 4 days.
A lot of apps don't go the in-app-purchase route, they rely on advertising, and if using e.g. Google's ad network, Apple gets just the $99/year to host who knows how many millions of downloads of the app.
No one claimed Apple doesn't make money on the App Store, but to claim that it's some massive profit machine for Apple is ignoring the reality of what it costs to host all the apps Apple makes just $99/year from.
Nintendo don't pay 8 billion dollars for Apple to hose Super Mario Run.
They paid $99 a year, or maybe $299 a year if they have an enterprise account.
Sure, Apple doubtless made a lot of money from people buying IAP for that game, but as I said, a lot of games and even utility apps don't monetise via IAP or selling the app itself - they rely on advertising, which Apple likely gets $0 from.
But hey, way to completely twist what I said to make a stupid fucking joke.
But democracy isn't the only alternative, or the best one.
What we are really discussing is totalitarian regimes. One is Apple, a top down secretive corporation with policies, dictating what will happen. The other is China, which like many Communist countries uses the "will of the people" as a surrogate for its own desires.
Representative democracy can have same issues. Take for example Prohibition, or the current war on drugs. And many other things.
I think that when it comes to PLATFORMS, there should be no barrier to entry. I would go further and say that I want there to be CENTRALIZED COLLABORATION on a platform, and not competition (eg of browser makers). But the platform must implement every extension that becomes popular enough. In other words when an app or extension becomes popular enough, it should be incorporated into the platform as one standard.
Think of how much headache would be solved and how much more could have been done if there were no browser quirks, and only one major browser.
The difference is that ANYONE should be able to build their own browser extension or website. ANYONE should be able to host it on the internet accessible to all. And if it gets popular enough it gets added to the feature list for EVERYONE.
However, this is a different form of governance - nothing is RESTRICTED from people and they are free to try new things.
>I want there to be CENTRALIZED COLLABORATION on a platform, and not competition (eg of browser makers)
>only one major browser
>nothing is RESTRICTED from people and they are free to try new things
What happens when one does a new attempt at a browser, that cannot be merged into the original major browser when it gets big enough?
For a simple example, suppose Google Chrome was the only major browser in such a model. One day, someone decides that C++ is too prone to vulnerabilities, and creates a new browser, called Firefox, based on Rust (on an entirely new codebase). What will happen when Firefox becomes sufficiently large to be considered major?
If it can't get merged due to something fundamental, then it can be a competitor. But that's a very rare case. The vasy majority of extensions are eminently able to be incorporated into the core.
Baloney. Pre-AppStore, you could only download a Windows binary version of Skype, and it was not the official Skype version. I didn't have Windows, but the download looked pretty sketchy. You can bet your last dollar that the Chinese government could listen in on your conversation. When Microsoft bought Skype, they de-P2P'ed it. You can bet all the dollars you wisely didn't bet earlier that a condition of Microsoft continuing to operate in China was that they enable the government to listen in. So now you just can't Skype at all. Doesn't have anything to do centralized app stores, and everything to do with a paranoid Chinese government.
> When America was founded, the fourth pillar of government was the free press, i.e. the gatekeepers of information. Today, capitalism and naked avarice have broken the back of this key democratic institution
It sounds like you're not at all familiar with the prior 230 years of American history as it pertains to Capitalism and the free press. Just as one example era, see 1880 to 1930. The market economy in the US was very lightly regulated, today it's extremely regulated. There were hardly any restrictions on press ownership during that time. There were few means to know who owned or influenced which entities, including the newspapers. Literal direct bribery was legal in most regards politically.
Today, the US is barely clinging to being a Capitalist nation. This is an era of innocence compared to when the US was a full-blown Capitalist nation. A better title now is mixed economy. Nearly all industry is extremely regulated. Taxation is extremely high compared to the first 150 years of US history. Government intervention into the economy is the highest it has ever been. At a time in which the US is the least Capitalistic it has been in its entire history, you're choosing to start blaming Capitalism for the weakness of the free press. You're missing a comically large error in the premise.
