Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: Apple revoked developer account for 2.5 years and counting
213 points by camhart 41 days ago | hide | past | favorite | 218 comments
tldr: I launched Truple 4.5 years ago (see https://news.ycombinator.com/item?id=14113636). 2.5 years ago Apple froze my developer account. Since that time competitors released similar functionality for Apple products. Apple still has my Developer account on lockdown. What can I do?

long version:

4.5 years ago I launched Truple (https://news.ycombinator.com/item?id=14113636), a bootstrapped parental control / accountability app. Truple is used by parents to gain insight into how their children use the internet, but also by adults who struggle with online habits they'd like to change (porn being chief among them). The screenshot based approach Truple offers proves to work much better than other solutions. It's the only solution that allows you to use social media, but still have accountability for what you're viewing through social media. For example, if you have access to Twitter, you have access to porn. You can't use twitter without having that access. Truple allows you to use twitter while still being held accountable for what you view on twitter. No other solution offers this, because they don't report what you're viewing within an app. Twitter is just an example, the same goes for all "innocent" apps (social media, streaming sites, etc) that contain concerning content.

2.5 years ago, I submitted an early version of a MacOS app for notarization. A couple of days later my Apple Developer account was "frozen" without any message or indication why. The signing certificates were just revoked. After a year or so, Apple said they found "potentially unwanted software" in my app and were investigating. I indicated that was unexpected (that's the only question they asked me). As background, to run the app you have to download and install it, login to your truple account, select what you want the monitoring settings to be, grant permissions, etc. It's a whole process. I point this out because the app didn't do anything malicious or against the device owners' will.

After nearly two years of waiting on Apple (I emailed regularly, they kept saying it was under review) Apple decided they wouldn't finish the investigation but that I needed to create a new developer account. I've since done so. I submitted a redesigned version of the app for notarization, and now, while my account isn't "frozen", notarization is rejected with the message: "Team is not yet configured for notarization." I submitted a "hello world" app using boilerplate code for notarization, and I get the same rejection. I now have another case open with Apple, and it's going nowhere it seems. I'm assuming Apple has flagged my second account due to the previous issue. I fear I'm stuck in a continual loop.

Truple was the first to offer screenshot based monitoring as a parental control / accountability app, but during the past 2.5 years, multimillion dollar competitors have been allowed by Apple to launch apps with similar functionality for Apple products. I have read and reread the Apple developer agreement. My app is in alignment with it... I've made sure since day one that a "reasonably suspicious" notification is present when the app is monitoring. Once enabled, the data captured is end-to-end encrypted and only made accessible to the account owner and their chosen recipients. I've expressed a willingness to make changes if need be, but Apple hasn't indicated I need to make any. They've just been silent.

What should I do? I've been extremely patient with Apple. But it's now been 2.5 years and it's gotten me nowhere. Apple seems unwilling to do anything for me but take my annual developer fee. I'm not famous and I have no significant following to rely on to garner attention to this unfair treatment. I ask for your help.




You said other apps are fine, but are those other apps advertising themselves as parental controls or as stalking software?

I took a look at your website https://truple.io and... there is very little mention of this being for parents. TBH looking at the website is... deeply concerning for anyone that would legitimately want to use this product. Especially on a spouse?!?

I am willing to bet part of the issue is the targeting for this app. The functionality is likely second, but they may have special rules when it comes to parental apps. But there is a very very fine line there that can be dangerous when it comes to surveillance.

Last... I find your focus on "online filth" insulting.


> You said other apps are fine, but are those other apps advertising themselves as parental controls or as stalking software?

Search for "accountability software", and you'll find apps advertised in a very similar manner that have had no issues with Apple, with absolutely no mentioning of parental controls.

> I took a look at your website https://truple.io and... there is very little mention of this being for parents. TBH looking at the website is... deeply concerning for anyone that would legitimately want to use this product. Especially on a spouse?!?

It's used voluntarily by the device owner. It's not used "on" anyone. The whole point of this is to provide accountability. Including a comment from below I'd hoped would get pinned: "Some may not agree with the use of parental control/accountability software. That's fine. Truple is not designed for you. There are tons of people who are negatively impacted by technology and they desperately need/want help. They should have the option to get it, and there should be competition in the space to deliver the best product for them. In today's world, using the internet is a part of life, and isn't something you can reasonably go without. Truple was built to help people learn to use technology responsibly with the help of their loved ones."

> Last... I find your focus on "online filth" insulting.

Online filth was intended to generalize the concerns, not focus them.


I looked up a few alternatives and your website and marketing tell a very different story.

"Online filth" is in your website header, so your kinda focusing on them. I looked at the reviews and your most recent one continues to reinforce something about "filth" https://play.google.com/store/apps/details?id=com.camhart.ne...

As far as not being used "on" someone. Again you have reviews from Spouses and Parents which would imply they are being used "on" someone. Something I noticed the other apps focus on is individual accountability. I see almost no reference to spouses or parents there. Just having some you trust to be accountable too.

Your first line on google play says "Truple protects your loved ones against porn & other online filth. It holds your loved ones accountable in a way that's near impossible to bypass by capturing and sharing screenshots." How exactly is that not it being "used on anyone"?

Your marketing around this tells a story of surveillance trying to pass it off as some "good" where accountability is a secondary issue. While here you are focused on accountability.

And personally I have to wonder if Apple takes this into account when approving apps (which I assume they do)


Suppose I'm addicted to porn and that it's damaging my marriage. I want to be free of it. But when I pick my phone up, I'm tempted to view it. I know I want to be free of it. I don't want my life to suffer any more as a result of it. But I need help, because in those weaker moments my will power isn't sufficient. This is where making it difficult to bypass comes in. Keep in mind difficult do bypass doesn't equal "can't be removed", it means it can be removed but an alert is sent if it is removed. They can't bypass it without triggering an alert, therefore it's not been bypassed (at least by my definition/use of the word bypass).


Again you are saying something very different here than any of your marketing.

If you want to make the choice to stop watching porn, that is fine. If you want to use software like this and you want to ask your spouse to help, that is fine.

But your marketing, your google play listing that I quoted it is not you making the choice. It is someone else "protecting" you and making the choice.

Quoting an exact quote from your google play listing. The very first sentence:

"Truple protects your loved ones against porn & other online filth. It holds your loved ones accountable in a way that's near impossible to bypass by capturing and sharing screenshots."


What if it said:

"Truple holds YOU accountable in a way that's near impossible to bypass by capturing and sharing screenshots."


Then at least what the OP is saying here and what the marketing said would align.

But at this time, there is one story of what this app does here (hacker news) and a completely different story from what is being told on the website and marketing.

The other apps that they are saying had no issues with approval, follow the story that is being told here.

I don't think it changes the problematic nature of the app. But they are claiming to be the same as the other app but there is a dramatic difference in how the capabilities of the app is communicated to Apple and users.


https://web.archive.org/web/20190424203239/https://truple.io... is the landing page when the original version of the app was submitted for notarization. Since you're digging into the ad copy, we might as well be looking at the appropriate website.

It's not two stories... I include customer reviews on my landing page that show spouses, individuals, and parents feedback because all benefit from it.

The Google Play app description is adjusted to be more in alignment with Google Play Developer Agreement policies.

