Pirated Movie App Disguised as Vision Test Snuck Onto App Store

[haemolysis]

Funny that people excuse this for potentially being a web app that was modified without any evidence besides “I made a guess based on a screenshot” lol.

If it is a web app, kind of interesting implication that all these years Apple handwaived PWAs as “the alternative to the App Store” but they’re happy to allow such “apps,“ with that vulnerability… right inside the App Store itself, masquerading as something actually controlled and reviewed. But I guess there is not much they could do. Just… interesting.

All that aside, some other user said it best here: Apple’s review is not for safety and security it’s to protect their business model.

 

[JCCL]

If EU had their way, pirated apps for all.

I don’t need a company telling me what appropriate or what’s not. I can figure that out on my own and fully understand I am accountable for my actions

 

[Beautyspin]

There needs to be accountability. They know who clicked "Approve". That person needs to be brought in for their own review and enhanced training.

Apple should publish this type of info — "Johnny B. approved this app on March 7, 2023". Put the name out there for the public to see.

i doubt Apple will even acknowledge that it made a mistake with the app approval. It will keep quiet and this will blow away. They will go back to charging 50 cents per app install for providing such fool proof app approval process to developers.

 

[Beautyspin]

EDIT: taking a closer look at the screenshots it’s obviously a web app, clearly they pulled the old switcharoo after getting approved

I seriously doubt that’s how the app looked like when it got into the hands of the review team

It’s super trivial to have a server side flag that you can toggle at any time that could kick your user interface into a whole separate hierarchy of view controller if said flag is true

I’m willing to bet if you had downloaded this app and disconnected from the internet before launching it it would have kicked you into the vision test UI

I did not see the app in the store, but from reddit, it seems the app reviews clearly say that this was a piracy app. It seems it was there for more than 2 months and got taken down because "Verge" not only wrote about it but also brought it to Apple's notice by asking for a comment. Of course, there was no comment but they did take down the app. If verge had not reported it, it could have stayed there for a year or two.

 

[NagasakiGG]

If EU had their way, pirated apps for all.

Guess what, you can already pirate Apps if you want with low to no effort. Just saying.

 

[Samplasion]

I kind of always imagined that Apple had the ability/policy to decompile the source code of all submitted apps and have it automatically checked for signs of nefarious intent, but I guess either they don’t or it’s very difficult to detect.

I don't think they could, legally speaking, even if they could, technically. Seeing every app's source code would open them up to a whole lot of lawsuits about intellectual property theft and license infringement, especially given their tendency to sherlock certain apps' features.

 

[DeepWebinar]

I think this is intentional! It’s now news that bad content is on the App Store and highlights why you need a moderator!!

24 hours of these apps on the Store is less damaging than permanent non moderation forced by regulation…

Nice chess piece Apple. Well played!

except that this happened with a moderator so it really just shows that they’re incompetent moderators

 

[Gengar]

Damn The Verge for exposing them.

Especially with it being Oscars season 😂

 

[falkon-engine]

They‘re testing the vision of what an EU app store can be outside the control of Apple.
Some store operator can surely do a a better job than Apple - and do a proper review.

Proper review per what principles or guidelines? Some app stores will likely be much less strict than Apple on the type of Apps, content, etc. that they allow.

 

[brofkand]

You know, I'm thankful that Apple's app review process shields us from scam and illegal apps like this.

Oh.

 

[AppliedMicro]

Proper review per what principles or guidelines

Security-focused review or audit, for example.
Review/testing source code maybe?
Spending more than 5-10 minutes of review time per app.
Not letting pass a clone of the most well-known and popular password database apps?

Apple has shown there is headroom for competitors to one-up Apple on security.

 

[AbhijitD]

App Store review process has always been full of ****. We have seen apps like this pirated app and other scam apps getting easily into the App Store while Apple blocks legitimate apps from independent developers for absurd reasons.

I have experienced this first hand 5 years back, an app I made during my masters program was rejected by Apple while the project itself was considered among the best projects in Georgia Tech.

 

[ethanwa79]

If it’s this easy then there are thousand and thousands of corrupt apps on the store.

Oh there are. There’s probably a ton of them getting away with it right now.

 

[vipergts2207]

The thread on the LastPass scam app had more than double this number of posts in the same amount of time. Wonder if some folks are finally realizing that Apple's app review process isn't all its purported to be and can no longer defend it. 🤔

 

[falkon-engine]

Security-focused review or audit, for example.
Review/testing source code maybe?
Spending more than 5-10 minutes of review time per app.
Not letting pass a clone of the most well-known and popular password database apps?

Apple has shown there is headroom for competitors to one-up Apple on security.

Lol are you being sarcastic? You really wholeheartedly believe with all of your being that all alternative app stores will expend the energy to one-up Apple in terms security/strictness? The whole point of setting up a store is to get away from Apple's strictness.

 

[I7guy]

The thread on the LastPass scam app had more than double this number of posts in the same amount of time. Wonder if some folks are finally realizing that Apple's app review process isn't all its purported to be and can no longer defend it. 🤔

I’d say this is a perfect example of “throw the baby out with the bath water”. Apples review process isnt perfect and can still be defended.

 

[maxoakland]

There's something severely wrong with the App Store review process/team. Apps like this get through while real apps by developers just fixing bugs get blocked (still!)

This has been going on for over a decade with no end in sight

 

[dk001]

The thread on the LastPass scam app had more than double this number of posts in the same amount of time. Wonder if some folks are finally realizing that Apple's app review process isn't all its purported to be and can no longer defend it. 🤔

I suspect most don’t give it a thought until they get ass-bit by an app.

 

[dk001]

Lol are you being sarcastic? You really wholeheartedly believe with all of your being that all alternative app stores will expend the energy to one-up Apple in terms security/strictness? The whole point of setting up a store is to get away from Apple's strictness.

While they might, yet to be determined, get away from Apple’s “strictness”, we have seen in the Android world how stores can get a bad reputation and eventually ignored. Open source and having alternatives is a definite benefit for those of us who trod the areas outside of the Play Store and OEM Stores.
I wouldn’t call it better or worse, but different. Choice is nice.

 

[AppliedMicro]

You really wholeheartedly believe with all of your being that all alternative app stores will expend the energy to one-up Apple in terms security/strictness? The whole point of setting up a store is to get away from Apple's strictness.

SetApp has been reported as the first third-party application store to launch on iOS in the EU. Their macOS service has a more limited (in numbers) - but much better curated - selection of higher-quality apps from trustworthy developers (compared to Apple's Mac App Store).

Admittedly, they (SetApp) do it by selective curation rather than accepting every low-quality crap app and trying to weed out all that mess by minute-long reviews (as Apple does).

👉 So yes, I do believe that third-party application stores can be successful with having much stricter quality standards than Apple.

 

[Mousse]

Apple's review process is still clearly superior if all the alternative app stores are in worst shambles (e.g. if they contain a significantly higher percentage of bogus, spam, or malware apps than Apple's stores).

That's opinion.

Post the data on alternative iOS stores showing what you claim.

I don't have any data, but the Cydia app store has a higher ratio of apps I find useful (firewalls? emulators? Oh hail yeah!) to scam apps. Just saying.😉 As someone stated, who needs 1 million apps? I use a dozen apps. I can see a small--operative word, small--boutique appstore with a human reviewer instead of AI having a far superior review rocess. We see how badly AI can screw up.

A coffee shop whose beans are hand picked by Juan Valdez sounds like a shop I'd rather visit than Starbucks.

 

[vipergts2207]

I’d say this is a perfect example of “throw the baby out with the bath water”. Apples review process isnt perfect and can still be defended.

And the reasoning used in that defense gets more contrived and laughable with each and every instance of apps getting through their review process. Rather than throwing the baby out with the bath water, maybe the baby should be taken out of Apple's cold and stagnant bath water and placed in a warm, fresh bath.

 

[I7guy]

And the reasoning used in that defense gets more contrived and laughable with each and every instance of apps getting through their review process.

Sure in your opinion. But it seems like posters tie themselves into a knot of cognitive dissonance trying to criticise apple.

Rather than throwing the baby out with the bath water, maybe the baby should be taken out of Apple's cold and stagnant bath water and placed in a warm, fresh bath.

Sure, that’s another option. Or, we realize no system is perfect and go from there. But the misplaced expectation of perfection is not realistic nor feasible.

 

[vipergts2207]

Sure in your opinion. But it seems like posters tie themselves into a knot of cognitive dissonance trying to criticise apple.

Sure, that’s another option. Or, we realize no system is perfect and go from there. But the misplaced expectation of perfection is not realistic nor feasible.

Nobody said other stores would be perfect. However, your view is centered on the baseless assumption that Apple represents the pinnacle of what can be achieved on this. Additionally, if Apple truly has set the bar on this thus far, then that doesn't actually seem to be all that significant of a standard to beat. A store trying to be a "superstore" like the iOS App Store may have as hard a time as Apple. A store that specializes in one area, say games for instance, could very easily exceed what Apple does due to the much smaller pool of apps.

 

[I7guy]

Nobody said other stores would be perfect.

Correct. But hyperbolic posts said apple should be perfect.

However, your view is centered on the baseless assumption that Apple represents the pinnacle of what can be achieved on this.

So opinion is equivalent to baseless assumption. I like it and will use it in the future. That’s certainly a glass half empty view.

Additionally, if Apple truly has set the bar on this thus far, then that doesn't actually seem to be all that significant of a standard to beat.

Well that’s an opinion er baseless assumption. How do you know what the bar is? Two scams are apps out of millions.

A store trying to be a "superstore" like the iOS App Store may have as hard a time as Apple. A store that specializes in one area, say games for instance, could very easily exceed what Apple does due to the much smaller pool of apps.

I agree and said as much in prior posts.