This comes across as though they never intended to make an app for the app store and all along just wanted to call out apple on their term sheet. It is purely a moral stance. Which is fine, but the article is slanted differently.
They will have intended to make an app, and will have checked out both contracts that need to be signed with Apple, and Android and decided on not to persue developing for Apple.
You have to look at these things before you start developing.
They still say "Although it works on both iOS and Android, the app is only targeting Android as of today. If you need to deploy to iOS as well, please check out the Ionic docs or contact the project maintainer for help." https://github.com/EFForg/actioncenter-mobile
Yeah, I would be more interested to read an examination of why they are OK with publishing on the Google Play store. You would have to be nuts to expect the EFF to think Apple's dev agreement is peachy-keen.
Isn't one big difference that Google doesn't attempt to prohibit you from installing apps from other sources, which EFF also pointed out?
I just took a quick look at the Google Play Developer Distribution Agreement, the Google Play Developer Program Policies, and the Android SDK license -- but it looks like some other differences are:
* Unlike Apple, Google doesn't seem to limit developers' ability to make certain "public statements."
* Unlike Apple, Google doesn't seem to restrict jailbreaking or "enabling others to do so." The "Security Features" language in section 6 seems to come closest but isn't, IMHO, equivalent.
* Unlike Apple, Google doesn't insist on being able to "revoke the digital certificate of any of Your Applications at any time." (Section 7.2 of the Google Play Developer Distribution Agreement does say your app can be removed from the store, but the list of reasons is rather short and includes copyright, porn, malware, viruses...)
That was just a quick look, so I may have missed some things and would welcome correction. I should add that I'm developing http://recent.io/ for both Android and iOS, so to the extent Apple is more restrictive, it's not a deal-killer for my purposes.
Probably unrelated, but it is interesting to know that they received a $1 million donation from google in 2011 for (quoting wikipedia here) "lobby for or to consult for the company".
Of course they didn't. Everything they called out has been in place since the first iPhone. I'm all for customer experience, but iOS devices are absurdly locked down, and crippled in many ways because of poor Apple policy and the cult-like mentality within the company that prevents them from improving it.
> and the cult-like mentality within the company that prevents them from improving it.
The apple devs I've spoken to over the years have confirmed that there is, indeed, an overbearing 'cult like' mentality within the company.
However, I think it is the apple-worship from outside the company which plays a larger role here.
Like all companies, Apple exists to make money. As much as I dislike the developer agreement, it has served the purpose of helping apple to control their devs and users, and has helped apple to make money.
Apple will end these policies when their financial health requires it. Given the readiness of many devs and users to forgive, defend, and rationalize on apple's behalf - and given apple's ongoing financial success - I think its going to be a long time before this changes.
Might not be as long as you think, Android smartphones are making steady in-grounds on market share and the open-ness of the ecosystem makes it much more business and school friendly. The apple stamp of approval process that requires everything to be pg-13 and closely monitors and restricts app's control of the device is crippling it for a variety of applications.
For example, it's kind of sad that the only way to capture high quality screen recordings is to jailbreak your device and install DisplayRecorder, and it's been that way for 5+ years. Hardware supports been there, apple policy has not.
Yes, but I don't see apple's grip weakening for a long time. Surprisingly, most people seem to be perfectly happy being told exactly what they can and cannot do on the hardware they buy. They are also happy to be told by others what features are worth having. Screen recordings? I mean, consider how effectively so many rationalized away the benefits of 3rd party keyboards and larger screens for so long.
Well, there seems to be some dissent in the choir [1]. And a growing sense among many Apple customers that it's all been downhill since Snow Leopard.
For myself, I can say that the benefits of Apple hardware are starting to be outweighed by the downsides of their software. And that while I love the hardware, the OS that is supposed to drive it no longer interests me; and the rapacious attitude that seems to imply that both devs and customers are sheep to be sheared grates on me.
I've been an Apple user from the days when I wanted an Apple ][ soooo badly. But these days, I'm not so sure.
