Hacker News new | past | comments | ask | show | jobs | submit login
Apple Removes HKmap.live from the App Store (twitter.com/dylanbyers)
1175 points by ewoodrich on Oct 10, 2019 | hide | past | favorite | 872 comments

And in one fell swoop, Apple has made it effectively impossible to install this app on your phone. There's no realistic workaround. †

Apple should never have been capable of making such a drastic decision for all of their customers. It's one thing to make determinations about what products are allowed in your store, but quite another to unilaterally ban software from what is many people's primary computer. We live in a digital age, and software is a form of free expression. We wouldn't find this acceptable with eBooks, and we should not find it acceptable for applications.


† Unrealistic workarounds include paying $100 per year for a developer account, reinstalling the app once every seven days, or finding a shady, stolen enterprise certificate. These are not real alternatives for 99% of people.

>And in one fell swoop, Apple has made it effectively impossible to install this app on your phone. There's no realistic workaround.

Make the app a Web App and visit it in Safari.

Apple has banned it being notarized and distributed from their App Store but iPhones still have access to the conventional web which Apple has no control over.

Apple has been (I suspect purposefully!) dragging their feet on progressive web app support. There list of limitations is long, but most critically for this app (I would imagine), they can't send notifications and they can't work offline.

There are a number of interesting use cases for PWAs, but part of Apple's fear is (potentially) many of their clients will migrate to PWA only, reducing App Store revenue severely.

Apple also loses all code auditing and screening, meaning they can't ban GPL licensed PWAs like they ban alternative Linphone builds (as they are GPLv2), Signal Private Messenger builds (GPLv3) and only the official developer can build and submit these apps to the app store.

Apple's GPL ban also effiectively mandates these apps having broad CLAs to ensure they can relicense the code for use in the Apple App Store.

Edit: removed bonus apostrophe

> many of their clients will migrate to PWA only, reducing App Store revenue severely

This was also the music industy's fear of digital data about 20-30 years ago.

The business model is outdated, Safari purposefully being a laggard with no alternatives on iOS will eventually bite Apple in the butt, it is just a question of when.

Both the Music industry and Apple seek to maintain their control and thus their cash cows, but whether that will continue to work out for Apple remains to be seen...

> The business model is outdated

And what is it's replacement? It seems in app purchases are what keeps up a large part of mobile apps.

iTunes changed the music business, but I have not noticed a similar change for mobile apps, web or not.

SaaS and Entertainment as a service are the replacements, hence Apple Music and their new streaming service. This is also why AT&T, Verizon, Sinclair and Comcast have spent the last half decade buying media companies.

Why does there need to be a replacement? Apple already sells the hardware and their software (iOS and the preinstalled apps) and makes money off of that.

If I make my app available via my website as a PWA, and all the hosting costs are my own, and don't use any of the app store's services, why does Apple deserve a share of the in app (in PWA?) purchases?

Apple hasn't banned GPL apps. It would be more accurate to say GPL bans Apple.

What interest would Apple have in banning GPL-licensed web apps?

More details here:



Anyway, the message is pretty obvious: Apple won’t ship anything that’s licensed under GPL v3 on OS X. Now, why is that?

There are two big changes in GPL v3. The first is that it explicitly prohibits patent lawsuits against people for actually using the GPL-licensed software you ship. The second is that it carefully prevents TiVoization, locking down hardware so that people can’t actually run the software they want.

So, which of those things are they planning for OS X, eh?

I’m also intrigued to see how far they are prepared to go with this. They already annoyed and inconvenienced a lot of people with the Samba and GCC removal. Having wooed so many developers to the Mac in the last decade, are they really prepared to throw away all that goodwill by shipping obsolete tools and making it a pain in the ass to upgrade them?

The GPL v3 prevents things like the Novell/Microsoft deal to "patent license" Linux.

The consequence is that Apple can't merely settle to solve patent disputes for any included GPLv3 component, but has to find a way to have the upstream component (and all deviations) have free use of the patent.

This for stuff that ships with their OS, mostly.

Of that I am not certain, but Apple has banned VLC and many other apps, and continues to ban any GPL code from the app store: https://www.fsf.org/news/2010-05-app-store-compliance

VLC was removed because a VLC developer (copyrightholder) asked them to. Specifically, they alleged apple did not have the rights to distribute VLC unless they also allowed users to modify / recompile the software.

There is a way for end users to modify their software now, but I don’t know if it would satisfy that developer. VLC relicensed to make clear they don’t require distributors to do this.

I've used VLC on Apple products (phone, tablet, laptop) for years. I can't remember a time it wasn't available. Do you mean some VLC other than the video/media playing application?

VLC had to relicense to LGPL to make that happen: https://en.m.wikipedia.org/wiki/VLC_media_player#History

They do that to "protect" their DRM and application support libraries from GPL virality which wouldn't be a problem with PWAs

GPL virality does not apply backward from app to platform. There are loads of GPL apps on Windows and on Mac outside the app store.

I’ve been looking at the App Store Guidelines recently and I don’t see much in them that seems to block GPL specifically. Maybe it’s OK now?

If you have citations of GPLv2 or GPLv3 apps that are in the App Store, I would be highly interested.

As far as I can discern, Linphone is provided in the App Store under a proprietary license, VLC had to relicense as LGPL, and GNU Go is still not on the App Store.

The App store version is almost certainly using MPLv2, which is a file based copyleft license. Much weaker than GPLv2.

My understanding is that Apple doesn't ban GPLvX code - that doesn't mean other people won't write Apple and ask the app to be removed, claiming the app developer did not have proper copyright license.

I don’t think anyone’s tried it, because it was certainly not allowed a couple of years ago. But the language that the FSF used to point to is no longer there, so I’d like to hope that it might be possible today.

It’s not so much that it’s banned; it’s that because the GPLv3 allows users to modify their software and Apple doesn’t without their developer licenses, you can’t give the user all the freedoms the license provides.

You don’t need progressive web apps to display markers on a map.

And anyway, a PWA should be actually progressive. If it requires all the features it’s the opposite of progressive.

You’re referring to Progressive Enhancement, where you make sure it works on old devices but only new devices get the enhancements.

It's pitiful there hasn't been a widely adopted open source notification framework like linux is to OS. Apple and Google both implement their own and it gave them overwhelming power over the app developers. Ironically, this framework may start in China as while majority of the people use Android they have no access to G-suite, apps develop their own notifications and eats up tonnes of RAM, this will neatly solve that problem.

Apple is the one holding up Web Push on iOS at this point, Chrome, Firefox, Edge and a number of other browsers support it: https://caniuse.com/#search=push

> Apple has been (I suspect purposefully!) dragging their feet on progressive web app support.

The original point was that apparently there are no "work arounds" not mentioning that it could be done via WebApp seems a little disingenous.

The statement is referring to the user, there is no practical "work around" for getting their previously functioning, natively executing application operational again, on a computer they supposedly own.

Pointing out a "work around" for the developer is meaningless, in terms of "hey! they can reimplement it as a web app to bypass Apple's shitty walled garden!" is completely useless to these folks in HongKong right now.

I meant, there's no workaround for getting native software that has the capabilities of native software. If web apps were similarly capable I'd agree with you, but as it stands they aren't anywhere near equivalent.

Or just switch to Android and you can install the APK, and likely unlock your bootloader and install a custom ROM.

I don't know why are people against your comment. What happened to "vote with your wallet?" it used to be the way Americans punished companies. What gives power to these companies to be evil is that we as a society keep giving them money. Just stop giving them money and they will change.

It's not as easy due to network effects.

Part of these are social network effects (all my friends use it, plus the apps they use need you to use the same apps, meaning you have to use the same OS or one of the big ones, etc).

Part of them are actual network effects (you've already used the same g-suite or whatever apple provides, and moving to something else - if it exists at all - is either very difficult or impossible).

I'm sure there's others I am not thinking of right now.

But both leave only the "hardcore" privacy and open source activists as your only market - and that's so small that only others of similar persuasion even both to create and host those alternatives, if they exist at all. Since the market is small, and developers/time is lacking, UI and other parts of such apps/operating systems/ecospaces tend to be non-existant or suffer other oddities that keep them out of being adopted by the masses, unless those people get fed up enough with the existing products to be willing to put up with all the downsides of a more free and open system.

Which is kinda where Linux is today - a combination of becoming "good enough" - but also coupled with more than a bit of "corporate America" (and/or "corporate west") helping to make it just a tad better (for business use, for gaming, etc) - and the masses who are getting fed up with Apple and/or Microsoft - a few of them peel off to see what it's all about. Dual boot, or virtualization (and Microsoft has made that easier, too), they get a taste, and some think "hey this isn't really that bad - I can do almost everything" and some migrate over (with the big exception - games - but Valve and Steam are helping in that regard, too).

That's what is needed in the mobile realm, and nothing exists yet. Yes, there are alternatives, but the real bugger has been the hardware - which is very locked down, and only (again) the hardcore and activists are willing to go the extra mile to break open (root, jailbreak) consumer-available hardware, or purchase already "open" hardware, or go so far as to build their own hardware (I am contemplating this option, personally).

Until it gets easier for the "masses" to get a more open hardware mobile platform, the next step of an open ecosystem, operating systems, and apps is much for difficult to make happen. With Apple and Samsung being the main two hardware providers (for iOS and Android respectively), with the way both lock down their hardware, it will stay this way.

But really - for Android at least - Samsung does this mainly for the providers themselves. For instance (in my case), I have a G7 - but it's a T-Mobile version. I paid for it in full (I don't have a contract with T-Mobile, but they are my provider) - but Samsung provides a different version of the G7 (with a different processor and such) than they do outside the USA. That hardware is much easier to root, while the USA version is seemingly made to be as airtight as possible to root (with a constant back-and-forth game being played behind the scenes). It is strange - it's partly Samsung, partly the providers.

Ultimately, I'm just going to opt-out of this hardware game and build my own platform; I already have the 4G module to support phone and data (and I am planning on using it for data only, as I virtually never use my phone for voice calls). If I am lucky, it will be my winter project.

> It's not as easy due to network effects.

So true, which is why we need antitrust enforcement. If you run a platform or a service, you have to provide access to that platform or service to your competitors under the exact same terms as your customers. Anything less is the definition of anti-competitive.

Terrifically unhelpful suggestion for the actual users of hkmap

Android phones can be incredibly cheap (circa $100).

In addition there is nothing stopping them for trading their iPhone for a more expensive Android.

I wouldn't be surprised if this is a likely outcome.

Yeah, because you can just install Android on the iPhone you already possess.

No, but a comparable unlocked phone is $300.

Not all that relevant, but with the new BootROM exploit you may be able to do this at some point.

I expect that won't happen. Maybe as a proof of concept, but not as something anyone would ever want to use daily.

Documentation on iPhone hardware is basically nonexistent. Someone would need to reverse engineer it all and write drivers from scratch.

It’s happened before, though of course it’d be much harder today. Interestingly, it seems like Apple keeps around a Linux devicetree for their processors, so it’s certainly not impossible…

It never got past the proof of concept stage last time. And that was when there was more interest in Jailbreaking than there is today.

I wonder whether Hong Kong is behind the great firewall or not. Specifically, whether HK is behind it but the firewall is transparent for HK requests.

China has state run Telecom companies providing all the eyeball access, so it's relatively straightforward to ensure outside connectivity goes through the great firewall.

Hong Kong has multiple private companies providing eyeball access. It would be far more difficult for the Chinese government to get all of their compliance. If they just wanted to get traffic information, it would be far easier to just collect a statistical sampling collected from flows data on core routers for general info or to monitor specific IP's using rulesets without the massive undertaking needed for always on firewall capabilities on every single packet.

Back in October the HK ISP association put this out [1] about how bad it would be for them to be moved towards a GFW model, so I guess they're somewhere closer to Western style access requests still: https://www.hkispa.org.hk/139-urgent-statement-of-hkispa-on-...

It is definitely not, However, a surprising (to me) number of people in HK use WeChat for nearly everything, so...

It isn't behind the Great Firewall, but it is behind an increasing number of government controlled boxes that could be turned into the Little Firewall. There are many direct fiber paths into HK that go directly to big companies and it would take time to bring them under control, but it would take only be a matter of time.

The other aspect of the Great Firewall is the alternative ecosystem inside it, and the censorship system embedded in weibo etc. It will be interesting to see if surveillance capitalism apps like Wepay and Alipay suffer a setback in HK in the wake of the protests. Cf https://www.bloomberg.com/news/articles/2018-05-24/alipay-s-...

If China asked forcefully enough, think they'd start blacklisting sites in Safari?

That could potentially be the next step in forced censorship.

Well, I'm sure they just extend parts of the great firewall. Not need to get apple in on it.

Web pages are trivially censorable directly by the Chinese government though. I don't see how that's responsive solution to the problem here.

Trivially? In Hong Kong?

I don't think this is accurate, though it may come to be in the future. Which is sort of the point, why allow the techno dystopia to come?

They’re less censorable than a platform owned by a single company with a standardized process for taking down content.

OR go to android that allows you to sideload apps from other sources. Of course, you run the risk of malware, then but at least if Google were to pull something like this you could just sideload it.

Converting an iOS app to "a web app" isn't exactly a trivial undertaking. Remember you're likely saying "Reimplement the app atop an entirely different family of libraries and APIs."

Additionally, a part of the device's API is not going to be available to the webapp.

> Make the app a Web App and visit it in Safari.

Is the web censored in HK?

To the best of my knowledge, no. It's certainly not behind the Great Firewall of China.

What's to stop safari from blocking it since every browser on iPhone is basically a safari skin and actual alternative browser engines are banned

> And in one fell swoop, Apple has made it effectively impossible to install this app on your phone

You mean years ago?

Not that I support this move by Apple, but ... how is this different from them rejecting any application for any reason? We've had a ton of stories on HN of them doing that (for various different reasons)...

It's not different. The societal impact is just larger this time around.

Apple's position was never okay, and I hope this situation makes more people realize that.

Ah, come on, there are reasons which are less bad: Not accepting an app because it steals cc data. Virus. Etc.

Let's not pretend this is business as usual, however morally bad the usual business already is.

But isn't this all the same thing? Apple made a decision: "This form of speech is dangerous, so we're going to decide what our customers are allowed to see." And so Apple blocks both dangerous speech, and safe speech that could harm Apple's revenue, and safe speech that powerful individuals dislike.

People always seem to think of this as a false dichotomy, so I want to emphasize again that I think Apple's curated App Store is great. It just shouldn't be the only way to acquire software.

I don't think it's the same thing. Apple has at least three options:

- Have a store with, say, quality control, and the option to side-load

- Have a store with "quality control" (and, as I see it, some rather large levers to fight competition), no option to side-load, but don't bow to state actors

- same, but bow to state actors.

I wish it's the first, I thought it's the second, but we now see it's the third. I think the the third is worse than the second option.

Given time, the second option will always become the third.

Bowing to state actors is a decision individuals make.

If the platform gives specific people the ability to bow on behalf of everyone (as iOS does - reviewers have that power), eventually some of those people will do so.

A centralized app store must at least bow to the state actors where its business operations and servers live. Otherwise the state actors will take their hardware and remove the business from existence.

If the OS supports direct installation, then you avoid the inherent risks of centralized software.

Granted, you gain the risks of decentralized software.

Magic bullets are few and far between.

The second is inevitable to the third.

This isn't new. Apple has always bowed to state actors in order to damage minorities, literally ever since the app store launched with it's censorship targeting sex workers and sexual minorities on behest of the US government.

This one is just more obvious, but not new.

But see, by saying "don't bow to state actors", you're making a moral judgement about when it is and is not okay to bow to pressure.

Was it okay when Apple got rid of Alex Jones's app? He was spreading misinformation about vaccines, that's pretty darn dangerous. I guess you could argue that wasn't due to a "state actor", but is anti-Hong-Kong pressure from Chinese citizens all that different?

And here's the thing—I do think platform holders sometimes need to make moral judgements, and I'm glad Alex Jones is banned from the App Store. I'm significantly less glad that it's completely impossible to install his app anymore. It's the difference between not actively giving someone a megaphone, and actually banning speech.

> I guess you could argue that wasn't due to a "state actor", but is anti-Hong-Kong pressure from Chinese citizens all that different?

The difference is between taking something down because you agree with the rationale the entity-that-wants-something-taken-down gives you, such that you'd do it even without that entity in existence as long as you knew the information they told you; vs. being intimidated by that entity into doing so, such that without the entity, you'd have never done anything.

I fully agree that solution 1 would be much, much better. But I don't think I have to make a moral judgement when it is OK and when it is not OK: let's assume I think it's not OK in all cases, then it's still worse if they do it against Axel Jones AND HK than if they do it only against Axel Jones OR the HK.

In any case, I'm allowed to make a moral judgement. We do this all the time: Breaking the law is bad, but stealing is less "bad" than killing. And so on.

You can still ban bad actor apps from your app store while still allowing users to opt-in to side loading.

To be fair, Apple users consider it a benefit to not have control over their phones.

I know right? It's crazy people pay more money for less.

I'm not sure how to teach Apple users, they seem to find an excuse for every anti-consumer thing they do.

It's because the locked-down nature of the iPhone is always made out to be an all-or-nothing policy. I legitimately don't understand why.

There are real benefits to having a curated, sandboxed, and audited selection of safe, quality software. Most users should never need to leave such an environment

What is necessary is an escape hatch—one that doesn't involve continual software reinstalls, or outright buying new hardware. It's fine to hide the option away in settings, where most users won't find it. But in extraordinary circumstances—like when your city is rioting against your government—people will help each other locate the switch, and download what they need to stay safe.

I spoke with a former Apple dev on this topic once. He says that you can opt out of code signing and the App Store on Mac because that's a professional OS, but for iOS the security rationale for not allowing that is that it's geared for less tech-savvy users. Paraphrasing: "If there is a way to opt out, malicious apps and sites will con users into doing it to get malware on the phone."

I can't totally disagree. To have a completely secure device you have to lock out the user since the user is often the least secure component of the system.

