1. The apps used MDM profiles, intedned for control of employee's smartphones and/or vpns to filter access to apps.
2. Those approaches gave the app makers enormous control over the devices. If they used vpns, all internet traffic from the device could be intercepted. If they used MDM profiles, they had deep access to all the device's settings. It was a huge privacy risk.
3. This was clearly against Apple's policies. APIs were used for the purpose they were not intended for. That was what Facebooks's certificates were revoked for. They should've feared removal since the day they wrote their first line of code.
4. I guess that Apple understood the need for parental control apps and allowed them, with the privacy risks, as there was no other way to get parental control at the time.
5. Apple knew how important iPhone addiction has become and developed their own, privacy respecting solution, screen Time.
6. The need for parental control has now been filled and the privacy risks of those apps now outweigh the benefits. Apple made the decision to remove.
7. Apple, in general, doesn't allow other apps to access such information on your device, for privacy and security reasons. It's a bit anti competitive, yes, it limits what app makers can do, but it makes iOs secure. There's no other way to do it, and that's what many people don't understand. Apple's philosophy sacrifices some features you might have for your own security. If you're not fine with it, use Android and sideload, but don't run screaming to the police when it suddenly turns out that the online banking app you've just installed was a very good fake. [1].
>It's a bit anti competitive, yes, it limits what app makers can do, but it makes iOs secure. There's no other way to do it, and that's what many people don't understand.
Doesn't it seem weird to you how they only cared about "making iOS secure" once they had their own product?
If Google or Microsoft did this the reaction here on HN would be so different. Any anti-competitive practice could be rationalized by saying it makes the platform more secure.
If you’re building something and you lift up a rock and find a lot of weird solutions to a problem you’d never really thought through crawling under it, what would you do?
1) Ban them immediately, no matter how necessary to parents, as the risk of tracking/stalking of all iPhone users is unacceptable
2) Build a safer solution that can’t be harnessed for tracking/stalking, and then ban all solutions that can be used for tracking/stalking
Seems like they chose the latter. It’s easy to construct a case for why it is technically inappropriate to allow third-party apps in this space, that I personally boil down primarily to “a frequently-abused chance for corporate entities to monetize the user data of minors”.
Apple took years to implement content filtering, and did so in a way that prohibits applications from knowing whether their filters are ever exercised, as otherwise Facebook and other malicious entities would long ago have added a filter for ^(.*)$ to transmit every request to third-party servers. Is their refusal to permit otherwise anti-competitive, security-forward, or both?
Apple, if I understand correctly, prohibits third-party keyboards in certain password-type dialogs on iOS because keyboard apps are allowed to send network requests. (They are allowed to do so because e.g. GIF search.) Is this prohibition anti-competitive, security-forward, or both?
We as a community need to become a lot more careful with use of the phrase “anti-competitive”, as many industry-standard security practices that we would demand of any product we build and use are then labeled “anti-competitive” solely when they interfere with us doing anything we like, or when they’re done by an organization that doesn’t share its internal discussions with us when making decisions on our behalf.
Is it appropriate to stifle the competition for my personal data, even if that is, in a literalistic interpretation, anti-competitive?
> If you’re building something and you lift up a rock and find a lot of weird solutions to a problem you’d never really thought through crawling under it, what would you do?
> 1) Ban them immediately, no matter how necessary to parents, as the risk of tracking/stalking of all iPhone users is unacceptable
> 2) Build a safer solution that can’t be harnessed for tracking/stalking, and then ban all solutions that can be used for tracking/stalking
Surely the correct answer, if the solution is really so valuable that it cannot be done without in the time it would take to come up with a safe solution, is
3) tell the programmers of the potentially privacy-violating solutions that they'll be banned once you do (2), then do (2);
or arguably even
4) do (3), and, in the meantime, display a hard-to-ignore dialogue on installation that warns "this app may violate your privacy, and will be automatically uninstalled once Apple's safer solution is available. Do you wish to proceed?"
ESR-type freedom fighters typically suggest that the priority should be on one’s freedom to shoot your own foot off with a footgun, as long as the footgun has clear warnings. This idealism commonly places absolute freedom as the number one priority, leaving no room for competing priorities such as the safety and welfare of those who are unable to make sensible judgement calls regarding footgun operation.
I have watched expert users infect themselves with malware faster than I can open my mouth to warn them that they’ve just unthinkingly clicked Next and blown their foot off, and then had to help them wipe their installation and start over.
I do not consider the current world we live in to be one where it is safe to prioritize absolute freedom over all other concerns. I accept that this puts me at odds with those that do, but as I watch them shoot their own feet off, I am grateful that I chose a more pragmatic path. I am grateful that a safer path is available for those who are unable to comprehend the severities of the risks they are defended against.
The solution you propose is no different than saying that the safety on a gun is sufficient to protect someone from accidentally shooting themselves with it. I do not agree with your assumptions, and I think the solution you describe is selfish and neglectful. You prioritize your ideals over the welfare of others unable to avoid paying the price you think yourself able to dodge. Your choice is abhorrent to me, and pushes me further away from the absolutist freedoms you espouse. Consider carefully in the future whether your argument as presented today helps or harms your cause.
> You prioritize your ideals over the welfare of others unable to avoid paying the price you think yourself able to dodge.
Wow, that's a lot of assumptions. Both my (3) and (4) include "then do (2)", which seemed to be the solution you were proposing; they just more clearly communicated to developers that (2) was coming, and more clearly communicated to users the consequences of implementing half-baked solutions before (2) was done. I can imagine a lot of practical problems with what I suggested, but it's hard for me to see how increasing the communication in either or both of the ways that I proposed, while also doing what (it seems) you're proposing (and what Apple did), constitutes adherence to a selfish ideal.
All I know is I spent a considerable amount of time dealing with malware on Windows and bad video call quality on apps on android, as well as android’s problems with updating phone software, difficulty backing up and restoring data.
Ever since moving everyone in my extended family to Apple’s ecosystem, I no longer field any calls about uninstalling malware, computer running slow, video calls are crystal clear, and the devices work forever. And if there’s a problem, they can take it to the Apple store and get it fixed, and restore from iCloud backup and they’re up and running in no time.