You could totally agree to them. They aren't unreasonable, you're just grandstanding here.
And worse, you're being DISHONEST to pretend like suddenly you were shocked-- SHOCKED!-- that Apple prevents malware in the store, and you just can't abide by such absurdity as protecting their users. The very same users the EFF was created to protect.
Never mind Apple's being on the forefront of securing users information against the government and thieves.
Never mind Apple opening the mobile app market, in fact, really creating it, breaking the stranglehold (and far more onerous terms) of the carriers.
Nevermind all that.
Grandstanding is bad enough, being DISHONEST is unacceptable, and this is why the EFF is going the way of the red cross and every big "non-profit" organization.
EDIT:
I see the guy from the EFF Deleted his comment. Well, not really surprised.
There's a severe lack of integrity on display here.
Today we launched a new app that will make it easier for people to take action on digital rights issues using their phone. The app allows folks to connect to our action center quickly and easily, using a variety of mobile devices.
yeah, maybe they made the android app just so they could bitch about iOS.
That's an expensive form of bitching... When they could just publish the same press release without having to develop an app for other platforms, for free!
Its really getting to the point that no matter how many consumers rights Google violates and no matter how many consumers Apple protects, the adherents to this holy war against Apple will never admit things are not as black and white as they insist on portraying.
No, it's not black and white. But the level of gray at which people draw their line in the sand isn't a universal constant.
Sure hardliners exist, but there is no reason to call everyone hardliners for a difference in opinion.
Edit: You're probably not being down-voted by adherents in some holy war. Just people who genuinely believe that neither Apple's nor Google's can be seen in black and white. It's possible to discuss the downsides of something even if you have decided that, in totality, there is more up than down.
And of course this is hacker news. The hordes of android fans down vote me with no comment, no argument, because it isn't about the facts of reality, it's about ideology and hatred.
So, this is a site where, if you don't kowtow to the prominent ideology you get buried.
That reflects more on you than those of us who are making counter arguments.
For any other non-profits or companies who might need a similar app to notify users, both the app (Cordova + Ionic) and the APNS/GCM push notification server are open source and available here:
If you're an Android user, consider downloading the app. Its really, really simple - it just sends you a push notification if there's an action EFF needs your help with - but we hope to improve it over time.
Honestly, the play store is not any better than the apple app store.
I myself never agreed to the play store's license agreement and use my android phone without it.
If you really care about privacy, consider hosting your apps apk yourself or post it to a store that really respects its users privacy, like f-droid instead of supporting the play store. If your app is opensource like you state, f-droid should host it.
My understanding is that you need to have the Play Store on your device for apps to register and receive push notifications from GCM [1]. Since that's the main functionality of the app at the moment, an APK for sideloading won't be too useful, but perhaps we can add one once we add more functionality?
[1] Would love to be wrong about this if anyone else knows differently.
Unfortunately that looks to be the case. I had hoped they'd rolled their own push server implementation in the linked source (https://github.com/EFForg/pushserver), but it's just a wrapper around the GCM and APNS services.
It's disappointing, because both Android and iOS have support for periodically retrieving data without using the proprietary push services. It's not like the EFF is going to be delivering messages that have a 'real-time' requirement and therefore require a persistent connection (as opposed to say, Gmail/Hangouts).
Does anyone know if the Google Play Store agreement or the Amazon App Store agreement contain similar terms?
I'd love to see Apple open things up a bit. My personal pet peeve is that it's nearly impossible to use LGPL libraries in iOS apps due to some of the terms.
The Play Store agreement has a very similar clause which applies to all apps plus the store itself (haven't checked the Amazon one). The Android SDK agreement also has one, which may or may not be preempted by whatever parts of it are available under open source licenses (depending on your interpretation of "require"), but definitely applies to anything closed source (e.g. the new Java compilers, if I remember correctly). So basically the EFF is full of shit.
> Security Features. You may not attempt to, nor assist, authorise or encourage others to circumvent, disable or defeat any of the security features or components, such as digital rights management software or encryption, that protect, obfuscate or otherwise restrict access to any Content or Google Play.
> 3.3 You may not use the SDK for any purpose not expressly permitted by this License Agreement. Except to the extent required by applicable third party licenses, you may not: (a) copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the SDK or any part of the SDK; ...
I don't know enough about Android technically to tell whether this is true, but the blog post is complaining specifically about restrictions on reverse engineering the SDK.
Another bullet point is about restrictions on jailbreaking; while this is certainly highly onerous and I don't think Google has an equivalent clause, it's worth noting that Google's ban on reverse engineering the Play Store and apps distributed by it (as opposed to the SDK itself) includes activities that, translated to Apple terms, are fairly important to jailbreaking. (In particular, many App Store apps refuse to run on jailbroken devices, and must be reverse engineered to identify how to bypass this check. I don't know what the situation is on Android, but I would be surprised if that clause wasn't rouinely ignored.)
Additionally, I know enough of the Android build process to know that yes, it is true that the Google Play Store does not require DRM. It's also easy to pull any app that doesn't have DRM off a phone and put it on a phone using the debug tool that google themselves release (ADB).
The main SDK is open source. It's built from the same tree as Android from the AOSP, and you can build it yourself right now, which makes reverse engineering it sort of moot. Things like billing APIs or maps or google's push notifications however are in closed binaries, which I believe is what the clause is protecting.
You can call it DRM but what it really is, is security. Apps are signed, preventing the running of unauthorized code, which keeps malware off the platform.
If google really doesn't have this, then it's a shame, but it would explain why there's so much malware on android.
EFF's position across this article is supporting malware, and preventing malware is the clear cause and reasons for all the things the EFF opposes.
Android encourages users to stick to the Play Store, but has an escape hatch for users who don't want to. If Apple had such a policy, it might increase the presence of malware, but only for users who explicitly decided to circumvent the normal distribution process.
Most Android malware is distributed on the Play Store; the reasons it is prevalent include the lack of review process and the Android permission system, both of which are orthogonal to the ability to circumvent the store.
I think Apple's policy is mainly aimed at preventing competing app stores. You see them having a conniption every time someone submits an app that includes an alternate app store. And while I don't particularly like their policy, they have every right to implement it in order to protect their revenue.
You're implying that "preventing malware" is important enough that it overrides all other rights of the user, including some very important freedoms? And that somehow, supporting these freedoms means "supporting malware"? What the actual fuck!? This is as horrible an argument as "only terrorists have something to hide, therefore anyone who wants privacy is supporting terrorism." (Replace "terrorism" with your choice of anything the government is fighting against.)
How about we put everyone in prison, because some percentage of them will become criminals anyway? I don't even...
"Those who give up freedom for security deserve neither."
What about people building their own SDKs from AOSP source? I know quite a few people that does this, which helps them with built-in app developments as you can get all the @hidden methods/properties.
I read them quite some time ago (when I signed them) but I don't remember reading anything similar in the Play Store.
Several of these terms don't even apply to Android (the platform is open so you can publish where you want and you don't have to use reverse engineering on an open source project).
Also, I don't see why the EFF would have published their Android app if they thought the terms were unacceptable.
EFF is making a well reasoned decision here that is consistent with their stated goals as an organization, and with the stances they take on other issues.
Obviously, there are massive differences between Apple's policies and Google's policies, when taken as a whole.
EFF might (speculation) see the Google Play store as a minor compromise of their values, while the apple app store is a MAJOR compromise.
> Also, I don't see why the EFF would have published their Android app if they thought the terms were unacceptable.
It seems that the dominant theory by the enraged applephiles is relates to some imaginary 'holy war' against their beloved, innocent apple.
The Amazon App Store rewraps your app with Amazon metrics and a DRM framework; even if you choose not to use DRM, the additional code is added and the app is re-signed using their keys ( with all the implications that entails ).
