Apple won't let EFF release a DRM-free app


#1

[Permalink]


#2

This is nothing new. There’s an alternate path for the EFF, but it wouldn’t result in them being able to trumpet their stance on Apple’s DRM.

They could build this as an installable web app.


#3

I realize it’s neither here nor there (nor a new issue), but my latest Apple app peeve: pricing.

I hate $x.99 or $x.95-style pricing, and always round to the nearest sane, straightforward amount. Were I ever to develop an app, I’d want to price it as such.

Turns out: you can’t. Apple mandates $x.99 pricing for all apps in its US store.

Oddly, this is not the case in all markets. In Mexico or Japan, you’re allowed to use nice round numbers.


#4

There’s a good chance it’d be banned anyhow. Their approval process is arbitrary and fickle, but if the app criticized anything Apple had an interest in (likely, just look at this), then, like Sweatshop, a denial or removal would be a certainty. I’m sure they already know that.


#5

Why don’t they just release it on Cydia for us jailbroken people?


#6

This is how religions get started. Rather than accepting the world as a complex place with shades of grey, all situations must be resolved with the application of holy writ. The Prophet Stallman hath spoken: “Thou shalt not distribute a DRM’d binary, for it is an offence in mine eyes.”


#7

Not quite the same - Stallman says that everybody gets to decide, Apple says that Apple gets to decide. Rather than one church versus another church, this is more analogous to the people versus a church.


#8

Not really. Stallman is all about the crusade; the whole point of the GPL is to create, essentially, lock-in. It leverages copyright law to tell you what you’re allowed to do with software. Many open source licenses are considerably more permissive.

Anyway, the point was: would anything bad actually happen if the EFF released a DRM’d binary? No. The worst Apple could do is pull the kill-switch they have ready for if malicious apps get past review, and frankly that’d be a PR coup for the EFF.


#9

I’m pretty sure allowing to run unsigned apps would lead to a lot more security issues than they would resolve. Apple’s system doesn’t require the users to trust the individual developers which seems to be what EFF wants. People not worrying about compromising their security or their phone by installing apps are the reason there is a giant app market now.


#10

The thing is, Apple make a lot of obnoxious editorial choices with the App Store which I could get exercised about; but that didn’t happen in this case (possibly to the disappointment of EFF’s publicity folks). If Apple didn’t censor App Store content, there wouldn’t be much to object to about the code-signing requirement in itself (oh sorry, “DRM”).

This feels like clickbait trolling-- we want the publicity boost from putting “EFF” and “Apple” together in a headline, and if Apple won’t scandalously reject our app then dammit, we’ll do it ourselves.


#11

You’re the one equating the ability to not use DRM with the philosophy of Stallman. Any license is going to define terms of use, otherwise it’s not a license. And the GPLs focus seems more on maintaining an ecosystem and preventing the cooptation of the code, which makes some sense. If give something for free, but then somebody else sells it - it can become their product and not yours. There are ways to prevent this, and GPL is one of them.

Sure, some licenses are less restrictive than GPL, but claiming lock in and comparing them to Apple is far off. Lock-in tends to involve vendor-specific protocols, obfuscation, and getting people to trade their long-term choices for momentary convenience. Firstly, the FSF is not even really a vendor. They don’t control what you offer as GPL, or the platforms it runs on. Meanwhile Apple has been working from the video game console playbook, which is about as restrictive as it gets. They need to approve you as a paid developer, they dictate what IDE you use, your distribution channel, the release platform, and they have veto power to prevent any product at their discretion. And those are only some of the bigger points. That’s about as “permissive” as being a PlayStation developer.


#12

Exactly. The DRM is primarily there for security, so that only apps that have been reviewed/signed by Apple can be installed, and apps can be retroactively disabled if they turn out to have hidden skeeviness.

If they let end users turn this off, so they could run unsigned apps, then zillions of people would do it just so they could run cracked copies of games, some big fraction of which would of course have malware inserted into them.

The always-on signing requirement is a big reason why iOS is still more secure than Android.

As for the EFF’s huffy press release, I generally respect them, but honestly there’s nothing new here that hasn’t been widely known and discussed since the App Store first opened in 2008. This just seems like an opportunity for them to poke Apple one more time and get some publicity for it.


#13

how about charging developers $100 per year to develop apps for their platform?
or arbitrarily rejecting apps?
or blocking 3rd party payments or donations?
…or…or…or…

I love apple products, and use the iPhone and iPad myself, but having developed apps for both the google store and apple store, i was surprised at how easy and friendly publishing android apps was and what a nightmare publishing apple apps is.


#14

Signing need not be intrinsically linked to DRM.

Apple could easily sign apps to merely verify they’ve been approved, while leaving rights management out of the equation. It just chooses not to.


#15

These are all tradeoffs in the name of walled-garden security.

Some of them suck, absolutely. But because of them, I’ve never had to worry about my phone being compromised by bad software.

I would never accept these restrictions on a general computing device, but my phone is definitely NOT a general computing device.


#16

yeah i get those points, and granted a few of the tradeoffs are for security…but most are not security related.

google store also requires the apps be signed, and publishing apps on their store is super easy, the fact that android can install unsigned apps, is unrelated to comparing both app store submission processes or the security of each device if only signed apps are installed, imho. In other words, the tradeoff isn’t the cause of the difference, it is separate from the difference.

but ios isn’t as secure as it used to be…apple has sold enterprise signing certificates that allow big corporations to sign their own apps so they can be installed on iPhones without any apple app store, some of those same certs have been leaked and can be used to swap out any existing app on your phone with a malicious version just by visiting a page in mobile safari which triggers the app link. This is called the Masque Attack and what wirelurker used. Apple sold the keys to the walled garden, and some of those keys have been copied and used maliciously already, and highly successfully, compromising quite a number of iPhones.

https://www.fireeye.com/blog/threat-research/2014/11/masque-attack-all-your-ios-apps-belong-to-us.html

Modern smartphones run 2 OS and actually are general computing devices grafted on top of older calling hardware run by a separate os. yes they actually have two operating systems’s, the iOS level is an artificially restricted general computing device running on an ARM processor, there is nothing not general computing about that layer, the os that governs the actual phone part of the hardware is not a general computing os nor is the hardware it runs on. ironically, the second low-level proprietary real-time operating system which operates the radio and other hardware actually contains a range of security vulnerabilities permitting malicious base stations to gain high levels of control over the mobile device, and is undetectable from the higher level OS such as iOS, so the fact that that part isn’t a general computing device doesn’t make it more secure, quite the opposite. Your phone can be compromised without compromising iOS even.

so while i get your general points, the reality is a much more complicated situation imho.


#17

I don’t understand why anybody does business with those asshats.


#18

Surely they can. Should they have to?


#19

What does this app do that they can’t do on a web page? or a mailing list?


#20

The Masque Attack is easy to avoid, as long as you only install software from authorized locations such as the app store.

I see nothing here about “just visiting a page in mobile safari.” You’ll also be warned that you’re about to do something bad:

https://www.us-cert.gov/ncas/alerts/TA14-317A

And the enterprise certs are revocable. That’s why to install certain versions of the NES emulator you have to manually set the clock on your phone back to a certain date… They are signed with an enterprise cert that was revoked.

I was referring to the way I (and the majority of iPhone owners) use the device. For us it is not a general computing platform in the same way a laptop or desktop computer is. It’s a device with a specific purpose, and because of that I don’t have an issue with it being locked down.