>When companies centralized and controlled app downloads, they did it primarily to make more money. Now their greed ends in the loss of real human rights.
Well, the Chinese get the right their chats to be surveilled by their own state (in their own platforms) - as opposed to being surveilled by the US (on Skype and such platforms).
The problem in this case isn’t centralized App Stores. It’s software that relies on a centralized server. If Skype we’re still P2P, then maybe it could evade the Great Firewall a bit easier. But it’s not, and China will just ban the Skype servers and render the app useless, even if you’re able to side load it.
Centralized control has made things a lot more secure. The fact that centralization also makes government interference easier is definitely a big negative. However, you can always go compile the app from source and install it that way, or sideload the app onto your device on iOS. It's not 2009, there are official ways to do this from Apple including for free.
> When America was founded, the fourth pillar of government was the free press, i.e. the gatekeepers of information. Today, capitalism and naked avarice have broken the back of this key democratic institution,
What makes you say this? I seriously don't follow.
> When America was founded, the fourth pillar of government was the free press, i.e. the gatekeepers of information.
The free press wasn't a pillar of government. When America was founded, the "free press" was pretty much propaganda outlets owned by and used by the wealthy to attack each other.
One of our oldest newspapers ( NY Post ) was founded by Alexander Hamilton purely to attack Thomas Jefferson.
The press was never gatekeepers of information. The free press was "fake news" straight from the get-go. Even before the founding of the US, during the colonial period, they were political propaganda tools. If you are interested, go read about what Benjamin Franklin's colonial printing history.
This sort of thing represents one of the true dangers of single-source App Stores on general purpose computers with no side-loading fallback, and is why we should be proactively working to make it illegal. It's not that Apple is malicious per se, or even that they're particularly slow at reviews or whatever (though that has been the case at times too), but the mere fact that they represent a single, easy to pressure choke point. Apple themselves have reacted to this appropriately when it comes to the hardware by removing more and more of their own ability to affect it once it's been sold and giving that power to the owners instead. That's not just a positive for owners' privacy and security (and in turn a selling point), it also reduces Apple's exposure and liability. If they don't hold a given set of data or power in the first place, then nobody can go after them for it.
Unfortunately on the software side they have not sought any of the better tradeoffs available between security and vetting vs owner power and decentralization, and in turn find themselves in the crosshairs for every single app. Not even just from governments though they're most coercive, but from any public cultural/religious interest group at all. Since Apple has to approve everything, Apple is also seen (correctly) as directly responsible for everything on the App Store. The result has been exactly as you'd expect: they're more conservative on average about what sort of content they'll allow, not merely about objective issues like security.
Perhaps negative PR from actions like this might be sufficient eventually to get Apple to change course on their own. They wouldn't actually need to do very much, even selling a one-time permanent single device signing cert might be sufficient [1], and could form the basis of alternate App Stores even. But if Apple (and others) won't move it should be legislated. Improving wearable displays will ultimately mean the merger of "mobile" and "PC", that is the next disruptive evolution in computers. We should not allow that to become the end of bazaars for software too.
----
1: Right now they have a free one, but it only lets apps run for 7 days, and the developer one is yearly and subscription based.
My take away from this is quite different. Or at least tangential.
I expect Apple and any other company to have to comply with local laws in various countries. It's unavoidable. What else could they do? Refuse and loose access to that population?
But right now, as regards device encryption and back doors, there is a sort of mutually assured destruction. A MAD that the US law enforcement (e.g. FBI et al) are constantly trying to undermine. Right now Apple claims the iPhone is designed such that they cannot unencrypt it. The FBI wants to force them to create a method.
Regardless of the technique used that then will make every similar device world wide subject to the whims of local law as regards allow that country access.
What would stop any country from then demanding blanket access to devices? But at the moment this doesn't seem happen because there's an unspoken detente among adversarial countries to not demand such back-doors.
This situation reminds me of that. Since it is possible for Apple and others to block things on their app stores, countries demand it.
