Google and Facebook both knew the terms. They both knew that the Enterprise Distribution Program was for internal use only. They still put ads out in the wild to recruit regular consumers to use internal apps which is beyond the scope of the program. Why would the certificates not be revoked?
I don’t understand people who are acting offended that Apple is enforcing the clear terms of service it laid out.
It is an interesting salvo in what I've started thinking of as the "data war." All three companies have a huge asset in data collection capability, and preventing the others from exploiting it is only the first skirmish among them.
It will be interesting to see if Google offers to pay additional monies to Apple in order to "restore" this pipeline, and whether or not Apple will agree. In one sense, Apple already gives up a data feed by sending search queries to Google.
Do this. Create a fake company and say you wrote a spider to index Facebook public profile data and that you have like say 100GB ....
Watch how fast you get sued by Facebook.
Mind you this is public data that EVERYONE can see...
The entire concept of law is based on the premise that not everything that is physically possible should be permitted.
Yeah nah, that's where the concept of agreements comes in. You walk up to Fes Boock and say:
― I want to have business with Fes Boock.
― Fes Boock will have business with you if you promise to not stab Fes Boock in the back.
― I give my word to not stab Fes Boock in the back.
Turns out, this thing is so valuable, it's supported by law everywhere that I know of, in multiple forms, including rather implicit ones such as “ToS.” Which is what allows Fes to sue the stabbing bastard.
A better real world analogy is a bulletin board on campus or a wooden power pole.
Lets suppose that it is super common that people staple flyers to power poles, with the expectation that people will read them as they pass by. Your analogy would claim that if I staple a letter to the power pole, expecting that only my friend that I told about the letter should read it, that passers-by are doing something unseemly by reading it, while being surrounded by want ads and for sale flyers that people do want read.
Websites are nothing like mailboxes. The vast majority of websites would prefer that as many people as possible read their contents as much as possible. Email would be a better analogy.
This is not the case for HTTP. A network protocol is an agreement about the meaning of certain clusters of bytes sent over a network. When someone operates an HTTP server, a reasonable person could conclude that they take HTTP messages to mean what HTTP says they mean. A lot of cases get more interesting because there is also something generally understood to mean, "Please don't access the following resources by automated scraping, independently of whether my server decides to grant those requests."
Since a web server, by its primary mode of operation, does indeed more or less indiscriminately send replies to whomever makes a request, it follows that the duty of choice lies with the client. The person operating the client has to apply their reason and follow the inter-party conduct.
Sorry, why isn't it the duty of choice the server owner, who chooses to put the server online in the first place? What exactly are these rules you think exist? This is the first time I've ever heard of them.
> Since a web server, by its primary mode of operation, does indeed more or less indiscriminately send replies to whomever makes a request,
This is completely false. The server owner can authenticate GET requests and return an unauthorized response if the client is not permitted to access the document. We are not talking about a situation where a hacker attempts to brute force a password or gain unauthorized access to a server. If the server is on the internet serving anonymous GET requests with no authentication the reasonable assumption is that anyone is permitted to access the data.
It appears that the rest of the web gets by pretty well using the legal framework I've described. Because, you know, they tend to choose things to be pragmatical instead of those that “can be done.”
"It's a bold strategy, Cotton, let's see if it pays off for him"
Apple does this under protest. Their top search queries are served through siri lately, and the hope is siri will replace all search so they won't need to utilize google anymore.
There was a time when the Siri folks approached Blekko (which was an actual search engine with its own index, crawler, and ranking Etc. to discuss partnering with Apple (personally I think they should have bought us :-)) But, according to people who should know, there was a cultural mental block at Apple about providing web services at the time. The biggest thing like that they had done was Apple Maps and it was a 'mixed' success. Apple didn't see itself as being a search company.
I used to point out that Microsoft had a phone (Nokia), an operating system (Windows Phone), and a search engine. Google had a phone (Nexus), an operating system (Android), and a search engine. Apple had a phone (iPhone) and an operating system (iOS).
Since that time Microsoft dropped the OS and phone, and Apple never did build a real search engine.
 More precisely it is a front end to a simple knowledge base, a local index of things on your device, and when those things are exhausted an internet search engine.
I've noticed several times now where Google assistant has been able to answer questions about things in almost real time all thanks to Google's crawlers.
My friend asked it earlier whether USPS delivers mail during a polar vortex and Google assistant told them they didn't yesterday, at least in Chicago.
