All the other comments are focusing on the Apple angle, but I want to comment on how amazing the developer, Riley, is.
I've seen him working on this project (Delta and the AltStore) for four or five years. It's a project he's passionate about, and he's building it for himself, not to try and make money. (In fact, he's turned down offers from startups and top tech companies to work on this). More than almost anyone else I know, Riley embodies the classical hacker ethos. I believe partway through the project he decided to make this open source, so he then went back and re-factored a lot of the code to make it easier to learn from.
From the author's blog post on how AltStore works [1]:
> For this distribution method, AltStore requires your Apple ID and password to communicate on your behalf with Apple’s developer servers.
This seems really sketchy, and I would not be surprised if Apple took steps to prevent this, and possibly even to disable Apple IDs associated with this activity.
> The last major restriction is that an iOS device may only ever have at most 3 apps installed using this method, even if they come from different Apple IDs. This was by far the most frustrating one to deal with, but thankfully I was able to find a workaround in time.
The workaround (swapping around provisioning profiles) sounds like it's abusing a bug which Apple could fix pretty easily.
Apple is already facing antitrust actions regarding its walled garden. I doubt apple would be eager to give authorities more ammunition.
Alternative app stores will likely come to ios in one form or another. I think the smarter reaction would be for apple to offer an official API so that it can remain somewhat in control.
> Testut told The Verge that measures to block AltStore would break key functionality for developers or iTunes syncing.
No, it won't. Keep in mind that we didn't have the 7 day side-load for free apple ids prior to 2015[1]. All apple has to do is disable sideloading for free accounts. I imagine it won't impact many legitimate developers, who probably have paid developer accounts anyways.
It wouldn't break functionality for developers releasing apps in the app store, but it would break functionality for kid/teen developers and coding classes and people teaching themselves to code, which Apple cares a lot more about than people putting a Gameboy emulator on their phones
I wouldn't be AT ALL surprised if Apple decides to break the kid/teen developers over this. People like the AltStore developer are why we can't have nice things.
Isn’t apple just gonna blacklist this somehow? I get that you’re signing the app, but it’s definitely against the TOS in some obscure way. It’s not as though they won’t know which Apple IDs are logged in to the phones this gets installed on, regardless of signing certs.
Edit:
I do really like this though, it is a clever way out of the walled garden! I’ve used TestFlight to load stuff like ish on my phone, and would consider doing this if apple doesn’t go around murdering apple ids associated with it.
If Apple is tracking IDs how is that not anti-privacy?
In fact arguably they should implement signed reciepts so they don't have to track which apps you own. As it is they know all the apps you own, and probably even when and how often you run them.
Instead they could send you a cryptographically signed receipt and then not actually keep track of which apps you own. When you want an update they verify the receipt. That would be more privacy oriented than what they have now.
I remember chatting with people in the Bay Area about this idea a few years ago. I decided not to pursue it because I don’t favor adversarial business models, but I’m very curious to see if this person can pull it off.
Their best chance of survival, IMO, is building a developer collaboration platform that Apple finds worthy of purchase and maybe will integrate into XCode - something along the lines of Github but exclusive to the Apple platform with lots of integrations they can rely on for workflows and such. I think I’ve read that Apple isn’t big on services, but if this were developed in a peer-to-peer sort of way, piggybacking on iCloud as much as possible, maybe they’d want it.
Apple can and should block this by fixing the bug allowing rotating provisioning profiles to bypass the three app limit.
Nor do I expect they would or should try to "let this slide" due to the fear of antitrust investigation. Hacker News loves to deploy the walled ecosystem FUD, but given the iOS security model has proven itself technically absent any consideration of trustbusting, I expect them to stand on their convictions and fight the antitrust battle head on, not death by a 1000 pinpricks.
Encourage folks to learn more technically and use the developer tooling as is, then you can sideload whatever you want!!! Beyond that, it's not that hard: Don't abuse developer-facing tooling & workflows to allow consumers to do stupid things.
It would be interesting to see if Apple tries any kinds of explicit legal actions to shut it down. But this won't be seen much pretty to DoJ which seeks more evidence for an ongoing antitrust investigation. I expect them to silently implement a developer policy to fix "a security hole" without much explanations. This has always been Apple's way to tighten its control on their ecosystem and drive out any potential competitors.
So this is basically an automated version of Cydia Impactor, with a few key new features: using WiFi Sync instead of USB connection to upload the apps, which enables automatic resigning without user input, and the ability to use a single provisioning profile for multiple apps, which bypasses the low app limit for free developer accounts.
Seems like a very nice job and will likely make Impactor and signing services like Tuta or AppValley obsolete.
I'm all for mountain climbers climbing mountains, hackers hacking systems, and people otherwise doing it "because it's there". But when I read the developer's blog post, it sounds like he thinks this thing is going to stay around past the next iOS release.I hope he had fun and learned a lot of good skills doing this, but it's not something users should expect to be around.
Request to Apple: Just let this slide and see how it plays out.
Remember when you took out SuperBowl ads [1] demonizing authoritarian, totalitarian megacorps that told you how to think and what to do - YOU are that company in 2019.
Maybe if you let this alt store be, and monitor it's metrics you'll see that your users really want cheaper, more-full featured apps that you'd never allow on the app store - like a competing browser engine (Chromium), or JIT enabled javascript core [2], ...
It may also happen that this alt-store becomes a piracy and malware haven - in which case, your thesis of totalitarian moderation might win. I'd bet my money on the former - a thriving alt-store filled with apps Apple is too cowardly to approve on it's main store - like Steam Game Streaming, Chromium Browser, JIT enabled js/node, ...
I thought this was abuse as labeled by Apple. What happens in this case is that the apps in the store typically need to be re-downloaded because the cert was revoked or something.
Please someone correct me if I'm wrong because I really want this kind of thing to work.
You're thinking of misused enterprise certs. This is a bit difference. If user's are self-signing, every install has a different certificate. So Apple can't just revoke one certificate and break everything.
The big catch is, users need to resign every seven days...
From the author’s blog post, which goes into more technical details:
“While there’s nothing I could do about this from the iOS device itself, as it turns out the same underlying iTunes (WiFi) sync infrastructure I’m using allows you to also install and remove provisioning profiles from devices (since Xcode also requires this ability to manage profiles for developers). Before installing an app, I remove all the existing profiles on the device to make it look to the system like there are no other apps installed, and then once the app is installed I reinstall all the profiles. It’s very simple, but it works.”
I saw that line, but I must be missing something, or the article is. When I install apps with my free apple ID, they all use the same provisioning profile: I can see as much in Settings. However, I can't install more than three apps this way.
It was never on the App Store, you have to run the AltStore server on a Mac or Windows machine with the phone physically plugged in to load the AltStore app on to the phone. From there you can install apps as long as you’re on the same WiFi network as the computer running the server.
I’ve been able to install the AltStore app to my phone but nothing else, it can’t find the server even though we’re on the same network.
I think if moderation of the apps you can install on iOS was going to become a legal issue, we would have already been there. The reality is, if Apple wrongs you, you can walk into Best Buy or whatever and buy and Android phone.
The smartphone ecosystem is very healthy, there are plenty of opportunities for everyone to get exactly what they want.
If you buy an Android you can no longer commuicate with all your friends using iMessages. SO no, not quite "plenty of opportunities for everyone to get exactly what they want."
I've seen him working on this project (Delta and the AltStore) for four or five years. It's a project he's passionate about, and he's building it for himself, not to try and make money. (In fact, he's turned down offers from startups and top tech companies to work on this). More than almost anyone else I know, Riley embodies the classical hacker ethos. I believe partway through the project he decided to make this open source, so he then went back and re-factored a lot of the code to make it easier to learn from.
Here's the repository, btw: https://github.com/rileytestut/AltStore