If Google or Microsoft want to re-create that convenience, I’m all for it. I know I sound like a shill, but I think it’s well worth whatever extra it costs in terms of time I saved troubleshooting.
Friend of mine told me a story that he has set up a Windows computer for someone, and one week later that same person goes back and is like "oh, my computer is broken". The guy asks what happened, and the person explains that she was trying to get that new game for her daughter, but it's so expensive so she wanted a crack. The antivirus complained, like it always does, so she just turned it off and installed anyway. The guy immediately recommended to stay far away from Windows and get an iPad. She did and never came back.
Is essentially a gun control debate. Windows (the gun,) is benign on its own and millions of people can safely use it. However, in the wrong hands, it can enable dangerous behaviors and undesirable outcomes. MacOS simply has much stronger trigger locks.
I have helped friends with laptops, and laptops used by teens were the worst. They go to incredibly sketchy websites to watch free movies and TV shows, and install any software when prompted to by a popup. I haven't had to deal with it in a while and I don't miss it.
I've already explained it in the parent comment. Before screen time, there was no other way to achieve parental control, so they probably decided to go with those solutions, for the lack of a better option. Screen Time changed the situation and there's no reason to keep those privacy nightmares in the App Store any longer. You can achieve the goal of parental control via less privacy intrusive means, which you couldn't do before. Whether you actually should is an entirely different matter IMO.
Anti competitive how? Apple doesn’t make money from their solution. On the other hand, they would make 30% on third party solutions. Wouldn’t it be in their financial interest to allow third party spyware?
Microsoft didn't make money on their free Internet Explorer web browser but they lost an anti-trust case for giving it away free with Windows.
And before anyone says Apple isn't a monopoly...well they are in certain markets. For instance, among the younger generations they have like +80% market share and in the US they have close to 50%. There's also an anti-trust case pending against them in the Supreme Court right now.
They didn’t “lose” because of bundling. They lost because they forced exclusive third party OEMs not to bundle Netscape. Do you notice that MS never stopped bundling IE?
Have any of the console makers or smart TV makers been told what they can and can’t put on their own devices? Has any physical store been fined for limiting what they sell in their own store?
Not allowing users to put competing third party apps on their own devices is exactly what Apple is doing. Should users have less rights on their devices than OEMs do e.g. in the Microsoft case?
And market percentage is too one major metric of how monopolies are defined.
If those third party apps weren’t violating Apple’s policies, they’d be on the store. Should dangerous products be allowed on the App Store in the name of “competition?” That’s ridiculous. If Apple was trying to be uncompetitive, they would have removed all the third party calendar, reminders, notes and music apps. The only movie editing app would be iMovie. Yet they haven’t did that. They only removed screen time apps that violate user privacy in significant ways. App Store removals have never been because “Apple makes a competing product” — they are generally because of a privacy issue or some kind of content-based idea (such as removing InfoWars or not wanting yet another fart app.)
If you don’t like it by an Android and develop for Android. Literally every single person on the planet with access to iPhone could alternatively use Android. In fact, iPhone is more expensive than cheap Androids, so there is even less reason for people to stay with iPhone. Yet, for some weird reason, people keep buying the phones.
If I subscribe to the Disney channel, I suspect to not see porn. If I buy Apple, I expect that my privacy is being rigorously protected. For people who want porn or less secure devices, those things are readily available from other vendors. Just become Apple doesn’t sell “porn” doesn’t make them a monopoly. If your local movie theater doesn’t screen porn films, are they being anti-competitive? Are they considered a monopoly? Not allowing porn producers to screen their films at the local movie theater is analogous to Apple not allowing privacy dangerous apps on their store.
So you want Apple to allow spyware on their phones? Should Smsrt TV makers be forced to allow any third party app? What about console makers? Should Nintendo be forced to allow adult oriented games on their platform?
What exactly is Apple’s business motivation for not allowing third party spyware but allowing third party music streaming, video streaming, office apps, book stores, etc? When they make money off of their own services in the other areas?
Next question. What if this app with the same capabilities - to record the apps and activity used on another phone - was marketed to husbands who suspected their wives were cheating. Would you be okay with that too? Should Apple allow it?
>Should Smsrt TV makers be forced to allow any third party app? What about console makers? Should Nintendo be forced to allow adult oriented games on their platform?
I think the argument is Apple has a little more market dominance (both smart phone hardware and OS) than a single smart tv maker or even Nintendo in the console market.
Keeping the market dominance point in mind, Apple isn’t just deciding what is and isn’t allowed...you had a number of developers with successful apps not just have to contend with a copy cat app created by Apple but because of their control over the marketplace Apple killed their developers apps and took the entire market (rightly or wrongly).
So yeah if you change your facts and the smart tv or Nintendo allowed apps/adult games, saw developers create a market and then the hardware maker launched their own software competitors and disallowed the initial apps/games...there would be blowback.
You also had a number of developers who successfully were marketing fake “virus protection” including Kasperky that were kicked off the store. Should Apple have kept those on the store? Facebook bought a “successful” VPN product that it used to spy on users and figure out that WhatsApp was popular before it bought it. Should Apple have kept that?
Would you be okay if apps with the same capabilities were marketed as a way to catch cheating spouses?
If Apple decides they wanted to ban loot boxes in games, would you be opposed to that?
Of course I don’t agree with the app. But from what I can tell, at least on iOS, the app is just a front end for a website and a set of services. The app itself doesn’t intercept communications on the phone or use any special phone permissions. From another site, I saw the Absher service will notify the husband via SMS.
With NYT’s (usual) shallow technical reporting, I can’t tell what the app does. Just like the article for this post. The only reason we on HN suspect that the apps for this article must be using some combination of MDM API’s and a VPN is because we know how iOS works.
But I can always throw the question back at you. How can you on one hand say that it would be okay if this app did do something similar (which I can’t tell) and Apple banned it for privacy reasons but not okay to ban other software that is spyware?
>So you want Apple to allow spyware on their phones?
Yes.
>Should Smsrt TV makers be forced to allow any third party app?
Yes.
>What about console makers? Should Nintendo be forced to allow adult oriented games on their platform?
Yes. They do not have to endorse or even promote such games, but they shouldn't be allowed to prohibit such games either.