It's a cautionary tale of why it's important for companies to design certain things from the bottom up to prevent bad behavior.
Microsoft's current CEO discusses this in a chapter of his new book "Refresh". Listening to him, I think the big companies are going to fight hard & have popular opinion on their side when it comes to securing data.
I believe Erlang creator Joe Armstrong has proposed some sort of split security. Something along the lines of securing the most important data from everyone & allowing government access to limited data that could help them catch bad guys. He wasn't very convincing in the podcast I listened to but maybe in written form he could provide a better argument.
> Listening to him, I think the big companies are going to fight hard & have popular opinion on their side when it comes to securing data.
I'm glad they are thinking this way. But over the past few years, Silicon Valley companies have also made themselves more hated and less trusted by the general public. This won't bode well for the "final fight" between them and the government, because they may be surprised to find out that people won't show up to support them anymore.
So tech companies, don't be Uber, is basically what I'm saying. Stop being so non-transparent with your data collection and your aggressive and shameless tracking, while also making it very hard for users to either know what you're doing or to disable your tracking.
If all companies would revert back to a "first, do no evil" mantra by default, I think they would find it much easier to have the support of the general public when it comes to big government fights.
I like that idea, Joe Armstrong's split security idea a lot.
Can you link the podcast? I'd like to hear what he said.
I'm a strong believer in privacy, in not trying to legislate backdoors into encryption, but I'm also a proponent of the idea that everything in society is a balancing act between the individual and society (and we see this play out in every aspect of life, so it's not a radical new idea); the question is finding the right balance.
Interesting, very interesting. Please, if you can, link that podcast.
I'm partial to the idea that companies should put human decency above profits, for sure. But let's talk specifics.
Making a principled stand is often important, and can make a big difference in the world. That said, I often see an assumption that China would bend if companies would just stand their ground. History suggests that this is not the case at all. China would be perfectly happy for all non-Chinese companies to withdraw and leave WeChat to stand alone. WeChat which happens to give the Chinese government access to any and every message they want. So other companies might be able to feel better about themselves, or not, but we can assume it will have no bearing on China's actions.
So, how does it benefit humans or the cause of human rights for Apple to completely withdraw from China over this? Chinese users would lose access to secure iMessage and a device with a secure enclave, but would gain... what?
Why do you assume that this is the case? China itself is a great example that absolute human rights are not really a requirement for a great economy, growth, and profits for those involved.
But then they would have to be able to prove that in a court of law.
What people don't understand here is that the principle of fiduciary duty binds the hands of a lot of these companies. If you don't hold the controlling voting interest in the company... you really have very limited room to maneuver legally speaking.
Now if Apple could count on its shareholders not to sue them...
THEN they could operate in the fashion that you postulate.
Ugh, this is most definitely not true at all. Apple has repeatedly refused to bend to shareholder's demands, and has suggested that shareholders unhappy with Apple's focus on environmental conservation (at the expense of greater short-term profits) should buy a different stock.
I agree. Yes. Perhaps I should have said I have zero expectation that most corporations would say yes. They will decide they just cannot ignore a chunk of the world population that big.
iOS is probably, on the whole, better for human rights than the alternative (Android, especially from a Chinese-native company). Better to compromise than leave them with nothing.
> What else could they do? Refuse and loose access to that population?
Yes! And go even further: actively assist in aiding dissent and revolution in nations whose disrespect for human rights is so flagrant as to threaten their business model.
I don't understand why the state is held in such regard as to casually gloss over the possibility that private entities, especially those as massive as Apple, might help to smash it.
Apple is an incredibly powerful entity in the world today. There is no reason for them to sit on the sidelines rather than to aid in bringing China down. It's inevitable; the only question is whether it takes 60 years and happens on the backs of the poor and nameless or whether giants like Apple flex their muscle to help.
Right. But there is an apparent balance at the moment where because no government has demanded and received back doors, no country mandates it. It's a precarious spot to be sure. But it would be bad for the US to step off the line first.