I am sympathetic to the Dancing Bunnies Problem [1]. However, when I weigh the societal harm of (A) preventing people who are very dedicated to shooting themselves in the foot from shooting themselves in the foot, versus (B) protesters being unable to share and access important safety information, the choice is clear.

[1] https://blog.codinghorror.com/the-dancing-bunnies-problem/

Personally I think the real problem is that the OS is fundamentally broken. All current OSes are fundamentally broken from a security point of view because they all pre-date the era when security was such a concern and are designed to run only de-facto trusted code. All the security we have including all iOS's security is a bolt-on afterthought.

A modern security and privacy conscious OS would be "principle of least privilege" from the ground up. It would be written into the DNA of the kernel and OS from the first line of code, not bolted on later via permission managers and leaky APIs and then mandatory notarization by a central authority to work around the fact that the whole mess is still insecure.

We do have something like that. It's called a web browser. A browser is a small VM that runs utterly untrusted code relatively safely. In many cases it's code from the sketchiest ad networks and other hellholes imaginable.

Imagine if your real OS were like that. Install anything even known malware with fairly strong confidence that you're safe and that it can't do anything you don't explicitly grant to it.

Modern OSes are designed to prevent users from attacking other users (or the system) with malicious code. They are not designed to protect the user from malicious code they themselves install.

> We do have something like that. It's called a web browser. A browser is a small VM that runs utterly untrusted code relatively safely. In many cases it's code from the sketchiest ad networks and other hellholes imaginable.

Given how many issues there are with ad tracking, fingerprinting, and other privacy related issues, I don't feel the web browser is particularly safer than an iOS app. What can an iOS app really do that a browser app cannot at this point?

This is what Android attempts to provide and it is hard.

This is what happens when you try to do that - you pop up so many prompts that everyone just clicks "Allow" out of frustration anyways, which defeats the purpose.



The UI for it may be the toughest unsolved problem. Something must be done to simplify and group concepts. You can't just give the user a barrage of micro-permission dialogs.

That dev is completely and utterly wrong.

>He says that you can opt out of code signing and the App Store on Mac because that's a professional OS

And this is why he's wrong: it's NOT a "professional OS". My sister has a Macbook Air, running MacOS. She's not a professional (computer user). Mac computers aren't just for "professionals" (esp. software devs), they're sold to anyone who wants something with a bigger screen than a mobile phone or tablet, and wants a keyboard to type on and wants to be able to have a normal filesystem to work with. In short, anyone who still wants to be able to use a normal PC.

She uses her Mac for typing documents (she likes to write), watching movies, etc. She is absolutely NOT what I consider a "tech-savvy user". So why does she "need" to be able to opt out of code signing and the App Store?

So, no, he's completely wrong. If Apple only sold their computers to software devs, he'd have a good argument, but they don't, so he doesn't.

So where's the "professional" phone OS? It seems to me that if you want to stay in the Apple ecosystem you're stuck with iOS whether you know what you're doing or not.

Apple still provides a means for "professionals" to sign and run their own code on iOS devices, it just requires jumping through a few hoops. Pay a one-time $100 fee and you don't have to deal with re-signing your app every seven days. This is enough of a barrier to entry that I think it solves the "dancing bunnies" problem without making it impossible to run what I want. I do fully understand why some people think that this is still too extreme.

My two real beefs with this arrangement are the requirement of a Mac, and the potential use of the App Store curation to block apps for political reasons, as is happening with HKmap.live.

> Pay a one-time $100 fee and you don't have to deal with re-signing your app every seven days.

Fwiw, it’s not one-time. It’s $100 every single year.

For the vast majority of people, protecting them from their own lack of willingness to educate themselves about data security and malware (a nontrivial time investment, let me tell you, having done it myself), is a feature, not a bug.

It's not that they're paying more for less; it's that they're paying more for a curated less. For the vast majority of Apple's customers, this works out great (provided they aren't ever going to engage in an antigovernment protest).

Please don't get it twisted. What Apple does has value to many people; it's not as black-and-white as you seem to make it out to be.

It is a cognitive difference between apple user and other users. Less is more. Control is not always a good thing. Think about it very carefully.

There is nothing on this world, nothing, is good anytime anywhere to anyone.

The website developers have already added a Javascript plugin that instructs visitors on how to add the app to their homescreen, after they visit the website in Safari, which gives presumably identical behavior to the app store app.

Hopefully this alleviates the immediate negative consequences of the removal.

iPhones, iPads and the whole mobile device segment is useless if a company can decide the content. It will never be your device.

Microsoft tried the same crap with their store, which was fortunately rejected to a large degree. The future of software shouldn't look so backwards. I can understand users being drawn in by accessibility, which is hard to realize for more open systems. But I don't really understand developers choosing Apple aside from monetary opportunities.

Macs try to go in a similar direction, so these comments saying I shouldn't care about app notarization are nothing but short sighted in my opinion. Because the security benefit is minuscule and new dangers like this pretty impalpable but nevertheless very real and the degree of enforcement of these mechanism will certainly increase as soon as Apple sees the opportunity.

Overall a crappy platform to develop against.

>iPhones, iPads and the whole mobile device segment is useless if a company can decide the content. It will never be your device.

I don't like it either, but don't fool yourself: lots of people don't care. They don't care if it's "their device" or not. They're perfectly happy to pay $1200 for a high-end device they don't have full control of, because it signals wealth, and does what they want it to do.

Just look at how many people lease cars instead of buying them. It's not that different; they don't own those cars, they're really just renting them. They're not allowed to modify them, and can get in trouble if they don't follow the maintenance schedule or drive them too much. But for those people, they're fine with that.

>Microsoft tried the same crap with their store, which was fortunately rejected to a large degree.

This is probably for at least two reasons. 1) There was already a huge ecosystem of Windows software out there, long before MS tried to ape Apple. Those companies were already successful in selling their apps directly to customers, without having to give MS a 30% cut. Why would they want to adopt MS's new strategy? 2) MS being MS, they most likely bungled it in some way. This happens every time they try to ape Apple or someone else; the first few iterations are absolutely terrible and a big joke. Sometimes they persist and it finally works out for them, other times they finally give up (e.g., PlaysForSure, Zune).

There is a supposedly 'unpatchable' new jailbreak for most currently-in-use iPhones, it seems: https://www.cnet.com/news/theres-a-new-jailbreak-for-million... .

I Jailbreak my own iPhone, and I'm personally delighted about checkm8. But for most people, this is yet another "unrealistic workaround".

Imagine you're a Hong Kong protester. You're spending a significant portion of your time in the streets, and the rest at work, or school, or whatever other life tasks you're responsible for. Do you really want to spend an hour reading up on how to Jailbreak your phone? And then, because this is a "tethered" Jailbreak, what happens if your phone reboots and you're not near a computer?

There is a balance to be struck here. Sideloading can't be too easy, lest people get tricked into doing it. But it shouldn't require more than five minutes, and it should be a one-time process. (Or at least nearly-one-time: making it annual might be reasonable.)

Yes, I certainly wasn't suggesting "just jailbreak lol" as an easy answer to the iOS problem. But it might be, at least, the least-unrealistic option right now, so it probably deserves a mention.

In principle code signing is a good idea, this way Apple can ensure an improved security standard over their competition.

But the downside is of course that Apple is in control, and like any corporation it will do things with that power that are unethical, immoral, anti-competitive, anti-consumer, etc. to the fullest possible imaginable degree.

Its like when you buy a DRM protected piece of content and that company revokes access in the future. Its entirely predictable and preventable.

Customers buy DRM content all the time and they buy Apple products instead of phones that give you freedom. Ignorance is not an excuse, I won't blame Apple, they aren't people, they just do what is natural in all corporations, I blame people/consumers, they deserve every single last bit of totalitarianism that is coming their way.

> In principle code signing is a good idea, this way Apple can ensure an improved security standard over their competition.

There is nothing wrong with code signing. There is everything wrong with making Apple the sole arbiter of mandatory code signing. It's the difference between being against locks, and being against someone else owning the keys to your house.


> I won't blame Apple, they aren't people [...] I blame people/consumers

No, you can't blame people. It isn't the individual consumer's job to consider the ins and outs of how they may be limiting their free expression in the future. That's not realistic.

Corporations are not robots; Apple is run by people, and specifically people who should be considerably more knowledgable on this subject than the average consumer. They should feel some level of social responsibility.

This will not be the last time Apple ends up in this type of situation. I hope we have the right conversations about them, and I hope they make Apple hurt. Because this was entirely predictable, and entirely of Apple's own making.

> Corporations are not robots. Apple is run by people, and specifically people who are much more knowledgable on this subject than the average consumer. They should feel some level of social responsibility.

Sometimes I wonder how many instances to the contrary people need to get this falsehood out of their heads. Corporations are only beholden to their shareholders, if any one person at Apple (including the CEO) is not at all times acting solely to maximize the profit to their shareholders they will be replaced by someone who will. The government has to force corporations to their will through tight regulations, consumer protection and anti-trust legislation. Why are all corporations spending this incredible amount on political corruption/"lobbying", its because all these things work.

This is a way of thinking that emerged within the past century. It was not always considered universally true, and I think it's harming society.

