1. Public Statements, reason for this is that many people have tried to publish various forms of malware, and then when apple rejected the app, they cried fowl and pretended like Apple was being unreasonable in its reviews. In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Revers Engineering-- The claim that this covers legal reverse engineering is created from whole cloth by the EFF, the section does not refer to types of reverse engineering, merely protects apples rights regarding such. Thus EFF is straight up lying.
App Store Only: Apple provides the SDK for free, and part of the deal is that it is to be used for deploying apps for iOS on the app store only. (This is not the case with the Mac SDK) Charactersizing Lydia as a "competing app store" is straight up dishonest. IT requires jailbreaking devices, which results in greatly reduced reliability and is bad for consumers, opening them up to malware, yet the EFF is effectively endorsing exposing consumers to malware here.
"No Tinkering" - Obviously, Apple doesn't want people circumventing their protections against malware and getting malware past the review process.
"Apple owns security" -- A profoundly dishonest comment given that Apple has done so much to protect security that a governor is trying to get a law passed that will let the government snoop again. The EFF apparently doesn't care about his, but uses the fact that you can't use a security bug claim to circumnavigate the review process to pretend like Apple leaves people exposed. Another straight up lie.
Kill your App-- yes, if malware gets in there, it can be shut down. Ignoring the reasoning for this puts a hard, dishonest spin, in fact as far as I'm concerned, makes it a lie.
This is also true of google's store. So, given that the EFF is publishing on android, they obviously don't care about this too much... yet they put it in here to bash Apple, making them both hypocrites and liars.
" and we certainly will not wrap our app in DRM."
DRM that signs the app to prevent it from being tampered with, which keeps the users data secure.
So the EFF here is rejecting keeping users data secure.
They care more about grandstanding than integrity and protecting consumers.
So basically, you can be draconian in managing how a user uses their app, in the name of "malware". Sorta like how content filters on "extremist material" and "child pornography".
User wants a legal porn app? Nope, but it's OK cause you didn't get malware. Ditto for any kind of app that Apple doesn't feel fits their brand.
There's nothing wrong with having explicit, manual, escape hatches. In your haste to hold Apple up as the great wall against malware, you forget they've completely taken away choice from the user. Considering it's the Electronic Freedom Foundation, that seems like a legitimate thing to complain about.
It's the Electronic Frontier Foundation, as their banner proudly says, but you're right that the spin here is on security.
The sentiment these days with regards to restricting user freedom seems to be not "think of the children", but "think of the security." I'm guessing it reaches a wider audience: the rhetoric is basically "who doesn't want to be secure?" ...everyone who doesn't want their devices secured against them.
> In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Please cite your sources for the part quoted above. I have seen many reports of unjust rejections. The ones that led me to believe Apple was being overly strict were those where I thought Apple's rules were ridiculous. I would hold the same opinion of the rules (and Apple) regardless of the app. I don't use, and therefore do not care, about any of the rejected apps themselves.
I disagree that jailbreaking (letting users have control of their own devices) is bad or in any way unjustified due to malware.
I disagree with your statement that the no tinkering clause has anything to do with malware. How do you think that actually works? The only way I can imagine is if malware authors, unabashed at the thought of breaking federal laws like the CFAA that can lead to long sentences in federal prison, were somehow cowed into submission by Apple's mighty developer agreement and the torts that violating it might lead to. While that thought is amusing, I hope you have a better reason I haven't considered.
I do like Apple giving people encryption options and I think that governor is silly. However, you are raising a side issue that has nothing to do with the claim made in the article. The ability to 'tinker' and discover how things work is critical both for security research and being able to independently fix issues if Apple cannot or will not. You can find many researchers who had vendors ignore security defects for years (including that site recently posted to HN and their terrible API that leaked digits of people's credit card numbers), so security-minded people have a very deep mistrust of anyone who refuses to allow them to investigate issues.
I don't care why Apple can kill an app on my machine, the fact that they can do so unilaterally is inherently disagreeable. I note that you do not dispute the fact of it, only the reasoning. Contrast that with antivirus where I can, in fact, tell it to allow a virus, such as the EICAR test file, which I need to test that antivirus systems are working.
Your own characterizations are far more hyperbolic than anything the EFF said.
Weren't you going to show that they were being dishonest? All you've shown, to me at least, is your own bias.
1) Public statements: You present your own speculative justification for the policy, but you don't contest the basic facts of the matter, as presented by the EFF.
2) Reverse engineering: IANAL, but it seems to me that EFF is telling the truth. Apple forbids RE, and the language with which they forbid it makes no exceptions for legal RE. If you sign apple's agreement, you've signed away the right you previously had to legally RE.
3) You raise many tangential facts by way of attempting a justification for apple's decision, without addressing the core facts. Who cares what apple provides for free? EFF's statement about the agreement precludes you from publishing on any other app stores is absolutely correct. You seem to think this is a good thing, because, you know, "malware!", but EFF's criticism is factual.
4) No tinkering. Again, I thought you were going to expose someone being dishonest.
5) Apple owns security: So, because you think we all owe a huge debt of gratitude to apple in the security arena, therefore the factual statements made by EFF are lies and spin?
6) Kill your app. In other words, the EFF was absolutely correct in their statement, but because they didn't bend over backwards far enough to defend and justify apple's decision, this makes it a lie in your mind.
-------------------------------
In response to:
Sure thing, I'll illustrate point by point.
1. Public Statements, reason for this is that many people have tried to publish various forms of malware, and then when apple rejected the app, they cried fowl and pretended like Apple was being unreasonable in its reviews. In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Revers Engineering-- The claim that this covers legal reverse engineering is created from whole cloth by the EFF, the section does not refer to types of reverse engineering, merely protects apples rights regarding such. Thus EFF is straight up lying.
App Store Only: Apple provides the SDK for free, and part of the deal is that it is to be used for deploying apps for iOS on the app store only. (This is not the case with the Mac SDK) Charactersizing Lydia as a "competing app store" is straight up dishonest. IT requires jailbreaking devices, which results in greatly reduced reliability and is bad for consumers, opening them up to malware, yet the EFF is effectively endorsing exposing consumers to malware here.
"No Tinkering" - Obviously, Apple doesn't want people circumventing their protections against malware and getting malware past the review process.
"Apple owns security" -- A profoundly dishonest comment given that Apple has done so much to protect security that a governor is trying to get a law passed that will let the government snoop again. The EFF apparently doesn't care about his, but uses the fact that you can't use a security bug claim to circumnavigate the review process to pretend like Apple leaves people exposed. Another straight up lie.
Kill your App-- yes, if malware gets in there, it can be shut down. Ignoring the reasoning for this puts a hard, dishonest spin, in fact as far as I'm concerned, makes it a lie.
This is also true of google's store. So, given that the EFF is publishing on android, they obviously don't care about this too much... yet they put it in here to bash Apple, making them both hypocrites and liars.
" and we certainly will not wrap our app in DRM."
DRM that signs the app to prevent it from being tampered with, which keeps the users data secure.
So the EFF here is rejecting keeping users data secure.
They care more about grandstanding than integrity and protecting consumers.
-------------------------------
1. Public Statements, reason for this is that many people have tried to publish various forms of malware, and then when apple rejected the app, they cried fowl and pretended like Apple was being unreasonable in its reviews. In fact, this is the PRIMARY reason that people think that Apple is strict in what it will let in the App Store. EFF is misrepresenting what the agreement says here, putting spin on it.
Revers Engineering-- The claim that this covers legal reverse engineering is created from whole cloth by the EFF, the section does not refer to types of reverse engineering, merely protects apples rights regarding such. Thus EFF is straight up lying.
App Store Only: Apple provides the SDK for free, and part of the deal is that it is to be used for deploying apps for iOS on the app store only. (This is not the case with the Mac SDK) Charactersizing Lydia as a "competing app store" is straight up dishonest. IT requires jailbreaking devices, which results in greatly reduced reliability and is bad for consumers, opening them up to malware, yet the EFF is effectively endorsing exposing consumers to malware here.
"No Tinkering" - Obviously, Apple doesn't want people circumventing their protections against malware and getting malware past the review process.
"Apple owns security" -- A profoundly dishonest comment given that Apple has done so much to protect security that a governor is trying to get a law passed that will let the government snoop again. The EFF apparently doesn't care about his, but uses the fact that you can't use a security bug claim to circumnavigate the review process to pretend like Apple leaves people exposed. Another straight up lie.
Kill your App-- yes, if malware gets in there, it can be shut down. Ignoring the reasoning for this puts a hard, dishonest spin, in fact as far as I'm concerned, makes it a lie.
This is also true of google's store. So, given that the EFF is publishing on android, they obviously don't care about this too much... yet they put it in here to bash Apple, making them both hypocrites and liars.
" and we certainly will not wrap our app in DRM."
DRM that signs the app to prevent it from being tampered with, which keeps the users data secure.
So the EFF here is rejecting keeping users data secure.
They care more about grandstanding than integrity and protecting consumers.