To clarify, keeping Google, Apple, and everyone else happy with the wording in the marketing seems to demand walking a razers edge. I've done my best to comply appropriately for each platform. It's a disservice to the conversation for you to pull in the Google Play listing, make accusations about me/Truple as a result, and not have the full picture. I've shared more in this post than I originally cared to in order to provide the bigger picture. I'm not trying to hide anything here, but there are reasons other than malicious intent for why things are worded the way they are and instead of leaping to those conclusions you could instead ask why.


I am deeply concerned by the mind games you are playing here.

It is 100% 2 stories. Over and over again here you are saying "personal accountability" or similar. Which on paper is fine. If you really truly voluntarily want to do this... great!

But do you not understand while personal accountability fine... your marketing is calling out spouses and parents reviews! Nothing about either of those being there says personal accountability. if you truly actually believed in personal accountability you could only show reviews from them, not from others!

To clarify. If my spouse is the one that thinks that this app "saved my marriage" as your reviews really like to say. There is something... very very wrong. If I feel the need to review it because I felt like I needed help. That is fine! Do you see the difference?!?


There is no razors edge here, your app violates nearly every standard Apple uses to distinguish itself from its competitors... privacy, security, safety. Why are you playing victim and getting offended when people point out the obvious? Were you just hoping for answers that blamed Apple?


I'm in the minority but I'd rather apple not censor my apps (unless they are malware).


It not being censored. Simply creating an app doesn't afford you the privilege of hosting on the app store.


Without any other way to load the app on the device, it is de facto censorship.


A device must have an option for its security to be exploited by allowing the installation of a tracking app that violates every aspect of users privacy, intended to be used by minors, with the express purpose of transferring explicit material to a third party?

If a device does not provide this option for compromised security, it is by default censorship.


It used to say you. I adjusted the Google Play description due to changes in Google Plays Developer Agreement.

See https://web.archive.org/web/20200216145020/https://play.goog...


You don't seem to be engaging with the parents point about your messaging at all with this comment. FWIW, this all reads like an excellent demonstration why this category of app isn't trusted.


I'm explaining how the app can be both difficult to bypass and voluntarily used.


To be honest, I don’t believe you. “Our app will only be used by people on themselves in order to change their own behavior” is a wildly implausible use case to focus on for what is effectively spyware.

My takeaway is that I’m beginning to think that Apple was correct in blocking your app.


And in particular, there's a whole section that reads "With Truple, you can virtually "peek" over your child's shoulder & course-correct as needed."

So right there it's admitting that the intended use is to spy on someone else (in this case, "your kids"). I'm with you here. I just don't believe OP on this one.

Apple thinks this is a spying app, and they don't want it on their platform.


You need to tell us what gym you go to because your mental gymnastics are on another level.


> Search for "accountability software", and you'll find apps advertised in a very similar manner

I googled a bit and found [1] and [2]. Their marketing is very very different from yours [3].

[1] looks very tasteful, considering they are basically spyware. It's a very positive spin with great copywriting.

[2] gives me some Christian vibes, it's not for me, but it still looks decent.

[3] on the other hand just looks really creepy. The copy is awkward and the hectic GIF with the screenshots and the bikini picture just gives me stalker vibes.

It's a question of taste. Great Mac and iPhone are done very tastefully. Truple is missing that.

(That doesn't mean that Apple only approves tasteful apps. There are a lot of poorly designed apps on the app store. But if you are doing something even slightly questionable, and your app looks a bit creepy, then Apple is not going to go out of their way to help you get it out there, even if you aren't breaking any explicit rules.)

[1]: https://accountable2you.com [2]: https://everaccountable.com/ref/61/ [3]: https://truple.io


> It's a question of taste. Great Mac and iPhone are done very tastefully. Truple is missing that.

It is wild to me that there is a megacorporation whose subjective opinion of "tastefulness" (based on their own North American cultural norms) is a gate to software delivery and that there is an entire category of users who actually think this is a good thing.


The issue in this case is the 'spyware' nature of the app, rather than any matter of taste.


What are some of the comparable applications you're thinking about? Can you link to them? You know more about the space than most of us, so help us out a bit.


I've been hesitant to do so. Look at the top several results from https://www.google.com/search?q=porn+accountability+app for apps that don't even try to advertise as parental focused apps.

If you want direct links, send me an email (you can find it in my profile).


For instance, "Covenant Eye" (which: holy shit, how creepy is this!) always blurs screenshots. Yours apparently does opt-in blurring.

I'm interested in the detective project of figuring out what red lines your app may have crossed, just because it's interesting. But cards on the table: none of these apps should be allowed on the app store. Maybe Apple just hasn't gotten around to shutting down "Covenant Eye" yet.


"Ever Accountable", another example, only works for a small list of applications --- if you're not on their VPN, you even have to use their browser. Your application takes random screenshots and advertises that it's hard to bypass, which is kind of the opposite of what "Ever Accountable" claims.


For "OurPact", the third comparable app, there's this fun review:

For the “premium” level with all the controls (which frankly is the service level any responsible parent will want), you have to back each kid’s phone up to iTunes on your (parent) laptop, then erase and reinstall each one with a new OurPact-controlled OS.

I'm starting to see a pattern here.


I don't have any familiarity with the other apps in this space, but I am a heavy (and happy) user of OurPact. OurPact adds a lot of parental management features (including a remote kill) which the Apple controls are desperately missing.

The backup is taken at install time and it's perfectly reasonable to do so. The backup is stored local on your computer using the standard backup mechanisms, it's not uploaded to the cloud.

The installation process is actually opting the device into an enterprise management profile, not a custom OS. That custom OS blurb sounds like some goofy marketing speak or misunderstanding how this process works. The management profile allows OurPact to manage the device on your behalf using the same APIs any enterprise device management vendor would use.

Once the device is opted into the management profile, it's quite obvious it's under control and you have a lot of options including setting time limits on app, enabling various child protection features, preventing apps from being deleted, and most importantly choosing what apps are available and creating schedules for the device (i.e. disabling games during school hours/night).

Nothing about this process hides the fact that the device is managed. There is an OurPact Jr app that can be installed which gives the owner visibility into the schedule. I highly recommend reading the reviews by upset children for the OurPact Jr app on the app store. They are hilarious.

Anyway, my point is as a parent with a tech background and 3 children, OurPact has been a very useful and positive addition to our home life. They've been a good steward. They are limited in what they can do by Apple, but what they have done they have been very transparent and communicative.


You're just teaching your kids that they can't trust you with anything. They'll probably borrow old devices from friends and keep them hidden anyway. And don't be surprised when they hide parties, alcohol etc from you, even when they might need your help.

You might think you're doing something positive here - but all you're doing is ensuring that your kids will forever treat you as an adversary. Don't be surprised when they leave home after high school and never speak to you again.


Wow, you assume a lot yet you know absolutely squat about my family. If you want to ask questions about how it works, how we use it, and how it's benefited my family I'm more than happy to discuss it.


One would be wise to heed p1necone's comment. Based on friends and general life experience, this is 100% the case. I cannot even fathom growing up with parents having such oversight--that's basically a guaranteed recipe for stunted personal growth and/or subversion and lifelong distrust; not to mention an extreme invasion of privacy.

