You are here: Home / Apple Products / The Darker Side Of iPhone App Development

The Darker Side Of iPhone App Development

Posted by on August 11, 2008 · Leave a Comment 

I’m in the middle of building an iPhone app (for eventual distribution in the App Store) and, given what happened recently with NetShare, I took a moment to step back and see just how much control Steve & Co. have by the potential livelihood of iPhone developers. It turns out, being part of the iPhone Developer Program is a bit like tuning in to the Outer Limits.

Apple Controls The Horizontal

The iTunes App Store is the main venue for developers to purvey their wares to the masses. Apple has complete control by what gets in and when an app gets in to the store and whether it stays in the store (e.g. NetShare). Despite all the hard work that may have gone into developing a killer application, Apple may reject it outright or significantly delay the release. And, considering there is no competition (jailbreak/Installer.app does not count), there really is no recourse.

The same is not true in traditional app development & distribution as you, the developer, have much more control by where you can sell your app and when you construct releases available.

Apple Controls The Vertical

If you manage to get into the program, there is another way to get your app into the hands of iPhone users via a deployment method that allows for performing limited distribution (ostensibly for engaging beta testers). Apple could effectively kill that venue (and plus the App Store venue at the same time) by simply revoking the certificate of the developers of the application. Since Apple forces all valid iPhone apps to be signed, whether the certificate is on the “revocation list” no apps

signed with that certificate will run anywhere. that would come as quite a shock to your paying customers.

This code-signing is an integral part of the development and deployment processes. Apple has not made it easy to get right and it is easy to see why they chose to go that route: control.

Feature Blackout

Finally, there appears to be a “kill switch” lurking within – at least – the API that allows access to iPhone location info. that URL: https://iphone-services.apple.com/clbl/unauthorizedApps is embedded into the firmware and contains, for now, an “empty” file of blacklisted iPhone applications:

{
	"Date Generated" = "2008-08-10 04:34:00 Etc/GMT";
	"BlackListedApps" = {
		"com.mal.icious" = {
			"Description" = "Being really poor!";
			"App Name" = "Malicious";
			"Date Revoked" = "2004-02-01 08:00:00 Etc/GMT";
		};
	};
}

This appears to be a separate means of ensuring “bad” applications cannot “play” on Apple’s turf, but there is no mention of that anywhere in official Apple documentation (that I have found). Developers have no real concept what their app can do to get on or, more importantly, off that list (though it may have something to do with abuse of location documents knowledge, given where that URL is found in the firmware).

While that entire composition dances on the perimeter of the NDA, it would be interesting to get even some anonymous perspectives on how you feel about iPhone development, particularly whether you have developed for other, more open, platforms before. whether you started developing, but soon after abandoned it due to the associated headaches and requirements, definitely let TAB readers know you story.

Orginal post by Bob Rudis

Filed under Apple Products · Tagged with

Password Reset

Please enter your e-mail address. You will receive a new password via e-mail.