It's only a matter of time before China feels they can do it. They will, if they haven't yet. Not defending U.S. politicos and bureaucrats who also want it. Just saying that the U.S. asking or not asking for backdoors will soon make no difference.
Perhaps but at that point the US (or whoever) can counter with their own rules/laws. Might lead to manufacturing balkanization but I'd prefer the US not the one to step over the line first in the same way I'd prefer the US not be the first to use nukes (although I guess that's a bit hyperbolic).
This has nothing to do with centralisation. Every (even decentralised) shops need to comply with local laws. You can debate the laws, but not the compliance of shops. It's the same reason you can't just buy weed from 7-Eleven.
If you care to read the article, Microsoft says they are working with the government and the app will soon get reinstated.
This has everything to do with centralization precisely because decentralization makes it easier to break the law. I thought it went without saying when discussing bypassing censorship in China, but to be clear I am actively advocating for the ability for end users to more easily defy the law in the setting of software performing as expected that they choose to utilize on their own devices.
>(Every (even decentralised) shops need to comply with local laws.*
1: "need" and 2: LOCAL laws. Which in the case of shops based outside of a jurisdiction means only their own jurisdiction, not anyone else's. Apple is a multinational, so it cannot avoid this. But other shops absolutely could, just as they do in the PC market right now.
And again, this applies to every polity, not just China. I (and probably most of Americans on HN) am absolutely a computer law breaker. I have ripped my own DVDs and Blu-rays, which has put me in direct violation of the DMCA. I have utilized open source software like x264 (or, back in the day, gif encoders) without negotiating or paying a license fee, which puts me in violation of software patents.
In the real world, entities like RIAA and the MPAA have had to play whack-a-mole and could do nothing about places based in jurisdictions where evil laws like patenting of ideas/math are not in place, and thus there was freedom to go around them and change the course of public expectations beyond those with central power, which in turn affects the law too (which is an organic entity). If we instead imagine an alternate world where in the 90s Microsoft and Apple and so forth had iOS level hardware full stack control and central stores, would we ever have had anything like DeCSS? Hell, would open source platforms have been possible at all? Law and morality are not the same thing, not even in the most egalitarian and democratic countries. There needs to be some give at the edges for experimentation and evolution over time.
> and is why we should be proactively working to make it illegal.
Absolutely, it should be outlawed now! Do you have an address for the person in the Chinese legislature that I should be writing to, to pass the relevant law?
You didn't understand what he was saying.
He's saying that iOS is the problem because it's vulnerable to censorship.
This is unlike platforms (Android, Windows, Linux...) that allow side loading, which makes censorship harder.
>Do you have an address for the person in the Chinese legislature that I should be writing to, to pass the relevant law?
In a global market and considering a universal hardware platform, cooperation from any specific polity is entirely unnecessary. It is sufficient merely to convince one single polity that cannot be abandoned. America or the EU would do it. Both are markets that Apple absolutely cannot give up, and of course the former also has direct legal jurisdiction over the majority of Apple.
You also seem to be extremely confused about what I actually suggested should be legislated:
>I'm arguing with the underlying problem. I'm suggesting that passing laws against app stores is not a practical solution.
I never suggested that "App Stores should be banned", that's ridiculous. What I said is that Apple (or any other entity) should be required to offer (for free or at a reasonable fee [1]) owners a cert/key they can use to sign arbitrary software to run on their device indefinitely. That's it, though it might make sense to require that developers be offered that as well. That alone could be sufficient to serve as a foundation for various non-Apple implementations of side loading, up to and including full 3rd party App Stores. The point isn't that Apple wouldn't still have their own App Store, nor even that it wouldn't still be by far the preeminent choice. It's merely that there'd be a core level steam release valve available.
So in that scenario the actions of the Chinese (or any other) government would revert to the same as any standard computer: within their own borders they could pursue all legal and technical avenues their government wished, but people could try to go around it. A bypass of the great firewall (or merely a tourist visit outside of the country) would be sufficient to gain a key which could then be used on an iDevice within China (or anywhere else). Apple would simply not be involved in that, instead it'd be between a government and its people again.