I mean, when I think about Apple, I think of a company that designs the look, the internals, the case, the glass, the board layout, and even some of the chips. (Sure, they contract the manufacture out, but Apple is deeply involved with designing components on a low level -- not merely farming it all out to some device maker in Taiwan or China.)
But for Nexus/Pixel: how much is Google and how much is LG or Samsung or HTC (yes, I know they bought HTC). I mean, how deep do Google personnel in Mountain View really go? How much do they just hand off to outsiders? Is it comparable to what Apple does? Maybe so. I just can't quite see into it.
Google's biggest challenge was customer support, they just didn't do the whole "someone to pick up the phone and talk to you" thing.
So I'd say, they have a core capability to do handset design (perhaps some of it residual) and they likely strongly influence the hardware they sell. Is their bench as deep as Apples? No.
What are you basing that on, exactly? Apple doesn't exist in a market simply to "be" in that market. That's why they jettisoned things like their Airport routers
Bing, I thought?
But I think that DuckDuckGo uses multiple sources. Although it's easy to restrict that to Google.
I say this with an unlocked and de-googled android phone next to me, and several hacked arm devices at home. I OWN THEM, with no doubt, so I agree with you in a different world.
There are quite a few Apple users who like the hardware, the operating system, apps which are iOS-only, and the integration with other Apple devices - some of whom also want to run their own choice of software as well.
There's no alternative which has equivalent benefits, if that's what you're looking for.
(NB, I don't use an Apple phone personally).
But the terms of this license are by no means "protecting" users who voluntarily chose to install these apps for payment. A license can have multiple legitimate purposes, including protecting the business interests of the licenser. There's no need to pretend that Apple is protecting users in order to defend their actions here.
Apple found themselves in a position were doing "the good thing" aligned with business.
And atm, you couldn't on a locked down device.
It's the golden cage that allowed them to do of course good things this time. This argument is the old one against a walled garden and it still stands.
that's the problem - why should this service exist in the first place? It's extortion to have to pay to distribute apps to people who want them, on devices they own themselves.
Except if they force Apple to nuke all of their apps, which would put Apple in a difficult position. But perhaps Apple could sandbox apps, and prevent them from doing stuff that violates ToS.
But that's not what this is about. Apple has been enforcing these rules for years. F.lux tried to get around the App Store by reaching users how to sideload via Xcode. Apple killed it.
The big players should be subject to the same rules. If they want to run their own code, they can't just flagrantly ignore Apple's TOS.
I'm also onboard with the Nielsen metaphor but not for kids. And both were scummy in targeting kids (though FB was definitely worse judging from marketing materials).
Specifically, Apple killed it because f.lux decided to distribute their app in a really sketchy manner where they essentially pushed an opaque binary blob to the phone rather than compiling the app from source and installing the build product from that.
That's what Apple is doing here. Pushing iPhone as a commodity, not a replacement for your macbook. This way they get the benefits of controlling the experience as much as they want. (I am not saying it is right or wrong, just that many people are fine with commodity phones and don't care for the loss of configurability).
Now, _will_ I do that? Probably not, but my opinion is that as the owner of the device, I should have the ability to do so if I so choose.
And what about the manufacturer? Why should it be their legal responsibility to satisfy your whims for programmable interfaces?
Not to mention what you're mentioning that what you're suggesting will make the iPhone incredibly insecure.
Regarding security, that very much depends on your threat model and definition of "secure". Indeed, I see this general trend of decreasing user control over increasingly complex and connected hardware as a massive security threat where I am forced to trust multiple 3rd parties who may arbitrarily disrupt my life anytime new "features" or "policies" get pushed out.
It is perfectly possible to securely implement a tamper-evident "I know what I'm doing" switch/fuse that enables advanced control by device owners. However, I'm well aware that I'm in the minority on this topic, so I'm not holding my breath for such features to be implemented.
That said, I doubt washing machine microcontrollers use signed code. It's easier to modify them than your phone which is completely backwards.
Yes. It is within my full legal right to install whatever programs I want on my washing machine.
Apple lost a bunch of lawsuits, when it tried to sue people for doing this. The courts proved that yes, you do have a legal right to do whatever you want with hardware that you own.
How do you protect against that backdoor being used by hostiles?
I sideload stuff on my phone quite frequently.
Xcode 7 and iOS 9, and yes, you can still do this.
(also, what Apple allows you to run on your own device is actually a different story, not related to this news)
And know that Apple has your back when it comes to holding developers of the apps you use to their commitments.
