Thank you, Geoffrey, for bringing this to light. Apple needs to shore up their review process.
Well, Cynical, I would rather have less apps to pick from, than have apps that somehow snuck by the review process and were doing dishonest and nefarious things.Call me cynical, but that might not leave many apps left in the App Store, and that wouldn't be beneficial to Apple's bottom line.
They do Automated testing of apps.Obviously, it's difficult for Apple to do a app-by-app check with people, but why after all these years haven't they found a way to automate testing of apps?
No amount of money will ever fix this problem. Apple can't do much about it. They CANNOT see what data goes inside each app or what comes outside of the app.With 15% of app costs, Apple should be verifying every app. No honor system, they have multi-millions of dollars from the App store and they are doing things cheap and half-buttcrack
Years ago, Apple missed bugs in their software because they didn't even do crude testing for bugs. It wasn't difficult and they were shown how to detect them. They started doing the easiest of that kind of testing.They do Automated testing of apps.
Some things are very difficult to test. The app sends encrypted information back to a server. The app report card says the information sent to the company includes only A and B.
How Is Apple supposed to know that the data in the encrypted packets also includes C and D, just by automated testing?
You think every developer knows every bit of the software? How do you expect a developer to know EVERYTHING that is being tracked? They might not have even touched the code for some of the tracking.But that allows the buck to be passed. Someone who didn't write the code can claim they didn't realize it. It's no different than holding the pharmacist responsible if opioids go missing, or a doctor who give the thumbs up for a kid to play football again. Privacy is a serious issue and we need to take it serious. That means holding someone individually responsible.
Honest developers should support this as it increases risk for them and therefore the salary they can demand.
Years ago, Apple missed bugs in their software because they didn't even do crude testing for bugs. It wasn't difficult and they were shown how to detect them. They started doing the easiest of that kind of testing.
I would bet that their automated testing is the easiest possible testing and doesn't discover anything but the kinds of problems that a blind person could see. Still, they test more than Google, Microsoft, or Adobe do.
It's not possible to automatically generate a label.with apple having architected (?) the system from top to bottom, i'm kinda surprised these labels weren't automatically generated.
Maybe spend some of the trillions and hire more real people to test appsThey do Automated testing of apps.
Some things are very difficult to test. The app sends encrypted information back to a server. The app report card says the information sent to the company includes only A and B.
How Is Apple supposed to know that the data in the encrypted packets also includes C and D, just by automated testing?
you are missing the point. No amount of people is going to tell them what is in encrypted packets.Maybe spend some of the trillions and hire more real people to test apps
with apple having architected (?) the system from top to bottom, i'm kinda surprised these labels weren't automatically generated.
i am not surprised, however, that people weren't honest with the system.
Guess I don’t know too much about this stuff. So if they looked at the app this still would be missed? Thanks for the info.you are missing the point. No amount of people is going to tell them what is in encrypted packets.
Correct and it's why it up to the developer to make sure they follow correct practice. When the dev marks their app as "no data collected" and it does collect, there could be a consequence. My guess is email, drop off the store till fixed or marked correctly, etc.Guess I don’t know too much about this stuff. So if they looked at the app this still would be missed? Thanks for the info.
If random people can see the problem, people who work for Apple should be able to do it to a greater extent than they're doing.you are missing the point. No amount of people is going to tell them what is in encrypted packets.