Why do we consider it acceptable for CEOs to shrug off any and all social consequences of their actions? We can and should outlaw actions that are socially harmful, but we shouldn't just shrug our shoulders when powerful people find ways to skirt those rules to enrich themselves.

They're really not. In court, it is sufficient to be able to argue that your actions are in the long-term interest of the company. In practice, CEOs are hard to replace, and it is easy for them to pack the board. Lots of companies have dual class shares so that a group of insiders can run the company however they see fit.

Anyway, even if it were true in practice, this is entirely the result of laws and court decisions. Governments could change it with the stroke of a pen.

> if any one person at Apple (including the CEO) is not at all times acting solely to maximize the profit to their shareholders they will be replaced by someone who will.

Google apple largest shareholders

This is mostly something people repeat on the internet it is only slightly related to reality

Looking right at Adobe with Venezuela, U.S based company is taking an executive order at face value and cut off anyone there to using their products. It's worse now since Creative Cloud must be active to use the core tools, at first they weren't even going to refund anyone that just paid a year but luckily due to the outcry they will now allow refunds at least.

Being a software engineer I side with consumers more as I use a ton of services, but that's the flip side to the convince the consumer has absolutely no ownership to anything.

You just gave me a good reason never too buy iPhone or Apple products if this is true. I am glad I am on Android.

> We wouldn't find this acceptable with eBooks

You sure about that? I mean yeah, "we" as in at least you and I, but the general public... I still enjoy https://www.gnu.org/philosophy/right-to-read.en.html as prophetic fiction and occasionally remember that around 10 years ago Amazon in reality remotely deleted copies of Orwell's 1984 from kindle devices when Amazon learned that version of the book was put on their kindle store without authorization. (But at least on the issue here Amazon does better, it's not hard to load your own mobis or convert things to mobi format. I suspect the kindle would still be very popular without such ease though.)

> You sure about that? I mean yeah, "we" as in at least you and I, but the general public...

...no, sadly I'm not sure. The point I wanted to make is that banning certain apps is no better than banning certain books.

I originally wanted to write something like "We wouldn't be okay if certain books were banned on certain brands of bookshelves", precisely for the reason you mention—but I decided the comparison would be too weird.

That said, I don't think it's a coincidence that every e-reader (as far as I'm aware?) allows sideloading, including the Kindle line, which Amazon sells at a loss. The optics of any company "banning books" would just be too poor. I wish the optics on "banning software" were equally poor.

And that's why you should never buy Apple.

It's not your iphone/ipad/Macbook, it's Tim's iphone/ipad/Macbook that he deigns to let you use, but only at his pleasure and only to do what he thinks is OK.

apple always has failed in creating a mapping app. also it is hinders with other developers beautiful works !

Apple has failed? Have you seen their maps app recently? The amount of detail they put into areas is much more than Google.


You’re being downvoted because you’re using Hacker News for your political battle, which is frowned upon: https://news.ycombinator.com/newsguidelines.html. Oh, and commenting on downvotes is also usually not rewarded either.

OK. That's a good point. Let me think about it.

There's a balance between freedom of expression and security (de-platforming). Where that balance is, is different for most everyone.

Destroying democracy is not just somebody's opinion.

I agree 100%. I would take freedom of expression over security.

This is why Apple will always be a second-class citizen to Android.

If I have a good reason, I can toggle a setting and install APKs built by anyone. If I have a good reason, I can wipe my phone and unlock the bootloader to literally replace and de-Google the entire OS.

When I buy a phone, it's a hardware product I'm buying. Just like when you buy a PC/laptop, what you run on it is your business, not the manufacturers. It's certain nice that Dell pre-loads Windows 10 on their laptops, but if I want to run Linux, I can.

>but I want my phone to just work

You also have the freedom to stay in the walled garden. The difference is you have to option to run different software if you so choose, and having that freedom is so much more important to me than how slick the UI is or how good the ecosystem is.

I don't own any Apple products, although I was strongly considering switching to iPhone a few years back. These recent developments confirm that I definitely made the right choice staying with Android.

That's funny: "Apple will always be a second-class citizen to Android"

You don't hear about 14 million iPhones being infected by malware[0], do you? Or malware stealing users' bank credentials[1]? Heck, there are people whose brand new phone comes pre-loaded with malware[2]. Oh, this one was just posted five hours ago -- applications on the Google Play store load with trojans and spyware[3].

I can keep going, but the point is: if any platform is "second-class", it's Android by far. I'll pick the one that doesn't have apps on its official App Store rooting my phone and installing spyware.

[0] https://www.zdnet.com/article/copycat-android-malware-infect...

[1] https://android.gadgethacks.com/news/new-android-malware-is-...

[2] https://android.stackexchange.com/questions/206574/how-to-re...

[3] https://www.zdnet.com/article/gaming-photo-apps-in-google-pl...

This argument reminds me of the gun control argument.

People in favour of "more guns" are fully aware that more guns means a more dangerous society. But they consider the freedom to choose whether to own guns more important than living in a statistically safer society.

Whereas, people in favour of "gun control" consider the safety of society overall to be much more important than the freedom to own devices designed to kill people.

To me, that's what Android vs iPhone represents with respect to freedom. Android gives you more freedom to choose different devices, but at the cost of most devices not getting security and OS updates.

Likewise, Android gives you the freedom to side-load all kinds of things onto your devices, and of course the Android ecosystem is chock-full of malware.

The proponent of freedom says, "Yes, I understand that this is a much more dangerous ecosystem, but I value the freedom to defend myself."

The proponent of safety says, "There are some dangers that are best met by a centralized, platform defence, not by individuals."

Philosophically, I understand both arguments, even if I am very clearly in one of the two camps with no interest whatsoever in switching to the other.

It has nothing to do with gun control. An analogy isn't necessary to understand that one platform regularly has software that was vetted and released on its _official software distribution platform_ that contains malware/spyware and trojans. Here's one from last year[0].

I don't expect my smartphone to be "open" and fulfilling my principles of "freedom". I do expect that from my _computer_, but I don't carry my computer in my pocket and across borders and put it in other peoples' hands to show them photos (for example).

I also don't connect my computer to unknown wireless networks, whereas my smartphone has bluetooth enabled[1] and is basically constantly connected to unfamiliar wireless networks (work/hotel/cafe/library/neighbour/etc.), any of which may include malicious actors who are scanning for vulnerable devices. A pretty solid use case for which I'll choose the device that is far less likely to be owned.

[0] https://www.symantec.com/blogs/expert-perspectives/ongoing-a... [1] https://techcrunch.com/2017/09/12/new-bluetooth-vulnerabilit...

This isn't a great analogy.

The problem with guns is that it's mostly binary. Either you live in a society with guns, or without. You don't really have a choice once you're in that society: if you live in the US and don't like guns, that's too bad, because other people can have them, and they can shoot at you with them; you being anti-gun isn't going to help you much if some wacko decides to come to your school and shoot everyone. Or, if you live in Singapore and like guns, that's too bad, because you're not allowed to own one there at all, and if someone somehow manages to smuggle one in and shoot at you, you won't be able to shoot back.

>Android gives you more freedom to choose different devices, but at the cost of most devices not getting security and OS updates.

The key here is you have choice, and your choice completely changes your experience.

So if you get some crappy Android device from a mfgr that doesn't bother with security and OS updates, you could be infected with malware. Whereas if you get a good Android device from a mfgr that does regular updates, you're much less likely to be infected.

>Likewise, Android gives you the freedom to side-load all kinds of things onto your devices, and of course the Android ecosystem is chock-full of malware.

Again, your choice changes your experience. No one is forcing you to side-load apps. If you want to stick with the curated Google Play store (like 99% of users), you can do that. And even there, if you're careful about which apps you load, and stick only to well-known and reputable ones, then again you'll probably avoid any malware problems. No one is forcing you to install some random Chinese-made app that's obviously malware, even though those do exist on the Play store unfortunately. Unlike with guns, the fact that other people with other phones may be installing malware on their devices doesn't affect you: you're not going to get malware because some differnt mfgr doesn't do updates, or because some apps that you never install are malware and are available on the Play store.

This also mirrors Chinese vs. American values perfectly.

The Chinese believe in the Apple model of safety, greater good, social harmony, and the ends justifying the means over individual liberties. The concentration camps, great firewall, IP theft, everything we see as dysfunctional about China stems from this belief system.

Americans don't believe in the "greater good" or "the ends justify the means" and it results in uniquely American dysfunctions like mass shootings and homeless people shitting in the street in SF.

Still, like you, I have no interest in switching to the other camp. It is a basic value system ingrained in me.

This is a terrible generalization and greatly conflates the people and the government of China, which has been ignoring philosophers and politicians extolling such values for decades.

I'd hope that a society can believe in a collective good without resorting to concentration camps.

As the other responder says, this is a terrible generalization. Japan also has a society where the greater good and social harmony are highly valued, and they don't have things like concentration camps, a great firewall, IP theft, etc.

However, in the US, we do have concentration camps. We call them "migrant detention centers", and people are forced to drink water from the toilet there, and small children are forcibly separate from their mothers. It seems to me that the US is more similar to China than you think.

> This also mirrors Chinese vs. American values perfectly.