There’s a clear benefit to the reputation of a vendor being on the line for the security and quality of their product and the services offered on it.
I mean, yes, we shouldn't buy iOS devices. But we should accept that things have ad hoc vendor-controlled "rules" just because someone baked them into the things, either.
> what Apple allows you to run on your own device is actually a different story, not related to this news
How so? It's not like Facebook and Google were hacking their way in here. They asked users "please run this software" and users had the option to do so. Seriously how is that any different than "please run my great jailbreak environment" or "here's a new OS for your iPhone"?
It was the behavior and marketing of these spyware things that we shouldn't like, not their mechanism.
Facebook and Google did sign it and distributed their software based on it.
> It's not like Facebook and Google were hacking their way in here.
They literally did (in the legal sense).
But of course, it's a battle of two evils here. Both sides can just nuke each other if you ask me, I won't miss them ;)
I think we're talking past each other here. I'm not talking about how Facebook and Google's spy kits were licensed to the end users or about their compliance with Apple's own vendor license.
I was pointing out that the principle here is that I (and Facebook and Google) should have the ability to write and distribute software for you (and me, and Facebook and Google and even Apple) to use on your iPhone. And that the fact we don't have that ability is bad.
And more to the point the fact that Apple's control over their platform was used to benefit the public by disallowing spy kits still does not make that control a good thing.
Free speech doesn’t allow libel and slander. Free assembly doesn’t allow riots. Without a framework for meaningful justice, the high minded principle is just a race to the bottom.
I should be able to have the freedom to choose a platform where I have some protection against the various bad actors out there. Without Apple, the only options we have is non-participation, believing the lies, and arbritration.
What? Very absolutely it does. It just doesn't protect from the consequences.
True, but you entered in a contract with the app developer and they are bound by one with Apple.
Apple’s right to act on iOS devices is in virtue of them being a service provider to google more than the company that sold you your phone
... wat? No, I didn't. It's easy to imagine I "must have", but in fact there's no signature, no negotiation nor in many cases any consideration.
Ah, but you say: I must have signed a contract to use the app store that I downloaded the app from, and that must constrain me to honor the terms of the app that I downloaded, which is constrained by Apple's contract with the developer.
Except, no, I didn't do that either. The whole thing is a house of cards. There is absolutely no principle behind this regime, it's just something we've all come to accept because it's technically possible and because "usually" the power granted to hardware vendors hasn't been abused.
But it has bad side effects too, and it's really important that we as a community not lose sight of the fact that locked down devices are really, really bad.
Do you have an Apple ID? You need an Apple ID to download apps from the App Store, and when you create the Apple ID, you accept their ToS. So, yeah, I think you did.
Though that ToS has absolutely nothing to do with anything we're discussing -- the ToS that matters here is the one between Apple and Google/Facebook.
> ...and that must constrain me to honor the terms of the app that I downloaded...
I don't think Apple's ToS with you constrains you to honors the terms of the app you downloaded. That seems strangely indirect. I think the app may or may not have their own ToS that they make you agree to at some point before permitting you to use their services.
Technically correct. But software running on "things" has terms. It's called a license. When you buy a movie, you don't own the film. You own the right to use that film in accordance with the license.
The question you're sidestepping is whether a license can say "you can't run your own software on your own thing". Obviously it can be implemented to do so given the way computers work, but it's not at all clear why that should be so.
IBM has had contracts for decades that govern use of your software on the hardware you bought from them. You buy CPU hours or the right to use a certain amount of the computer for a specific timeframe. One place I worked at had a mainframe that they could not use for production workloads unless a disaster declaration was made.
They’ve been litigated and are valid.
BTW. I ignore that and even many large, respectable companies ignore that, but it's there ;)
Sure they do. You want a gun? That comes with certain restrictions on what you can do with it. You want a car? There are certain restrictions on what you can do with it. Jet? Restrictions. Schedule 1 drugs? Restrictions. Knives? Restrictions. Fireworks? Restrictions. Cameras? Restrictions. Hell, even when it comes to a 2x4, there are rules about what you can and can't do with it -- you can't hit someone with it, or you'll suffer consequences.
Or stop abusing the terms of the enterprise certificates.
XX% of Google employees are non-technical
XX% of Google employees don't use Mac as their laptop platform
XX% of Google employees have a locked-down Mac that isn't allowed to run XCode or locally-compiled binaries because their job role isn't in Engineering
It doesn't necessarily have to be done by a man or directed at a woman. That's just how it tends to go. And obvs is a bit more fraught when it is going that way.
