this post was submitted on 24 Jan 2024
894 points (98.9% liked)

Technology

59106 readers
4223 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Who would've thought? This isn’t going to fly with the EU.

Article 5.3 of the Digital Markets Act (DMA): "The gatekeeper shall not prevent business users from offering the same products or services to end users through third-party online intermediation services or through their own direct online sales channel at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper."

Friendly reminder that you can sideload apps without jailbreaking or paying for a dev account using TrollStore, which utilises core trust bugs to bypass/spoof some app validation keys, on a iPhone XR or newer on iOS 14.0 up to 16.6.1. (ANY version for iPhone X and older)

Install guide: Trollstore

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 15 points 9 months ago (3 children)

I'm not too sure that these actions violate the letter of the law here, even though I agree that they're 100% in violation of the spirit of the law.

It's been some years since I've put the mobile development world behind me, in no small part because of Apple's shenanigans, but the way I understand how this might work - Apple may be required to allow "iOS software" to be installed from third party stores, but software that runs on iOS must either be signed using a certificate that only allows installation in a developer or enterprise context (which require explicit and obvious user consent to that specific use case, and come with other restrictions such as the installation only lasting for a limited period of time), or through an "appstore" certificate that allows installation on any device, but the actual application package will need to go through Apple's pipeline (where I believe it gets re-signed before final distribution on the App Store). All certificates, not just the appstore ones, are centrally managed by Apple and they do have the power to revoke, or refuse to renew, any of those certificates at-will.

If my understanding is correct (I'd appreciate if any up-to-date iOS devs could fact-check me), then Apple could introduce or maintain any restrictions they please on handling this final signing step, even if at the end of the day the resulting software is being handed back to developers to self-distribute, they can just refuse to sign the package at all, preventing installation on most consumer iOS devices, and to refuse to re-issue certificates to specific Apple developer accounts they deem in violation of their expected behavior. I haven't read the implementation of the DMA in detail, nor am I a lawyer, so I'm not sure if there are provisions in place that would block either of these actions from Apple, but I do expect that there will be a long game of cat and mouse here as Apple and the EU continue to try and one-up the other's actions.

[–] [email protected] 15 points 9 months ago (1 children)

But the article of the DMA says that the gatekeeper shall not prevent the business user to serve their product using other conditions than those of the gatekeeper's platform. I think that would include Apple's publishing guidelines.

[–] [email protected] 9 points 9 months ago* (last edited 9 months ago) (2 children)

I think that's the rub, in my theoretical scenario, Apple is not blocking the distribution or sale of iOS applications through third-party means, they'd enforce their existing restrictions on and power over building iOS applications in the first place. Developers would absolutely still be able to distribute unsigned applications - end user iOS devices would just be unable to install them.

It sounds ridiculous to me, and as I wrote earlier, it would be a clear violation of the spirit of the DMA, but I don't see any reason why this scenario would not be technically possible for Apple to pull off.

[–] uis 10 points 9 months ago

Installation is part of distribution

[–] [email protected] 3 points 9 months ago

They already make it hard to make an app without xcode

[–] anlumo 6 points 9 months ago

Your description matches my understanding of the process (as someone who left iOS development a few years ago).

I don’t think that the DMA is technical enough to differentiate in this precise manner. Keep in mind that it was written by lawmakers and politicians who mostly don’t know how to even use a smartphone. They'd think that a certificate is a piece of paper with fancy signatures on it.

[–] Eg3 4 points 9 months ago

I could be wrong on this, and don’t know all the details in the case, but EU-law is often interpreted teleologically, meaning in a way that is the most in accordance with the objectives and goals of the legislation. So in this case, if Apple is in violation of the spirit of the law, the EU Courts would likely rule against Apple. (source: 1st year law student)