Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Forces Developers to Remove Screen Recording Code From iOS Apps [Update]
- Thread starter MacRumors
- Start date
- Sort by reaction score
Because it was the only non valid point he could find out and instead ended up saying nothing worthy at all, that's how many discussions end up here.
Because they may not have been able to tell that the apps were doing this, because developers don’t submit their source code when they upload apps for review, and snooping traffic many not work due to location or IP range lockouts, and isn’t that easy in the first place.
Then it's Apple's own guidelines and policies fault for them not to have a way to fully know what an App is going to behave or do in their own "protected" OS, before publishing it.
Any reason you comment on articles without any basis in fact for what you are saying?
For example, where does it say anywhere in this article, or in any other article about this issue, that Apple knew of this issue before it was published by a media outlet?
The analytics capability is probably a legit part. It’s one way for app developers (especially UX designers) to find out how effective their app design is. The way I see it is that analytics companies like Glassbox utilize it as a tracking service (not necessarily wrong as they do provide ways to mask personal information), with the failure point being the Air Canada app developer failing to take precautions masking their customers’ sensitive data.
Like Steve Jobs said, even Apple is run by humans, and humans make mistakes. The way apple responded at least have been positive so far as they took actions. It’s a bit disingenuous to keep bashing Apple despite their corrective actions.
Their actions are only corrective when it's viral on the media, also if it was a UX design supposed for developers to "find out how effective their app design is" then Apple wouldn't have done anything at all.
That's like saying it's your own fault for being struck by a drunk driver because you didn't make yourself fully aware of all drunk drivers that were out and about.
The average of app has hundreds of thousands, if not millions, of lines of source code, and even with full access to the source code it is impossible (logically, reasonably, and practically) determine what the source code does. And even then, apps rely on a great extent on back end third-party code for functionality (as is the case here).
But kudos, well done, on another baseless lllogical contribution to the cesspool of nonsense that MR has become.
Seriously? That's easy. Before Apple can act on an issue, there must first be awareness of the issue.
It's nice when you have the benefit of hindsight.
Um ok. So they should somehow know that if you type a secret code in an app, only if you aren’t located at apple, then it behaves differently than otherwise? (For example).
Good luck with that.
Theoretically you are correct, but there is a limited number of things you can audit in a reasonable timeframe. Now that this has been discovered I'm fairly confident it will become part of the go-forward process.
Yeah, I was wondering the same thing. Apple of late is too reactive, when they need to be proactive about things like this. Especially their coveted App Store... like how the hell did these apps even get approved as they are in the first place?
It's only logical if I defend Apple for you, am I right? You said nothing at all and used nonsense comparatives which don't relate to what I've been saying since the start of this thread. If a company is not capable of having a way to determine if the App's code, then they can't make up false claims such as their non existing privacy concerns. The only "privacy" care they do is when their name is on fire on the media about some malicious App, they remove it, just like every other AppStore does. Nothing different, nothing new, nothing to praise of.
[doublepost=1549581260][/doublepost]
How many Apps are in the App Store doing the same or worse that we don't know? They should hire a staff team to sort them out.
If what you're saying is true then that actually makes my point stronger. So Apple has review guidelines and reviewers for nothing? They need everyone else to find all the problems in their software and the apps running on it? I gave 2 examples of where Apple knew or at least should have known about the problem long before the general public ever knew about it, and there are countless more throughout the company's history.
I didn't get your point, you should reformulate your sentences more clearly.
Apple knowing about a problem or bug.
The media and the general public making a big deal about a problem or bug.
Let's play Spot the Difference with those two statements.
Point is, why does Apple wait until the media and the general public know about an issue or make a big deal about it before doing anything about it? I didn't say "Why does Apple wait until they find out about a problem before they fix it?"
They must have review guidelines and a team of reviewers for something. If they're not going to know about issues like this until TechCrunch writes an article about it then they need to decide if paying all those reviewers to not catch stuff like this is really worth it.
That’s what I’d like to know. Why does it take someone else to ‘discover’ this instead of Apple in the first place?
Good! I can’t believe I have 2 of these apps! Expedia and Hotels.com!!
Yesterday, TechCrunch discovered that multiple popular iPhone apps from major companies are using intrusive analytics services that capture data ranging from taps and swipes to full screen recordings, all without customers knowing about it.
Today, Apple has informed app developers that this kind of screen recording analytics code needs to be clearly disclosed to customers or removed from iOS apps. From an Apple spokesperson's email to TechCrunch:At least one developer has already been told to remove the code that recorded app activities. From an email to the developer:Apple is serious about getting rid of this code and gave the developer in question less than a day to remove it and resubmit the app before it would be pulled from the App Store.
High-profile apps like Abercrombie & Fitch, Hotels.com, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm with a "session replay" screen recording feature.
Session replays are designed to let developers screenshot or record or a user's screen and then play back those recordings to see how users interact with their apps. Taps, button pushes, and keyboard entries are all captured and provided to app developers.
None of the apps above disclosed that they were recording a user's screen in their privacy policies, which is apparently in violation of Apple's App Store rules.
Apple also requires apps that record the screen to have a little red icon on the top left corner of the phone to make it clear that the screen is being recorded, and it sounds like Apple is going to enforce this rule for this kind of analytics tracking.
Most likely, apps will need to remove this feature because customers are not going to willingly use an app that's recording everything that they're doing and displaying a persistent red icon while the app is open.
There are many other analytics companies that have similar practices like Appsee and UXCam, so there are undoubtedly many more apps that are using these secret screen recording features without customer knowledge.
Article Link: Apple Forces Developers to Remove Screen Recording Code From iOS Apps
Yes, Apple should have trust issues with any developer submitting an App.
The headline of this article is misleading ... the article explains that this sort of activity is allowed, as long as it is disclosed. I would prefer this being banned altogether though. The headline says that developers are being forced to remove this code, which is true, but they can add it back in as long as they add a disclosure.
Well, think about it.
From Apple's perspective, they are offering this feature to help developers. What Glassbox is doing is outside Apple’s intention, and Apple wouldn’t know what kind of data Glassbox is offering to its customers. Apple probably simply had a good faith that the app devs would utilize this feature as intended. But like I said, the failure point end up being the devs of Air Canada.
So now Apple is tightening their policies in this. Policies are never perfect as you cannot come up with every possible scenarios right off the gate.
If you want a prefectly tight platform tighter than Apple’s, you’re welcome to find another alternative. I take this as a positive that Apple at least reacted in a positive manner. In the world of zero ethics companies like Facebook, I’ll take an apple anytime.
For the most part Apple seems to be only about perception these days. Back in the day, Apple backed up the perception with top notch products. Best in class performance, best in class tech specs, etc. If not best in class then so close it did not matter.
Today, not so much. Today there are no Apple apps that are best in class except maybe Logic. And Logic is hampered by poor or inconsistently updated hardware.
Privacy seems to be only important when Cook is in front of the cameras. Run of the mill Apple engineers are not given the time, schedule, staff, or money to make sure Apple stuff works right and respects Apple's privacy goals. This is what we see every day and is the result of a finance guy running a software development company. What comes first to Cook is schedule, then profits, then Wall Street, then bonuses, and finally the customer.
We'll see more and more of Apple not living up to its product quality goals as long as Cook is at the helm. Cook will however hit all of the non-tangible non-product goals like green, diversity, etc. That is his expertise. We know this because that is what he enjoys communicating about. That is what he has a passion about.
Oh... I understand now. You are expecting 100% perfection. In other words, Apple should find every single problem, potential exploit, unintended operation/behavior, under all conditions, before an app is approved.
"They must have review guidelines and a team of reviewers for something."
Of course they do. But again, you are expecting 100% perfection. Please tell me where that exists.