Apple AppStore Approved Apps Abusing Private Info

http://arstechnica.com/apple/news/2012/02/congressmen-question-apple-on-path-controversy-as-apple-promises-updates.ars

I'm going to get into this in greater depth at some point, but this is a heads up about one of a handful of cases where Apple approved apps, or even Apple apps themselves have proven to be trivial as trivial can be to breach security (looking at you Safari/Google lack-of-security-fest : http://www.pcworld.com/businesscenter/article/250301/us_lawmakers_call_on_ftc_to_investigate_google_over_safari_cookies.html ). To call what these people are doing a "hack" is to use hack in the most liberal sense of the word.

Apple is incapable of testing apps that are submitted to the AppStore for security problems in a way that is foolproof, and the manual and/or automated testing is poor (proof is in the pudding here).

In lieue of the announced "Gatekeeper" functionality, which is also available to paid Developers right now for testing, I can't help but feel that Apple is in la la land. The Gatekeeper is function to be included in Mountain Lion; my description of function is going to keep strictly to function already disclosed in press releases, though I have tested it myself.

They're providing a tool which is, arguably, useful.

My issue is this; it provides a false sense of security, and also associates Apple approved apps, and/or apps signed by Developers with a greater sense of safety, and apps that are not approved are described by Apple in a way that seems to taint their credibility and more importantly, safety.

I've made a number of Apps that I haven't run through the app store. The reasons for this are varied; I write a great deal of totally custom apps for higher end clients and one shot events, so I typically have no need to run something through the AppStore. Not one of these apps abuses user info, is unsafe, or transmits or stores user data on remote servers without the user being well aware. Yet, Apple AppStore approved apps have, and do. Apple MADE apps have, recently - again, the Safari browser that so many users....USE. We're still awaiting the answer about exactly how many AppStore apps mishandle user info (via ftc inquiry, as described in one of the articles above).

Meanwhile, Apple is providing a mechanism that will allow one to choose what apps can run on their OS, in tiers; AppStore approved only, known Developers only, and finally "anything".

A jaded person might feel like this is a way to drive all Developers to use the Apple AppStore for distribution, let Apple take their percentage off top, and also for Apple to make people feel unconfident about non-AppStore purchases. That last part is what I feel is particularly shady, given the cold hard facts.

Another aspect that is unsettling is that when an app is opened up from a developer with a signed cert, or from the AppStore, it will not give a prompt that it's downloaded from the internet.

Let that sink in. For the AppStore, someone would need to hack the server, or slip an app through approval that does something nefarious (which, as we've seen, the latter is certainly possible, and doesn't even result in a ban).

If someone downloads an app from the internet with a cert that's "signed" with a developer ID, they will assume it to be safe. This sucks.

If the schema that Apple uses to generate these keys has any common factors between id's, or if the key itself is attainable/copyable, and able to be hacked into any app, valid id's can be predicted or Developers will become targets to have their ID's abused by people attempting to create malicious apps. Again, this sucks. On top of that, it may potentially create extra problems.

So, a person could download an app, and NOW, have an actual signed malicious app! It won't say "downloaded from the internet, do you want to open", etc., either, because it will be signed as valid. Thanks for making this possible Apple! Thanks for possibly making Devs a target! Thanks for using a super lame concept that absolutely has to be able to be defeated, even if you all are putting some extra safe guards in place.

I really hope I'm proven wrong, but I don't see how anything else could possibly be the result. I'm sincerely afraid that this very lame attempt at locking things down is going to provoke the ire of hackers, for being stupid mainly, and secondly, for being a bit of an affront to coders and a backdoor way of pushing people into the AppStore. It's not going to be me; I'd rather spend my off time on other stuff, but Apple is walking into a scenario they do not want to be in... make that, running into a scenario they don't want to be in, as fast as they possibly can.

Little "doesn't add up" things like this give me heavy concern for the future of Apple.