There will always be the possibility that some company will ask users to their absolute freedom ability to give them absolute freedom. Which is basically exactly what happened in this case. The only difference is, in this case, Apple built in a mechanism where they can stop individual actors.
And, to protect their users, they used it.
They are anti consumer and anti developer, buying from them is bad capitalism.
Seeing what's going on with Facebook and Google I guess Apple didn't pay much attention to this.
In both Google and Facebook's cases, they were using it to distribute apps to the public at large (i.e., users with whom they have no business relationship) simply because they couldn't get the apps into the app store to begin with because they would otherwise violate Apple's rules. So not only were they flagrantly disregarding the ToS of their enterprise certs, they were doing so in order to violate Apple's rules for app distribution. Less than great.
I mean, the program exists for a reason.
The whole point of enterprise certificates was to allow creation of internal apps that even Apple shouldn't know about.
I think most/all of the companies in the program would say it's about controlling the distribution of their apps, since putting them on the App Store would expose them to the public, and less about hiding from Apple...
The experience needed to instantly load a new image after the user voted because I knew they were only going to be on the site for maybe 30 seconds before they got bored and went back to reddit. I needed to collect as many votes as possible within that time period.
So I knowingly broke Google's ToS and prefetched the images on my server so I could provide the user experience I wanted.
"I'm a small operation. Surely they won't know." I wrote a server side screen scraper to load the Street View images and exposed the scraped images with an API.
Now my site was faaaast. I could load Street View images instantly and in the end got over a million data points doing this.
But then one day soon after it stopped working. Then I got a cease and desist email from someone at google legal. They didn't respond to any requests for turning it back on or even to discuss. Radio silence. That was terrifying.
Since this was my thesis, I needed help getting my keys turned back on. Google in the end was very accommodating, but only after I used my nuclear option: asking lab director Joi Ito to bug Megan Smith while she was still at Google to help.
I was connected to some engineer and told them what I was doing and why. They said stop. But then a week or so later, they sent me a beta invite to their new Street View images api, where you can feed in a lat, lng, header to a query string and they'll just serve the image now. Pretty cool.
Offending site for the interested: http://pulse.media.mit.edu/
I find the trick, when you're worried about this, is to use the regular API normally, but save the data that comes in from the normal usage of the API. i.e. Use the Google maps viewer and after the image is loaded, grab it however you have to, and post it to another API you've created that allows you to save the image. You're scraping their site, but you're not doing it in an automated way, and it should be undetectable.
After a while, you've got a good library of images from normal use. So you code up a switch that you can toggle that changes it from loading from the Google maps viewer to using your API to get images.
If you want to grow your image library, randomly assign some percentage of people to using the Google viewer (and save them they download), and the rest to your library of images you've accumulated. Or use a cookie or JS localStorage variable to track whether they are a returning person, and the first time always give them the quick library version, and if they return give them the Google maps viewer version (or just switch the percentages from 90/10 to 10/90, etc).
If they're willing to give you the data free within their ToS, there's very little technologically they can do to stop you from easily (or moderately easily, in the harder cases) storing the data. Worst case for someone looking to save it would be if they generate an image for the content and just serve the image, and that's not that hard to work around either, if the data is structured.
And while that’s not conclusive, they can just look at how your application functions to see what’s going on.
Oh, I'm not making any claim that it's legal. I'm just noting that if you've decided you want to scrape and are disregarding the ToS, there are ways to make it less likely to get you blocked.
> That said, this kind of thing is detectable. If users of an application are far less likely to download common data it quickly looks odd.
In the approach I outlined, you either load the Google JS payload and use it entirely as normal (and just do something extra with the data it provides), or you don't load it at all and run entirely locally. There are things they can do, such as embed analytical code in their payload to test for certain things, but it's just a cat and mouse game at that point.
> And while that’s not conclusive, they can just look at how your application functions to see what’s going on.
Assuming it's a public application (in this case it is), and that they have reason to look at it. If it's just spiky load, where sometimes there is load and other times there isn't or it's less, that's not really indicative of something odd going on, especially if you're relatively small.
This change did nothing to individual phones.
This simply prevents two organizations from deploying applications to phones with specific certificates. That's all.
They can control which apps can and cannot run as long as those apps are intended for internal use by enterprises. That seems reasonable imo, given that these apps are also not subject to any approval process.
Apple can't physically confiscate the phone or the data that you put onto it's hard drive (not talking about iCloud). It's yours. You can put linux on your iPhone if you want and there is nothing Apple can do about it.