> The Chinese believe in the Apple model of safety, greater good, social harmony, and the ends justifying the means over individual liberties. The concentration camps, great firewall, IP theft, everything we see as dysfunctional about China stems from this belief system.

By "Chinese" do you mean the Chinese people, Chinese culture, of the Communist Party of China?

Apart from the fact that an Android that has side-loaded malware probably(1) won't shoot five innocent bystanders, I think this is a good analogy.

(1) Probably. It's an open source OS, so no telling categorically what hardware it's driving ;)

Wait for a kickstarter for a phone-gun hybrid with a "shoot" button available to the phone.


I'm technical so I like tinkering and don't care a whit for Apple's locked down ecosystem and it's cost of entry, so I avoid it. But I'm totally aware of the reasons Apple make their business decisions. Their loyal fan base and easy interoperability of their products is testament to this. It has brought many technological solutions into the hands of the non-technical consumer, which has benefitted us technical folks by bringing attention to what can be achieved by technology.

(I'm not crediting Apple with this in its entirety, far from it, but they brought non-technical attention to the technical arena)

Anyone on HN complaining that their iDevice doesn't give them sufficient 'freedom of ownership' is willfully ignorant of Apple's well publicized and infinitely discussed closed system strategy.

P.S. LineageOS for the win.

What an incredibly weak argument. Android absolutely destroys iOS in market share, it's not even a comparison. That's why it's targeted by malware writers. That doesn't mean it's any less secure than iOS. You have to try very hard to infect your phone.

I'd pick being able to run whatever I want over Apples choice of apps any day.

Popularity == better? OK :)

"Try very hard" == be on a wifi network, or download an app that appears to be completely legit from the vendor's own digital distribution platform? OK :)

Popularity means that it's a bigger target for malicious software authors.


> On the bright side, most of the harmful software appears to have been purged by Google. “If not all of these apps, then definitely most of them are not available on Google Play anymore,” Stefanko told TNW.

This is a trade off of having an open ecosystem. I only install well reviewed and well known, quality apps so I have never had any malware on the dozens of phones I have owned over the years. I prefer having a small chance of being infected by malware by my own actions over a closed ecosystem and only being able to install what Google deems worthy on my device any day.

Popularity is also including the fact that more than just phones run Android

> You don't hear about 14 million iPhones being infected by malware

No, but I have heard of 400 million iPhones being infected by malware via Xcodeghost. This is serious data exfiltrating malware, not simply ad popup malware, and this is on the official app store and legitimately sourced devices unlike the malware in your first three links.

> If I have a good reason, I can toggle a setting and install APKs built by anyone. If I have a good reason, I can wipe my phone and unlock the bootloader to literally replace and de-Google the entire OS.

This is not possible for many (and I suspect the majority of) android phones.

> This is not possible for many (and I suspect the majority of) android phones.

But it is.

You can install APKs from anyone on any phone. It's a feature of the OS.

> I can wipe my phone and unlock the bootloader to literally replace and de-Google the entire OS.

I've never had an Android phone I couldn't unlock and flash. From the original Evo to Pixel 2.

I have an iPhone as of two months ago. I just wanted to try something new. The amount of restricted access to things is boggling. I can't even download an mp3 on Safari or Chrome. I thought I was doing something wrong and spent 2 hours trying to figure out what. Then I learned it was just the phone.

I'm sorry, I quoted more than I meant to. I was exclusively talking about unlocking the bootloader.

> I've never had an Android phone I couldn't unlock and flash.

I've been using Android as long as I've had a smart phone, and I've never had a phone that I could flash. You should remember that most people don't have expensive flagship model phones.

> I've never had an Android phone I couldn't unlock and flash. From the original Evo to Pixel 2.

Until you stray away from a handful of manufacturers that are nice enough to let you do this.

> I can't even download an mp3 on Safari or Chrome.

Safari has a download manager in iOS 13.

> From the original Evo to Pixel 2.

We spent a good amount of time over a year keeping the Evo unlocked whenever HTC would try to patch things. I'd like to think that helped set the tone for bootloader unlockability going forward.

But to be honest, I've been in the Nexus and Pixel ecosystem since then so I haven't really seen how things have shaped up

This is possible for pretty much all android phones. What's not necessarily possible for all phones is to root the phone but yes most android phones allow you to install apks downloaded via the browser after toggling "allow installation of apps from unknown sources" in the settings.

Which ones? I've used 5 different brands, and all of them could.

That's probably also the reason why GNU and FSF should get new momentum. In the 90s/00s there was good reason to get away from Windows because it was really unstable - and Apple being expensive and niche. Now both are kind of viable options for most things but the freedom to use whatever application one wants to use is definitely becoming more important.

Just wanted to add that the FSF lists "Free phone operating system" at the top of their "priority projects" list as of January 2017: https://www.fsf.org/campaigns/priority-projects/

So you can of course side load apps more easily on Android, but it isn’t super easy. I guess that matters less when people are motivated.

But... if this statement were true in spirit as well then why don’t we see google seizing this PR opportunity and making statements about the superiority of their App Store’s more liberal model? Why do we instead see Google quietly removing HK-protest related apps too?

I guess the moral is that both Apple and Google will kowtow to the desires of the Chinese government in these cases and it’s mostly circumstantial that Google cannot so thoroughly lock down their systems

>it isn’t super easy

In settings, enable "allow installation of apps from unknown sources". Then download the .apk file from your web browser / dropbox / whatever, and tap to install. It's literally a single-setting toggle to let you install any apk from anywhere.

>Google quietly removing HK-protest related apps

Like what? The app that Apple removed is alive and well in the Play Store: https://play.google.com/store/apps/details?id=live.hkmap.app...

Example here: https://www.hongkongfp.com/2019/10/10/revolution-times-hong-...

Though I concede that this app is more objectively pro-protestor (rather than general public safety) and the statements from google feel more like generic policy than obvious bowing to pressure.

Apparently it was removed because it included in-app purchases and there's a rule against profiting off of tragedies:


> A Google spokesman said that “The Revolution Of Our Times” app, which lets users role-play as Hong Kong protesters, violated a long-standing policy “prohibiting developers from capitalizing on sensitive events, such as attempting to make money from serious ongoing conflicts or tragedies through a game”.

I guess if they remove the IAPs it would be okay?

>but it isn’t super easy

It's pretty easy, in fact when I got a new phone and tried to install the f-droid apk, android took me directly to the setting to toggle side loading apps. The permissions seemed even a little more fine grained than before with a seperate one to allow f-droid to install apps also, but still only one tap away once I actually tried to do it.

I don’t disagree that you found it easy. I’ve done this in the past and found it easy too. But the things that you or I may find easy are not necessarily easy to the large fraction of the population who are not particularly good with technology.

I’m not sure how I found F-droid. I think it was from knowing I wanted free software, finding myself overwhelmed with crap in the regular App Store and some combination of luck/determination.

In the case of the protests in Hong Kong I think there is sufficient motivation to go through these potentially tricky/scary steps and there would, if necessary, surely be resources on how to do it.

But that’s also a situation where following instructions from some crowd to download some apps from some non-google source is risky. It seems that if people were doing this then it wouldn’t be long until there was a reasonable chance of being tricked into downloading CCP-sponsored malware

I'm not sure if you actually read most of what I said or are just responding to the part where I said it was easy, but, at least on android 9, it automatically takes you to the setting as soon as you try to open an apk, acquiring which, is pretty much exactly the same as downloading an .exe file on a computer. Depending on your browser, it will even ask if you want to open the file upon completion, thereby taking you to the 'enable apps from unknown sources' option without even leaving your web browser. I like to have faith that most people capable of downloading and opening a file from the internet, should be able to read a message pop up and tap a toggle button.

> mostly circumstantial that Google cannot so thoroughly lock down their systems

You can say the same about any end to end encrypted service. Setting yourself up to not be able to bow to unreasonable request is the best defense and can be quite the extra effort. And I'm thankful for companies doing so.

Thing I don't understand why Apple made that decision. In their position I'd would have fought very hard to get gov (preferably HK) order the removal and then just "having to comply". But it's probably the natural consequence of wanting to curate entire availability beyond just in-store generate content (e.g. advertising, search ranking and so on). Again, it matters what you set yourself up to be.

Yeah I agree that it’s a bit nuanced but I’m not convinced that the reason for it was a moral stance about user liberty. I think it was more straightforward: this was how non-Apple phones worked and it was how computers worked, so it possibly didn’t require much effort to think to lock down the OS. Of course I think many people at google at the time would have been in favour of that decision. I wonder if google would make the same decision today, and I wonder who would argue for which sides about it.

> So you can of course side load apps more easily on Android, but it isn’t super easy. I guess that matters less when people are motivated.

Well, there's a balance here. If it's too easy, some users will be tricked into installing malware.

I think Android is a good compromise. If you're even a tiny bit technically inclined, you can enable sideloading in a couple of minutes at most, and it's a one-time process.

>you can enable sideloading in a couple of minutes at most

How does that not fit your definition of "too easy"? If it can be disabled in minutes and any attempt to install an unauthorized APK takes you right to the screen, it seems completely pointless.