The Amazon code is really invasive, I have been working on extricating a free app from it for some time and it is tedious work.
Good job EFF exposing blanket agreement and requirements Apple makes developers sign. We need more of these come into lime light so developers can fight back against big corporations.
I agree! Many small time devs had poured their blood, sweat, and tears into making apps to serve people, only to have apple kill the app with little explanation.
One day apple will eventually change their ways, but not until its clearly in their financial best interest to do so.
Nothing being exposed there, all those terms were well known, and when you cut thru the dishonest spin of the EFF, actually perfectly reasonable and designed to protect consumers.
Could you elaborate on the "dishonest spin" part? I've always been under the impression that the EFF were the ones trying to protect consumers, so you have me curious.
1. Public Statements, reason for this is that many people have tried to publish various forms of malware, and then when apple rejected the app, they cried fowl and pretended like Apple was being unreasonable in its reviews. In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Revers Engineering-- The claim that this covers legal reverse engineering is created from whole cloth by the EFF, the section does not refer to types of reverse engineering, merely protects apples rights regarding such. Thus EFF is straight up lying.
App Store Only: Apple provides the SDK for free, and part of the deal is that it is to be used for deploying apps for iOS on the app store only. (This is not the case with the Mac SDK) Charactersizing Lydia as a "competing app store" is straight up dishonest. IT requires jailbreaking devices, which results in greatly reduced reliability and is bad for consumers, opening them up to malware, yet the EFF is effectively endorsing exposing consumers to malware here.
"No Tinkering" - Obviously, Apple doesn't want people circumventing their protections against malware and getting malware past the review process.
"Apple owns security" -- A profoundly dishonest comment given that Apple has done so much to protect security that a governor is trying to get a law passed that will let the government snoop again. The EFF apparently doesn't care about his, but uses the fact that you can't use a security bug claim to circumnavigate the review process to pretend like Apple leaves people exposed. Another straight up lie.
Kill your App-- yes, if malware gets in there, it can be shut down. Ignoring the reasoning for this puts a hard, dishonest spin, in fact as far as I'm concerned, makes it a lie.
This is also true of google's store. So, given that the EFF is publishing on android, they obviously don't care about this too much... yet they put it in here to bash Apple, making them both hypocrites and liars.
" and we certainly will not wrap our app in DRM."
DRM that signs the app to prevent it from being tampered with, which keeps the users data secure.
So the EFF here is rejecting keeping users data secure.
They care more about grandstanding than integrity and protecting consumers.
So basically, you can be draconian in managing how a user uses their app, in the name of "malware". Sorta like how content filters on "extremist material" and "child pornography".
User wants a legal porn app? Nope, but it's OK cause you didn't get malware. Ditto for any kind of app that Apple doesn't feel fits their brand.
There's nothing wrong with having explicit, manual, escape hatches. In your haste to hold Apple up as the great wall against malware, you forget they've completely taken away choice from the user. Considering it's the Electronic Freedom Foundation, that seems like a legitimate thing to complain about.
It's the Electronic Frontier Foundation, as their banner proudly says, but you're right that the spin here is on security.
The sentiment these days with regards to restricting user freedom seems to be not "think of the children", but "think of the security." I'm guessing it reaches a wider audience: the rhetoric is basically "who doesn't want to be secure?" ...everyone who doesn't want their devices secured against them.
> In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Please cite your sources for the part quoted above. I have seen many reports of unjust rejections. The ones that led me to believe Apple was being overly strict were those where I thought Apple's rules were ridiculous. I would hold the same opinion of the rules (and Apple) regardless of the app. I don't use, and therefore do not care, about any of the rejected apps themselves.
I disagree that jailbreaking (letting users have control of their own devices) is bad or in any way unjustified due to malware.
I disagree with your statement that the no tinkering clause has anything to do with malware. How do you think that actually works? The only way I can imagine is if malware authors, unabashed at the thought of breaking federal laws like the CFAA that can lead to long sentences in federal prison, were somehow cowed into submission by Apple's mighty developer agreement and the torts that violating it might lead to. While that thought is amusing, I hope you have a better reason I haven't considered.
I do like Apple giving people encryption options and I think that governor is silly. However, you are raising a side issue that has nothing to do with the claim made in the article. The ability to 'tinker' and discover how things work is critical both for security research and being able to independently fix issues if Apple cannot or will not. You can find many researchers who had vendors ignore security defects for years (including that site recently posted to HN and their terrible API that leaked digits of people's credit card numbers), so security-minded people have a very deep mistrust of anyone who refuses to allow them to investigate issues.
I don't care why Apple can kill an app on my machine, the fact that they can do so unilaterally is inherently disagreeable. I note that you do not dispute the fact of it, only the reasoning. Contrast that with antivirus where I can, in fact, tell it to allow a virus, such as the EICAR test file, which I need to test that antivirus systems are working.
Your own characterizations are far more hyperbolic than anything the EFF said.
Weren't you going to show that they were being dishonest? All you've shown, to me at least, is your own bias.
1) Public statements: You present your own speculative justification for the policy, but you don't contest the basic facts of the matter, as presented by the EFF.
2) Reverse engineering: IANAL, but it seems to me that EFF is telling the truth. Apple forbids RE, and the language with which they forbid it makes no exceptions for legal RE. If you sign apple's agreement, you've signed away the right you previously had to legally RE.
3) You raise many tangential facts by way of attempting a justification for apple's decision, without addressing the core facts. Who cares what apple provides for free? EFF's statement about the agreement precludes you from publishing on any other app stores is absolutely correct. You seem to think this is a good thing, because, you know, "malware!", but EFF's criticism is factual.
4) No tinkering. Again, I thought you were going to expose someone being dishonest.
5) Apple owns security: So, because you think we all owe a huge debt of gratitude to apple in the security arena, therefore the factual statements made by EFF are lies and spin?
6) Kill your app. In other words, the EFF was absolutely correct in their statement, but because they didn't bend over backwards far enough to defend and justify apple's decision, this makes it a lie in your mind.
-------------------------------
In response to:
Sure thing, I'll illustrate point by point.
1. Public Statements, reason for this is that many people have tried to publish various forms of malware, and then when apple rejected the app, they cried fowl and pretended like Apple was being unreasonable in its reviews. In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Revers Engineering-- The claim that this covers legal reverse engineering is created from whole cloth by the EFF, the section does not refer to types of reverse engineering, merely protects apples rights regarding such. Thus EFF is straight up lying.
App Store Only: Apple provides the SDK for free, and part of the deal is that it is to be used for deploying apps for iOS on the app store only. (This is not the case with the Mac SDK) Charactersizing Lydia as a "competing app store" is straight up dishonest. IT requires jailbreaking devices, which results in greatly reduced reliability and is bad for consumers, opening them up to malware, yet the EFF is effectively endorsing exposing consumers to malware here.
"No Tinkering" - Obviously, Apple doesn't want people circumventing their protections against malware and getting malware past the review process.
"Apple owns security" -- A profoundly dishonest comment given that Apple has done so much to protect security that a governor is trying to get a law passed that will let the government snoop again. The EFF apparently doesn't care about his, but uses the fact that you can't use a security bug claim to circumnavigate the review process to pretend like Apple leaves people exposed. Another straight up lie.
Kill your App-- yes, if malware gets in there, it can be shut down. Ignoring the reasoning for this puts a hard, dishonest spin, in fact as far as I'm concerned, makes it a lie.
This is also true of google's store. So, given that the EFF is publishing on android, they obviously don't care about this too much... yet they put it in here to bash Apple, making them both hypocrites and liars.
" and we certainly will not wrap our app in DRM."
DRM that signs the app to prevent it from being tampered with, which keeps the users data secure.
So the EFF here is rejecting keeping users data secure.
They care more about grandstanding than integrity and protecting consumers.
-------------------------------
I understand and agree with the EFF's position and why they'd want another method of outreach but you're right, this really doesn't require an app. SMS and email are perfectly fine methods to distribute this type of alert.
They can use Cydia I guess. But this may be more an attempt to simply bring attention to how sickening Apple's developer agreement is. Which is a good thing to do anyway.
While I'm glad that Cydia exists, for those individuals who love iOS and i-things but wish to step outside of apple's total control, it seems less professional to me to release an app whose usage specifically requires 100% of the users to violate the agreements they made with the manufacturer.
Not if that agreement is taking away their rights. Violating such agreement (or assuming users violated it) shouldn't be viewed as unprofessional. Not any more unprofessional at least than expecting Applet to violate users' rights when Apple make such agreement.
I don't understand the purpose of the app, the one on play store looks like a one button subscription frontend. How is it better then their website, email, twitter?
Apple needs to remove each of these requirements. None of them serve any justifiable purpose, they only immorally and antisocially serve Apple's avarice.
I don't understand their position on DRM here. It makes no sense. The EFF is complaining that the DRM required by the App Store is onerous and puts restrictions on what users can do with their app, and says "we want them to be broadly available to others to use, adapt, and customize".
But that's nonsense. If the EFF hands me a binary for an app, it hardly matters whether it's DRM'd or not as long as I can still run it. The extreme minority of people are capable of doing anything remotely interesting with a binary without access to source code. If the EFF wants people to be able to adapt and customize their app, all they have to do is release it under a permissive open-source license.
In fact, if this really was a purely moral stance, they could have developed the application and released the source without ever publishing it to the App Store, thus allowing users to compile and use the application themselves. But they didn't do that. Instead, this seems to just be a flimsy excuse for the EFF to make a bunch of noise about Apple in order to drum up some PR.
And quoting from the README: "Although it works on both iOS and Android, the app is only targeting Android as of today. If you need to deploy to iOS as well, please check out the Ionic docs or contact the project maintainer for help."
If that actually works on iOS then why didn't they talk about it in the article? It would have been much better PR for them to say that they have a functioning app and the source is available.
My expectation from that README is that Ionic (which I've never heard of before) supports iOS but that the app itself has not actually been configured for or tested with iOS.
We did most of the development and testing, but didn't get it 100% production ready after we decided we wouldn't release the app.
Since the main functionality of the app is the push notification service, having users compile their own apps wouldn't really be very helpful. Users need to subscribe to our push notification channel via APNS, and they can't do that if they're compiling themselves.
We could have ignored that and built our own, less-than-realtime push service, but even still, having users compile their own apps means that our users have to pay the $99 and sign the developer agreements instead of us, and I don't think that's a very reasonable request.
I think the best solution is for us to release on the Cydia marketplace, and I think it's pretty likely we'll do that.
Cydia requires jail breaking and that's a decidedly user-hostile thing to suggest, especially when it comes from a respected name like the EFF. Jailbreaking disables crucial security measures on iOS, and many things people like to install after jailbreaking destabilize the OS (granted, you can jailbreak without installing those hacks). It's not a coincidence that every time there has been news of malware affecting iOS, it only affected jail broken devices.
All in all, I would vastly prefer that the EFF not encourage users to jailbreak.
What are you getting worked up over? A digital rights organization expressing their digital rights? Sometimes freedom comes with greater responsibility and a slight inconvenience. I'd rather have that responsibility and inconvenience than just not care.
The right to jailbreak, and the recommendation to jailbreak, are two completely different things.
I absolutely support the right to jailbreak your device. But I would never agree to actually jailbreak my own device, and I strongly encourage others to avoid it as well.
The issue here isn't that the EFF is expressing their rights. It's the fact that if the EFF releases an iOS app exclusively on Cydia then they're endorsing jailbreaking and encouraging people who don't know any better that they should do this. I would imagine there would be some pretty negative things said about the EFF if they released a Windows application that required users to disable all anti-virus software. That's basically what endorsing jailbreaking is, for iOS.
People are still complaining about section 8 - the remote kill switch? I remember only one instance of an app remotely killed, and that was malware.
Even apps that enabled tethering, emulating, or are otherwise against the rules but make it through review have been simply pulled for sale, never terminated using this capability. I think Apple has proved they're using this responsibly after 6 years.
I'm rather shocked to see the EFF linking to the horribly wrong old Telegraph article about Steve Jobs purportedly confirming that there was a kill-switch that would remove apps from iPhones. At least as of the time that was written, that was not true. The referenced "line of secret code" (hyperlink is broken), IIRC, was actually referring to a CoreLocation blacklist, not an application blacklist, with the intended usage being to be able to disable GPS functionality in certain regions if local governments demanded it, and that blacklist never actually ended up being used and was removed entirely in a future OS update.
So wait, does Apple have or do they not have not the same kind of kill switch functionality (read: either remote uninstall, or cert revocation -> app no longer runs) that Google definitely has and has demonstrated on a few malware apps?
Apple has never demonstrated such a capability, and has never confirmed it either. Pretty much everyone claiming they have it (including the linked Business Insider article) sources back to the same thing in 2008 which was the CoreLocation blacklist I referenced. To the best of my knowledge, in 2008, Apple had no way to remotely delete an app from a device. And I'm not aware of them ever gaining that ability.
What Apple can do is remove an app from the store, preventing anyone from installing it. But as far as I'm aware no certificate revocation is checked after the app has been successfully installed.
So some further Googling. Steve Jobs himself, quoted in WSJ:
(Google SB121842341491928977 to avoid the wall)
Apple raised hackles in computer-privacy and security circles when an independent engineer (NB: the wrong one you were talking about) discovered code inside the iPhone that suggested iPhones routinely check an Apple Web site that could, in theory trigger the removal of the undesirable software from the devices.
Mr. Jobs confirmed such a capability exists, but argued that Apple needs it in case it inadvertently allows a malicious program -- one that stole users' personal data, for example -- to be distributed to iPhones through the App Store. "Hopefully we never have to pull that lever, but we would be irresponsible not to have a lever like that to pull," he says.
You don't get too much more clear than a quote from the then-CEO.
I've seen his response a million times but I've never seen anyone quote the actual question he was responding to. And I have it on extremely good authority (sorry, anecdotal, but the best I can do) that the blacklist under discussion was the CoreLocation blacklist I described.
My best guess is Steve was asked about the blacklist, didn't have any direct knowledge of what he was being asked about, so simply assumed that it was in fact an app blacklist as everyone else did, and came up with what was probably the best response he could under the circumstances.
Because it works. I have never wanted to do anything on my iPhone that I can't and as a developer I've only had one rejection that annoyed me and in hindsight I understand the rejection. I've also used Android devices a lot (I own two, and develop for the platform) and I hate it. Really hate it. Waiting for OS updates, lots of crashing, things in different places depending on the OEM. Not to mention how slow some devices are. The S3 Mini is horrible to use, I don't see how anyone could feel comfortable putting it to market.
In short, the crap either doesn't effect most people, or creates a better experience. The only people who seem to really complain about it don't use the platform anyway.
making apps that send notifications over proprietary push-notification channels instead of supporting open, accessible, cross-plaform communication channels like email?
They made their own push notification server with an Affero GPL license (which means even server operators have to release source that they change), and as such I would not consider proprietary. Email is not a push channel in either IMAP or POP3.
The parent of my post was arguing against a "proprietary push implementation" in favor of email, but my argument is that the receiving of email is not via push.
No, the EFF Should not be writing articles full of lies attacking the company that has consistently defended consumer rights and supporting the company that has consistently violated them.
Don't you see? Since we are all so very scared of malware, apple is our very best friend. This is the beginning and the end of the conversation on 'consumer rights'. If you disagree, then you support malware. Shame on you.
The fanatical bias at play here is really astounding, and is especially interesting and sad when its coupled with ongoing accusations of similar directed towards everyone else.
But I think we both know he isn't being paid. So what is the motive?
This is a testament to the amazing cultural/social (not technical) feat that this company has accomplished this past decade.
Yes, you're right. Where can I go to donate to EFF and further this important cause?
Oh, wait. I make my money as a software developer, selling my work directly to people who appreciate it. The EFF wouldn't accept such dirty money, would they?
> Ban on Reverse Engineering: Section 2.6 prohibits any reverse engineering (including the kinds of reverse engineering for interoperability that courts have recognized as a fair use under copyright law), as well as anything that would "enable others" to reverse engineer, the software development kit (SDK) or iPhone OS.
Wow. EFF should sue Apple over that alone. Private companies aren't supposed to "contract-out" your rights. This will be an easy win for EFF.
The case would be thrown out because the provision says nothing of the kind, and in fact, this statement here by the EFF is defamation and when Apple countersued they'd win.
Apple doesn't respond to critics like this, so the EFF knows it can get away with these kinds of lies.
It's just unfortunate that you and others believe them, and those who point them out are silenced here on HN.
You may not and You agree not to, or to enable others to, copy (except as expressly permitted under this Agreement), decompile, reverse engineer, disassemble, attempt to derive the source code of, modify, decrypt, or create derivative works of the Apple Software or any services provided by the Apple Software or otherwise provided hereunder, or any part thereof (except as and only to the extent any foregoing restriction is prohibited by applicable law or to the extent as may be permitted by licensing terms governing use of open-sourced components or sample code included with the Apple Software).
EFF is definitely oversimplifying and spinning a little, but that's certainly a restriction on reverse engineering "of the kind" that they describe in their post. Spin or not, it's hardly a baldfaced "lie."
(That said, you're right to respond that EFF couldn't sue over that provision - people contract away their rights to do things they otherwise could all the time.)
I do not think the EFF can (or would) sue them over the developer agreement in the manner described by the grandparent post. I found that statement hyperbolic, though I do wish that people would stop writing overly burdensome contracts full of CYA provisions.
That aside, your statements about defamation are just as bogus. Opinions regarding specific, disclosed facts are protected. There's something called the Milkovich standard, which you can read more about here:
Given that the Apple developer agreement is public and the article I read makes that agreement the sole basis of its opinion without implying that they know more than they've told us, your statements about it being "defamation" are not accurate. They cited specific provisions in the agreement which they disagree with as the basis of their opinion and the article was explicit about this.
You're entitled to that as an opinion, of course. It's an incorrect opinion that mischaracterizes the defamation laws the EFF is subject to here, but you're entitled to hold if you wish.
This is why nobody should trust any legal discussion they found online (including mine) and instead hire a lawyer who can give them competent legal advice (and who has legal malpractice insurance in the event their advice is less than competent) when dealing with anything more than academic pursuits.
>> Ban on Reverse Engineering: Section 2.6 prohibits any reverse engineering (including the kinds of reverse engineering for interoperability that courts have recognized as a fair use under copyright law), as well as anything that would "enable others" to reverse engineer, the software development kit (SDK) or iPhone OS.
> Wow. EFF should sue Apple over that alone. Private companies aren't supposed to "contract-out" your rights. This will be an easy win for EFF.
I would agree that apple is going way over the line, but the issue of 'contracting out' your rights isn't so cut and dry. I'd be interested in reading more about which laws or cases may apply in this situation, but generally speaking its perfectly legal to voluntarily sacrifice previously existing rights as part of a contract.
Yes, which is why my last statement is true generally, but not universally. Just look at nearly any settlement agreement. Signing a contracting in which you surrender rights is a very common occurrence. (Ianal)