Details matter. Don’t leave them out.
It's not just apple either. Using facebook, gmail, anything in the cloud and/or anything hosted, basically anything not under your control exposes you to the same risk. Most people don't care until it becomes a problem for them and by then it's too late.
And let's not forget that google weren't working with apple, they were working around them.
This isn't a single person choosing differently. Employees and consumers buy and use iphones and Google has no choice in avoiding them. Doing so will only hurt their business, and they don't exactly have the leverage to demand whatever APIs and access they want.
It's useful to discuss the philosophical implications of any tech company having too much power. To add the most to that discussion, it's helpful to understand that these actions are not directly affecting customers (aside from those who were using these enterprise apps outside their intended scope).
Clearly that's not a terribly big deal, and you'd imagine that Google has a lower proportion of iPhone users than many companies, but it's not nothing.
They are not personally affected as they still have access to public versions of the apps like every other person in America.
The fact that you cant reach a human if you are a "user" tells a lot about values at Google.
This is not true for major consumers of the API. They will call you and work it out. I know this from personal experience.
Things are obviously getting a bit ridiculous. Part of me thinks that something awful is going to have to happen before society stops these companies from pursuing everything they feel they need to.
Hopefully it won't be too late when that realisation becomes crystal clear to the majority.
I am hoping for a massive leak/scandal/Snowden moment when they finally cross the line and something happens that the lobotomized masses actually care about and cannot ignore.
Hopefully we end up with some sane legislation about how much mass surveillance of citizens by private companies is ok.
I think an interesting question is: What is Apple's best move from here?
I would suggest that Apple should leave Google/ FB blocked for ~1-2 weeks, to remind them who's boss on the iOS platform. However, I would argue it'd be smart for them to switch them back on after that- there's a chance that this looks anticompetitive to regulators at some point, which isn't something Apple wants to mess around with.
One sort of "rubbing their nose in it" term could be something like a large donation to some sort of privacy advocacy group or similar.
You mean like the terms of the Enterprise agreement? The terms that were already agreed to?
I wouldn’t even look at it from an anticompetitive angle or anything like that. This is a matter of what’s best for apple and its users. They should absolutely do what’s needed to ensure that their terms are obeyed. But permanently banning google is not “what’s needed.” What’s needed is merely to demonstrate that the behavior will not be tolerated going forward. I imagine discussions between corporate lawyers and perhaps a reasonably sized bond would be sufficient to demonstrate google’s sincerity in not repeating the error.
The reality, though, is that this sort of behavior in VERY large, VERY influential companies is going to draw way more scrutiny than a small company getting crushed by one of the big guys.
In general, Apple, Google, and Facebook are 3 of the largest technology companies in the world. In general, they have areas where their interests overlap (messaging as one good example of this).
Hindering the ability of Google/ FB to develop on iOS could absolutely be seen as an anticompetitive measure by Apple.
- Utilities that are only useful to employees of those companies (cafeteria menus, shuttle schedules, resources for salespeople on the go, etc.).
- Pre-release/testing (aka dogfood) versions of the apps they distribute to the public, for employees to use and find bugs on before they make it out to normal users.
Neither of those are pools that Apple wants to play in.
...and I guess there's a third category:
- Apps used gain "competitive intelligence" and spy on users.
By making this problem last long they aren't doing anything useful either.
- Bad case, they never restore certificates to G/FB and they end up losing all their employees to Android, with likely ripple effects in their tech sphere of influence.
- Worst case, G/FB retaliate by removing their apps from iOS and it's all out war with everyone losing.
- Best case, they restore them tomorrow with some fanfare and handshakes, but thousands of smaller companies now have been reminded Apple may actually shut them down if they misbehave.
There's no actual legal requirement that your company offers the same service that you use your market control to prevent your competitors from offering.
This is especially relevant in the markets where Apple has a significant market share (USA).
You can create devices and sell them and not make them compatible with other companies products if you want. It’s true from printer ink to PlayStations.
The only issue would be market share and monopoly problems, which given that Google’s alternative platform has 54% of the market is totally irrelevant here.
A convenient and inexpensive mechanism for installing apps to lots of other people’s devices has, however, been revoked.
Perhaps Google should shut down ever one of the servers that Apple is renting from them, for a couple weeks?
Or just block everyone on apple's campus/IP addresses from having access to any google services, search engines, ect?
The 2nd one probably wouldn't violate any contracts, so I don't see a problem with it.
This sounds counterproductive, as opposed to enforcing rules consistently.
IMO, it is very, very wrong that Apple is judge, jury, and executioner in this case.
Also, in today’s world, this potentially could be disastrous, not only for the company affected, but also for the world at large, for example if Google depends on internal apps for informing employees about emergencies such as “hacking like activity on our servers or even “data center on fire”.
If Google depends on internal apps then they shouldn't have violated the terms of internal apps.
Once the reasoning boils down to offense I know I am dealing with either intentional hostility or stupidity. Regardless of which of those is the problem I stop wasting energy thinking about it.
For people confused or further offended by this sentiment I suggest reading Principles by Ray Dalio.
Because of two related points:
1) The apps in question would not be allowed into the app store by Apple in the first place.
2) People believe that Apple abuses its dictatorial power over the app store and that it should be a more open platform.
I don't understand why they were so happy when this happened to Facebook but now they are offended because it happened to Google.
Oh wait, yes I do understand why. o:-)
This would sure save a lot of unnecessary network usage and bandwidth charges, not to mention it would be useful when you do not have network connectivity.
What is the reason if any why users should be prohibited from doing this?
The question is why every time the user wants to look at a map she needs to let Google know, using computer network access for which the user must pay.
Paper maps or maps stored on physical media do not have this requirement. The map company may "own the map" but the purchaser can look at the map anytime she wants, without any ongoing expense to keep the map company abreast of her travel plans.
I do not not use an "account" or "log in" to view free maps, so I just take screenshots as a quick workaround.
If you take a picture of Google Maps and then host it on your website without approval/paying Google and get caught you'll be hearing from their copyright lawyer.
I could take a picture of a map and share it on my LAN via httpd so all my computers can access it. I am the only user on the LAN.
It is not the "website" aspect that would implicate copyright, it is the redistribution, e.g., via a website on the public internet.
My original question is being misunderstood. It is not about copyright or what rights Google has in maps. It is a question about why Google attempts to force users to contact them every time the user looks at a map.
This is generally false. Minors generally can make valid contracts, though such contracts are usually voidable by the minor prior to execution. 
 without otherwise endorsing the site as an authority, the discussion here provides a good general coverage of the issue: https://contracts.uslegal.com/contract-by-a-minor/
When you are paid to take a survey, do you magically become an employee of the company conducting the survey?
Because there should be no 'terms' as to what software you can install on your devices.
BMW can make 'terms' so that if you mess with your audio system, it's not under warranty, but otherwise it's your car.
Also - 'the terms' are never very clear, and they can change on a dime.
Apple feeling some competitive heat? 'Just change the terms'!
Consider the collusion opportunities:
You want to use an Android - you have to give everything to Google. Don't like the terms? Apple colludes and does the same!
All of this is starting to get very close to anti-competitive kind of stuff, both between the big powers - and among consumers.
This isn't some grey area where the details are difficult to ascertain. Everything is pretty clear; the enterprise app distribution service is most assuredly not for distributing apps that break the App Store rules to customers. This isn't difficult to understand, so I'm struggling to see where people are trying to find some sort of detail to exonerate two well-known, repeated rule breakers, violators of personal privacy, and altogether companies who think their size puts them above reproach.
I mean, when Apple makes a big screw up, everybody leaps on it, even when it's just based on unconfirmed (and sometimes fabricated, like the journalist reporting on conditions in the Foxconn factories) reports; but if it's Facebook or Google, somehow they're underdogs with clean records, deserving of the benefit of the doubt? I don't swallow it.
How about we all just pass judgement equally upon the big companies, Apple included, for their foibles? But let's also take into account when these companies have been caught red-handed before, and if the best punishment we could muster was a slap with a wet bus ticket, let's not umm and ahh about why they think they can get away with their behaviour, and not be at all surprised when finally someone takes a stand on their own territory.
They're outraged because they have no recourse. What they usually do to users or partners, dictate take-it-or-leave-it terms, is being done to them. They can't even complain to antitrust regulators because Apple is only lord of its own kingdom (which doesn't have market dominance).
I think our support that we get is probably quite different than the support Apple gives to the developers of Google and Facebook, who make most of the top 10 apps downloaded from the App Store.
Do you think Facebook's right wing oppo research firm would balk about leaking a story that a competitor's phone is vulnerable? Absolutely not.
The point being made is that the blackmail is unsaid and implicit.
I have since left the startup, but as far as I’m aware they are still continuing with this practice.