The same would apply even beyond government, for example Apple doesn't allow certain content that is perfectly legal but not family-friendly enough on the App Store anywhere. A legal requirement that owners may sign software to run on their own devices would create an alternative.
----
1: which can be a thing in law, no "of course you can do it on your $500 device for $1 million" stuff.
The title clearly states that it disappeared from multiple app stores not just apple's. At least for Android China has multiple app stores not just Google Play.
While I agree with your point and distributed App Stores sound like a proper way for users to be independent from various risks.
But what makes me paranoid is that decentralised stores would be another source of malware, where even Google as a central entity fails miserably.
>But what makes me paranoid is that decentralised stores would be another source of malware
Yes, some additional risk comes of certain avenues of malware [1] comes with decentralization. However I really want to emphasize that the risk in an optional-non-central-source scenario is not at all the same as what exists on the PC, and in turn any risk must be weighed against the direct harm that centralized censorship is already doing. First, in the scenario I'm describing everything is still signed, potentially even with an Apple-based PKI type cert. Allowing owners to have their individual cert signing for their devices isn't the same thing as giving them root or jailbreaking, while certain restrictions of Apple's are non-technical (like private API usage) a lot of jailing can be enforced by the OS. With trusted authorization and data input paths going through an HSM in iOS, an owner key does not mean any software can run willy-nilly, and the scope for malware is limited outside of security vulnerabilities that may exist anyway [2]. There is still a trust infrastructure available, and in turn the ability for alternate App Stores to have reputations of their own (and for owners to get extra warnings, do revocations, etc). Apple could still themselves issue blacklists against malware (with user control). Etc etc. Ubiquitous hardware backed signing infrastructure required for running software throughout the device offers a lot of anti-malware options regardless of whether Apple alone owns the device keys.
Users would also simply face a much higher barrier of entry to running malware. If it costs money, any money, to get an owner cert and requires any hoops then social engineering becomes significantly harder. Apple does in fact cover most of the needs in their App Store, so going outside of it would still be something unusual. With the right UX and possible dual requirement for developer signing as well, users might simply themselves (or with a technical friend) side load one single app like Skype and otherwise not bother. Apple has a number of levers to better push non-technical users in that direction too.
FWIW you didn't mention it but I will touch on piracy since that's a material concern for Apple and devs too: without getting into the weeds on effectiveness of DRM and specifics of implementation, I don't see why a device that allows running non-App Store software couldn't still effectively deny running something that's available directly in the local regional App Store itself (options for official/unofficial non-App Store offerings would be possible too, that'd be a business decision for Apple).
In short I don't discount that, amongst the entirety of Apple's user base, there might well be some users who'd experience some level of harm from a decentralized option, no matter how it's implemented. But at the same time there are definitely a lot of owners who are experiencing harm from present situation right now. Theoretical maybe harm shouldn't entirely distract from existing proven harm. I think the tradeoff of Apple giving up some control (and in turn responsibility) there would be worth it for all involved (except oppressive governments).
----
1: In a discussion of government actors it's worth considering whether in a centralized scenario could Apple be ever be pressured/legally ordered to deploy malware directly, but that doesn't diminish the primary threat of malware being from private/foreign sources.
2: If anything I'd expect vulnerabilities appearing in general malware would accelerate their patching vs the present 0-day market where they're sold for a lot of money for use mainly in APTs.
Centralization hasn't stopped the iTunes App Store from infecting a greater percentage of users with malware (Xcodeghost) than any competing mobile platform.
You might not like Apple’s walled garden, but it’s pretty much irrelevant to this story.
In fact Skype has been removed from the Android stores as well so the non-walled gardens aren’t faring better. Also, since this class of apps is about communication, the app stores are just a side-skirmish in the war for control. The real power is in controlling the network, which the Chinese government does (and Apple does not).
That brings us back to the real problem here: the repressive control of speech and communication by the Chinese government.
The relative openess of tech ecosystems means little in an environment of a repressive, controlling government.
They only put “Apple” in the headline for the clicks.
China government will not usually explain why a specific software/service should not be accessible by Chinese people.
But when they do, they usually use some reason like: They must operate according to China's law.
If you dig into the law though, you will find it's very hard for an international online company to follow some of them. So often you end up with a special version for China only and/or corporate with Chinese company.
Skype did it before, it was called TOM-Skype[0], operated by TOM.com[1]. Then, TOM.com gone out of business, and TOM-Skype was discontinued.
Who says there are explanations? It's basically an accepted and unavoidable fact of life that you can't access certain foreign Internet services at times. It is what it is.
I mean I'm used to the United States where almost anything the government does the government has an answer for it (albeit probably not good answers). I guess in large part the free press sort of forces this.
So are you saying the government doesn't issue an official stance and that they just do it?
Yes. There are various sensitive times when foreign Internet services become particularly unusable. No explanation is provided for these times, and everyone basically knows what's going on. Most recent example: https://techcrunch.com/2017/09/25/whatsapp-blocked-in-china/
China's CCP has a fairly explicit bargain with its population.
"We give you previously-unseen economic growth and prosperity. You do not ask questions."
So this falls under 'not asking questions' and 'giving growth/prosperity' when a local copy springs up in its wake. Eventually the CCP will run into the wall of reality when it comes to 'previously-unseen growth', but the market can stay irrational longer than we can stay solvent. And also, they have no qualms about just shooting people, which usually seems to give an autocratic party a few extra years if nothing else.
They don't have to explain much. Chinese protectionism paved the way for its tech sector while avoiding the security risks and loss of control of being dominated by foreign companies.
No one here has given you a good answer because they simply don't know what day-to-day life in China is actually like.
If you're a young and reasonably-educated Chinese person, you probably wouldn't notice that the app was taken off the store. If you did notice, you would probably see a message from the government about the app not complying with its standards. Then, you might grumble about it on the internet forums, poking a few jokes at the government, with the knowledge that this is just how tech in China currently works at the moment. Then you'd just migrate to WeChat to handle your voice calls.
If it's implied not to question the government "for the sake of social harmony" I'm just going to interpret that as "for the sake of not getting your ass thrown in prison".
Clearly Chinese culture doesn't always amount to rolling over for the sake of social harmony, just see: Boxer Rebellion, Tiananmen Square, Communist Revolution, Xinhai Revolution, etc.
We have no way of knowing how supportive the Chinese truly are of their government if that support is given under the threat of imprisonment or loss of economic opportunities (up to and including those of family members. Under an oppressive dictatorship that persecutes freedom of speech by force, "social harmony" is really just trying to survive. In that sense, I'm sure North Korean citizens value social harmony too
Another HNer said that it has been missing from China for a while now, redirected to something called "Tom's Skype." I'm not wholly surprised considering that even the official Google Play Store is banned.
There was a theory that they were working on end-to-end encryption for Skype. If true, this may be related to that. I sure hope it's true, otherwise they will not be able to say that they "can't" provide people's communications with a court order, as they're now doing in Belgium.
Also, the court classified them as a "telco," likely because Skype offers integration with regular phone lines. It's also why, in the U.S., the government can use CALEA to intercept Skype calls.
So if they want to keep using that excuse, they may want to offer a "secure" data-only version of Skype, too (that's the default Skype), and provide a deprecated version that's integrated with regular phone calls.
This would also make it easier for them and everyone else to move on from the convoluted WebRTC 1.0 standard to the ORTC-based WebRTC 1.1. It would've been ideal to make this change with the overhaul of Skype's design to be more easily accepted by people, but oh well, better late than never.
I'll rephrase my question: how are those any better? The others are just as bad and/or closed source and on top of that Facetime is only available in the Apple ecosystem.
I'd like to see a P2P app store on the same kind of system as cryptocurrency. Like torrents meets P2P consensus for file verification, with weights for trusted sources.
