Oh they could, I mean Apple could just keep killing their accounts they create but is FB ballsy enough to keep opening them? It would be FB calling Apple's bluff. Users would riot though. Apple has to decide between supporting privacy or supporting their users' choice. Apple has made the decision to take away users' choice in the past in the name of safety/protection, I could see them doing it again.
I can bet this is the LAST thing they want to see in the headlines. It forces them to address it, maybe they have a plan ready to go for this eventuality, a whole PR push and I kind of hope they do. If they don't they either look weak on privacy or have to roll out some half-baked plan/proposal/nebulous idea on how to protect users privacy better in iOS 13 or something like that.
Right now Apple is doing a whole hell of a lot of taking out of both sides of it's mouth and I understand it's a hard line to walk, I'm not saying I could do it better. FB's practices in general are probably an affront to Apple in general but skirting Apple's limitations to piss all over privacy and essentially turn an iPhone into an Android-level of data collection, I can imagine Apple is PISSED. I just really hope they had something planned for this day.
> Oh they could, I mean Apple could just keep killing their accounts they create but is FB ballsy enough to keep opening them?
Enterprise developer accounts (the ones that can issue apps signed such that they can be sideloaded on any device) aren't something just anyone can go online and sign up for-- they require manual approval with proof of a business's identity before they're created.
So, unless Facebook starts opening well-disguised shell companies or something along those lines to circumvent any restrictions Apple might put on them, this will be over as soon as Apple revokes Facebook's enterprise distribution account. (Or, more likely, threatens Facebook into dropping the VPN app, because FB probably doesn't want to lose the ability to distribute legitimate internal-use apps to their employees.)
> Enterprise developer accounts (the ones that can issue apps signed such that they can be sideloaded on any device) aren't something just anyone can go online and sign up for-- they require manual approval with proof of a business's identity before they're created.
It's my understanding that faking these business identities is the entire business model of iOS sideloaded services (see the subreddit for examples [0]) so I don't think it's that difficult to do. That said, I'd be shocked if Apple let them go that far as to keep spinning out fake businesses but then again if FB thinks it can get away with it what's stopping them?
That would be getting into serious fraud, arguably criminal under CFAA. Normally Apple isn't interested in prosecuting these people as its just sideloading, which is some minor copyright violations and a security risk in their view, but if Facebook did it after having been banned themselves, having a written statement from Apple that these apps were violating, and then they go and pay a third party or deliberately make a shell company to defraud Apple? That could provoke a total business embargo between the companies which would suffocate FB.
> Apple says. "Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”
> Oh they could, I mean Apple could just keep killing their accounts they create but is FB ballsy enough to keep opening them? It would be FB calling Apple's bluff. Users would riot though. Apple has to decide between supporting privacy or supporting their users' choice. Apple has made the decision to take away users' choice in the past in the name of safety/protection, I could see them doing it again.
Apple could block all updates to Facebook's apps until Facebook complies with their policies. That would get Facebook's attention in a way that wouldn't alienate Apple's users.
Facebook needs mobile, which means they need Apple more than Apple needs them.
Now that's a really good point also I know Apple has straight up pulled apps (Tumblr) in the past. The don't uninstall them from the user's devices (though they could) but Apple does have a number of tools in it's toolbox.
1. Ban all accounts that were publishing this "VPN" (I assume FB didn't use it's main account for any of this, if they did leave that account alone and ban the others)
2. Block updates to FB for some period of time if they try to open new accounts and get caught
> Facebook needs mobile, which means they need Apple more than Apple needs them.
Is that actually true? Last time I checked iPhone only had a 20% market share. People buy phones, including iPhones, to do stuff with them. What Facebook provides is the stuff a huge part of the users want to do with their phone.
Imagine iPhone users can no longer WhatsApp/FB-messanger with their Android using friends. How many people will think twice before buying an iPhone again? Facebook screws with privacy the users don't care about (yes, the average user doesn't give a shit, especially if he gets paid), while Apple would screw with the users apps, which they care about a lot! Apple is in the disadvantage here. Especially since their whole business model is a better user experience for overpriced hardware.
>> Facebook needs mobile, which means they need Apple more than Apple needs them.
> Is that actually true? Last time I checked iPhone only had a 20% market share.
But it's a relatively premium market segment that Facebook can't afford to lose. If they cede it, they're taking a serious risk that a serious competitor could emerge on the platform that turns them into the next MySpace. That 20% could pull the rest of the market its way, since whatever they migrate to would likely be available on all platforms.
This isn't a far-fetched idea. It's basically what Facebook did with it's initial rollout exclusively to the Ivy League schools.
> Imagine iPhone users can no longer WhatsApp/FB-messanger with their Android using friends. How many people will think twice before buying an iPhone again?
That might have been true five years ago, but Facebook's products are much less compelling now, for a whole host of reasons. Cross-platform replacements would quickly emerge to fill the niches Facebook was driven out of. Many people would get mad about not having Facebook on their phone, but most of them would get over it. But others are already primed to abandon Facebook, they're just waiting for a push.
> Apple is in the disadvantage here.
No, Facebook is, since their dominance of social netoworking is so tenuous that they need to convince people to use spy-VPNs to stay on top of emerging competitors.
To the average user, this would look Apple was exerting control over devices that are rightfully owned by the user, in the same way it looked to people in the free software community during the advent of the app store and the locked down iPhone that needs to be jailbroken in order to do what you want with it. They would still want facebook, an app they'd been using for lots of minutes a day, and they'd be denied it.
It might actually get ordinary users interested in making it so Apple doesn't have total control of what can be installed on the phones they purchased. They won't see all the philosophy behind it that people in the free software community do, but it would point them in the right direction.
I mean it depends on what you mean by "possible". I'm pretty sure Apple has the technical capability to delete apps over the air. The more interesting question is what they're willing to do: are they willing to pull FB from every iPhone? I don't think so.
If nothing else they could issue an iOS update that permanently bans the trusted root certificate, erases all apps, and directly blacklists the Facebook certs. Heck, they could even block connections to facebook servers at the MAC layer if they wanted to. And they could require users to install it to get future updates. Of course, that would never happen.
Could Apple, in a software update, put Facebooks apps in a sandbox, or wrapper, or VM type thing? Not sure of the technical term, whereby the device would only return encrypted or dummy device data? So that regardless of what permissions FB app has been given, each time it goes to get that data the VM interrupts and asks the user.
Say, FB wants to get your location, even though FB has location permissions a pop up says "Facebook is attempting to find your location. Do you consent to sending your location to Facbook?" "Facebook is attempting to read the Names, Telephone Numbers and Addresses of everybody in your contact list. Do you consent to this?" every time facebook app makes the request?
I'd be a bad user experience, but Apple could say it cares about privacy and blame facebook.
Not really. It’s a hard pill to swallow for Apple that most iPhone users are active Instagram/Facebook/WhatsApp/Messenger users. If they took those apps down people would be super pissed. I know I’d be extremely annoyed.
It would be an interesting twist of irony if they did take them down and there was a massive backlash against Apple. I have a sneaking suspicion that the media and Twitterati are more up in arms about all this than the users themselves.
Reasonable action here would be to threaten to pull the affected apps off the store if Facebook doesn't react within a few weeks. I am very confident that Facebook would not take the amount of bad press this would create. Apple has a lot of leverage here, they don't need to just ban facebook apps outright.
I disagree. It’s a pretty equal symbiotic relationship IMO. I keep reading people saying “NO other developer would ever get away with this!” Yes they would- if they had 2.2 billion active users on their platform. This may shock a lot in the tech community, but for some companies the rules don’t apply. Ask Procter and Gamble why Wal-Mart gets better prices than a local grocery. I truly believe Apple needs Facebook at least as much as Facebook needs Apple.
I think you might be underestimating to what degree this behaviour actually violates the sort of standards that Apple sets out for its products. Gaining control over all information on your device, including the content of private messages of teenage users shouldn't fly. Preventing this sort of stuff is one of the reasons people pay a premium for apple products, and Cook has stressed this over the last few years.
On top of this you can add the fact that they basically shipped renamed onavo code, which was already banned from the app store, so this is de facto a violation of Apple's rules.
It's in the long term interest of Apple to not be soft on this stuff, it's not symbiotic.
If you pay Apple $99 a year you can install whatever you want on your own phone only. There are no restrictions on directly installing IPAs with Cydia Impactor or Xcode. You can actually do it for free, but only a few apps at a time and must renew every 7 days.
I could argue that Apple is just as responsible for this as Facebook. How can they claim to take privacy seriously if it’s clearly possible for bad actors to get around the rules multiple times! How is Apple any less implicated in this than Facebook was in the CA scandal when a bad actor violated its policies and posed as an academic research project to gain access to user data it then sold to third parties? If you are going to hold Facebook accountable for CA, why does Apple get a pass when it enables third parties access to my data?
> I could argue that Apple is just as responsible for this as Facebook.
And you'd be wrong.
> How can they claim to take privacy seriously if it’s clearly possible for bad actors to get around the rules multiple times!
That's BS. You might as well say: "how can they claim to take security seriously, if it's clearly possible for bad actors to find exploitable bugs in their products multiple times!"
Apple has a tough job, and it won't do it perfectly because no one can. It's bizarre to claim that it's excellent but not perfect performance somehow makes it guilty of the things it's trying to stop.
Probably not to have Facebook piss all over their privacy.
I suspect there's been enough revelations about FB practices that many users would support Apple if they blocked the main apps. For a temporary block anyway.
Much of the audience here is probably much more understanding of the situation and aligned with your (presumed) position, myself included.
Most of the general population probably neither understands nor cares that much if someone is watching what sites they visit or other basic privacy items and if you make them choose between privacy (especially privacy of others) and being able to post a picture of their lunch, many will choose the latter.
I have had a LOT of conversations with non technical people about this recently.
“My phone is listening to my conversations” is how it goes - people know this tracking is happening, they hate it and find it intensely creepy, they just don’t know the mechanism being used.
They might get into antitrust litigation if they revoked the Developer Certificate (public apps and public betas), which was not breached, rather than just the Enterprise (used here, and for legitimate employee apps). Apparently they have done the latter causing massive chaos; the former would be an absolute nuclear option.
No iPhone user could use any Facebook apps, anywhere in the world, which would make this story front page on every newspaper. Business could no longer manage their ads spots or use iOS devices for social media. They will likely be shocked at the unwarranted disruption, rightly blame Facebook for it, and cut their spend on ads. Both PR departments would be working full steam on a war of worlds, disrupting all other work. Numerous suits would be filed. Meanwhile, Facebook stock would crash, leading to numerous investor lawsuits, especially since Facebook clearly risked this by blatantly violating contracts. Institutional investors will cut losses and pull out, further driving the price down.
I'd love to see it happen. But Apple doesn't want to, and honestly can't be expected to, pull the nuclear option just as a punishment for this. They would incur massive PR and legal expenses in response.
Smarter, less disruptive move: block research and put all Facebook apps in some kind of security sandbox with the sole intent to slow down the experience.
At least at this point, antitrust regulation hasn't prevented Apple from removing apps from its store that violate its policies. I don't see how it would be any different if they created a penalty short of removal that's only applied to bad actors with a history of needing it. This is needed for more than just Facebook's stuff, it could also apply to trojan privacy invaders like the Weather Channel app.
They could slow walk updates as they do unusually thorough privacy audits, and perhaps even apply extra access restrictions (e.g. skewing location, forbid use of certain permissions, etc).
No, they can't, because there's still competition in the marketplace in the form of Android. Apple isn't a monopoly, if you don't like the App Store there's 20 other phones at your carrier you can buy instead.