Taking users right to the screen in settings strikes me as a less-than-ideal decision—is that true in the most recent version of stock Android? I recall having to navigate there myself, but I could be wrong.

Regardless, I think there's a world of difference between "Tap an app to install and run" and "tap an app and move through several dialogue boxes, which include a scary security warning." It's not perfect, but it's leagues better than Apple's alternative...


How did you just turn this against Google? Google still has kept the app in the android app store. It's Apple that removed it at the first sign of pressure from China because Apple has no spine.

> When I buy a phone, it's a hardware product I'm buying.

Not to me.

This is where the comment goes into “my opinion is fact and dissenting opinions are wrong.” There are millions of Apple customers who get their preferred OS by buying hardware directly from the OS developer. This has been a viable business model for Apple for long enough to just laugh at that sentence. Hating Apple is an identity, like a political party, and some are too invested for their ego to allow for simple factual observations.

I'm not sure I follow you. I was just providing a data point that says some people don't care about the hardware - just like how I buy a car, I don't really care about the details and being able to 'drop in' a replacement HVAC or 'add on' features like neon lights/headers/whatever because those features are not important to me.

What does that even mean? Can you elaborate at all?

I honestly don't care about the hardware at all. The hardware/camera/storage/whatever has been good enough for years. I care about the customer support, service, and overall UX of using the device. The fact that I can't side load apks or ipas is a feature to me.

Why does it have to be Android? It's another commercial closed-source OS and therefore the business interests controlling it will at some point conflict with a user's definition of freedom. There are FOSS alternatives easily found by searching.

> Why does it have to be Android? It's another commercial closed-source OS

What do you mean? Android is FOSS not closed-source.

Android is closed source. AOSP is open source (and pretty useless).

Sorry, but, that is bollocks. How is it useless?

Most of the stuff that ships on the average Android device is closed-source and written by Google.

Cool. The question still stands, how does that make AOSP useless? For the vast majority of applications, I can find reasonable FOSS equivalents in F-Droid.

I wouldn't call it "useless", but it's certainly not what most people would consider Android at that point.

Pretty sure that just Chromium+ASOP represents more LOC than the closed source apps (gmail, yT, google maps, etc...).

"This is why Apple will always be a second-class citizen to Android."

Android wouldn't allow an app to be installed on official phones if Google didn't want so, and unofficial ones are built in China anyway plus often already ridden with spyware. The only workaround would be a 100% FOSS phone where the user is king and decides what would run or not.

Pine64.org devs, are you listening?

Android has no way to prevent an APK from being installed. The only thing they can do is add the signature to Play Protect, which will just prompt you that the app may be unsafe, and you can disable it.

Google bans developers from the Play store all the time. As a developer who builds D2C products - Good luck getting your average person installing an APK.

Can Android kick out APKs that are side-loaded?

And if they can, what stops a user from swizzling identifiers for the APK and reinstalling it?

The problem with Android is its mostly closed nature, so there are multiple places where malicious software could be placed by design, system apps and to a greater degree device drivers being the first obvious choice. By malicious I mean software that limits or acts against the user choices, not necessarily behaving like a virus.

Not sure what point you are making. Android isn't closed, the entire os is open source. If anything is closed it is iOS.

AOSP, which is hardly ever run on its own, is open source.

Things like the Play store are entirely closed source. A majority of the API shipped by the Play store are closed source. Many hardware drivers are closed source. The majority of the operating system is Apache licensed, allowing a handset maker to ship modified components without publishing their changes.

Many vendors also prevent the user from installing their own custom ROMs, so even a sophisticated user may not be able to run AOSP on an arbitrary device.

Google Play store is a very small part of Android. Just the fact that vendors can ship modified components is a testament to Android being open. Even Huawei shipped a modified version of Android with Google services such as the Play store removed due to sanctions.

Also in comparison to iOS, Android is a heck of a lot more open. Apple can ship whatever they want and no one would be none the wiser. Plus you can't install whatever software you want on an Apple device, and are restricted to what Apple thinks is acceptable.

> The only workaround would be a 100% FOSS phone where the user is king and decides what would run or not.

This is why we need to support efforts to create and maintain such platforms. Even taking a moment to spread the word is helpful here.


It's not really politics, cutting kidneys out of people isn't really politics. Ignoring human rights violations because it's "Just internal politics" is crazy. Is it a family matter if the father is abusing his kids? The same goes for countries.

Likewise, letting Hong Kong go back to that fucked up dystopia by hampering their ability to organize is messed up.

This seems like a purposely antagonistic comment?

The user was stating how freedom is much more entangled into our everyday purchase and use of our devices.

Also, what happens to your mindset when the "foreign countries" are no longer foreign and now domestic?


Just because you disagree with someone's comments doesn't make them a bot. They look pretty human to me.

Not as much "meddle in politics of foreign countries" as "help fellow humans avoid disasters".

Because I know my phone won't betray me if I end up getting into a situation like these protesters. I own it, it'll run the code I want, full stop.

1 country, 2 systems.

But one is not keeping it's promise obviously.

> we have verified with the Hong Kong Cybersecurity and Technology Crime Bureau [CSTCB] that the app has been used to target and ambush police

"the foxes have verified that the app has been used by hens to ambush foxes"

The Hong Kong authorities just had a press conference where they basically said "this is purely an Apple matter" https://twitter.com/TMclaughlin3/status/1182301330339184641

Blizzard and now Apple.

I think this is very serious and it should be a wake-up call.

As simple citizens we don't have much choices but vote with our wallets and use social networks to attack the most valuable asset of those companies, their reputation.

That’s not how this works. Apple is one of the wealthiest companies in the world, and saying “just don’t spend money there” is a bit reductionist and trivializes the problem of corporations with more power than nation-states.

You need to fight fire with fire: governments of the world (especially the US government) need to create laws that restrict and punish this kind of behavior. Otherwise, I sincerely doubt Apple’s going to even notice the missing couple hundred thousand dollars of revenue because of principled “voting with your wallet”.

> “just don’t spend money there” is a bit reductionist and trivializes the problem of corporations with more power than nation-states.

You're totally mistaken if you believe that boycotts and the like aren't taken seriously by big companies, especially companies like Apple where the brand is more important than the product. Of course, it all depends on the size of the boycott, but it doesn't have to cost them millions to become a major problem.

They are seeking new revenue in the Chinese market. To them they see a minuscule boycott in the US as the cost of gaining that market- net positive.

China, through its own behavior in situations like these, makes its own market less attractive for companies and investors, though. You'd have to be crazy to see what is going on right now, and go all-in in with the market in China. The arbitrary power of the CPC over market access is a huge liability.

Big companies may still want to do business in China, but they need stronger footholds in other markets to offset the risk.

That's true. The Chinese government could just decide they do not like you and you have no recourse whatsoever. Good point.

Things aren't so black and white behind the scenes. Whether or not a boycott is "minuscule" isn't measured in dollars, it's how the brand is perceived and the second-order effects that perception creates.

Nobody is gonna boycott something they use daily and depend on

It is certainly conceivable that people could make a different choice next time they decide to buy a phone. Others that feel more strongly could switch right away.

Maybe, if it were convenient to switch. But I've given up on believing in boycotts. E.g. People kept buying video games, no matter how shitty the business practice. Preoders, Lootboxes, Season Passes, Pay2Skip... all seemed to have made a ton of cash.

As a technique, the boycott is tried and true, but its efficacy is ultimately dependent on how many people actually care about the issue.

Can you give an example of a boycott effecting a change in company policy?

They can and do when a substitute product exists.

But getting corporations to have more power than nations is the raison d'être of globalisation. Winding it back won't be easy.

Homegrown sentiment against Apple will very quickly turn the company in the right direction. None of these large companies can afford to completely neglect their home territories.

Most people don’t actually care about this issue, though. Whether or not they should is a different debate, but at the end of the day, people want a solid laptop that works, and even if people did care, I don’t blame them for valuing more short-term things like “I need a MacBook for my job” vs. more long-term, abstract things like “we shouldn’t import autocratic Chinese censorship”.

We can have a world where companies produce good products and act in accordance with democratic, liberal ideology.

How does that play out? The US and China would pass contradictory laws and then companies would have to choose which to follow. They will follow the money and we may not like the result.

That we cant use Apple phones? Boo fucking hoo.

If Apple decides to pull out of China and Hong Kong, that would be a huge boost to Chinese phone manufacturers.

Somehow I think this is exactly how it works.

Apples marketing claim in the recent years has been users privacy concerns. So why shouldn't such a move be also just as relevant as the marketing in the recent years?

I find it interesting how the blame shifting works these days. While with Blizzard, all the hate goes to Blizzard, with Apple there seem to be at least two fronts. One blaming Apple, the other aiming away from them towards China.

There is no reason you can't do both. Yes, this does mean not buying next year's iPhone model, suck it up or stop pretending you care so much.

Apple is one of the wealthiest because people buy their products. No other reason. Before people started buying iphones, Apple had near to zero power. If they stop doing that, they'd not have power to restrict people's choices again. Hong Kong people are risking lives for freedom. Are US people ready to risk not having the latest greatest iphone, or maybe they don't need that damn freedom that much?