You are replying to a comment about a distributed repository of software based on some sort of blockchain, while you are linking to a P2P messaging protocol. Not that isn't relevant to discussions about Skype, but it is irrelevant to SW repositories of the parent comment.
That's humorous. On a serious note though, Skype should be renamed to "Skype--" in the US. After MS bought it, it became a buggy piece of crap. Every new version had more useless features and was more prone to crashing/freezing up than the last. Screenshare and the other golden features became riddled with issues. Skype was once great. During the period in which it was down for "maintanence" many believe that spying measures were added. In any case, there are much better options these days considering how bloated and buggy the actual client-side software has become.
AFAIR, they changed communication model from Peer-to-peer to client-server and then it all started. Why did they need all conversations to pass through their servers...? Something is hinted in the last paragraph of this article though:
Clients server with message history on the server solves a lot of the weird message ordering things that would happen when you had conversations between multiple users each with multiple clients that were mostly offline. This is especially helpful for mobile, since always online mobile isn't realistic.
It certainly also enables some law enforcement use cases though.
This is the VirnetX patent case which is still partly ongoing. It's kind of difficult to find but it involves patents 6,502,135, 7,418,504, 7,921,211 and 7,490,151.
Right. Most people will just assume that is the only version of Skype available for Win10. Skype has gotten worse..but not to be judged by the bundled metro app worse... Metro is just a total failure altogether, I haven't seen a metro app that convinced me otherwise. It's a must to use PowerShell to uninstall that version of Skype and instead install the normal win32/win64 executable.
No need yet, they usually can’t compete with incumbents. And as a US consumer I am fine with keeping local companies in competition with foreign ones because it usually means I just get more options.
Seems like The New York Times has invented a new annoying method of mouse hijacking. When click selecting the text while reading I am `swiping` to the next article on desktop. And double click increases font size?
In case it goes, does anyone know a good alternative to connect from the US to China that didn't require VPN usage in China? I've found wechat's call quality awful.
* controlling data about Chinese citizens from going outside of Chinese control (e.g. onto international/US servers where it can be subpeona'd by the foreign government host)
* protecting local industries from foreign competition
I wonder what is their attitude to other communication software and protocols, especially FOSS ones.
Skype by its closed nature could contain all sorts of CIA/NSA spying routines, but what about Ekiga for example? Open Source software would hardly justify any national security concerns except those implied by letting common people freely communicate.
Well, Skype has vigorous anti-debugging measures to keep most of its unwarranted behavior under wraps. And when MS bought Skype, it was taken down for a significant time, thought to be when the NSA [etPhoneHome] method calls were added. It's all just conjecture though... But I'd stick with other voip/telcos. I really can't blame China for not wanting their people subject to what is pretty obvious US spying.
Wasn't it taken down to be rearchitected (spelling?) to a "superhub" peer to peer setup? Kind of a half way house between fully 'cloud' (centralised) like it is now and fully peer to peer like it was before MS bought it?
I guess that doesn't preclude it becoming part of PRISM and I might be misremembering the details too.
Something like that. But reverse engineers (who I trust) after busting through all the anti-debugger protection, and looking at the protocol, seemed to be of the opinion that the app was way too reliant on Skype's servers and way too obfuscated for just IP protection alone. Better open source than sorry. Skype is not to be trusted. At least most EXEs you can debug but Skype has literally wiretrapped and packed the crap out of their exe for unworthy reasons. Stallman would consider it untrustworthy computing, let alone the networking part.
It's like Obama was fond of reminding tech CEO's when they'd start pontificating on leadership... “Government will never run the way Silicon Valley runs because, by definition, democracy is messy. This is a big, diverse country with a lot of interests and a lot of disparate points of view. And part of government’s job, by the way, is dealing with problems that nobody else wants to deal with.
“Sometimes I talk to CEOs, they come in and they start telling me about leadership, and here’s how we do things. And I say, well, if all I was doing was making a widget or producing an app, and I didn’t have to worry about whether poor people could afford the widget, or I didn’t have to worry about whether the app had some unintended consequences … then I think those suggestions are terrific."