What happens if one's kid's are gay? Or interested in myriad other topics? Should a parent have 100% visibility and supervision over such things?


I do think there is some room for parental control apps, at least at a very young age (I see little reason someone under 13ish should be able to view porn).

But... they need to have their limits. A parent should not know every single thing going on with their child. Especially as their child is figuring out their own identity and later transitioning into adulthood.

I know there was once (yay landlines) that I caught my parents listening in on a call I was on... It broke my trust with them completely. I no longer felt safety from my own parents, to be honest it made me feel like a hostage in my young brain. From then on I did everything in my power to hide things further from them (and being very technical this was not hard).

You need your child to feel comfortable enough to come to you when they need something, not for you to come to them because you saw something that should have been private.

Basic child blocks? Thats fine up to a certain age

Time limits? Of course, that is your prerogative.

But knowing every single thing that is done on what should be a very personal device... that is problematic.


Look at the MacOS app.


Respectfully, no. The Mac App store is not interesting in this discussion; you can install any app your want on a Mac (not necessarily via the App Store, but that's fine for a number of very big businesses that ship Mac software). What we're interested in here is the iOS App Store, which is the only way to realistically install commercial software on an iPhone.


This entire discussion is about Mac apps. My account was frozen when I attempted to notarize a MacOS app. I have not (yet) tried to submit an iOS app.


Oh! That makes a lot more sense. Disregard my previous comment! ("Notarization" should have been my tip-off).

... why are you trying to sell this app via the Mac App Store in the first place?


I'm not trying to distribute through the Mac App Store. Notarization is required for MacOS apps as of several years ago, unless you bypass gatekeeper.


Should I, or should I not be allowed to run whatever applications I want on my phone?

Should I, or should I not be forbidden from filtering the internet for myself? Meanwhile, the content I see is filtered by FB, Twitter, etc. Why should their desires rule mine on my device?

Should I, or should I not be forbidden from seeking help accomplishing my own goals for online use, in particular accountability for giving up various addictions? Meanwhile, FB and Twitter are allowed to know what I view, but I'm not allowed to let anybody else know what I view. Why should they be able to hold me accountable, while I'm not allowed to seek accountability from anybody else?


You're asking me? Ok: it should not be possible for you to install surreptitious screen recording software on an iPhone. The problem isn't that this app got blocked; it's that all the other ones (except maybe that one app that only records screenshots when you use their browser) aren't banned.

But this is totally besides the point. We're not discussing what Apple's rules ought to be. We're trying to help figure out what they are. That's what the author of this app asked us to do.


This is what you wrote that I was responding to: "cards on the table: none of these apps should be allowed on the app store."

I'm hoping you've simply not really thought this through. We can't demand that parents be held accountable for what their children do while also forbidding parents from knowing what their children are reading, watching, writing, hearing, or saying.


> We can't demand that parents be held accountable for what their children do while also forbidding parents from knowing what their children are reading, watching, writing, hearing, or saying.

There's no reason that knowledge has to be garnered surreptitiously. (If your answer is "if it's not surreptitious, then kids will try to bypass it" … well, they will anyway.)


Nobody said it had to be surreptitious. And the app we are all discussing is explicitly not surreptitious. If you go back and reread the original ask HN comment, he says that it is visible.


> Nobody said it had to be surreptitious.

The comment (https://news.ycombinator.com/item?id=29571643) to which you were responding (https://news.ycombinator.com/item?id=29571750) says:

> You're asking me? Ok: it should not be possible for you to install surreptitious screen recording software on an iPhone.


> it should not be possible for you to install surreptitious screen recording software on an iPhone.

I agree with this 100%. It should not be possible on any platform. Key word there being surreptitious.

To clarify, your comments are about iOS apps. Look at their MacOS apps, and it's a different story. The capture the entire devices screen, not just the web browser. And several competitors do it.


FTA: “I've made sure since day one that a "reasonably suspicious" notification is present when the app is monitoring.”

So are you still sure I should never be allowed to run this code on my phone?


>filth

This is a sort of "smelly" word to see in an advertisement, in that referring to material as "filth" brings up memories/images of, for want of a better phrase, cultural intolerance. You may get better reception by calling such content "improper" or something less emotionally charged.


Note that parental control apps are a type of stalking software; it's just that society is okay with it.


I feel so gross after looking at that site I think I need to watch some porn.


> I am willing to bet part of the issue is the targeting for this app.

Then why can't Apple just fucking say that? Why all the stupid drama?


Likely for the same reason that not every rule about combating spam and promotion on HN is public: because if you document them all, you're providing a blueprint to bad actors for how to get around the rules.


Integrity by obscurity?


If you find that concept jarring, I think you'd be surprised by how much of security, compliance, privacy, and anti-spam is facilitated in part by obscurity. These tasks are about imposing costs --- ideally untenable costs --- on bad actors; obscurity has a cost as well.

There are times when obscurity isn't OK (notably, when it prevents other good actors from verifying the security of a piece of software), but this isn't one of those times.


Hmm, ages ago we added a cannabis related app on Apple/iOS -- and there were loads of other (small-ish) already on there -- to help grow, or find (to buy) or to review cannabis products.

Ours was for regualtory compliance -- a legal obligation for cannabis businesses. REJECTED! And after a 6mo appeal/review process -- with moving goal-posts -- we were allowed back in. YAY.

And then they started getting into the application and making demands -- one was to use their payment systems -- which was BS, because our clients get into the App, and use it most of the time outside of Apple devices (ie: Desktop in Browser). So another round, 3mo later and they'd not force the payment issue.

And the next review required us to remove any details about pricing from our application -- not our app pricing -- but the pricing for the inventory under management. So, users, in-app, couldn't see the regulatory compliance data: price of product sold; in the APP. But we pushed through! and finally got published in the App Store!! Yay!

And one month later we had to renew our Apple Developer -- cause this whole thing took 11 months of back/forth with Apple.

Then we got clients using it (finally!) and the clients were all grumpy cause the features were gone. Then another two more years with us trying to Apple trying to improve our App.

An last year, we just bailed on the App Store and have given up.

What's super frustrating is since we initially tried our process (starting in 2016) -- other cannabis apps, with pricing and online ordering and all this stuff that we were NOT allowed to do are in the store.


It's kind of sad that we went from "there's an app for that" to Apple themselves being a huge obstacle to making useful, feature-rich mobile software. I used to think writing an app would be a fun side project or that a job in mobile development could be cool. These days I don't want to touch it with a six foot pole.


We really have to get away from having only a few mega-powerful providers for such services to having smaller providers that actually compete with each other. It's insane that Apple has full control of what goes onto devices that have such a significant market share. The app store(s) should be run by different that do the app reviews and allow apps by their own guidelines. So if you want a cannabis or porn app you can go to an app store that allows these apps and if you like a more family friendly store you go to another app store.

The censorship abilities these companies have is just too much. I don't like Trump but it really bothered me that Facebook and Twitter blocked him. If the block the US president how many smaller guys are being censored and you never will know?


Content and distribution by a single entity...keeps rearing its head.


What regulation requires you to publish an app? That strikes me as very unusual.


