Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How do apps get into Apple App Store pretending something they are not?
25 points by cosmorocket 9 days ago | hide | past | favorite | 10 comments
Being a bit into the adult industry, I sometimes see some kind of "creative" ways developers/publishers use to push their adult-oriented apps and services into Apple app store for iOS, and this is something that seems to happen quite regularly.

For example, just today I saw a commercial on YouTube of an app, which clearly said "1 on 1 chat, have fun, let's do it together, blah blah blah". The ad shows some nice lady in a video chat smiling and showing her boobs blurred. Ok, I click a link to see how this app looks in the app store, because I understand it cannot be the same there, and 99% it pretends to be something else than an adult-oriented video chat.

So, I click the link "Install" and get to the app store. There, it makes its best to pretend as a kind of a book reader with recommendations and ability to share your "interests" with your new "friends" over the app. Screenshots show a bookshelf, then some screenshots looking like a social network, nothing you could suspect in doing anything "seditious".

The description is also completely unrelated to anything chat-related, videos, 1-on-1 having fun with ladies and so on.

I am doing the next step and installing the app to see if it really looks as a book reader on the start or not.

When I install and open it, right from the start it shows a gallery with ladies I can "contact" and "have fun" if I topup my account and pay by minute.

Now, my question - how does it happen this way when developers create some clearly fake app page in app store, then get reviewed successfully with their shady app and finally get published in the app store? As far as I understand, reviewers have to install the app and see how it actually works and what it really does.

Why does it happen this way? Do developers send some nice-looking app to the review then somehow replace it with their actual app in the app store?

Thanks for your input!






I can’t speak to the apps in question of your post, but this did bring to mind how Uber hid app behavior from the App Store team:

https://www.theverge.com/2017/4/23/15399438/apple-uber-app-s...

reply


Another similar recent story, with more technical details: https://9to5mac.com/2024/08/02/developers-trick-app-store-re...

> When the app is opened for the first time, it waits a few seconds to call the geolocation API. This way, the App Store’s automated review process doesn’t see anything unusual in the app’s code. We also checked the app’s behavior by running it through a proxy to fake our location to San Jose, California. For this location, the app never reveals its hidden interface.

> After Apple approves the app with its basic functionalities, developers use CodePush to update it with anything they want. The app then reveals its true interface in “safe” locations.

reply


Apple have locations all over the world they can test from and a proxy-like service they sell to users called “Private Relay”. They have all the necessary tools to easily combat this, except the staff to do so.

reply


The judge in the Epic case said they had a 70% profit margin on their App Store fees, ignoring that multiple other groups of people are also funding the iPhone ecosystem and by the time these fees are being collected from users several hundred billion dollars in other revenue has also piled up. They said Apple wasn't investing anything in app moderation.

> At other points, she says Apple “does a poor job of mediating disputes between a developer and its customer,” and it’s been “slow either to adopt automated tools that could improve speed and accuracy or to hire more reviewers” for its app review process. “Apple’s slow innovation stems in part from its low investment in the App Store,” the ruling elaborates.

They have had famous goofs too, like Schiller complaining is anyone watching the App Store, after they featured a very low quality clone app so it's not necessarily a deception on the developer's part.

Meanwhile Apple claims to have about 500 app reviewers doing 100,000 reviews per week: https://www.apple.com/app-store

So I guess the answer is, they just keep all the money and aren't liable for squat.

But maybe they just need Patreon, xCloud and WeChat users to give them hundreds millions more each year before they can afford to do the job they demand they have to do, that they invented for themselves, that they fought viciously world-wide to prevent anyone else doing lol.

reply


> Apple “does a poor job of mediating disputes between a developer and its customer”

As "its customer" users buy retail from developers in the app store because they know (personally or anecdotally, such as from parents whose kids used IAP) that dispute goes my way. And then, most buyers never dispute. So win win for end user and upstanding developers who "get" what the ecosystem is about, win lose for end users versus exploitative apps.

At the same time, IAP is the worst thing Apple's ever done.

It — through short term benefits at the expense of long term trust — has done to software what Google Ads did to contentful web sites.

Ultimately, there's a straight line from IAP and apps it attracts to why EU is using adtech-drafted (and ad-supported media drafted) legislation to dismantle Apple's product experience.

In the long run, IAP and its consequences are likely to cost Apple margins trillions.

reply


I'm assuming they show something different to the reviewer than what they show their users.

My first guess is that the app is essentially a wrapper around a website, and after it's approved, they change the website.

reply


There's one pretending to be Claude, in app store countries where it's the first/ONLY option in the app store, because genuine Claude is not supported.

I tried to warn Apple about it, but their reporting form requires me to have downloaded an app before I report it. Nuts to that.

reply


> Do developers send some nice-looking app to the review then somehow replace it with their actual app in the app store?

No, that's impossible. But if the app connects to the internet, which mosts apps do, then it's trivial for the developer to release the app and then flip a server-side switch that tells the app to change its behavior. The logic would already be built-in to the app.

Incidentally, this is exactly how Fortnite got through review and then got banned by Apple.

reply


It's almost like Apple never checks apps again, the judge in the Epic case had this to say:

> At other points, she says Apple “does a poor job of mediating disputes between a developer and its customer,” and it’s been “slow either to adopt automated tools that could improve speed and accuracy or to hire more reviewers” for its app review process. “Apple’s slow innovation stems in part from its low investment in the App Store,” the ruling elaborates.

https://www.theverge.com/2021/9/12/22667694/epic-v-apple-tri...

reply


Can you not simply use a feature flag that you control remotely to toggle the app between fake and real modes? You just need to toggle the flag on when submitting for review

reply




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: