Apple's Enterprise Developer Program Also Being Used to Distribute Hacked Apps

[Crowbot]

Bingo. The only one who gets it. You've paid for the device but Apple take away your freedom to do whatever you wish with it. Imagine buying a Mac but Apple doesn't allow you to run emulators, Kodi, torrent clients, etc. Perhaps that's why they want to replace Macs with iPads to limit what you can do without going through their app store and services. Piracy is just a guise to take away your freedom and force upon a fascist authoritarian rule ecosystem.

Nice conspiracy theory ya got there. "fascist authoritarian rule"? But there my be another angle.

Apple creates hardware and software and maintains boundaries to keep our stuff secure. They may not let you take complete control of the system but the ostensible purpose is security. I would also like a torrent client on my iPhone but it's not a great burden to do it on my desktop. You do have the options of jailbreaking the iPhone or going with Android. (maybe you already did) But I like the idea of having one device that is secure, with the vendor in support of that attitude. So far Apple appears to be doing all they can to keep our devices secure. When they stop doing that I'll consider other options.

 

[jtara]

that means, user is entitle to do whatever he feel like on their own phone LEGALLY , including but not limited to jailbreak, sideloading or install whatever app without asking Apple what they think its politically correct.

Apple, however, is not required to facilitate it.

And, I believe, this applies only to the consumer - not to third parties who facilitate it.

 

[Intellectua1]

I have seen Operating Systems without regulations. I like to use Apple because they have a walled garden...
In all honesty, if you want to do whatever you want with your phone go ahead and buy an Android device...

The only real advantage for the iPhone its the solid, safe, and stable software experience...

"Solid, safe, and stable software experience"
I almost rolled out of my bed laughing at that part of your comment. I'd advise you to start reading the hotfix update changelogs, as well as reading creditable tech blogs before making statements like that.

 

[Apple_Robert]

It is a real shame that Apple and honest users have to put up with this kind of garbage.

 

[cmaier]

"Solid, safe, and stable software experience"
I almost rolled out of my bed laughing at that part of your comment. I'd advise you to start reading the hotfix update changelogs, as well as reading creditable tech blogs before making statements like that.

His point is accurate. He was comparing to the dumpster fire that is android. Good luck getting security updates with that.

 

[agffth]

In 2010 and 2012, the U.S. Copyright Office approved exemptions that allowed smartphone users to jailbreak their devices legally,[79] and in 2015 the Copyright Office approved an expanded exemption that also covers other all-purpose mobile computing devices, such as tablets.

that means, user is entitle to do whatever he feel like on their own phone LEGALLY , including but not limited to jailbreak, sideloading or install whatever app without asking Apple what they think its politically correct.

Then do it.

 

[cmaier]

In 2010 and 2012, the U.S. Copyright Office approved exemptions that allowed smartphone users to jailbreak their devices legally,[79] and in 2015 the Copyright Office approved an expanded exemption that also covers other all-purpose mobile computing devices, such as tablets.

that means, user is entitle to do whatever he feel like on their own phone LEGALLY , including but not limited to jailbreak, sideloading or install whatever app without asking Apple what they think its politically correct.

Do what you want, consistent with applicable law.

That doesn’t mean Apple has to make it easy for you.

 

[MacsRuleOthersDrool]

People have been sideloading apps through this method for years. Apple is well aware of this. The fact that they are doing a massive crackdown now is probably because their revenue is increasingly dependant on the "services" category.

Perhaps Tim can quit exerting so much control over what I want on my phone. Why can't I have torrent clients? Why can't I set custom DNS?

I don't think Apple is worried about people sideloading ORIGINAL Apps using this method; I think the real issue is with the Piracy angle.

 

[willmtaylor]

I don't think Apple is worried about people sideloading ORIGINAL Apps using this method; I think the real issue is with the Piracy angle.

I would imagine there are several concerning angles.

 

[MacsRuleOthersDrool]

In other words, Apple wants to close loopholes to bypass Apple App Store and services to guarantee their 30% cut even for legit apps like Kodi. This is equivalent to if Google was to reverse their current policy by removing legit apps like Kodi from Google Play Store then disabling side loading of apps.

This isn't about "loss of revenue". The amount of lost-revenue is minuscule.

It's about helping to prevent Piracy of legit App Store Apps. The REAL App's Devs get screwed-over by that, too, and to a MUCH larger extent, percentage wise.
[doublepost=1550175171][/doublepost]

I would imagine there are several concerning angles.

Nope. That's the only one that makes sense.
[doublepost=1550175355][/doublepost]

Lmao they finally found out

Apple likely hasn't been paying too much attention to the Piracy angle. They for sure knew that people were using EAC's to allow the Sideloading of "non-App Store" Apps; but were probably legitimately unaware of the Piracy angle.
[doublepost=1550175503][/doublepost]

So apple is depending on honest devs to keep iOS users safe. Lol.

Wrong.

They are depending on a signed Agreement, and their ability to revoke Developer Certs.
[doublepost=1550175676][/doublepost]

Apples going to have to change how these things are signed to add limits. (Numeric? Geographic?)

There are already numeric limits; but they have to be fairly high (10,000 per App, IIRC) in order to accommodate large companies with in-house Apps.

As far as geographic limits, that ends up being impractical, due to multiple-locations of large companies
[doublepost=1550176118][/doublepost]

Bingo. The only one who gets it. You've paid for the device but Apple take away your freedom to do whatever you wish with it. Imagine buying a Mac but Apple doesn't allow you to run emulators, Kodi, torrent clients, etc. Perhaps that's why they want to replace Macs with iPads to limit what you can do without going through their app store and services. Piracy is just a guise to take away your freedom and force upon a fascist authoritarian rule ecosystem.

********.

Just. ********.
[doublepost=1550176272][/doublepost]

Yes because bad people play by the rules. LOL

Ya because there’s NEVER been any nefarious apps slip through the screeners and make it onto the App Store. LOL

What? Like THREE in nearly a DECADE?

That's pretty close to "Never".

Now, let's look at the Google Play Store...
[doublepost=1550176711][/doublepost]

insignificant ? I think the number of people using sideloading their app like Kodi / torrent app are in hundred thousands...

You should check out some of those most famous paid sideloading service on the internet and check how many active users they have. I am not even counting those free sideloading service out there.

and the people loading legit Apps from the App Store are in the hundred MILLIONS.

Now what?
[doublepost=1550176934][/doublepost]

Just like the war on drugs that never worked, Apple should just embrace the fact the it will have to allow Apps that do not meet its political correctness standards. People would not go to these extreme measures if they could load the software they want on their phone.

That's why Apple has turned a blind-eye to this abuse for years.

But as soon as Apple is seen as not doing something to prevent legit App Store publishers from losing their revenue due to Piracy, Devs. may start abandoning the entire App Store system, and that can snowball fairly quickly...

 

[Cruncher]

I have a bigger Problem:

I have 2 Apple ID`s:


1 is for iTunes, Apps and DEV Account - no 2FA acitve

1 is for iCloud Account (former MobileMe Account) with subscriptions too - 2FA active


I was only able to enable 2FA for the iCloud Account. I have a big problem. How should I manage that? When I check the security settings on my iPhone is says "2FA is active". Do I really need to create an iCloud Account for my iTunes and Dev Account and then login a second time with this account? I am already logged in for iTunes purchases with the first one. So I had to login a second time to icloud with that.

It would then show like this:

Apple ID 1:
Logged in for iTunes
Logged in as second iCloud account

Apple ID 2:
Logged in for iCloud


Apple is doing weird things these days...

 

[albebaubles]

You don't need to enrol a phone; theoretically anyone can install an enterprise-signed app on any phone. I've tested this myself: I can install our in-house apps on my personal phone and nothing stops it.

I think if you look you'll see you've installed a provision that gives the enterprise access. That provision can even be setup to disallow you from uninstalling it - we would use this method to stop clinicians from stealing our iPads for home use.

 

[Intellectua1]

His point is accurate. He was comparing to the dumpster fire that is android. Good luck getting security updates with that.

Good luck being largely misinformed. As a user of both platforms I find comments like yours hilarious. But I'm not hear to argue, believe what you will. Like I said read the changelogs. Insecure is insecure mate, and although it's very popular with people like you, you can't make excuses for 1 platform by pointing fingers at another. Good day!

 

[cmaier]

Good luck being largely misinformed. As a user of both platforms I find comments like yours hilarious. But I'm not hear to argue, believe what you will. Like I said read the changelogs. Insecure is insecure mate, and although it's very popular with people like you, you can't make excuses for 1 platform by pointing fingers at another. Good day!

Are you joking? I can point you at lots of proof that android devices don’t get security updates.

https://www.google.com/amp/s/www.androidcentral.com/unbearable-slowness-samsungs-updates?amp

https://www.google.com/amp/s/www.androidpit.com/why-you-dont-have-the-latest-android-update-yet?amp=true

https://www.google.com/amp/s/www.co...055/android/android-security-updates.amp.html

https://www.google.com/amp/s/www.pc...droid-security-requirements-partners.amp.html

https://www.google.com/amp/s/www.th...17233122/android-software-patch-trust-problem

https://www.google.com/amp/s/www.th...one-manufacturers-missed-security-updates-lie

Do I need to go on? Quit the name calling. Calling someone misinformed when you confuse “hear” and “here” is a bit hypocritical.

 

[Tech198]

What a shame... Everyone else has to suffer in the developer community with two-factor just because some developers go rouge.

What a world we live in ..

Ideally, if Apple really wanted they could "inconvenience" all developers by implementing two-factor everywhere.

 

[jamesrick80]

Bingo. The only one who gets it. You've paid for the device but Apple take away your freedom to do whatever you wish with it. Imagine buying a Mac but Apple doesn't allow you to run emulators, Kodi, torrent clients, etc. Perhaps that's why they want to replace Macs with iPads to limit what you can do without going through their app store and services. Piracy is just a guise to take away your freedom and force upon a fascist authoritarian rule ecosystem.

Hence why “mi7chy” is my all time favorite macrumors poster.......speaks the truth..... enough said

 

[willmtaylor]

Bingo. The only one who gets it. You've paid for the device but Apple take away your freedom to do whatever you wish with it. Imagine buying a Mac but Apple doesn't allow you to run emulators, Kodi, torrent clients, etc. Perhaps that's why they want to replace Macs with iPads to limit what you can do without going through their app store and services. Piracy is just a guise to take away your freedom and force upon a fascist authoritarian rule ecosystem.

I went to a private college with a lot of rules. Some of them made sense to me while others seemed a little ridiculous, but they were the rules of the school that I chose to attend.

I regularly heard folks bitching about this or that, but I always laughed and wondered why they even bothered attending because every single student knew about said rules and agreed to them before enrolling. That didn’t make the executive board fascist; it made the students seem entitled & petulant.

 

[Marshall73]

Bingo. The only one who gets it. You've paid for the device but Apple take away your freedom to do whatever you wish with it. Imagine buying a Mac but Apple doesn't allow you to run emulators, Kodi, torrent clients, etc. Perhaps that's why they want to replace Macs with iPads to limit what you can do without going through their app store and services. Piracy is just a guise to take away your freedom and force upon a fascist authoritarian rule ecosystem.

You can install Xcode and load apps straight onto your devices without having a certificate. I did this to put mame on my Apple TV. Apple just don’t want to make it easy for casual pirates.

 

[I7guy]

Hence why “mi7chy” is my all time favorite macrumors poster.......speaks the truth..... enough said

Depending on your biases, "truth" is subjective.

 

[Emanuel Rodriguez]

You don't need to enrol a phone; theoretically anyone can install an enterprise-signed app on any phone. I've tested this myself: I can install our in-house apps on my personal phone and nothing stops it.

Edit: It seems from the replies that there is some confusion around terminology. All of our corporate-owned phones are "enrolled" somehow (I'm not sure of the specifics around this, but I believe that the serial numbers are entered somewhere). I'd assumed that you were talking about the same thing; my point was just that the phone doesn't need to be pre-approved to run an enterprise app.

Yes. The serial numbers are entered on business.apple.com with a properly set up business account.

 

[jtara]

There are already numeric limits; but they have to be fairly high (10,000 per App, IIRC) in order to accommodate large companies with in-house Apps.

No.

The 10,000 limit is the current limit for public TestFlight betas. Not Enterprise.

Too many big companies with way more than 10,000 employees that carry devices with internal apps.

 

[MacsRuleOthersDrool]

No.

The 10,000 limit is the current limit for public TestFlight betas. Not Enterprise.

Too many big companies with way more than 10,000 employees that carry devices with internal apps.

Ok, thanks, I wondered about that.

 

[CarlJ]

I just ran across a reference (someone complaining on a Pokemon Go subreddit) to "Tweakbox", which advertises itself as having hacked versions of paid apps. And clearly is misusing the enterprise developer program to distribute their stuff. How is this a thing? And I went looking for an App Store feedback page to tell Apple about this - can't seem to find a way, no category even remotely close to App Store.

 

[pastimage]

I just ran across a reference (someone complaining on a Pokemon Go subreddit) to "Tweakbox", which advertises itself as having hacked versions of paid apps. And clearly is misusing the enterprise developer program to distribute their stuff. How is this a thing? And I went looking for an App Store feedback page to tell Apple about this - can't seem to find a way, no category even remotely close to App Store.

Why is this an issue? People have been doing these sorts of things since developers started charging too much for stuff. We are not here to be the police of this and no one made us sherrif of apple world. IMO leave it alone and it will sort itself out. And dont bother with the theory of if people didnt do this the cost would be down because that is a fallacy, big time.

 

[AutomaticApple]

All of these pirated apps are down because of one person. I don’t really use them though and I’ll happily pay the full price for the actual apps.