Nothing requires us to publish an app -- but when you make LOB software, the user-base is like "where's the App?" -- so you build one. It's not a strict, absolute requirement -- it's a de-facto requirement (like passing to the left)


Did you try with a PWA? Discoverability can be hard vs having an App Store listing but I wonder if that would satisfy your user-base if you made it into a nice experience


Since our struggles (starting in 2016) for this ; feature sets on mobile browsers have improved -- and we've learned more too -- we've mostly dropped "App" type support and have it 99% Bowser based. The only thing we're not able to get now -- but also no longer NEED -- is tight integration with Bluetooth IR/NFC/RFID type scanners ( the Socket Mobile is very popular in our universe -- https://store.socketmobile.com/products/durascan-d750-univer... )

As for Android -- Google is also Cannabis hostile but side-loading onto Android is a breeze (by comparison to iOS)


what? how does that have anything to do with regulatory compliance then?


I don't think you get it; I'll try again.

  - Our app was for business regulatory compliance obligation.
  - Our clients asked for us to get into the App store (customers love that shit for some reason)
  - The process sucked for us.
I seems like you think we had a regulatory compliance obligation to be in the App store -- we did not; and do not. I only got into this thread because dealing with Apple sucks -- and sucked for us especially hard.


Who the fuck has time for this bullshit? I don't miss developing mobile apps.


> Ours was for regualtory compliance -- a legal obligation for cannabis businesses.

Cannabis businesses are illegal to operate in the United States, where Apple resides. Possession and distribution of cannabis is a federal felony in all 50 states and US territories.

This is an issue with the United States, not with Apple.

The lack of side loading is an Apple issue, but if you are going to make that argument (and you should!) then the cannabis app rejection is a red herring.


I‘m sorry for You. I can see how you‘d think that your software is providing society a service. And yet from my perspective your software is malware. I don’t think you have considered the legal ramifications of your software in all markets where the app store is offered. Aside from the legal risk to You, there is also a reputational risk to Apple, a company trying to rebrand itself by focussing on privacy (CSAM nonwithstanding). Do you have safeguards that can 100% rule out the use of your App as spyware ? I think you should move on with your life.


> And yet from my perspective your software is malware.

At first I thought exactly this. This app is disclosing what it does, in the open. The product is very direct and clear what it does, and how it does it. One of the hallmarks of malware is that is is doing things without the user knowing, or in many cases wanting. The only way I would install this is if I wanted it to do exactly what it does.

> Do you have safeguards that can 100% rule out the use of your App as spyware ?

I'm not sure that this is really what is needed here. Any app with telemetry, especially screenshots could be used as spyware. In this case, the app is not hidden, is installed by the user, and it is very clear what it does. There's nothing clandestine or spy-ish about it. It is literally marketed saying this app will take and send screenshots to a person you pick.

> I don’t think you have considered the legal ramifications

This is probably where the biggest potential problems really are: truple is collecting evidence that likely would be used against users in court - be it civil court where it could be used to prove you were doing something bad at 10am (you were chatting instead of working) last week or criminal court where the screenshot might be used as direct evidence of a crime.


With regards to the last point. Truple offers end-to-end encryption. We also permanently delete all accountability data once it's 15 days old. Not saying it's without risk, just that I've done everything I can to mitigate the risks of data getting into hands it shouldn't.

Competitors currently allowed by Apple don't offer end-to-end encryption. Most delete data eventually, but 15 days is the shortest retention I'm aware of.


It's not malware if it's voluntarily installed and wanted by the end user, provides a persistent notification indicating that monitoring is occurring, etc. These are the requirements Apple/Google have for parental control type apps.

In case you didn't read the full description, Apple is allowing competitors to do the same thing.

I've gone over privacy concerns with lawyers though I appreciate your concern/suggestions.


> And yet from my perspective your software is malware.

So don't buy/install it. But don't take away that choice from other people. I have a good married friend who uses parental control software on himself to reduce the temptation to look at porn. It basically just gives his wife access to his browsing history. Sure, he could bypass it a number of ways if he was really determined, but it's more about just raising the level of effort required so that impulsive usage is mitigated.


> So don't buy/install it. But don't take away that choice from other people.

It's not that simple. You are purposefully bringing up an extremely rare use case to detract from the fact that 99% of users of this software are going to be abusive parents who install it on their children's phones without consent. (Or heck, maybe even abusive spouses.) If parents are that concerned, even banning their children from "innocent" apps like Twitter or computer/phone use altogether is better than this invasive 1984-like software.


Designing systems that don't empower abusers is so, so incredibly important.

Completely separately, though, it's also the case that OP is essentially building an Internet-connected backdoor into the system that will have been permitted to monitor cross-app activity. Even if data is E2E encrypted, that doesn't mean the software is immune from vulnerabilities that could then piggyback on the elevated permissions given to the app. And OP being a bootstrapped developer without the resources to have robust security practices is a liability here. Apple's response to treat this as a vulnerability is reasonable.

(As a side note, if OP wanted to distribute source code and unsigned binaries, macOS would allow an end user to run that software, and that's a perfectly reasonable caveat emptor for me. But Apple is under no obligation to digitally vouch for software that enables abusers and hackers.)


I mean, you can run any binary you want on MacOS if you disable Gatekeeper or go into the security settings and allow an exception for it. The developer doesn't need to be known or notarized by Apple. If you trust the source, go for it. If it's your wife or child's computer and you're installing spyware on it anyway, why worry?


> install it on their children's phones without consent

That's a curious phrasing. Are you implying a parent needs consent from their minor child to install something, anything they deem appropriate, on "their" phone?


I'm not the person you were replying to, but yes. That would be an extreme breach of trust and especially with the level of detail that's being collected here, effectively removing all privacy, it's just not ok. This could have disastrous consequences for ex. closeted LGBTQ+ youth with unsupportive parents who could kick them out of the house or worse if they found out.


Not to mention how socially alienating it would be to have this on your phone- who wants to text the person whose parents listen in to every conversation they have?


There's nothing immoral about it if the parent is up front with the child, the child knows the device is monitored. If they don't want to be monitored, then they don't get the device. I know for a fact once my kids are older not a packet will leave my house without getting snooped at least by a parent controls filter. I'm sure they'll find ways around it (as I did as a technical child) but kids need to be protected from devices and the internet just as much as they need to have access. There is a great deal of harmful and damaging content - social media being the least of it in many ways. If a kid feels they need to hide something as meaningful as issues about sexuality (which I do understand is common) from their parents, the issue is not the filters, it's the relationship, and the solution isn't to give the minor free reign to choose to use the internet unabated according to their own wisdom. Once they're an adult, fine. I guess there are just extremely different views on parental authority today.


The position being put forth here is frankly rather horrific and abusive, and on multiple levels. Normally I'd aim to provide a more substantive response, but I'm not even sure where to begin.


I find the idea of snooping horrific and yet strangely find myself agreeing with the parent, because it may be the lesser of two evils at this point. So much of what's online and what can happen to a kid online is even more horrific. FWIW, I don't have kids, so I'm not sure what I'd do. But I know I had my first sex chat on IRC when I was 12, in the dialup days, and it could have gone pretty badly if I hadn't been paranoid enough not to give out my phone number or address to the "14 year old girl" I was chatting with. Things are much, much, much worse now.


I would feel deeply uncomfortable if a parent (or anyone, really) were able to essentially listen in on every conversation I have. A tool that goes this far with monitoring really needs to be installed with consent from all parties.


This kind of software is not used by people in healthy relationships.


I'm not at all convinced this is an extremely rare use case. There are hundreds of thousands of Christian pastors, priests and ministers of religion who would probably find this very useful. There are a lot of Christians who would also find this useful, for themselves.


> You are purposefully bringing up an extremely rare use case to detract from the fact that 99% of users of this software are going to be abusive parents

What exactly is abusive about me wanting to know if my 6 year old is watching porn?

Are parents that signed up for Youtube Kids abusive, too? Is Google abusive for filtering the videos? And are all those who shared articles about how porn was showing up in YTKids abusive for letting parents know that their children might have been exposed to mature material?


I think there's a big qualitative difference between having a Youtube Kids profile and filtering access to certain content versus completely negating a child's digital privacy like this. It actually reminds me of that one Black Mirror episode[1].

Ethically, I agree with the UN Convention on the Rights of the Child[2], which states in Article 16:

>No child shall be subjected to arbitrary or unlawful interference with his or her privacy [...].

>The child has the right to the protection of the law against such interference or attacks.

[1] https://en.wikipedia.org/wiki/Arkangel_(Black_Mirror)

[2] https://www.ohchr.org/en/professionalinterest/pages/crc.aspx


So, to be clear, the government can keep tabs on what my child watches. Google can keep track of exactly what my child watches. Twitter can filter based on its morals, what my child can see and share, as well as monitor everything they read and watch and say.

But I, as the parent that is actually responsible for the child (and may face lawsuits if I don't) am not allowed to do any of that.

Got it.


Governments and companies like Google/Twitter definitely have some shady tracking practices, sometimes even tracking between different apps and websites, but it's still nowhere near as invasive as taking a screenshot of every single thing that happens on your child's phone.


OP clearly does not have children in 2021.


> So don't buy/install it. But don't take away that choice from other people.

You mean the choice to install malware on other people's devices? Why shouldn't it be taken away?


Reveal to a loved one, someone of their choosing. It's not revealing it to the world or even to Truple.

> The whole purpose of this software is to the reveal the private life of others. Why should people be able to install malware on other people's devices? People shouldn't be allowed to do it to other peoples devices. People should be allowed to install software on their down devices, for their kids or for their own use to help with online behaviors/addictions.


If it's your own device, I guess it's fine. I'm not sure I would consider my child's phone to be my device though. I certainly wouldn't have tolerated that sort of behavior from my parents when I was a kid myself.


Whether the device your child uses is yours, or theirs, that's up to you as the parent to decide.

> I certainly wouldn't have tolerated that sort of behavior from my parents when I was a kid myself.

Kids will be kids. I would have been the same way. I learned to pick a lock on the computer desk as a kid in order to play computer games after I was supposed to be in bed. The issues is the negative impact of tech is only growing, and it's harder and harder for kids to come out unscathed.


You keep talking about kids, but your own advertising talks about spouses using this. That's considerably less benign.


Voluntarily using it. Not sure what is not benign about this.


A relationship that involves one partner snooping on the others phone like this is not a healthy relationship. If trust is eroded to that level the solution is counseling, separation or divorce. Not 24/7 surveillance - that's insane.

Not to mention people in abusive relationships who might be coerced into using this. Just because they're aware it's on their phone doesn't mean it isn't being used to control them.


I do think if and only if a partner actually thought they had a problem and needed an app like this to help them through that problem, then it is fine.

I mean you should feel safe enough to come to your partner for help and voluntarily do something like this.

But generally I agree with what you are saying and it is very worrysome. Which is my entire issue with this app. Looking at the marketing it is not focused on the partner looking for help, it is giving praising reviews from the spouses and parents violating their "loved ones" (purposefully put in quotes if you deem something like this necessary) privacy.


If one partner asked the other partner to keep them accountable voluntarily I can't see how this is so bad. Would you say this to a problem gambler?


Phones are also how children are able to find out about things in a safe space.

I am thankful every day that I grew up very technical and I was able to hide being gay from my parents but find the resources I needed online.

If a phone is my only resource, this removes every ability for a child to find resources if they are curious about their sexuality.

Or worse, if their parents are abusive this removes the ability completely for the child to safely get help.


It would be a bit less of an issue if Apple allowed apps outside of their store to be installed to begin with.


Off topic, I knew marriages could be toxic but this is peak. If you don't trust your partner 100%+ the marriage is already dead IMHO.


My friend doesn't trust himself not to look at porn without a safety rail, so he bought a safety rail and gave his wife the key, so to speak. How does that make his marriage toxic?


I think this is what he told you to save face about being in a toxic relationship. Unless he has a problem or is looking at something illegal, I'd say the average person looks at porn sometimes and that there is nothing wrong with it. Even if he was being upfront and honest, why would he put something like this on his partner? It makes no sense. I have married friends and have been married for 21 years, I've never heard of anything like this in a healthy relationship.


I think you're probably just not in the circles that do this. Christian men do this all the time, either with their wives as the 'accountability partner' or a male Christian friend. It might be your opinion that there's nothing wrong with looking at porn occasionally but there are large groups that don't believe it is (eg most Christians) and if a married couple with that belief agree to set up an accountability system like this, whose right is it go deny that. Seems a bit like discrimination.


Safari offers content blocking...


> And yet from my perspective your software is malware.

Your perspective is objectively incorrect. Something cannot be "malware" if it is intentionally installed for a purpose beneficial to the installer, doesn't contain hidden anti-features, or doesn't make itself intentionally hard to uninstall (modulo the obvious cases where that's a feature, such as find-my-stolen-device tools, and this one).

> I think you should move on with your life.

This is useless and the opposite of helpful. If you don't have anything constructive to say on HN, perhaps you shouldn't say anything at all.

> I‘m sorry for You. I can see how you‘d think that your software is providing society a service.

...and this is downright condescending.


I also don't want Apple approving apps which can essentially take over everything and eliminate all safety or privacy guarantees... but this developer is also saying that Apple has approved competitors of the same nature.

I don't know how accurate the fine details are, but this story in its broad outlines seems very unfair and capricious.


Competitors are allowed to capture screenshots randomly and send those screenshots to someone. The details are very similar. Interestingly enough, competitors don't end-to-end encrypt the data. Only I do that.

If there was some little tweak that was super important to Apple, I'd hope they'd let me know about it instead of being silent though. I'm willing to adjust based on their feedback, but they say nothing.


> I also don't want Apple approving apps which can essentially take over everything and eliminate all safety or privacy guarantees.

Unfortunately, it won't happen because that would mean Apple need to ban MDM software from the App Store. Thousands of thousands of companies using MDM and it won't be a good move for Apple if they attempt to do so. Apple could do it, but they will lose profits, money talks louder than doing for the goodwill.


MDM = mobile device management, in case you didn’t know like I didn’t.


Sorry, but "others got away with it" is not a good argument. I would personally view your software as invasive malware, no matter how good your intentions may be. The right course of action here is to report all similar apps to Apple and have them taken down as well.


So by your logic are you saying it'd be immoral for someone to provide an app or program that a user _specifically wants_ that tracks their device activity and shares it with a designated recipient? No one is forcing anybody to install this app, many apps like this exist on a variety of ecosystems and there are many many many testimonies of these types of apps helping people accomplish their accountability goals. How can something you explicitly agree to and want be considered 'invasive malware'?


> I would personally view your software as invasive malware

Your view is objectively incorrect. Something cannot be "malware" if it is intentionally installed for a purpose beneficial to the installer, doesn't contain hidden anti-features, or doesn't make itself intentionally hard to uninstall (modulo the obvious cases where that's a feature, such as find-my-stolen-device tools, and this one).


It's a perfectly valid argument. Apple always says their rules are for everyone and applied equally. They testify to this in court. And yet, it doesn't seem to be the case here.


I don't understand why people are trying to guess the reason why Apple is doing this. I'm not a fan of this concept, but I wouldn't label it as malware to be used by abusive spouses and parents.

If you read the FAQs on the website, it clearly states:

   Can I hide the Truple notification icon?
   No. Truple is voluntary use software, and is not intended (or allowed) to be used as spyware. All of our applications require a persistent notification.
And if Apple thinks this is malware or might be a legal liability, why can't it be transparent in its communication with the developer?


If you read the thread we're commenting on, you'll see that the author removed a conspicuous warning indicator that screen recording was enabled, because their competitors didn't seem to be required to provide one. We don't know who those competitors are, but we do know that the author deliberately made this surveillance app stealthier because they believed they'd get away with it.


My point is that if this is a violation and if the OP is correct that competitors are not following this rule, shouldn't Apple be transparent in its communication with OP? Why drag it out over years with cryptic responses?

Spoiler Alert: Because Apple (and Google) can get away with it.


I removed a red dot that didn't belong on my logo and wasn't being required by Apple with any other apps.


For everyone else reading, here's the subthread:

https://news.ycombinator.com/item?id=29570450


"If you click on the notification on MacOS, a menu pops up indicating the device is being monitored and includes instructions for how to uninstall the app though if you do an alert is sent indicating that you did."

How is changing the logo "removing" a "conspicuous warning indicator that screen recording was enabled" when the app literally tells you that the device is being monitored?

There's no meaningful difference between a new logo appearing that you can tap on to see that your device is being monitored, and the same logo with a red dot. A curious user is going to tap both of them, and a lazy user won't bother with either.

Claiming that altering the app icon without anything more (e.g. changing where/when the icon is visible, impersonating a system icon) is "removing a conspicuous warning indicator" is straight-up deceptive.


I think what's really happening is your app is in a grey area. There's similar apps on the market which haven't been removed, and a mountain which have. Now yours has been removed since someone thought it straddled the line the wrong way too far, and there is no incentive to restore it. That would require affirming that they specifically condone it again. Nobody has any special interest in doing so.

No matter how much you make concessions and try to obey the rules, a surveillance app is always shady. Much like brothels still have a shady atmosphere even where it's legal. Some markets are so.


You could observe how Corporate MDM solutions approach the problem? For example, a replacement web browser, after forcing them to use the webapp? Actually use the MDM APIs?

As an aside, shaming someone out of a impulsive habit may not be sustainable. I'd say that you're trying to cure a symptom rather than create room for self-reflection and encourage them to chase down the missing pieces and identify the root cause.


Holding people accountable doesn't require shaming. Truple isn't a silver bullet, but it is a tool that can be incredibly helpful.

The MDM solutions all require enterprise developer accounts. I want to pursue one, but I hoped to get this resolved first.


Your software sounds like malware. If I came across it I would probably make a YARA rule against it to purge it from any managed network I control.


Your managed network sounds like malware. It intercepts, hijacks, records, blocks, etc. -- and all without the need for the user's continuous permission and knowledge.


I think that's a valid point. Does their managed network do monitoring? Isn't that as bad as this app?


Then you think wrong. If you join the workforce and want to access sensitive corporate information there will be access control and other security measures to make sure you are who you say you are, the information goes where it is allowed to go, and that if something out of the ordinary happens, the SOC gets to know about it.


Our managed networks are company property and if you try to install spyware on it you'll be kicked off. All of that is in the contract that you sign when you join the workforce. It also is not your personal network to toy with.


So the head of the household should issue corporate MDM software/devices to his family and self instead of the much easier route of consumer software.


Nothing I wrote had anything to do with 'household'. Even in the first line I talk about managed networks, not some home gamer doodad.

Anyway, the "head of the household" should get out of 1920 and find out about talking to your family like a person and using standard parental controls as validation, not weird policing. If you make your home a battle, people will find the stuff they want elsewhere and not talk to you about it if they have questions.


The manager of your company should get out of 1920 and find out about talking to the employees like a person and using standard content controls as validation, not weird policing. If you make your workplace a battle, people will find the stuff they want elsewhere and not to talk to you about it if they have questions.


Some may not agree with the use of parental control/accountability software. That's fine. Truple is not designed for you. There are tons of people who are negatively impacted by technology and they desperately need/want help. They should have the option to get it, and there should be competition in the space to deliver the best product for them. In today's world, using the internet is a part of life, and isn't something you can reasonably go without. Truple was built to help people learn to use technology responsibly with the help of their loved ones.


The platform is wary of surveillance applications, which often have off-label use as stalking tools. It's not so much about whether people agree with parental controls or not; it's that Apple sets a different standard for intrusive parental control software than it does for other tools, because parental control tools are widely misused.

If that's the problem you're running up against here, and not that you somehow embedded malware/adware into your app that they screen for, I think you might have trouble getting anywhere with this.


Then why do they allow competitors to do it? They should be facing the same issues.


I have to imagine the answer lies in the interpretation of the rules you quoted in your post: My app is in alignment with it... I've made sure since day one that a "reasonably suspicious" notification is present when the app is monitoring.

Could you elaborate on what your version of this reasonably suspicious notification compared to your competitors actually is?


The original version of the app I submitted for notarization had the Truple logo, with a red dot/circle to indicate recording and make it more suspicious. The redesign I did dropped the red dot/circle because competitors weren't being forced to do anything like that. Competitors just use their logo. And their logo's aren't any more/less suspicious than Truple's. If you click on the notification on MacOS, a menu pops up indicating the device is being monitored and includes instructions for how to uninstall the app though if you do an alert is sent indicating that you did.

It's convenient to think I've done something wrong here... but I've puzzled over this for 2.5 years, and if I have done something wrong, the least Apple could do is let me know so I can correct it.


> The original version of the app I submitted for notarization had the Truple logo, with a red dot/circle to indicate recording and make it more suspicious. The redesign I did dropped the red dot/circle because competitors weren't being forced to do anything like that.

Doesn't this seem kind of damning? Like you admit the recording dot is suspicious, so you remove it because why? Are you targeting anyone that isn't fully aware of what the truple notification means, maybe because they are a child or otherwise mentally compromised?


Put on the hat of the end user. Keep in mind the end user is a child, or someone struggling with an online addiction/behavior they want to quit. They welcome the app, but those issues are somewhat personal. There's a balancing act I'm trying to walk here, of being reasonably suspicious while also not publishing for everyone who peeks over their shoulder that they're using an app like this.

Again, if the red dot matters, I'll add it back.