And we already see what government with laws created to restrict and punish behavior can do. Of course, our government will never do that, we know they'd always use their immense powers responsibly and for the good of the people, right? Right?!

I am almost always against more government regulation and firmly believe in the power of our collective wallets.

That being said, I try to hear out other viewpoints because it’s entirely possible that I am wrong. So, tell me, what law would fix this situation? A law that forces tech corporations to allow free speech? Or a law that forces companies to put ethics before profits? I genuinely don’t know what law we could make that would address the issue while also being fair and enforceable. It seems a lot easier to get the people to rally behind a boycott than to get legislators to have a good idea and actually act upon it.

> You need to fight fire with fire: governments of the world (especially the US government) need to create laws that restrict and punish this kind of behavior. Otherwise, I sincerely doubt Apple’s going to even notice the missing couple hundred thousand dollars of revenue because of principled “voting with your wallet”.

and as we all know, governments are becoming a thing of the past. too slow too bad. I welcome our technotopia overlords

> trivializes the problem of corporations with more power than nation-states.

But they don't have more power than nation states. Last I checked nation states had guns, and guns are still very much the real source of all power in this world.

Apple has a lot of money. That makes them economically dependent on a larger surface area of not only nation states but other corporations. In a way it gives them less power.

A more personal analogy: a regular old Joe or Jane can say anything they want on social media with little fear of anything bad happening because their economic dependency surface area is small. A corporate CEO must watch what they say much more carefully, as Elon Musk learned with his various stupid tweets. A government official on the other hand, like Trump, can say asinine provocative things all day with little consequence because he's in a high position in an organization with guns. Xi Jinpeng is even more immune as his government has fewer checks and balances.

In terms of practical freedom of speech and political/social action, being rich outside the protection of the state is probably the least powerful position you can be in.

> In terms of practical freedom of speech and political/social action, being rich outside the protection of the state is probably the least powerful position you can be in.

The wealthy can hire armies of lobbyists, lawyers, and in some countries mercenaries. A regular old Joe can say anything, sure, but if they're in the wrong country when they do they might end up in prison or just disappear. If you're rich and "economically dependent" the worst that generally happens is your ROI goes down. The horror!

There are lawmakers - both GOP and Democrat - who are in favor of recognizing social and app platforms as public squares. Such regulation would limit arbitrary corporate deplatforming.

For an amazing and concise explanation of why “just don’t spend money there” strategy is very difficult, check out this post by Scott Alexander:


(search for sections 2.3 and 2.3.1)

The US government is currently rather busy attempting to stave off what looks more and more like a coup.

That the tech industry has been a primary player in enabling this.

Each and every one of us needs to have a nice long think about our own ethics and what we're willing to support.

How is a legal process a coup? For readers which aren't sure of the definition of coup, "a sudden, violent, and illegal seizure of power from a government."

I don't see how an impeachment inquiry (even if legally a bit vague) as "violent", "sudden", or "illegal", nor is it a seizure of power, since it is just an inquiry.

If you want to argue that ordering witnesses for investigations without first declaring a formal vote on an impeachment inquiry is illegal, you won't find the Constitution or CRS reports state that a vote must be held for such orders to be valid.

I think that more effective than voting with your wallet is voting in your elections and communicating with your politicians. Even voting with your wallet by donating to support political action.

Collective action is more effective when it's done via law because that removes the incentive to defect for personal gain. It means that people not paying attention aren't accidentally contributing to immoral causes.

In a case like this collective action means things like putting tarrifs on goods from China, so that their workforce isn't important, and banning exports to China, so that their market isn't important. More direct laws like "no censoring what China wants you to censor" are problematic because it's hard to detect in most cases, and it often violates freedom of speech.

And yes, I'm suggesting a very painful thing to do economically.

I've been using Android since the beginning, and I think Google is making it worse and worse with each passing day. I was thinking of switching to Apple. I really like where they're going with this privacy stuff. But, no, not a chance. Fuck Apple forever over this decision. I will never buy an Apple product in my life unless they make this right.

In (quasi)defense of Google on this front:

On my Google Pixel 3a, I can download AOSP to my own computer, modify it how I wish, scrape the vendor dependencies I need[1], compile it myself, sign it myself, and use my own key to control what OS gets installed, then relock the bootloader so it only trusts updates using my key! I can choose not to use Google Play and then install whatever App I want on it.

I wish I could not have to use any proprietaryy binaries, but this is as close to an open device that you can get today [2].

[1] This is where the quasi defense comes in. AOSP has no official process to install all of the vendor binaries needed to support carriers. If you don't include this process you get broken SMS, Calling, WiFi Calling. This script helps you do it: https://github.com/GrapheneOS/android-prepare-vendor

[2] Yes I know of the Librem 5. I am a day one backer and have yet to get a shipping notification despite shipping starting in Sept. I also know of the Pinephone, it is not publically available. I await the day those types of products are viable.

Also in quasi defense of Google (note that I work there), it almost do no business in China. So it doesn't bend over to The CCP.

Moving forward, my biggest purchasing decision as a consumer is going to be based on how much ties a company has to The CCP. I feel like my freedom is under direct threat from The CCP more than anything else, and I'll treat it accordingly when making purchasing decisions moving forward.

So it doesn't bend over to The CCP.

It tried to and would have gotten away with it too, if it weren't for you meddling kids.

Did you not read the memo?

> ...I think Google is making it worse and worse with each passing day. I was thinking of switching to Apple...

As you have noticed, neither one really have consumer and citizen interests at heart.

I'm planning on taking the step of opting out completely. I plan to build my own "phone". I recently purchased a low-cost Mini-PCIe 4G module, antennas, and a USB adapter. I should be able to tether it to a RasPi.

My "phone" won't actually look like a phone; it's going to be more of a "data terminal" - something to hack on, send/receive data, and have SMS texting capabilities. I pretty much never use voice calling anyway.

Everything I plan on doing, others have already done in various forms. You can find Raspberry Pi based homebrew "cell phones". People have also made similar phones using the Arduino and the ESP microcontrollers (8266, 12, 32, etc), among others (there are probably PIC and Propellor based phones, too - heck, I wouldn't be surprised if someone repurposed a modern 8051 or 52, or Z80 core controller for such a device). Some of these phones are purely basic - make and take calls, maybe some stored phone numbers. Other run entire operating systems under-the-hood.

I guess what I am saying here is that if you have electronics hacking skills, consider a homebrew phone an option. It may not be pretty, it may not be svelte, it may not even be 4G (2 and 3G modules are cheaper and more common) - but it will be (mostly - unless you have your own mad skills at FPGA design and more) yours.

Bonus points if you make it run on TempleOS!

If you don't have those skills? Well - it wouldn't be a bad project to work towards. Don't take it on as your "first project" though - instead, build up to it, then when you think you have enough experience to take it on, go thru your idea, break it down into manageable parts, and work on those individually for small successes, and later, start merging them together - just like any large project, success is more a matter of "divide and conquer", as looking at it as a whole can lead to feeling inadequate, or being demoralized at finishing, etc...

Serious question. This seems like a lot of work. Why not just get like a burner phone and be done with it?

I'd like to do that, honestly, but I need navigation or I'm completely helpless in the city.

Apple is pulling an app that's available online as a web site. Google assists the Chinese military in developing AI to round up muslims for organ harvesting.


Apple is responding to a threat from China, whereas Google is actively assisting the Chinese. Just thought you'd like to know that.

This isnt about free will, its a clear indication that the US is not the worlds most important economy anymore.

No, this is companies betting that the few percent of the American market they are losing by behaving this way will be outweighed by getting access to the Chinese market.

If this was a straight-up choice between only the US market or only the Chinese market, they would be picking the US.

Protestors have to change that calculus.

Depending on the year either the EU or the USA are the biggest economy with China being either second or third. So long as 'the west' sticks together (which we haven't for the past few years) there is nothing that can break that hegemony. Whether that's a good thing depends largely on where you live.

So far no one has had to choose. If the US started sanctioning US companies that took these kinds of actions, then we'd find out as companies either reversed their decisions or fled the US.

Apple is a U.S. entity. It would cease to exist if the U.S. government chose.

And so far the U.S. government hasn't even chosen to take much less drastic measures, which was my point.

NBA has removed fans from games for having pro Hong-Kong signs. Games in the United States.

"Vote with your wallet" is a broken mentality.


It's not "now" Apple. Apple has been serving the criminal Chinese government for years now. Even Facebook and Google have been doing so, even going so far as to build censorship into their products specifically for the Chinese government.

The only thing that gives me pause is thinking would the Chinese be better off without access to any Apple or Blizzard products at all? Because I think that is ultimately the threat of not following the mandates.

Don’t forget Adobe being forced to terminate all accounts in Venezuela.

That is unfortunately the essence of the issue surfacing with South Park, Blizzard, NBA, & now Apple. The Chinese market is the "wallet" and China is "voting" with it.

They have the ability to almost instantly evaporate a multi-billion dollar market. That is the kind of "wallet power" (somewhat idealistic) democratic-capitalist consumers like to think they have, but never really execute on with the same impact. This isn't defeatism on my part - things could be different - but they aren't for now.

It really makes me wonder if China already own the world economy and it is just now showing its face.

Don't buy stuff from them.