>Next question. What if this app with the same capabilities - to record the apps and activity used on another phone - was marketed to husbands who suspected their wives were cheating. Would you be okay with that too? Should Apple allow it?
Yes, Apple should allow the app's functionality. The law shouldn't allow such ads or spying on people without their knowledge.
In short, it shouldn't be Apple/Samsung/Nintendo's business what gets run on a device.
And yet I said nothing about my agreement or disagreement with decisions like that, merely that a large part of the debate is when Apple's control ends. There is a non negligible portion of people who believe, act as if the device is Apple's, even after sale.
Well. Since Apple’s retention rate is in the high 90s and that there are much cheaper Android alternatives available, maybe iOS users are okay with that....
Having a market share if 80% among a demographic doesn’t make a monopoly. Even 100% market share among a demographic isn’t a monopoly. I might suggest a review of the definition of the term “monopoly.”
So tell me how does Apple make more money they more time I spend on my phone?
I spend most of the time on my phone on the web, using subscription services that aren’t bought through the App Store, watching tutorial videos that I don’t buy through the App Store, and reading books I bought from the Amazon store.
I also listen to podcast using a third party player.
Have you ever dropped your phone and needed a repair?
The chance of both of those is correlated to how much time you spend on your device.
And of course, your particular use case isn’t driving apples decisions — it’s the aggregate behavior of all its users.
So while you may not buy more apps or services, it is certainly the case that increases in phone use correlate to increases in Apple Eco System generated revenue for Apple.
Really? That’s the road you’re going down? Apple wants you to use your phone more to increase the likelihood that you will drop it?
And you still haven’t answered the other question. How are these third party apps better at controlling usage than Apple’s built in screen time and parental controls?
Your question was how does increased usage increase revenue.
Repairs are a non-trivial source of revenue and increased usage certainly increases repairs.
But more important are the other examples I gave which you have ignored.
I don’t know how they are better personally, but the author of the article (did you read it?) certain pointed out some examples.
As far as I can tell, your argument is that user phone usage has zero impact on apples revenue, I’m making the opposite case. My sense is that phone usage is correlated with revenue.
Yes I did read the entire article. Neither you nor the article (detail light) listed anyway that the third party apps were better than iOS built in features.
Until you do, I think it’s safe to say that your unsubstantiated opinions are just that. Again, can you cite any feature that the third party apps have that Apple didn’t either include recently in the screen time feature or the parental controls that have been there forever?
Maybe you didn’t read the whole thing? Or maybe you are just trolling here? It’s unclear.
>>
Unlike apps such as OurPact, Apple’s tools don’t allow parents to schedule different times throughout a day when an app is blocked — for school or family dinner. And Apple’s tool blocks adult content only on its Safari web browser and some apps, not on other browsers or many popular apps, like Twitter, YouTube and Instagram.
<<
So, in case you missed it, here is what they are saying:
1) ability to set a schedule for blocking apps through out the day.
2) blocking content outside of Safari (in other apps / browsers / etc).
If you set parental limits in settings. Those limits are supported by Chrome. But, if you are trying to limit what sites your kids can browse to, why would you allow them to install the third party browser in the first place? You can set up Family sharing to notify you and when your child tries to install an app and you can approve or reject the approval from your phone.
And if you are that concerned about your child’s well being, why would you install VPN software on their phone that allows a third party to track and record all of the internet activity from your child’s phone?
A VPN app cant block content on a level of granularity that blocks certain videos or twitter accounts.. But if you’re counting on software to block Youtube videos and Twitter, you’re doing it wrong.
So you’re not going to engage in an analysis when the article was demonstrable wrong and you have no experience personally?
How pray tell is a third party app going to filter only certain YouTube videos and certain Twitter posts? Didn’t you have at least the tiniest bit of suspicion about the article?
Again, I simple stated what the OPs argument was. If you are downvoting me because you disagree with the original post, you aren’t clear on how to use HN.
As to your other questions, if I use the phone more I’m more likely to buy a new phone, buy more cloud storage, download and buy more apps, generate referral sales by other people seeing me use the product, drop the phone requiring Apple repairs, the list goes on.
Apple wants to develop a deep relationship with their users, so in Nearly every case using the products more is to their benefit.
The more you rely on the products the more free attention you spend in their eco-system, and the more likely you will spend money that they will get a % of.
I think some others have laid out the argument for how the Apple solution is less effective than others, so I’ll let that stand and not rehash it here.
Whether or not this is the actual motivation for Apple is unclear, but the incentives are clear that they’d want you to use your phone vs not using it.
You haven’t stated from your own personal experience or showing a documented feature set how the third party apps are better.
Do you really think that people are going to purposefully install an app that keeps them from taking pictures that will cause them to use more cloud storage? Do the third party apps somehow prevent this better than Apples built in controls? You’ve posted twice without giving any details to back up your claims.
Screen Time does not make Apple any additional money. They have no financial reason to care if customers used it or not, they get the same money as soon as you buy the device. In fact, paid parental control apps could earn them more money because of the 30% cut on app revenue.
Screentime makes Apple money if it's the deciding factor between someone buying an Apple device vs not. The inclusion of Screentime in iOS sold my family an additional two iPads for my kids to use.
>Doesn't it seem weird to you how they only cared about "making iOS secure" once they had their own product?
Not really - there's a big difference between banning an insecure app when a secure solution has been added to the OS, and banning an app when no secure solution yet exists.
They don’t sell ScreenTime or the parental control apps. They aren’t generating revenue from it. They do, however, make money from other people selling apps from the App Store. Also, if you have an iPhone, you already bought the phone, so what’s the incentive for banning outside screen time apps? How does Apple win? They win because their device and the apps on it are more secure. Calling that anti-competitive makes no sense unless Apple was selling competing ScreenTime apps. Not letting users unknowingly compromise their own privacy isn’t anti-competitive.
And in the case of Google, it would be different because Google’s business model is all about “targeting” you. Apple’s model is simply to sell you stuff.
Not all that strange -- the decision was more "we have a security issue, but banning these apps would create a screen time issue". Framed that way, it made perfect sense they waited until they had a long term solution finalized.
This whole thing started when Apple banned Facebook's enterprise certificated because they were using them for consumer directed apps + directing the user's data through their own VPN. This was clearly an abuse of the enterprise certificates and not what they are meant for. This happened around January - the same time when this article's developers were also notified that they will be removed because they were using MDM profiles for something they are not meant for. I don't think this has anything to do with their own product. Apple's product is also 100% free, I don't see how they have any incentive to ban others. Apple doesn't ban other podcast, music and other competitive apps.
The conspiracy doesn't add up in this particular example given that Screen-Time does nothing for their bottom line. Don't get me wrong, I would definitely perk up my ears if there is a story about how Apple competes with Spotify as there is a lot to gain/lose on that front. But Screen Time? What is there to "win"?
"1. The apps used MDM profiles, intedned for control of employee's smartphones and/or vpns to filter access to apps."
Anyone know where Apple's language on this is? MDM is "mobile device management", which sounds very much like what a parental control app is. I don't see much difference in the employer vs parent use cases.
The difference is, an employer must get (for a fee) their own profile, and they manage the devices themselves. Those apps probably linked the devices with some common profiles. That meant the parent was not really in control, the app developer was. It's like you accessing your bitcoin wallet directly versus you giving me the key and telling me what transactions to do, trusting I won't abuse it. You could argue that every parent should just get their own profile, but they're like $200 or so. A couple hundret dollars definitely. Apple could make the fee smaller, but then hackers and people who want to circumvent the APP Store would start buying profiles en masse, and Apple wants to make that unprofitable.
I don't see how Apple could cater for those needs. The only way would be to allow anyone to create an MDM profile, but making them free and abuntant defeats all the security of the App Store. It would just be sideloading, but a little harder. The use/abuse potential would be huge. I can imagine Netflix using loopholes like this so that users could create their own profiles and use them to install Netflix apps unencumbered by Apple's IAP limitations. That would make users accustomed to installing apps that way, and now we're one step from fake banking apps and Android's story all over.
Parental profiles limited in total number of managed devices? Failing that, it doesn't have to be MDM. They did implement the screentime as a built in piece of functionality. Also, does Android charge for MDM profiles?
MDM is used for enterprise. IT Admin has certain escalated privileges, which is different to a parental control app. It can be especially dangerous if the person in control of MDM has malicious intent.
Refer to the Mobile Device Management tab in the link.
The employer is allowed to manage devices on its own network, generally to enforce security policies that they may put in place.
It’s not at all the parent that Apple is concerned about, it’s the app developer, or anyone who can hack the app developer.
If a parent was using this feature to manage their in-home devices directly, Apple would have no problem with it at all.
An app developer cannot masquerade as your employer to back door your iPhone and control things on it which third-party apps are generally prohibited from controlling.
Be aware that in some (most?) cases the MDM blocks, at least the very restrictive ones, are only achieved on devices shipped by the employer strictly for work purposes, not on private ones. To get full, total and utter control, you need to wipe your device through Apple Configurator (a Mac program) and set it up with the MDM profile from the start. Just installing the enterprise profile, like you normally do, won't give you access to everything.
It gives the app developer deploying the profile enough access to pipe all traffic through a remote VPN or attempt to redirect certain traffic through DNS resolution, with new certificate trust settings, to let you capture TLS and non-TLS traffic from your phone. It also gives them enough power to change the configuration of the phone this way at any time.
As a parent, I have a legal and moral obligation to act in the best interests of my minor children. To allow a minor unencumbered access to anything is no different than leaving a gun unlocked.
Parents have the legal right to do basically whatever they want with regards to their children’s privacy. That doesn’t mean that I agree that they should do this, but if they would like to do this there’s not much that can stop them.
That was my thought, I’m not sure why the relation to mdm and enterprise keeps coming up, in the sense that it’s limited to enterprise use cases only. Many people use enterprise hardware and software for personal use cases. Things like the Meraki Mdm and Duo 2fa free level. I use separate licenses of LastPass Enterprise for company and personal reasons, because it has more features.
I would also argue that a family would have equal or more rights/choice over how they manage their devices/family.
Don't be an apologist. To introduce your own feature and stopping there, declaring the problem solved (when this article claims the solution doesn't work as well as the third party ones did) is irresponsible. If this is the road they want to take, the right way is to introduce any and all public hooks needed to create a solution, and then, importantly, make the Apple one use only public APIs.
But it seems they chose to be significantly more lazy and bigger jerks than that. And here you come with the 7 point plan to say they are really commendable instead.
Introducing all the public hooks to make this possible puts us back in the situation where some apps can monitor and collect data on usage of other apps.
> I guess that Apple understood the need for parental control apps and allowed them, with the privacy risks, as there was no other way to get parental control at the time.
Everyone is assuming that Apple was aware of the MDM abuse and tolerated it, but seeing how they completely missed Facebook's and Google's abuse of enterprise certificates, it seems just as plausible that the Facebook revelation spurred them to do a re-evaluation of the actual use of all these enterprise programs at which point they found this issue.
It seems to me that these techniques only hurt the security of the user if they're used without the user's knowledge. As long as the apps are very clear about what they do to the phone and its traffic, and the user is fine with that, I don't see what business of Apple it is to disallow it.
Let's face it, Apple also has deep control over people's iPhones. Is that a security threat, or is it something that users choose by buying Apple?
It is absolutely anti-competitive. I think it's time for an anti-trust case against the way Apple abuses their control over the app store.
The thing is, users usually don't know what they're doing. Users are accustomed to clicking through promtps and usually have the "meh, some stupid security thingy again, who cares" attitude. There are the HN people who can actually read prompts on screen and understand what stuff means, but most people can't (or don't). They can't differentiate between a legitimate app that, say, wants to re route all your traffic through a server b/c parental controls, and another app that wants to do it for "making your internet traffic faster" while spying on you. People installed fake RAM extending Android apps, what are we even talking about.
Even if the users understood what they were doing, they probably didn't know the risks associated with installing an MDM profile. THey didn't know what data exactly the app makers were getting and how they were using it. Even I don't know that. I know where to find such information if I need to, but I don't know exactly the permissions of an mdm profile by heard.
Sure, but the same is true for whatever security Apple offers. Why is what Apple offers necessarily better?
And in my opinion, a big part of the reason why many people have no idea what those security permissions mean, is that iOS and Android are way too vague about them.
1. I think Apple did notice, the problem just didn't use to be that big. A few years ago you had way less people talking about it and wanting such solutions. WHen they became too popular, they went up Apple's priority list and the solution was created. As I've explained a few times, until Apple had the resources to dedicate to screen time, they allowed the less safe solutions using mdm.
2. I've been wanting to avoid the subject of whether parental controls should be used alltogether, but, since you brought it up, I have to comment. I've met people for whom parental controls made life hell. They weren't used to protect them, they were used to enforce parents' religious and political views on a teenager who was able to think on their own. She basically wasn't able to make friends locally b/c disability, and they monitored all her online communications, even with people they knew personally, all thanks to parental controls. Back when she had Windows, someone could always hack her out, well, with Apple, it's not that easy.
> It's a bit anti competitive, yes, it limits what app makers can do, but it makes iOs secure. There's no other way to do it, and that's what many people don't understand.
Unfortunately, their solution is far worse than something like Rescue Time, so the only real winner here is Apple. My Apple devices (iPhone, iPad) are effectively a black hole where I have no idea where my time goes, while I have detailed graphs and data whenever I use my laptop (Linux) or desktop (Windows).
Apple’s solution does show the apps used the most. But I agree it’s not at good as Mute or other 3rd party apps. I’d use those if they didn’t kill my battery on account of needing to track movement at all times (which is their only way to get access to device usage data).
I wish Apple would just let these apps access the bare usage information so they could stop pretending that location is a critical part of their apps.
The amount of detail and information provided by Screen Time just pales in comparison. The UI to work with it also isn't great. And the data is locked into Apple's ecosystem, where other solutions allow a true cross-platform and open (exportable data) experience. Not sure why I'm being so downvoted.
> It's a bit anti competitive, yes, [...], but [...]
Reasonable enough, but it's really worth pointing out the interpretation skew here. If this was another major platform vendor, HN would have multiple heads on stakes posted at the top of the topic and flamethrowers would be deployed deep into the subthreads.
But it's Apple, so "it's bad, but" is what we're greeted with on opening the page.
See, this is exactly what I mean. That's not the headline to which you're responding, it's the spin you're applying. You're taking the facts presented, interpreting them as charitably as you can, and making that your default interpretation.
Only Apple gets that kind of "monopolistic, but..." affection here. Everyone else (Google, Facebook, Amazon, Tesla...) get crucified for the same kind of thing, every day.
I'm just pointing it out because it's tiresome and at this point frankly embarassing. I'm not particularly offended by your spin in this instance, and honestly don't even disagree with you that this is a non-issue.
Setting up MDM is a long and complicated process, the parents are told about 10000 times the implications of doing so, and “privacy” is a total canard created by Apple for marketing purposes to make you fear Google.
Here are the instructions for OurPact . Each of these 8 instructions contain many sub-steps.
Launch the Safari browser on your child's device.
Navigate to pair.ourpact.com.
Enter your OurPact account credentials.
Tap New Child to create a fresh child profile, or assign the device to an existing management profile.
If creating a NEW child profile, enter your child's name.
Tap PAIR.
If asked to open settings, tap ALLOW.
Accept the installation prompts to add management to your child's device:
Install
Enter your child's iOS device entry pin (the code used to unlock the device)
Install
Install
Trust
Done
Manage your child's device from the parent OurPact app on your Android device, or our Web App (app.ourpact.com) in a mobile or desktop browser.
I'm pretty sure if Microsoft can be successfully sued for anti-competitive practices for shipping Microsoft only with Internet Explorer [1], Apple should also be sued for this. This isn't the first time or last time they've pulled this stunt either, just look at Spotify [2]. Just because they own and run the market place doesn't mean it is without regulation.
There may be an even bigger case if you consider proprietary connectors, Apple certification chips (which is a whole other scam if you've ever worked with them) and third party repair. People must be allowed to choose, even if there is some acceptance of fault upon things not working correctly.
> Just because they own and run the market place doesn't mean it is without regulation.
That's exactly what Apple is doing - in this case protecting their ecosystem from providers that use undocumented APIs and MDMs whose business model is fingerprinting customers and selling to advertisers.
What exactly do people expect of Apple here? Apple gets criticized if it doesn't take a hard line on customer privacy, but when it does exactly that it is abusing monopoly power and needs to be regulated and broken up.
If people want third party app stores that's fine, but let's be very clear about what that means. It is going to come with compromises in terms of crappy UX, dark patterns, privacy violations, private APIs and all sorts of stuff that users pretty much hate.
The issue is that the moment you introduce the third-party app store, these gambling, privacy-disrespecting apps will flourish. That unique Advertising identifier is now worthless if they can just target ads based off of <more permanent unique ID>. All of the private APIs, like getting your phone's actual Tel number, will now be used and sent off to Facebook. Overall, your phone becomes just as "free" as android, and just as "apps can do anything, even if it's bad" as Android.
I’m pretty sure the APIs to get the device’s phone number, along with most other identifying characteristics, are gated behind entitlements that Apple will not grant third party developers.
Please stop calling these undocumented and private APIs. I know you feel that there is no difference, but continuing to spread flawed information even after being told that it’s incorrect is not arguing in good faith.
Apple has an App Store, they want to take unfair advantage by limiting competition.
Third party have an App Store, they want to take advantage by using dark UI and other unethical practices.
Every approach has its own advantages and disadvantages. No one is doing you a favor by providing you services, they want to earn money in return and usually more than the worth of services they put in. Choose which devil you want to liv with
Personally, give me apps that don't use MDM and flout the clearly stated "rules of the garden" over having five different versions of WhatsApp, four of which are stuffed with malware.
At least in the OP, it looks more like disgruntled responses to the 'standard' Apple policy of
1) make iOS/inhouse app changes
2) throw every competing app under the bus.
It is a well established history that says to developers "if you have an app that fills a need iOS hasn't addressed, your days are numbered, good luck when somebody at Apple writes the mvp of your app themselves".
Not hard to imagine an App Store future that is just corporate portals and games, with everything else covered by Apple thus off limits.
Would you like to back up that statement with some facts?
I know Uber has been smacked before for using private API’s before. Maybe not as hard as a no-name developer would have been but the uncomfortable truth is not all app developers are equal and honestly I understand the reasons for that.
> the absolute dominance of Windows was a factor in that.
The absolute dominance of Windows was the reason it was an issue in the first place.
Controlling your own platform is not a monopoly. Controlling a market is, and at the time, Windows controlled the market for PC operating systems. Without a monopoly, it's much, much harder to make a reasonable legal case for the government stepping in and telling you what you can and can't do with your own platform.
Just bundling IE isn't what got Microsoft in trouble. In addition they also used a combination of payments, discounts and threats of withholding access to software to prevent PC manufacturers and sellers from both providing alternative operating systems and browsers.
What you’re describing is a cartel under competition laws. It would be hard to prove that Apple and Google are conspiring together against other market players.
I disagree. An oligopoly does not need to be a cartel, but a cartel is a special case of an oligopoly, and here I'm talking of oligopoly, not the narrower case. A structural deficit in a market can lead to oligopolistic markets and exploitation without collusion, sometimes with regulation and sometimes wihtout. For more details, see (for example) here: https://www.diffen.com/difference/Cartel_vs_Oligopoly
Android at least lets you use other app-stores and easily distribute and install apps by sideloading. On iOS you have to use the Apple App Store - everything else is a massive inconvenience or against Apple’s T&Cs (e.g. Facebook+Google’s use of enterprise certs).
I still don't see how you can't imagine a legitimate usage for this class of apps. Or maybe you can and you're not even saying that in which case I have no idea what point you're making.
The MS case was due to a monopoly that they had. Apple is not and will probably never be in that position for phones (or computers for that matter).
We can discuss how we would like things to be more open (personally I love jailbreaking my phone but being on A12 and A11 before that means I haven’t been able to JB for some time now) but comparing Apple to MS in this case is apples and oranges.
I’ll take the Apple locked down ecosystem over the Wild West of malware that is Android any day of the week.
The problem is that Apple doesn't have anything close to a monopoly if you consider them a player in "PCs" or "Smartphones". It's only when you consider "Apple PCs" or "iPhones" as a separate market that it would be comparable to the MS situation.
I don't even think that Apple users want the government to fix Apple, it's the App vendors that want a better position in negotiations and journalists are happy to help if it's "big tech company does bad thing" because it's trendy.
I think "monopoly/not monopoly" has always been the bad criterion to judge this problems (when I say "always", I include the "Sherman Antitrust Act" of 1890).
The problem is more generically when some company use is its power (company size in a market as buyer or seller, technical possibility to block competitor, etc ...) to disable competition instead on fighting on quality and price of their product and services.
Why wouldn't the application market for iPhone users be the relevant market? The EU didn't consider iPhones and Androids fungible when applying antitrust regulations to Android.
I suppose because every manufacturer has a monopoly if you limit the market to his products. 100% of Blackberry phones are made by Blackberry.
I believe that you can make this argument for Apple easier than you can make it for others because they make most of the product (i.e. hardware, OS, most of the services), but it's still a lot harder than looking at Microsoft with >90% market share of all PCs and agreeing that that's a monopoly.
After reading miki123211's comment and doing some further research, I am peeved at the article's blatant bias to portray Apple negatively. The developers knew that they were circumventing the rules, as shown Apple's response, but pretend to be the victims and complain that they can't understand Apple's feedback.
I suppose this also goes back to the bigger picture in society. We have been trained to root for the underdogs, while the faceless corporation is always to blame. Apple has been consistent in its effort to make iOS secure, but public opinion keeps changing depending on whether it causes them an inconvenience. When Apple refuses to comply with the FBI, Apple good. When Apple removes apps that violate privacy and weakens security, Apple bad.
I agree that we need a full and complete understanding rather than a simplistic one. miki123211's response adds to that, but a fuller picture is that
- companies were using IOS to serve a legitimate need that Apple did not.
- As noted this was done by subverting an API
- Apple tolerated this (did they not know or not care or ?)
- Apple released a competitive product with a new API
- Apple begins removing products using the old methods
The question is whether Apple is allowing existing products to migrate to the new API or are they locked out? If existing products cannot use the same API then my sense is that Apple is indeed being anti-competitive.
I’m sorry but they released a real solution and then started to remove the anti-privacy hacks. Also people don’t seem to understand so I’ll spell it out: APPLE IS LOSING MONEY FROM THIS DECISION. Screen time makes them no money (yes you can argue maybe they make more money from devices because of its existance but that’s a stretch).
I’m betting they put up with these apps because they realized there was no good alternative. Now they they have a real solution there is no reason to allow there privacy nightmares to continue to exist (in their current form at least).
Is it impossible to believe that was a legitimate security decision? How would you implement such an API and prevent developers from abusing it for spyware purposes? Personally, even though I opt into sharing app-specific usage data with developers, I don’t particularly want my global device-level usage statistics available to any random app that also has network entitlements.
> Please don't impute astroturfing or shillage. That degrades discussion and is usually mistaken. If you're worried about it, email us and we'll look at the data.
This is the deal you sign when you develop on someone else’s platform. It’s the same for Android, Facebook, etc.
If you don’t like then go develop for Android exclusively. Please do not prevend that these app developers didn’t 100% know they operated in a VERY gray area.
It is a shame that the Apple Walled Garden prevents customers from being able to purchase and use the software that they want.
Seems inefficient. And potentially anti-competitive.
>Spotify complained to European regulators last month that Apple used the App Store to give its Apple Music service an unfair advantage over Spotify’s competing app. Dutch regulators announced this month that they would investigate whether Apple abused its control of the App Store.
Funny that Europe of all places ends up being more pro-market than the 'States.
>In the United States, Senator Elizabeth Warren of Massachusetts, a Democratic candidate for president, recently suggested separating the App Store from Apple as part of her proposal to rein in the American tech giants.
> Funny that Europe of all places ends up being more pro-market than the 'States.
Why should that be funny? The EU is explicitly pro trade and has much cheaper telecoms, air travel, and many other items thanks to aggressive pro competition policy. They forced Microsoft unbundle explorer.
In fact they have a very powerful competition commissioner unlike the us which has no such, and where antitrust has been systematically watered down for almost 40 years.
Being pro-trade and pro-competition very often means not actually being for a free market. Policies that dictate what apple can do with its iphones’ app access might be “pro competition”, but the regulation used is against free markets.
The free market argument would be to let Apple do what it wants with its products. A “competition commissioner” is antithetical to that.
> Being pro-trade and pro-competition very often means not actually being for a free market.
"Free" in this context is an ambiguous word. The libertarian argument is that no regulations make a market free to access for everybody. The counter-argument is that, under no regulations, rich-get-richer dynamics inevitably lead to such wealth inequality that most actors are free in strictly legalistic terms, but prevented in practice from taking any actions but the ones that attend to their immediate survival needs.
It seems clear to me that unregulated markets inexorably condemn the majority of the population to wage-slavery and having most of their waking hours controlled by someone else.
In Europe, we are interested in freedom in practice. This is only possible by protecting the underdogs, so that they do not fall into poverty traps that are impossible to get out of, as is the case in the US -- people having to work all of their waking hours just to survive, no chance of savings that would allow them to take a break and learn new things, or try new things, or just take a deep breath and think about the big picture for a second.
Anti competitive legislation in the US exists but seems impossible to enforce when the would be subjects of this are major campaign contributors as well. Presidential candidates talk tough but start doing their donors favors as soon as they get elected. Political campaigns are big business and most of the elected officials do so on the back of lots of corporate sponsoring.
The EU has its own issues when it comes to free markets. One worrying trend is that the same companies buying influence in Washington are also donating to EU parties in Brussels.
I'm not sure you can have it both ways: you can't complain on the one hand about the likes of Facebook having access to undocumented APIs, and on the other expect apps which make use of these APIs (even for social good) to not get removed from the App Store.
We had the wild west of apps with the Windows ecosystem and it ended in malware, viruses and spyware. Even with appropriate permissions, most customers do not know what they're letting themselves in for if undocumented/private APIs, custom certs and proprietary VPNs are part of the picture.
You can if your income depends on as many people visiting your article's website as possible, and the best way to do that is to make it invoke emotions. After this, you can then write an article about companies abusing undocumented APIs to steal information.
FWIW, I don't think these apps used undocumented APIs. They merely used (or abused, depending on your viewpoint) publicly available MDM APIs for parental controls.
> They merely used (or abused, depending on your viewpoint) publicly available MDM APIs for parental controls
Same difference. Most consumers don't understand the implications of a third party provider fingerprinting their App usage (and then likely selling the device ID + app usage to advertisers)
Most consumers also don’t understand that these apps don’t provide MDM-level control to parents, but to the app developer who shares a small amount of that control with parents. It would be a good compromise if Apple allowed third-party applications to use some Screen Time data with a device permission.
It’s not quite the same thing. I agree with you that users don’t really understand how MDM works, but saying that the apps are using undocumented/private API is not true because if they were this case would be significantly more clear-cut.
Apps use undocumented APIs to track which apps you’re using and prevent you from opening certain apps, Apple realises this is a potential security/privacy problem, so builds screentime into the OS so it can plug the security hole.
What they should have done is allow apps access to the screentime data if the user gives permission to the app to manage screentime.
That sounds like a fair compromise. Make Screen Time data a permission just like access to cameras and microphones and regulate the usage of such data so that it doesn’t get siphoned off to who-knows-where.
Apps which request access to ScreenTime data show up in a consent list in the parental controls UI.
However, the kinds of data exposed likely would be the output of the screen time processing system, not the raw data. So these apps would get different UI widgets showing the same data Apple is displaying.
From what I see, I don't think these apps are using undocumented APIs. Also, your "solution" doesn't meaningfully improve the situation we have currently.
They’re documented but they were meant for enterprise usage. Tracking user habits is a risk, just like VPN apps could track all user’s network requests
Yes, the point is that Apple currently does not have an API for this because they seem to consider being able to have access to other apps on the device something that an app should not have access to. So presumably any solution to this problem needs to function in a way that meaningfully improves the current situation.
Lots of smoke and no fire. The only way apps could accomplish “parental controls” would be though MDM or maybe through something a bit more heavy handed like a VPN. Neither are great solutions (MDM being slightly better) AND the privacy concerns are very high (see: Facebook VPN/“Study”). There exist no API’s to natively do what these apps said they could do and so they took the MDM/VPN heavy-handed route.
I am 100% ok with Apple requesting changes from or straight up blocking apps that do shit like this. It’s deceptive IMHO and users don’t understand what they are really signing away when they stuff like this. I doubt parents fully understand that while they get some level of control over the phone they are ceding full control over every packet the goes over the VPN to some random company. That’s another thing, let’s not pretend these companies are well know/reputable. I’ve never heard of them before and I assume that’s because they didn’t really do anything novel and instead used a sledgehammer to kill a fly. Granted it’s because a fly-swatter didn’t exist (and still doesn’t) but they exist in the same category for me as ad-blocker apps that use a VPN to accomplish their goals. I’m not interested in giving up 100% of my internet traffic to get something like filtered ads. Also I have a legitimate use for VPN’s for home and work and I don’t like halfway solutions (am I supposed to be fine with ads when I need to use a real VPN?).
In summary I question the usefulness of these apps and strongly feel that they create way more problems than they fix. Also Apple is LOSING money by removing/neutering these apps. This isn’t a case of Spotify vs Apple Music and I’ve got nothing but crocodile tears for these “businesses” that have gone up in smoke because from my perspective they were all smoke and mirrors to begin with.
There is lots of debate on here about whether or not Apple is right to remove these apps and whether, on balance, Apple should allow apps to use MDM/VPN features "for good" or whether Apple is right to lock down those features.
That debate is beside the point. Apple's timing makes a very strong circumstantial case that Apple is not removing these other apps because they suddenly care that the apps are violating their TOS. Apple is removing them now because Apple now offers a competing app. If Apple had never approved these apps in the first place, or removed them promptly over the years, nobody would have a problem.
Here's an analogy: suppose you live in a small town and the cops have set up a speed trap to catch tourists. They never ticket you because they know you are a local. Years pass, you have children, life is good. Then your daughter dumps her boyfriend, who happens to be the police chief's son. All of a sudden, the cops start ticketing you because "everybody needs to follow the law." Do you believe their explanation?
Apple's willfully dishonest about hardware issues so when yet another story lands of how they released an app and banned competing products the truth really isn't complex, this is a company prioritizing unethical, anti-consumer, anti-competitive behavior.
Their official iOS developer guidelines even threatened developers for speaking to the press about these things...
“Apple allows corporations to use such software to control employees’ phones. But last year, the company stopped apps from using the software to enable parents to control their children’s devices. The Apple spokeswoman said Apple had blocked the practice because app makers could gain access to too much information on the children’s devices.”
Think of the children! Or at least, stop complaining about both Facebook for violating privacy and Apple for protecting privacy. We need to legislate by law rather than anti-trust and arbitrary corporate fines.
>We need to legislate by law rather than anti-trust and arbitrary corporate fines.
Why?
I live a modern life and I don't use Facebook or Apple.
There is plenty of competition, let these anti-consumer companies feel the pain of Markets. Or we will find out, people don't actually care about this.
I don't want the government to get involved in Apple, and ruin companies that I do use (Google, Snapchat, etc..)
Well, this is a load of crap. Apple's parent controls are woefully insufficient and OurPact is a wonderful app. Losing it without a viable replacement is a big problem.
Apple and Google have way too much power to determine what we can and cannot do with "our" devices.
If anyone at all, government laws should determine this, not 2 or 3 big companies.
An opt-out of this "walled garden" on mobile devices should be possible, like how System Integrity Protection can be disabled in macOS (if you accept the risks involved.)
Epic gave them a nice excuse too. We could potentially claim it's not default and hard to do. But now Google can just point at the number of Fortnite players - see? works just fine.
The situation on Android used to kinda suck with the global "Unknown sources" toggle, but now you can toggle it per app which is better. I do wish that third party app stores could update apps without user intervention though.
Hope they do not block parental control apps on Mac OS X as well.
Current builtin solution is horrid to use in practice.
I also see that screentime is inconvenient for the parent trying to limit access to only few websites. And bookmarks still do not appear by themselves as they should.
I’m paywalled so can’t be sure, but do they explain how theses apps were able to track others app usage in the first place without breaching their sandboxing pledge?
In at least one case: Then, with Mobicip’s deadline just a few days away, Apple responded three times to his earlier detailed questions — with virtually the same message: “Your app uses public A.P.I.s in an unapproved manner, which does not comply with guideline 2.5.1 of the App Store Review Guidelines.”
And is that respectful of the AppStore rules? I’m not sure people realize that App that provide system wide functionality using borderline workaround are only one step away from becoming straight spyware.
The Accessibility API on iOS cannot block opening apps to my knowledge, and using undocumented APIs are a pretty good way to get removed from the App Store immediately as opposed to with a warning to change your app to "comply".
I don’t believe any app in the iOS ecosystem should have access to other apps on the phone, in these days of surveillance capitalism. This is definitely the right move from Apple. Remember that Facebook went to such lengths to misuse its certificate to gain exactly this kind of data.
Oh please, NYT can't have it both ways. These apps operate by subverting and abusing an API that gives them more access than they should have. I can already see the NYT headlines had Apple not closed this loophole - "Apple allows 3rd party apps to track young children."
The fact that we're even having a discussion about what consenting adults can do with their own devices, including what software they wish to run on them, is a pretty bleak statement as to the current state of the smartphone arena.
That lack of power is what has enabled my non English speaking non technically literate family members to be able to use the internet and video call around the world without worrying about malware.
Why would a non English speaking non technically literate person go and install a random parental control iOS app?
I have half a dozen such people in my family and they don't even know how to open the app store, let alone the password for it. I install stuff for them when they need it, which is like maybe once in a year.
Now that my mother's decline is well under way and we're providing eldercare, I very much wish I'd figured out how to lock down and remotely manage her devices ahead of time. Phones, tablet, laptop, satellite / cable boxes, etc.
Not just for tech supp.
The extent scammers are preying on our elderly is shocking. It's basically nonstop. At some point, my mom (like other elders we've been caring for before her) won't be able to protect herself.
We need much harsher punishments for scammers. If our government was actually functioning, it seems like something useful they could be doing.
Insurance companies are actually starting to consider ‘risk of fraud’ as something that needs to be covered as one ages, as humans tend to be more trusting as they get older and their mind becomes duller.
I have gotten to the point where none of this invokes any feeling anymore. It's so bizarre what is going on with big corp and how they are getting away with all this.
Nothing I say or comment will ever have an impact so they might as well run with it.
On one hand side I'm happy this information gets popular. On the other, why are those creators surprised? I remember Apple doing the same in many other areas for as long as they had apps. We get an article about this every few months.
I feel like the lesson people should start taking here is if they publish for iOS, they should move to another idea as soon as Apple publishes something similar.
It's also the cost of making business easy. You don't have to deal with a ton of different devices, Apple provides a lot of framework and services, so your work gets easier.
It seems a bit like renting a store in a mall vs renting a store somewhere in town.
1. The apps used MDM profiles, intedned for control of employee's smartphones and/or vpns to filter access to apps.
2. Those approaches gave the app makers enormous control over the devices. If they used vpns, all internet traffic from the device could be intercepted. If they used MDM profiles, they had deep access to all the device's settings. It was a huge privacy risk.
3. This was clearly against Apple's policies. APIs were used for the purpose they were not intended for. That was what Facebooks's certificates were revoked for. They should've feared removal since the day they wrote their first line of code.
4. I guess that Apple understood the need for parental control apps and allowed them, with the privacy risks, as there was no other way to get parental control at the time.
5. Apple knew how important iPhone addiction has become and developed their own, privacy respecting solution, screen Time.
6. The need for parental control has now been filled and the privacy risks of those apps now outweigh the benefits. Apple made the decision to remove.
7. Apple, in general, doesn't allow other apps to access such information on your device, for privacy and security reasons. It's a bit anti competitive, yes, it limits what app makers can do, but it makes iOs secure. There's no other way to do it, and that's what many people don't understand. Apple's philosophy sacrifices some features you might have for your own security. If you're not fine with it, use Android and sideload, but don't run screaming to the police when it suddenly turns out that the online banking app you've just installed was a very good fake. [1].
[1] https://www.tahawultech.com/industry/technology/android-warn...