> Put on the hat of the end user. Keep in mind the end user is a child, or someone struggling with an online addiction/behavior they want to quit. They welcome the app, but those issues are somewhat personal.

This sure as hell reads to me like you’re trying to hide the fact that you’re recording vulnerable user’s screens from them.


You can read into it however you want. It wasn't my intention.


So you did the same thing, without trying?

The “trying” part isn’t the practical problem.

And if that was not your intent, you are not thinking through the obvious implications of your own software design.


You seem to be sticking a hood over your eyes and pretending that your app is only used for the most morally sound use cases you can think of. You've written something that enables abusive relationships and helicopter parenting and you should be ashamed.


Please keep this kind of emotionally-manipulative, anti-intellectual flamebait off of HN.


Apple's reasonable concern here might be that the end user isn't a child, or even someone who consents to have the application running.


No. He literally just said he added the dot to make it more likely to be arppoved, then he realized it's unnecessary and removed it.


What's your hypothesis about why they're not letting you do something? Do they just not like you? That seems unlikely.


And yet, they don't explain what the issues are. A bit hard for him to tell what the issue is if they don't say what the issues are.

Sure seems they don't like him to me.


If you think they should do more, then the first step can't be criticized on the grounds that it's not the last step.

Presumably, more will come.


Any software like this will, without fail, be used by abusers to do things other than blocking pornography. If it only did that one thing this wouldn't be a problem.


If someone with access to the phone installs the app, will the monitoring be obvious to a user who is the handed the phone?

AKA if someone can install the app is it possible to use it to monitor someone without their knowledge?


There's a persistent notification that says "Truple - Screenshot Accountability" on it, and when it's clicked, it opens up the Truple app or menu depending on the platform. Competitors do a similar thing and aren't running into issues with Apple for it. If Apple had an issue with something like this, they should let me know and I'd adjust according to their feedback. I've asked--all I get back is silence.


Are you sure competitors aren't struggling with App review as well?


They've had apps in the app store for years, and MacOS apps notarized. If they're struggling, they're at least able to work with Apple where I'm not.


They're also more restricted than your app (one of them only works if you load the app by resetting the phone in iTunes; another always blurs screenshots; another only records screenshots from their own browser app).

I think you're doing something the App Store simply doesn't want you to be doing, and it's hard to fault them for that.


This has nothing to do with the App Store. It's a MacOS app. None of the competitors require resetting a phone to use their MacOS app. Only one of the competitors requires blurring. None of them require a custom browser on MacOS.


Your app constantly surveils a subject and sends frequent random screen captures to a controller - no matter the activity.

In order to eliminate a few sexual behaviors you’ve created an application that has serious potential for abuse and control. A well functioning adult will simply have a burner phone and the infected phone will only be used for “approved” uses. A minor or abused adult will stop using the phone and probably be isolated as a result. Which of their friend or family will want to have even benign communication with the subject knowing this app is installed (because they will).

You’re not a victim here.


> You're not a victim here

If the app was just rejected I'd agree. Freezing the account, and then _years_ later suggesting the user create a new account makes no sense.


I think it makes sense if the goal is to never approve such an app. A rejection and subsequent tinkering might allow a derivative to make it through. Perhaps they believe in leaving such projects in purgatory and the developer unable to troubleshoot.


Except that other apps with very similar functionality / level of obviousness while in use are still available. Without Apple providing information on what this app does that violates their rules which the other apps do not violate, there’s no way to know that equal enforcement is being applied. I don’t think the author would have posted if all such apps were removed.


This is a bit like arguing that one shouldn't be punished for a traffic violation because not every other potential offender got caught.


Sure, if you limit “traffic violations” to “driving without a license,” and every car made you present a valid license before it would start.

EDIT: The difference being, Apple says YES / NO to every app, and every app always goes through the process, unlike policing traffic violations. If Apple is not being inconsistent, they need to say why.


So don't buy macs.

Either way, in this case they blocked a developer that was making what sure as hell looks like spyware to me, I'm not convinced this is a bad thing.

Also, you absolutely do need a license to operate a car. Probably not a good metaphor for your case.


Not sure if you replied before or after my edit to clarify. Apple has the capability to consistently enforce its rules here, unlike law enforcement, and does not appear to be doing so.

I personally think all such apps should be blocked. What bothers me is the inconsistency, or the opaqueness that means we cannot determine whether or not there is an inconsistency.


That's not a fair strategy. Say if this developer has published several reasonable apps before this, that strategy would forever cut them off from updating those as well.


I’m not trying to be abrasive here but I do believe it’s fair collateral damage if your hypothetical scenario is true. If he lost update access to his other assets by trying to push this risk onto the app store, I’m ok with it.

The app he made in our example is privacy degrading with control and abuse likely being its best feature. He took his shot.


I disagree, quite strongly.

Let's leave behind this app for a second, and speak in generalities. What should Apple do if it believes that an account is making and distributing spyware or malware? Should they not ban the account altogether? In fact, wouldn't you be mad if you found out that there were playing whack-a-mole with individual submissions from a developer that they'd already decided was harming end users? I personally would be pretty annoyed if it turns out that they let a malicious developer produce spyware and continually tweak and re-submit their apps it until the approvers let it through, and would absolutely support a policy of banning whole developer accounts for certain infractions. I doubt I am in the minority here, even if there are disagreements about what those ban-worthy infractions should be.

So, the question here is whether or not this app is spyware or not. I personally am beginning to suspect yes, both because parental software always toes that line, and based the apps marketing and the developer's comments in this forum. Others might disagree. But while it's reasonable to disagree about whether this is spyware, given the above logic I think we can agree that it's perfectly reasonable for Apple to ban an account that it has determined is making spyware. You should disagree with the determination, and understand that the ban follows that determination directly.

Personally I think the weirdest thing here is the recommendation to make a new account. Generally most companies hate it when you try and recreate an account after a prior ban, and an official recommendation here seems quite odd.


Fortunately you have an android app, so you are able to use available statistics to estimate loss of earnings.

That may be enough to generate enough interest for you to find some form of "no win no fee" legal representation on a matter which I admittedly have no clue about.

Good luck!


I've thought about this... but Apple's developer agreement has some wording in it that makes me believe it may not be possible. I'm no lawyer, so it's certainly something I could ask if I go the legal route.

Thanks for the suggestion!

> Apple shall not be responsible for any costs, expenses, damages, losses or other liabilities You may incur as a result of Your Application development, use of the Apple Software, Apple Services (including this digital notary service), or Apple Certificates, tickets, or participation in the Program, including without limitation the fact that Apple performs security checks on Your Application.

https://developer.apple.com/support/downloads/terms/apple-de...


I think this would depend on your jurisdiction. Just because it's in the terms doesn't make it enforceable.


This is the main reason why I am not interested in being an app developer. Your business is in the hands of someone who can cut you off and get away with not even giving you the time of day. Not worth the risk.

(That being said: I'm not sure I would have approved an app like yours since it is designed to invade privacy)


The hesitancy to approve is understood on my part. Have a child who's negatively impacted by tech though, or be married to someone who is, or attend an addiction recovery group for any online addiction, and you'll be persuaded otherwise. Apple allows parental control apps.