Easy. So easy.

The name for why this is not easy is “coordination problem”.

I don't see how that is relevant.

If I don't use Apple products, I can't get my apps removed by the Chinese government.


I think you're getting downvoted because you forgot to label your post as sarcasm with an "/s" at the end.

You might get downvoted anyway, but this seems to be the HN equivalent of clown makeup, and will encourage some of the srs bsns police to overlook your post.

Paradox or oxymoron?

"On January 24th, Apple Computer will introduce Macintosh. And you'll see why 1984 won't be like '1984.'"

-Apple, 1983


"2019, on the other hand..."

Oh how times have changed!!

Steve is dead. The interim CEO reigns

To recap:

- Oct 6th: Apple first rejected the app [0],

- Oct 8th: Apple then approved it after criticism for rejection [1]

- Oct 9th: Apple removed it after criticism from the CPC (this story)

[0]: https://www.digitaltrends.com/computing/apple-hk-protest-map...

[1]: https://www.scmp.com/tech/apps-social/article/3032001/apple-...

Your dates are off, as per [1]

"HKmap.live, [...], received approval from Apple on October 4 and was made available for download on October 5, according to the developer"

As someone who has appreciated the privacy stance Apple has had and the privacy assisting steps it has taken for a long time (long before iPhone), I believe Apple is coming out to be completely hypocritical and anti-privacy/anti-freedom on this app. I cannot believe that Tim Cook and other senior executives haven't examined this deeper and taken a bold stance to let the app stay! Shame on you, Apple!

Even John Gruber agrees: [1]

> I still haven’t seen which local laws it violates, other than the unwritten law of pissing off Beijing.

> This is a bad look for Apple, if you think capitulation is a bad look.

[1]: https://daringfireball.net/linked/2019/10/10/apple-pulls-hkm...

Apple only cares about privacy because it's a threat to Google and Facebook's business model. They don't care about privacy, they only care about "caring about privacy" when it is good for their business.

Well the same can be said about human rights, they only care about it when it affects their business model in a positive way. if it cost them money they are very willing to turn their backs on it.

privacy is not possible in a world where governments are free to suppress the speech and will of the people. any company claiming otherwise simply sees their bottom line as more important than people, whether they are employees or customers.

To me Apple is the worst here because Tim and team have no shame, they will strut upon their stage at their own conferences about how they stand for rights but when the show lights are off they act completely different.

Boycott Apple for sucking up to China. Google products are at least a year ahead now anyways and Google actually left China altogether at one point.

Yep, but they aren't saints: Project Dragonfly.

Which was only a project proposal that was cancelled after employees rebelled against it. Apple actually did it.

Apple banned an app - 13 times that gives you a notification whenever there is publicly available news about a [drone strike](https://www.vice.com/en_us/article/538kan/apple-just-banned-...).

The chances that they keep up an app that people use to gain unwanted transparency into any state is exactly 0%

At a more basic level, apple doesnt see people as customers. They have already maxed out thier target market. Expansion now turns on access to new markets: the will of governments. Governments are now the customer. Any app that angers them is for the block.

Right, and in marketing-speak it's called positioning. Taking a privacy stance allowed Apple to differentiate against their competitors without actually innovating.

This is true. But increasing revenue is the only way a corporation can "care" about anything within the current framework.

The framework needs to change. It's possible for the value of a company to be judged on more than just revenues.

If I took a slightly less black and white stance, I would say that totally stand for privacy and human rights, in the United States.

Isn't is possible (yes) for people to care about principles in their homeland, where it matters to them more and impacts them more? I care a lot more about my hometown than BFE Chinese countryside, even though in principle I want them to have a living wage, decent time off, and good health care.

I am still angry at Apple, the NBA, Blizzard and the rest. I think this is a darker shade of grey, though.

Privacy is cheap to engineer because it involves not doing things or hiring more people. They won't allow actions, won't sync data, won't pursue advanced ML, etc etc. It's a clever way to say, "Keeping up with Chrome/Android is hard".

This is the worst take here. Whether Apple is sincere or not about privacy long term, they've created dedicated hardware IPs for doing ML on-phone to get around doing it in the cloud. This is not easier than just shipping all the data to AWS.

I can tell you from the inside that everything I've seen is genuine, even though it makes doing ML-based projects very difficult. That said, I'm very disappointed in this removal as to me it flies against the value.

I admit to being confused what this has to do with privacy.

Privacy is good. By being better for privacy than the worlds largest advertising company/consumer spy agency, Apple announced its intent to be for all that is good in the world. That it's a shining beacon of morality. Protector of Italian virginity.

China is bad. By capitulating to them after having declared themselves the enforcer of all that is good and holy, Apple has thus committed hypocrisy.

Apple has simply said it will pursue user privacy and security to the limits of what the law will allow. That is all.

What's the point when the world is legislating our privacy away? It's a pointless self-defeating marketing ploy then and nothing more.

Do you think it is ethical for a company to require it's employees to break the law?

If the law is unethical yes.

“One has a moral responsibility to disobey unjust laws.” ― Martin Luther King Jr.

And also force others to do so, via exploiting your power over them as an employer? Really?

In this case no one would have to do anything as the app was already live on the appstore.

And, in this case, the company will decide what laws are unethical?

It's not about breaking laws but about not having to break laws by not operating in regimes like China.

Do you not buy any goods made in China?

"If you can't be perfect, don't even try."

There's that and then there's being minimally consistent in one's efforts.

Kind of like someone who would make a fuss about not using plastic straws but systematically takes their car for <500 meters trips and washes their pants 5 times a week.

It's not a bad idea to remind people that if they make the effort of not using online services which compromise for China, they also should make the similar effort of reducing their physical Made in China goods consumption.

It's not possible to boycott China so no.

I try not to.

It might be a bit much to require employees to break a law as it might expose individual employees to some legal consequences. But there are plenty of laws that are immoral. There are a number of good examples in the peer comments (some of the laws of Hitler's Germany for example). Any company manager or officer that insists on enforcing such laws is themself immoral. But it takes some skill to craft a company policy that could address the situation adequately.

I think you're being a bit cavalier with the distinction between complying with a law and enforcing it. If complying with a law is morally equivalent with enforcing it, you're tarring a lot of Jews in Nazi Germany with a very nasty smelling brush.

I really don't get this. Apple has done far more than any other company in the whole industry to fight for privacy rights. They have gone right up against the legal limits every time, while all the other vendors rolled over belly up at the slightest chance.

iMessage is one of the most secure messaging systems available anywhere and is very widely used in China. For most Chinese it's the only practical secure communications system they can buy. It puts industrial strength end to end encryption in the hands of millions of Chinese.

So I get you're angry about china, that's fine. I have family over there, so I know what it's like. But going after Apple, of all the companies doing business in China you could go after, just makes no sense to me whatever.

I was trying draw the distinction between being forced to comply and enforcing, but I guess I did not get it right, or maybe I can't really get it right. I feel like enforcing is making someone else do something, while complying is doing it personally yourself, perhaps wilfully, perhaps not. So the managers are enforcing by coercing their employees to comply with immoral laws, and I think that is immoral.

> It puts industrial strength end to end encryption in the hands of millions of Chinese.

But China doesn't allow stuff like that, surely there is a backdoor.

> Do you think it is ethical for a company to require it's employees to break the law?

Unless Apple happened to be a Chinese company I'm having a trouble at finding the law that Apple is breaking. I'm sure the customers can decide if a shiny iPhone produced by an company subject to Chinese law is worth it and employees can decide if they want to be employed by a Chinese company.

Apple used to think so when privacy was on the line: https://en.wikipedia.org/wiki/2015_San_Bernardino_attack#Pho...

Yes. Ethics is quite explicitly orthogonal to the law.

E.g. It was ethical but illegal for some to refuse participation in the holocaust.

Law encodes what those in power want you to do. Ethics encodes what society wants you to do. The two are rarely entirely aligned.

Actually, Tim Cook said:

"Compromising the security of our personal information can ultimately put our personal safety at risk. That is why encryption has become so important to all of us."


That to me is hypocritical as to what Apple is doing in China.

No, Apple unambiguously said on multiple occasions that they “believe privacy is a fundamental human right”[1].

[1]: https://www.apple.com/privacy/

While there are privacy concerns from the precedent it sets (can a journalist trust Apple not to bend to CPP information requests?), I agree that this seems to conflate privacy with an only indirectly-related subject.

Privacy and personal freedom go hand in hand.

Definitely agree. Privacy is protected by this app. By knowing the physical locations of the police, protesters can evade these anti-privacy forces.

Agreed! If Apple caves in to Chinese pressure on this, what else will they do? Does Xi Jinping's brutal authoritarian regime now effectively make decisions for Apple abroad, since they can always threaten to cut Apple out of the lucrative mainland market?

They are fine to piss off US government, because they know US government will play by the rules and let them do it. China won't, so as soon as China gives them a dirty look, they wet their pants and bend over.

Nothing in Twitter photo statement talks about privacy. It's clear why the app is problematic: It's being used to target law enforcement, putting those people into danger. The debate here should be between the tradeoff of said danger versus the dangers to the protesters, factoring in the standing-up-to-China.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact