back to article Apple bans benign iOS spyware detection, security info app

Apple has punted hacker Stefan Esser's app designed to highlight the security posture and running processes on iOS devices. The app System and Security Info shows detailed data on the state of security including possible anomalies like injected libraries and the state of code-signing and AppStore binary encryption, and a …

  1. Anonymous Coward
    Anonymous Coward

    Why would anyone spend even 1 second developing for a platform where someone could yank the rug from under you like that.

    1. Anonymous Coward
      Anonymous Coward

      My company stopped about 2 years in...

      Apple's moving goal posts, random application of bizarre and subjective rules and $150 a year just to keep apps in the store meant that all those millions and millions of Android users are now our main customers.

      Interestingly, here in Asia, the whole "apple users spend money" thing is totally wrong... no-one in asia spends money once they have the phone, so no point developing apps for Apple anymore.

    2. Anonymous Coward
      Anonymous Coward

      Why would anyone spend even 1 second developing for a platform where someone could yank the rug from under you like that.

      Because you get a set of rules that you have to stick to, and if you do, the app will be published as many, many apps demonstrate. If I recall correctly, one of the app requirements is sandboxing, and grabbing data of other apps is per definition in conflict with that (at which point it may flag already as non-benign).

      In addition, if I were a malware developer I'd LOVE to have a tool that allows me to check that my malicious code is well hidden from Apple evaluation. I'm surprised the developer cannot see why Apple would have a problem with an app that makes testing that possible.

      It's not really as black and white as the developer makes it out to be.

      1. Naselus

        "In addition, if I were a malware developer I'd LOVE to have a tool that allows me to check that my malicious code is well hidden from Apple evaluation. I'm surprised the developer cannot see why Apple would have a problem with an app that makes testing that possible."

        Because refusing to allow anyone to check up on security is actually more insecure than invasive security tests. Especially if (like this) it's something a malware developer could knock-up themselves in an hour or two. Among infosec bods, having the tools open to everyone is considered much better than just letting the Bad Guys write their own tools to find exploits and check security and the good guys taking it on faith that everything is just peachy because Tim Cook says it's fine. The idea is that we don't trust anything, even our own brilliance.

        The old 'if we don't talk about how insecure X is, then it's secure through obscurity' thing is BS, and it's been considered BS for 30 years by everyone... except for Apple and Cisco. Everyone else runs bug bounty programs for exactly this reason; Apple haven't got one because it would imply imperfection in their latest products (which only Apple are allowed to do, and only after the next iteration of the product is out). Cisco go further and will actually try and prosecute you for flagging up bugs, which is even worse.

        There's an old rule in Sigint circles which says that no matter how clever you think you are, someone else is cleverer. If you think your security is unbreakable, all you're proving is that YOU don't know how to break it, not that no-one else does. Pretty much everyone else - Google, Microsoft, Oracle, Linux, hell, even Adobe have grepped that idea and realised that open-sourced security testing results in way better security than trying to run a black box (and is usually cheaper, too). The bad guys will ignore your rules about not checking the eval detection. The good guys won't, and so won't be able to help you find bugs til they're being exploited in the wild.

        That's why modern encryption methods tend to be published and people are invited to try and break it, rather than hidden away. If you can check that your malicious code is hidden from Apple evaluation, the problem here isn't that you have an app that tells you. The problem is that Apple's evaluation can't detect it. That is the thing which Apple ought to be addressing, rather than banning a tool which can be easily re-created from scratch by a malicious app developer.

        Ultimately, it's pretty typical Apple tbh - try and appear hardline on security without conforming to anything remotely approaching Best Practice, and then removing anything which highlights the difference between their talk and their actions.

    3. anthonyhegedus Silver badge

      But people do develop for iOS. It must be worth it on some level. When it's not worth it, people don't develop apps. Look at Blackberry and that other failed one, can't remember the name, bing phone or something.

      Seriously though, I almost felt sorry for Microsoft this weekend. Listening to a radio station, they told users to download their app "on google play or the apple app store". No mention of Microsoft's store. And then later on, I got my Trackr Bravo device and it doesn't support Microsoft either. With iOS and Android, you don't have to worry. Everything important is available for both. With Windows Phone, you need to check what's available. And that's why the phones are so cheap: there are no apps.

      No doubt I'll get downvoted because some Microsoft phone fanatic will get upset but that's not my intention. It's just the state of the computer/phone industry. If you don't understand how the market works, and you buy some cheap device, you might get burnt.

      1. Naselus

        "No doubt I'll get downvoted because some Microsoft phone fanatic will get upset but that's not my intention."

        I think the only known MS phone fanatic in the world is presently asleep.

        But in all seriousness, Windows phone is actually pretty good. It's noticeable how much harder Microsoft try when they don't have total market dominance; and they've produced a good product which no-one is ever going to buy (unlike their usual strategy of a horrible product which you have no choice not to buy).

        1. anthonyhegedus Silver badge

          "It's noticeable how much harder Microsoft try when they don't have total market dominance" - now that's interesting. It would make a change for them to make a decent product.

          I've just been setting up a Microsoft Surface 3 for a customer and it already had a weird error before I'd even got into windows for the first time. It said something about a piece of memory which could not be read (it went off too quickly) and then booted normally. Before that, it got stuck with a black screen with a mouse cursor on it for two minutes.

          I'm not impressed. It's just the same old Windows garbage.

        2. Prst. V.Jeltz Silver badge
          Flame

          "Windows phone is actually pretty good"

          Not its not . I have one . The interfaces are bullshit and unintuitive, However my main gripe is:

          You cannot set it to repeat beep when a text comes in .

          and when I say cannot i mean even if you are prepared to write your own app it cannot be done due to lack of api access to messaging system.

          this is a basic fucking fundamental requirement of a phone , and as such i declare the thing unfit for purpose.

          Its not fucking complicated request is it? its not like face recognition software ffs.

          here , ms ,

          Do until "hell" = "frozen over"

          if unreadmeassges = true AND timesincelastbeep > 2 min then

          messagetone.mp3

          timesincelastbeep =now

          end if

          loop

          there , you can have that for free now please put in in my fucking phone

      2. nijam

        > "No mention of Microsoft's store."

        There's never a mention of their store.

        Do they even have one? Maybe so, but not as far as anyone else is concerned.

        (I actually have a Lumia, dumped on my by the EE (or whatever they were called at the time). It's really not that good.)

  2. Anonymous Coward
    Anonymous Coward

    It's a shame all mobile platforms are like that :(

    1. Mephistro

      Not exactly...

      Android at least has several competing appstores. For now. ;-)

      1. Anonymous Coward
        Anonymous Coward

        Re: Not exactly...

        Android at least has several competing appstores. For now. ;-)

        Yes, but the question is who exactly benefits from that..

  3. Andrew Jones 2

    I don't really get why though,

    if the app is using publicly available Apple approved APIs and isn't interfering with anything actually running on the device, either first or third party - then the app isn't breaking any rules - so is this a case of the app now breaking previously undocumented (and potentially made up on the spur of the moment) rules?

    1. james 68

      No, no, no. You know how Apple like to disappear any apps that provide a service so that Apple can then move in and provide a carbon copy app with a safe monopoly?

      Well it's obvious, Apple wishes to corner the market on '"potentially" false data'. Or as some like to call it, 'bald faced lies'.

      Starting with this spitball of untruth about this poor sods app.

      Yay Apple!

      1. This post has been deleted by its author

    2. Sproggit

      Quite Simple Really

      Without this application running on your iOS device, it would be possible for Apple to run whatever they want on your handset without your knowledge.

      We've seen a number of unsubstantiated reports over the years that odd things happen to existing Apple handsets when new models are released. I'm not saying that there is any truth to the stories, but they are absolutely out there. Now *if* there were any truth to those rumours, the application as written would be able to provide concrete evidence of a handset's performance being "tweaked", because it would show which processes were taking up CPU cycles and/or memory...

      1. Elmer Phud

        Re: Quite Simple Really

        Ah, ALL Backdoors are nasty except ours.

        And we need ours to ensure optimum performance and security is maintained -- here, have another U2 album.

      2. Andrew Jones 2

        Re: Quite Simple Really

        Ah, but that of course is caused by the one thing that always gets shouted from the rooftops - both by Apple Fans and Apple themselves.... ALL our devices get the latest updates...... Yup, updates designed for the only just released device(s) which has a faster processor and more RAM and then the vast majority of that update is backported to devices with less RAM and slower processors and people are shocked that the latest updates slow down their older devices....

      3. Anonymous Coward
        Anonymous Coward

        Re: Quite Simple Really

        We've seen a number of unsubstantiated reports over the years that odd things happen to existing Apple handsets when new models are released. I'm not saying that there is any truth to the stories, but they are absolutely out there.

        to add to the unsubstantiated rumours , my iPhone 5 (which Apple wish me to update to an iPhone 7 because it is more than 3 years old) - now that I'm using iOS9.3.1, co-incidentally starting exactly with the 9.3.1 update, the home button double-click signal to show running apps - is often not recognised by the phone, needed several double-clicks to get to the page of apps. Also co-incidentally a triple-click to invert the colours always works instantaneously. it 'hints' of an RND piss-off the customer after 3 years and 4 months with a 'seeming malfunction' . . . unsubstantiated!

    3. Anonymous Coward
      Anonymous Coward

      if the app is using publicly available Apple approved APIs and isn't interfering with anything actually running on the device, either first or third party - then the app isn't breaking any rules - so is this a case of the app now breaking previously undocumented (and potentially made up on the spur of the moment) rules?

      It appears it IS breaking the rules, hence the removal by Apple. Their motivation is in the email they wrote.

      1. james 68

        "It appears it IS breaking the rules, hence the removal by Apple. Their motivation is in the email they wrote."

        Hmm so using the API's provided by Apple for app development, breaks Apples rules for app development?

        That sir is a vicious circle, and by that rationale EVERY app developed for an Apple device is breaking the rules and could be disappeared at any time because they all rely upon those API's.

        Apple app devs - you have been warned.

  4. Anonymous Coward
    Anonymous Coward

    non-benign apps only please.

    The post is required, and must contain letters.

  5. jake Silver badge

    Out of curiosity ...

    ... do the base BSD utilities no longer run on iOS? Or should my question be more along the lines of "Do i-fads run a completely emasculated OS?". I honestly don't know the answer.

  6. djstardust

    Not only apps ....

    I remember downloading the pop video for Captain Jack by Captain Jack not long after the iTunes store opened. It was a wee bit dodgy (had some boobs in it) and one swear word but nothing that bad.

    A couple of months later when I synced with itunes again they had removed the video from the store (obviously finding out it was a bit ropey) and it automatically got deleted from my devices as well, even though I had paid for it.

    Luckily I had converted it to another format and kept a copy but it just shows that apple even have the power to remove apps or media without telling you once you have bought it. Bastards!

  7. Robin Bradshaw

    So they dropped the ban hammer on this app because

    "your app may report inaccurate information which could mislead or confuse your users."

    Yet a quick look at the app store finds horoscope apps

    https://itunes.apple.com/us/app/full-horoscope-daily-prediction/id407729716?mt=8

    or the modern equivalent of x-ray spectacles ordered from the back page of comics

    https://itunes.apple.com/us/app/x-ray-cam/id434831157?mt=8

    Apple are dicks

  8. Aodhhan

    Apple the Tyrant

    Is anyone really shocked?

    Those who don't use Apple products chuckle about another problem with the iOS.

    Apple users defend the problem to the end, and continue to pay higher prices for more vulnerabilities and blindly support the iOS... as if they were Hillary voters.

    1. redpawn Silver badge

      Re: Apple the Tyrant

      I don't understand the political reference. Please enlighten us and let us know how your support for your candidate relates to this subject.

  9. timhowarduk

    I just take exception to not being allowed to know what processes are really running on MY phone that I paid for with MY money.

    The icing on the cake is to be told that it improves my security if I can't access this information.

    1. Dr.Flay

      Unfortunately the lifestyle sold by Apple is not yours. The i in iPhone does not mean MyPhone.

      You are renting it, and the landlord requests that you do not look in the attic, and especially never go into the cellar, even if you think a burglar is there.

      Any engineer that has worked on the expensive Bang and Olufson equipment will know the difference between what you see, and what is in the box (and why engineers don't buy them after losing too much blood and skin in them).

      Just like Apple they learned from the Wizard of Oz, that if you let the public see behind the curtains, the illusion will break.

  10. yellowlawn

    And yet G Data is still allowed to flourish on the app store. Go figure. https://itunes.apple.com/gb/app/g-data-internet-security/id1037333546?mt=8

  11. Nifty Silver badge

    Similar to INSSIDER

    I've yet to work out why Apple banned the INSSIDER app years ago, and still bans any app that tries to do a simple survey of your WiFi environment.

    I'd be happy with a display just of:

    SSIDs of all local WiFis, their signal strengths and channel numbers.

    To survey the garden and house extremities with, so I can set up my WiFi to avoid too much collision with neighbours.

    But that's too much for Apple's po-faced thought police.

    Due to Apple's intransigence I have to carry a laptop around to do the survey.

    Another one is Apple's resistance to allowing any kind of video camera being connected to the data socket of a iThing. Many Android handset have OTG so you can use a sub-£10 long-cabled endoscope for DIY. With Apple you need an expensive Wifi endoscope £50+.

  12. Updraft102

    Tampering?

    "Apple runs a hard line with security in an attempt to prevent tampering, and it is for this reason that it may be unsurprising that the app was taken down."

    Tampering?

    Tampering is unauthorized modification or change. If the owner of the device, who paid hundreds of dollars for the iThing, does not have the authority to authorize modifications to that device, who does? Can he really be said to own the device if changing it in any way Apple doesn't like is "tampering?"

    This is why I'll never buy/own/use anything Apple, even as Microsoft is dead-set on suiciding its own Windows franchise (I'll never go near Win 10 either). When I buy something, I own it; I decide what it does and does not do. I don't want to hear any jibber-jabber about "you own the device, but not the OS." I own the instance of the OS running on my device. Anything short of that is usurpation of my rights as the owner, and unless Apple or MS is going to reimburse me for the devices I own, I'm still the sole owner with sole authority over that device.

  13. WatAWorld

    Apple wants to do better than Yahoo at maintaining its privacy

    Apple wants to do better than Yahoo at maintaining its privacy.

    When Yahoo's product leaked personal details people found out 2 years later. Apple wants to be sure it can keep its secrets longer.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021