Isn't that all electronic businesses? I don't think anyone except maybe netflix actually controls their entire networking infrastructure. CDNs and cloud computing businesses make arbitrary decisions all the time. Payment processors, publishers..


To a greater or lesser degree yes, but there are things you can do to safeguard your business.

I don't think the biggest risk is really your hosting environment, but domain names. That's the one link in the chain that can really make life miserable if you were to lose your domain name. Which in effect is your identity. You can find replacement service providers for hosting. It may take you a bit of time to move things, but there isn't a lack of choice. It is harder to deal with losing a domain name that is essentially your brand.

However, I know several businesses whose product only runs on AWS and would need a ground-up rewrite to run anywhere else. Not to put too fine a point on it, but that is exceptionally poor risk management and if I were to find myself in this situation I'd have nobody else to blame but myself.

And this is transitive: if you are a customer of a product that is tied 100% to a single infrastructure provider and they are critical to your business, you must have a contingency plan in case they get into trouble.


Parental control sounds like something the OS should do, not an app. From that viewpoint, I think you chose an application that inherently has a risk of being taken over by Apple, and frankly, you should not be surprised that something like this happened.


Whether I agree or not, they aren't doing it. They've had decades to build it in, but what is built in sucks and is easily bypassed. See https://protectyoungeyes.com/12-ingenious-screen-time-hacks-....

While I wasn't so aware of the risk when I started, I've learned plenty about it over the past 4.5 years.

> frankly, you should not be surprised that something like this happened. Did you read the whole description? The surprising thing is the unfair (unequal) treatment, the silence on their part, and the long delay.


I thought the point is that it is easily bypassed or disabled, so in a coercive or sensitive situation the physical holder of the phone can take control.


Ok, but with parental control you are trying to control other apps. Apple does not like that. They want apps to stay in their own sandbox and mind their own business. I agree with you, but given Apple's strong determination to control everything on their platform, what you tried was just doomed to fail from the start.


Sounds like an invasion of privacy that will be forced on people who can't provide meaningful consent.


A computer sounds like a hacking device used for ransomware. Just because a tool has one possible negative use (which I do everything I can think of to protect against) doesn't discount it's valid use cases and bar it from being used.


2.5 years sounds pretty extreme. Not from Apples part (its pretty on-brand), but on your part.. To me it sounds like it would be time to just leave the platform behind and move on with your life? Ask yourself is it really worthwhile to fight the uphill battle against Apple to get your app approved?


Is it really a fight though? Presumably they send a letter every x month, and do other things with their life in the meantime.


I don't intend to throw in the towel until I've exhausted my options. I'd hoped that being patient would garner favor with Apple. This has proven it doesn't.

Personally speaking, I also fear rejection/failure. Dealing with this has been extremely difficult for me emotionally.


You develop stalkerware, Apple booting apps like you is one of the few good aspects of the app store.


This is factually incorrect - it is not stalkerware. The app makes it very clear that it is installed and watching you.


Read other Reddit+HN threads on what other people have done in your situation.

The main way that people get accounts reinstated in cases like these are the situation blowing up on HN and a lot of people getting upset (at Apple/Google (the other major offender)). This is unlikely to work in your case, because (judging by the comments) a lot of people are offended by the very idea that you'd develop an app to help people overcome a porn addiction, and additionally are withholding useful advice and making false/deceptive claims[1] as a result.

Your best shot is to look for actual legal advice given to other people in your situation and see if you can follow it.

Kudos to you for developing something like this, by the way - I might use the Android version to get accountability for myself. If you look carefully, you'll see the the majority of objections that the other comments are making are riddled with misunderstandings, deception, and moral outrage - I can't see a single legitimate argument that your project is actually harmful.

[1] https://news.ycombinator.com/item?id=29571229


Yikes, this app is gross. Good on Apple for keeping you off their store.


I make rather nerdy music and art apps full time, and being shut down by Apple still worries me. What if I said the wrong thing on twitter? Very unlikely but it pisses me off that they can push the cancel button on by business. I didn't really realize this until the past few years, with significant time invested in the platform.


It seems like this discussion should be raised up a level. We can debate the merits of the app itself, but then that leads to opposing, valid arguments. The app's creator can assert the numerous beneficial uses of the app. Detractors can note the potential for misuse/abuse. Neither is necessarily a winning argument in an objective sense. And thus, we need some arbiter. In this case, that arbiter is Apple, who in this case, must anger some subset of the people on this thread.

So really, the debate is "who is a valid arbiter?" On what basis should the authority to deny access to a platform/market be granted or revoked? It seems that discussion is, to date, wholly inadequate.


If Apple did not retain such tight control over iOS app distribution (and considerably looser controls over Mac app distribution), then they would still have a moral obligation to help their customers defend against malware. And this application is definitely close enough to being malware that Apple would have to assess it as a potential threat and at least consider the possibility of blocking it.

You can't exclude Apple from having to make a judgement call here unless you want Apple to be thoroughly hands-off about security and privacy concerns to an extent that was really harmful to Microsoft's reputation back when they weren't taking security at all seriously.


This sucks. :(

Apple is a closed ecosystem, and building on a closed ecosystem always carries the risk that the ecosystem owner will decide an individual or company just can't play. But that doesn't make it better; it's just a risk to be aware of.


Apple, Google and Microsoft might just stop you as they get a better cut from the multimillion dollar app partners. Or your app might have some libraries that are having security issues.


I'd happily change the libs if there was an issue. I'm not aware of any and Apple hasn't indicated any. I take effort to keep libraries up to date, but certainly don't have everything on latest.


Do you embed any monitoring, performance tracking, revenue-generation, advertising, or tracing tools in the app? Did you at any previous time?

(I think it's just as likely that you're pattern-matching against stalker software that Apple screens for, just by dint of what your app does).


2.5 years ago I had Bugsnag setup as part of the app, but removed it in the redesign because the developer agreement indicated something about analytics/tracking and I felt it'd be safest just to remove it. No advertising tracking in the MacOS app ever.


This is going to sound facetious, but at what point do you have to create an entirely new identity for yourself? Change your name, perhaps get a passport from another nation that legally sells citizenship, perhaps get a new SSN, just to get around issues like this?

I guess an alternative would be to rent the identity of a homeless person, or perhaps the ID of someone on death row?


Many people have warned against mechanisms like app notarization. Ironically the few exceptions that can warrant such a system are apps like yours.

Some still say that is makes computing secure, but I think the arguments are mostly stupid or dishonest.

I don't know what you could do, I would not buy into their ecosystem.


Stop tending other peoples' gardens. I don't write software for any device if I need to ask permission from some faceless billion dollar corporation. I write software I can manage myself.


Small claims court?


I am not a lawyer, but I doubt if Small Claims Court would be useful. I doubt if a judge would/could compel Apple to restore your Developer account. The best you might expect from that route might be to get Apple to refund any fees you paid for the Developer account.


He doesn't have a small claim, he wants a specific performance, that is he would be suing to have a judge force Apple to contract with his business. For that, with that opponent, you would need a whole legal team.


Thanks for the suggestion. If I can't get anywhere with "going public" about the issue, that's the only other potential solution I can think of. Not one I want to have to use though...


Small claims court is for what it sounds like - small claims (< 5-10k depending on state).


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: