Descendant XSkyrim is my god now.Outpost 31Registered Userregular
I don’t know a whole lot about how Apple works vis-a-vis personal information and security, but I do know that I like their stance toward the data gluttony of Facebook and Google.
Garry: I know you gentlemen have been through a lot, but when you find the time I'd rather not spend the rest of the winter TIED TO THIS FUCKING COUCH!
Apple, by the by, did more than just ban the app. They revoked Facebook's enterprise code signing certificate. Which means all the apps that Facebooks develops internally no longer work at all. Won't even launch.
Only copies that are signed by their internal enterprise cert (for dogfooding, etc) won't currently launch on iPhones. Ones that have gone through the App Store work just fine.
Apple has shut down Facebook’s ability to distribute internal iOS apps, from early releases of the Facebook app to basic tools like a lunch menu. A person familiar with the situation tells The Verge that early versions of Facebook, Instagram, Messenger, and other pre-release “dogfood” (beta) apps have stopped working, as have other employee apps, like one for transportation. Facebook is treating this as a critical problem internally, we’re told, as the affected apps simply don’t launch on employees’ phones anymore.
The shutdown comes in response to news that Facebook has been using Apple’s program for internal app distribution to track teenage customers with a “research” app.
That app, revealed yesterday by TechCrunch, was distributed outside of the App Store using Apple’s enterprise program, which allows developers to use special certificates to install more powerful apps onto iPhones. Those apps are only supposed to be used by a company’s employees, however, and Facebook had been distributing its tracking app to customers. Facebook later said it would shut down the app./quote]
iTunesIsEvil on
+11
Options
FencingsaxIt is difficult to get a man to understand, when his salary depends upon his not understandingGNU Terry PratchettRegistered Userregular
I don’t know a whole lot about how Apple works vis-a-vis personal information and security, but I do know that I like their stance toward the data gluttony of Facebook and Google.
To be fair, Apple probably doesn't want people on their turf, but in this case specifically are correct.
Apple, by the by, did more than just ban the app. They revoked Facebook's enterprise code signing certificate. Which means all the apps that Facebooks develops internally no longer work at all. Won't even launch.
It's beautiful, really.
Is it alright to make not of the irony of your username being the one to say this? :P
How do you break them up though? The datamining and ads are what pay for everything else?
Break them apart by the companies they were before being bought out. And if you do that, it might force them to work on new funding models.
Why don't you give a concrete example, because there are dozens to hundreds of acquisitions over the years. Or are you just thinking of the "big" acquisitions people can name
How do you fund otherwise given away for free software? Like chrome, that's probably a hundred million a year cost at least. Free quality browsers are a good thing, but they cost $$$ to make
What about tech that got acquired and integrated into already-existing things?
Oh, and all the service code is in one giant repository and none of it will work on another platform or datacenter because everything is custom-built to operate at massive scale. Go
That's not my problem. But you know what is my problem, and the problem of everyone in our society? The fact that Alphabet, Facebook, and these other major tech concerns are so big, so pervasive that they are an outright threat to democracy. We as a society should never had allowed these companies to grow this large in the first place (and as part of this fix, we need to set up laws and regulations to prevent it from happening), but now that we're at this point, breaking up these companies is necessary. Will it be painful? Yes. But it's also something that needs to be done.
As for funding "given away for free" software, perhaps we shouldn't do that anymore. A lot of the problems we've seen with social media and tech stem from the fact that we convinced people they shouldn't pay for things with money - so the corporations figured out how to get us to pay with information that, in the long run, is a lot more valuable. Not to mention the distorting effect on the market it has when a company can give away a product where its competitors are looking to sell.
Alternatively we could fund open-source software that is not owned or controlled by corporations.
edit - I mean I'm down for breaking up the big corporations but not as down for the "make people pay money" part
Someone has to pay for it. The creation of software and the hardware to run it is expensive so if people aren't paying for it with data then the funding has to come from somewhere else.
Indeed, when I said "we could fund" I was trying to say that we should devote societal resources (like, taxation perhaps) to open source software development.
0
Options
Descendant XSkyrim is my god now.Outpost 31Registered Userregular
edited January 2019
I wonder what would happen if Apple just put the kibosh on Facebook entirely until they demonstrated some basic morals. Would users flee Apple to use Facebook, or would Facebook clean up their act? Who would blink first?
Descendant X on
Garry: I know you gentlemen have been through a lot, but when you find the time I'd rather not spend the rest of the winter TIED TO THIS FUCKING COUCH!
I wonder what would happen if Apple just put the kibosh on Facebook entirely until they demonstrated some basic morals. Would users flee Apple to use Facebook, or would Facebook clean up their act? Who would blink first?
I'm betting Facebook would blink first. They need Apple to be able to get their app on every iOS device they want to be on. That's a lot of users to be missing out on all of a sudden. Users would have to bail to an Android phone or fall back to their PC (if they have one) and that's a lot more expensive or a pain in the rear than yelling at Facebook to fix their shit.
Could be wrong, but that's how I see that playing out.
+8
Options
MortiousThe Nightmare BeginsMove to New ZealandRegistered Userregular
For occasional and casual Facebook users, not using Facebook, or doing so via safari is going to be a lot easier than replacing a $$$ smarthpone.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
My understanding is that none of the apps Apple has disabled passed their certification program, as they were internal Facebook apps (one of which was distributed outside the App Store, which broke Apple's TOS for the enterprise certs Facebook was using).
[SIGPIC][/SIGPIC]
+4
Options
physi_marcPositron TrackerIn a nutshellRegistered Userregular
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
If that in-house internal app is being distributed to the public contrary to the agreement between Apple and the developer, Apple has every right to disable it.
Garry: I know you gentlemen have been through a lot, but when you find the time I'd rather not spend the rest of the winter TIED TO THIS FUCKING COUCH!
Chief operating officer Sheryl Sandberg’s defense? The teens “consented.”
“So I want to be clear what this is,” Sandberg told CNBC’s Julia Boorstin on Wednesday. “This is a Facebook Research app. It’s very clear to the people who participated. It’s completely opt-in. There is a rigorous consent flow and people are compensated. It’s a market research program.”
“Now, that said, we know we have work to do to make sure people’s data is protected,” Sandberg added, repeating a thoroughly unconvincing line that has been rolled out so many times amid Facebook’s constant scandals that it has barreled into self-satire territory. “It’s your information. You put it on Facebook, you need to know what is happening. In this case the people who chose to participate in this program did.”
So, here's the thing, Sheryl - we're talking about teens under the age of majority here. In the eyes of the law, they are incapable of giving meaningful consent.
When you're making the same defense as a statutory rapist, it's time to re-evaluate the decisions that got you here.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
Facebook has been cracking down on the fake news that gets shared on its platform. One problem: one of the biggest fake news websites has found a workaround.
In order to avoid Facebook’s fact checking system, the site formerly known as YourNewsWire, one of the most well-known purveyors of fake news online, has simply rebranded. The site now goes by News Punch and posts fake news content similar to what it published under their former name, according to a report by Poynter.
YourNewsWire co-founders Sinclair Treadway and Sean Adl-Tabatabai, who reside in California, founded the site in 2014. The two completely migrated the website from the “yournewswire.com” domain name to “newspunch.com” in November 2018. Treadway told Bloomberg at the time that they move was made due to declining revenue thanks to Facebook’s fact-checking system. Under this program, fact-checking outlets like Snopes are able to mark content posted on Facebook as false, which in turn decreases the site’s reach on Facebook.
According to the investigation, the workaround has been a success. Content that Poynter itself had found to be previously marked false on “yournewswire.com” was ported over to the “newspunch.com” domain. When shared on Facebook, that same fake news content that now lived on “newspunch.com” was not marked as false under the fact-checking program.
Perhaps News Punch traffic has normalized since the migration, but that’s thanks to a clever Facebook workaround which likely won’t exist for much longer.
That is amazingly easy to get around that both won't last for long and I don't get how Facebook didn't anticipate that.
+6
Options
FencingsaxIt is difficult to get a man to understand, when his salary depends upon his not understandingGNU Terry PratchettRegistered Userregular
It would require them to actually care at least a little bit
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
You're looking at it from the wrong perspective. Don't think about it from the company's perspective, think about it from the phone-owners perspective. People want to think of their phone as "theirs," and that someone else can't just arbitrarily change it. Think about if Microsoft could make an update that removed & blocked Steam from your computer or something, and you have a better idea of the problem.
Granted, it doesn't really bother me, it's just one of the things you have to accept with the tech world we live in imo. But it's pretty understandable why that could be seen as a problem.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
I thought the whole point of buying into Apple's walled garden is so that they can curate said garden for you.
I don't see anything wrong with Apple seizing control to perform this function, as long as they reimburse consumers for any purchases that are made unusable.
Apple’s move to block Google’s developer certificate comes just a day after Google disabled its Screenwise Meter app following press coverage. Google’s private app was designed to monitor how people use their iPhones, similar to Facebook’s research app. Google’s app also relied on Apple’s enterprise program, which enables the distribution of internal apps within a company.
In an earlier statement over Facebook’s certificate removal, Apple did warn that “any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked.” Apple is clearly sticking to its rules and applying them equally to Facebook, Google, and likely many other companies that get caught breaking Apple’s rules in the future
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
Situations where a company is using a system specifically designed for employee phones to distribute apps to third parties? This is not the standard app store here, and I don't think anyone else is misusing the internal use app distribution system in this way.
Phone app development is a walled garden, and there's issues surrounding that, but this is a very specific system, meant for company phones, and given greater access in order to enable that. Apple saying that you don't get to distribute apps made using this system to outside people isn't anything new, it's how the smartphone ecosystem has always worked.
You say that Apple could do it in all sorts of other situations as well, I say that they have been controlling which apps can run on Apple phones ever since apps were a thing, and this is just one more example of that.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
Could you maybe give a bit more connective tissue for this? I don't really get how "Company can shut down anything on your phone at any time if they so choose to" is directly equatable to "Free speech absolutism means I will provide a platform to Nazis."
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
Could you maybe give a bit more connective tissue for this? I don't really get how "Company can shut down anything on your phone at any time if they so choose to" is directly equatable to "Free speech absolutism means I will provide a platform to Nazis."
Prince famously went on a rant after public pressure forced him to stop doing business with the Daily Stormer saying that he had the power to shut down a website he didn't Iike and how that was horrible, while dodging the fact that he was working with Nazis and allowing them to harm others by providing them protection, and that revoking that protection would stop Cloudflare from abetting abuse. He argued that the power was intrinsically bad, when people could see that it wasn't - only if it was abused.
On the same token, you're trying to argue that Apple's ability to revoke enterprise certificates is intrinsically bad, much for the same reasons Prince made his argument - that the power could be abused. But again, it's not intrinsically bad, and used responsibly can be used to stem abuses - like we just saw with Google and Facebook using their enterprise certificates to do an end run around Apple’s privacy policies.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
You're looking at it from the wrong perspective. Don't think about it from the company's perspective, think about it from the phone-owners perspective. People want to think of their phone as "theirs," and that someone else can't just arbitrarily change it. Think about if Microsoft could make an update that removed & blocked Steam from your computer or something, and you have a better idea of the problem.
Granted, it doesn't really bother me, it's just one of the things you have to accept with the tech world we live in imo. But it's pretty understandable why that could be seen as a problem.
I get that from a user-perspective, but 1- this isn't the normal variety of "Apple disabled an app on my device", and 2- Apple has always had that ability. It's part of their whole "walled garden" approach, so if you buy into the iOS "ecosystem" (I hate that term) you're doing so partly because of Apple's ability to prune said garden. Yay, gardening analogies. I definitely understand that that means they can reach out and disable whatever they'd like whenever they'd like and that can certainly be abused, but, again, if you don't want that then you're most definitely not looking at an iOS device and that's not exactly what we're talking about here.
My other nit to pick with this is that we're talking about a very specific kind of revocation here. We're not talking Apple reaching out and terminating an app distributed via the App Store (I'd love for them to do that to Facebook; I'd, uh, be a little whiny about not being able to get to my Google-based email, calendar, etc on my phone though :P). We're talking about in-house apps, and pre-release versions of distributed apps, that these companies are only supposed to be distributing internally to employees for the purposes of either 1- testing, or 2- having a custom no-one-else-outside-the-company-can-have-it app (Facebook's lunch menu app, Google's on-campus transportation app).
I'm not really arguing too much here with either you or Primus, per se, 'cause I get the general concept of distrusting Apple/Google/Facebook to always be good actors, but I'm just trying to clarify the why and how of my feelings on this specific ability of Apple's to revoke apps signed with this specific kind of certificate.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
Could you maybe give a bit more connective tissue for this? I don't really get how "Company can shut down anything on your phone at any time if they so choose to" is directly equatable to "Free speech absolutism means I will provide a platform to Nazis."
How about adding context this way:
I have an iphone and bought into Apple’s walled garden because at least at the time, and I’d argue still, they prioritized security in their app ecosystem better than Android. Them doing something like this is precisely why I, and I assume many others, choose them.
You can worry about them being a bad actor, but in reality something like removing a bunch of apps people paid for would hurt their bottom line as they’d lose trust and people would buy other phones/tablets/laptops.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
You're looking at it from the wrong perspective. Don't think about it from the company's perspective, think about it from the phone-owners perspective. People want to think of their phone as "theirs," and that someone else can't just arbitrarily change it. Think about if Microsoft could make an update that removed & blocked Steam from your computer or something, and you have a better idea of the problem.
Granted, it doesn't really bother me, it's just one of the things you have to accept with the tech world we live in imo. But it's pretty understandable why that could be seen as a problem.
Can't they? Windows could be updated to block Steam, probably. Whatever antivirus you are running could be updated to block Steam. Etc. I suppose the difference between a PC and an iPhone here is that on a PC you can basically always go "yes, ignore the invalid certificate and run the program. I know what I'm doing."
While racing light mechs, your Urbanmech comes in second place, but only because it ran out of ammo.
+2
Options
MortiousThe Nightmare BeginsMove to New ZealandRegistered Userregular
Now Apple bricking your phone because it had a 3rd party repair it, is an abuse of their control.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
You're looking at it from the wrong perspective. Don't think about it from the company's perspective, think about it from the phone-owners perspective. People want to think of their phone as "theirs," and that someone else can't just arbitrarily change it. Think about if Microsoft could make an update that removed & blocked Steam from your computer or something, and you have a better idea of the problem.
Granted, it doesn't really bother me, it's just one of the things you have to accept with the tech world we live in imo. But it's pretty understandable why that could be seen as a problem.
Can't they? Windows could be updated to block Steam, probably. Whatever antivirus you are running could be updated to block Steam. Etc. I suppose the difference between a PC and an iPhone here is that on a PC you can basically always go "yes, ignore the invalid certificate and run the program. I know what I'm doing."
I mean, yes they could. You have more and easier workarounds on a PC, but it's the same idea. Part of why it didn't bother me.
This doesn't exactly make Apple look super-great either, actually.
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
That's still really bad?
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
Could you maybe give a bit more connective tissue for this? I don't really get how "Company can shut down anything on your phone at any time if they so choose to" is directly equatable to "Free speech absolutism means I will provide a platform to Nazis."
Prince famously went on a rant after public pressure forced him to stop doing business with the Daily Stormer saying that he had the power to shut down a website he didn't Iike and how that was horrible, while dodging the fact that he was working with Nazis and allowing them to harm others by providing them protection, and that revoking that protection would stop Cloudflare from abetting abuse. He argued that the power was intrinsically bad, when people could see that it wasn't - only if it was abused.
On the same token, you're trying to argue that Apple's ability to revoke enterprise certificates is intrinsically bad, much for the same reasons Prince made his argument - that the power could be abused. But again, it's not intrinsically bad, and used responsibly can be used to stem abuses - like we just saw with Google and Facebook using their enterprise certificates to do an end run around Apple’s privacy policies.
I think its still a bit of the stretch to draw a straight line between the two comparisons, and I hope I don't have to explain why I'm a bit perturbed that you'd directly compare my concerns to providing Nazis with a platform. But let's move on.
MayabirdPecking at the keyboardRegistered Userregular
Despite all the scandals last year, Facebook made a record $6.9 billion quarterly profit for the end of 2018. Completely lacking ethics and everyone knowing it hasn't hurt them at all and Zuckerberg and company know it.
Despite all the scandals last year, Facebook made a record $6.9 billion quarterly profit for the end of 2018. Completely lacking ethics and everyone knowing it hasn't hurt them at all and Zuckerberg and company know it.
The issue is of course that while they do a lot of pointless bad things, they are still places where people go to look at stuff and check in on what's going on.
The problem we face with disciplining these companies is a failed management strategy. This all stems from those in charge not knowing how to manage people, or how to incentivize them. These bad practices aren't bad enough to make them unprofitable, but they do cost the company money and stability. In the long term, good behaviour and respecting employees and customers makes the most money for everyone, but short sighted management practices and greed can't see that.
All the bad actions they take? There were moral paths to the same final result, and if they had taken them, everything would be better now! They'd have their profits, they'd have their data, and everyone would still be happy with them. Hell, even just letting their technical leads set realistic timelines would help, rather than having release schedules come from arbitrary business teams.
It's like setting up a warehouse. I can cram more shit in on day one if I just have my team stack everything everywhere, but then I have a fire, and then someone gets injured, and now the fire marshal is upset, and now I have to have a less efficient warehouse and everyone hates me. Whereas if I'd just done the right thing from the start, everything would be better.
Posts
It's beautiful, really.
Only copies that are signed by their internal enterprise cert (for dogfooding, etc) won't currently launch on iPhones. Ones that have gone through the App Store work just fine.
[ed] Here's an article from The Verge on the topic.
To be fair, Apple probably doesn't want people on their turf, but in this case specifically are correct.
Is it alright to make not of the irony of your username being the one to say this? :P
I'm betting Facebook would blink first. They need Apple to be able to get their app on every iOS device they want to be on. That's a lot of users to be missing out on all of a sudden. Users would have to bail to an Android phone or fall back to their PC (if they have one) and that's a lot more expensive or a pain in the rear than yelling at Facebook to fix their shit.
Could be wrong, but that's how I see that playing out.
It’s not a very important country most of the time
http://steamcommunity.com/id/mortious
It communicates that Apple can render unusable anything on your phone, regardless of whether or not it passed their certification program.
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
My understanding is that none of the apps Apple has disabled passed their certification program, as they were internal Facebook apps (one of which was distributed outside the App Store, which broke Apple's TOS for the enterprise certs Facebook was using).
That's incorrect. They can only disable in-house, internal apps used by organizations. They cannot disable apps downloaded from the App Store. See here.. They've revoked Facebook's iOS Distribution Certificate (in-house, internal use apps).
I know the general public know nothing about this, but the tech reporting I've read has made this distinction clear.
Switch Friend Code: 3102-5341-0358
Nintendo Network ID: PhysiMarc
That's still really bad?
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
If that in-house internal app is being distributed to the public contrary to the agreement between Apple and the developer, Apple has every right to disable it.
So, here's the thing, Sheryl - we're talking about teens under the age of majority here. In the eyes of the law, they are incapable of giving meaningful consent.
When you're making the same defense as a statutory rapist, it's time to re-evaluate the decisions that got you here.
Yeah, that's probably why you shouldn't be a bad actor and attempt to use your enterprise certificate to distribute spyware to end users. FB gets no sympathy. They appear to think rules exist simply for the intellectual challenge of violating them in the most deceitful/unethical ways possible.
Move fast and break things commit all the crimes.
And their user base is still growing.
I am not extending one iota of sympathy towards Facebook. I am saying while it feels great for this to occur in this instance, it means Apple could do it in all sorts of other situations as well.
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
I'm not understanding this very well. I mean, I kind of get it, but my brain's just not understanding why this is actually a problem.
If I commit a crime, the police may come arrest me. If I want to avoid that, I don't break the law. If I want to keep access to my enterprise code-signing certificate then I'd better not violate the terms of my contractual agreement with Apple, as an enterprise developer.
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
This isn't the first time it's happened either.
It’s not a very important country most of the time
http://steamcommunity.com/id/mortious
You're looking at it from the wrong perspective. Don't think about it from the company's perspective, think about it from the phone-owners perspective. People want to think of their phone as "theirs," and that someone else can't just arbitrarily change it. Think about if Microsoft could make an update that removed & blocked Steam from your computer or something, and you have a better idea of the problem.
Granted, it doesn't really bother me, it's just one of the things you have to accept with the tech world we live in imo. But it's pretty understandable why that could be seen as a problem.
3DS Friend Code: 3110-5393-4113
Steam profile
This is the argument that Matthew Prince (head of Cloudflare) used to justify working with Nazis, and it's just as much gooseshit here. Yes, there's a potential for Apple to abuse their ability to revoke enterprise signing certificates, but there has been no sign that they are doing so or have plans to. And by Apple using this power responsibly, they have forced an actual bad actor to have to clean up their act.
I don't see anything wrong with Apple seizing control to perform this function, as long as they reimburse consumers for any purchases that are made unusable.
Situations where a company is using a system specifically designed for employee phones to distribute apps to third parties? This is not the standard app store here, and I don't think anyone else is misusing the internal use app distribution system in this way.
Phone app development is a walled garden, and there's issues surrounding that, but this is a very specific system, meant for company phones, and given greater access in order to enable that. Apple saying that you don't get to distribute apps made using this system to outside people isn't anything new, it's how the smartphone ecosystem has always worked.
You say that Apple could do it in all sorts of other situations as well, I say that they have been controlling which apps can run on Apple phones ever since apps were a thing, and this is just one more example of that.
Could you maybe give a bit more connective tissue for this? I don't really get how "Company can shut down anything on your phone at any time if they so choose to" is directly equatable to "Free speech absolutism means I will provide a platform to Nazis."
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
Prince famously went on a rant after public pressure forced him to stop doing business with the Daily Stormer saying that he had the power to shut down a website he didn't Iike and how that was horrible, while dodging the fact that he was working with Nazis and allowing them to harm others by providing them protection, and that revoking that protection would stop Cloudflare from abetting abuse. He argued that the power was intrinsically bad, when people could see that it wasn't - only if it was abused.
On the same token, you're trying to argue that Apple's ability to revoke enterprise certificates is intrinsically bad, much for the same reasons Prince made his argument - that the power could be abused. But again, it's not intrinsically bad, and used responsibly can be used to stem abuses - like we just saw with Google and Facebook using their enterprise certificates to do an end run around Apple’s privacy policies.
I get that from a user-perspective, but 1- this isn't the normal variety of "Apple disabled an app on my device", and 2- Apple has always had that ability. It's part of their whole "walled garden" approach, so if you buy into the iOS "ecosystem" (I hate that term) you're doing so partly because of Apple's ability to prune said garden. Yay, gardening analogies. I definitely understand that that means they can reach out and disable whatever they'd like whenever they'd like and that can certainly be abused, but, again, if you don't want that then you're most definitely not looking at an iOS device and that's not exactly what we're talking about here.
My other nit to pick with this is that we're talking about a very specific kind of revocation here. We're not talking Apple reaching out and terminating an app distributed via the App Store (I'd love for them to do that to Facebook; I'd, uh, be a little whiny about not being able to get to my Google-based email, calendar, etc on my phone though :P). We're talking about in-house apps, and pre-release versions of distributed apps, that these companies are only supposed to be distributing internally to employees for the purposes of either 1- testing, or 2- having a custom no-one-else-outside-the-company-can-have-it app (Facebook's lunch menu app, Google's on-campus transportation app).
I'm not really arguing too much here with either you or Primus, per se, 'cause I get the general concept of distrusting Apple/Google/Facebook to always be good actors, but I'm just trying to clarify the why and how of my feelings on this specific ability of Apple's to revoke apps signed with this specific kind of certificate.
How about adding context this way:
I have an iphone and bought into Apple’s walled garden because at least at the time, and I’d argue still, they prioritized security in their app ecosystem better than Android. Them doing something like this is precisely why I, and I assume many others, choose them.
You can worry about them being a bad actor, but in reality something like removing a bunch of apps people paid for would hurt their bottom line as they’d lose trust and people would buy other phones/tablets/laptops.
Can't they? Windows could be updated to block Steam, probably. Whatever antivirus you are running could be updated to block Steam. Etc. I suppose the difference between a PC and an iPhone here is that on a PC you can basically always go "yes, ignore the invalid certificate and run the program. I know what I'm doing."
It’s not a very important country most of the time
http://steamcommunity.com/id/mortious
I mean, yes they could. You have more and easier workarounds on a PC, but it's the same idea. Part of why it didn't bother me.
3DS Friend Code: 3110-5393-4113
Steam profile
I think its still a bit of the stretch to draw a straight line between the two comparisons, and I hope I don't have to explain why I'm a bit perturbed that you'd directly compare my concerns to providing Nazis with a platform. But let's move on.
Rock Band DLC | GW:OttW - arrcd | WLD - Thortar
The issue is of course that while they do a lot of pointless bad things, they are still places where people go to look at stuff and check in on what's going on.
The problem we face with disciplining these companies is a failed management strategy. This all stems from those in charge not knowing how to manage people, or how to incentivize them. These bad practices aren't bad enough to make them unprofitable, but they do cost the company money and stability. In the long term, good behaviour and respecting employees and customers makes the most money for everyone, but short sighted management practices and greed can't see that.
All the bad actions they take? There were moral paths to the same final result, and if they had taken them, everything would be better now! They'd have their profits, they'd have their data, and everyone would still be happy with them. Hell, even just letting their technical leads set realistic timelines would help, rather than having release schedules come from arbitrary business teams.
It's like setting up a warehouse. I can cram more shit in on day one if I just have my team stack everything everywhere, but then I have a fire, and then someone gets injured, and now the fire marshal is upset, and now I have to have a less efficient warehouse and everyone hates me. Whereas if I'd just done the right thing from the start, everything would be better.