Reuters takes offense at hacked apps in iOS

It is unclear how much revenue the pirate distributors are siphoning away from Apple and legitimate app makers.

Source: Software pirates use Apple tech to put hacked apps on iPhones | Reuters

It’s taken a long time and another massive Facebook privacy scandal for the news media to discover this underbelly of hacked apps chugging along happily due to Apple’s Enterprise Apps program.

I’ve used one on and off – Instagram++

I must say, it’s a liberating experience – I see no ads on Instagram, I see no random “Suggested Friends to Follow” crap.

I had to resort to this because my Instagram experience is vastly worse off than my wife’s and my friends’. I see, on average, 3x more ads on Instagram than others around me. How many ads does my wife see? None.

So to my mind, using Instagram++ makes perfect sense. If I can hack my way to a better UX, why shouldn’t I? It’s the same as using an adblocker.

I don’t support piracy of services. There’s no legit reason to not pay for Spotify.

As for hacked games, well, cheats and hacks have always existed, and will continue to exist, despite the alarmed voice of this Reuters article.

Also, the article got one thing wrong – I’ve observed Apple kick out the Enterprise cert almost once a month, sometimes two or three times a month. They seem to make it sound as if Reuters alerting Apple was the only thing that forced Apple into action.

They’re very much aware of the problem and can’t or won’t do much about it. Talking about it as if it’s the end of the App Store is just noise.

As for how much revenue these services generate? Not close to enough. They do seem to have a comfortable existence, and so might be able to get around Apple’s 2FA proposal by just buying a bunch of phone numbers in China. But do they run a massive profit? You bet that if they did, Apple would be all over them.

This is the same as the jailbreak community in some senses – only a small percentage of users are actually trusting these services not to misuse the extensive powers that Enterprise certs give them. Out of that small percentage, a further small percent is paying for it.

It’s sad that large companies like Facebook pulling the shit that they do often also bring to light little players that are just trying to provide a good service to users.

Now, the technical aspect of this – Instagram++ is available online for download as an IPA if you want to use your own developer account. If you don’t have a dev account, Apple now allows side-loading, but it is a cumbersome process that expires after 7 days. Apple’s earlier sideloading used to be 30 days. When Apple made it free for everyone to sideload (not just if you’re a $99/year paying developer), they reduced the time frame of the cert to 7 days, which in my mind is a total d*ck move.

If Apple really wants to combat Enterprise cert misuse while letting users do whatever they want with their systems, they can just legitimize sideloading and let me choose when my cert would expire, but Apple isn’t that generous.

Till a good solution presents itself, services like TweakBox, Tutu, and AppValley will continue to operate by hook or by crook. So be it.

Jailbreaking is still frowned upon

In the past few years, BYOD has flourished and people have been unlocked from old, clunky Blackberries and attached to Apples and various candies. But with all this openness has come a problem – that of jailbreaking.

Jailbreaking the iOS or rooting your Android device are frowned upon by the enterprise because of the apparent security problems and the costs of supporting un-supported functions that these devices can do. In that sense, a new idea is emerging – that of Android being the standard. Android is open and allows anyone to pick it up and start modifying it to its needs. What does that drive companies to? Using Android as a standard and expecting their employees to do the same.

The main contention is that jailbreaking is in itself a security flaw. Thus, it’d be very easy for the employee to install the wrong tweak from the Cydia store and lose all the company’s vital data. Or, in case the employee is not careful, they can brick their device while jailbreaking and then expect the company’s IT department to support them.

Most of the problems that the enterprise quotes against jailbreaking is not valid anymore.

The process of jailbreaking is perhaps 99.9% safe now, with only every a couple of devices reporting bricking of devices due to unconventional installs. The mass of the common public just downloads a program, connects their device, clicks a button and they’re done. Also, this process is purely software based now, so the chances of really bricking your device? Zero. Why? Because if something goes wrong, you just start iTunes and hit “Restore”.

What about the security issues? Let’s talk about the jailbreak devs themselves. All of the devs involved are working for free. No one is truly paying them to do it, except the few donations they receive. That means that they do not have any hidden interests in the process. Do you trust OpenSource or software developers on Github and SourceForge to not steal your identity or corporate data? Do you use Ubuntu at home because, “hey, it’s free”? Then there’s no reason not to trust these devs to do the right thing and not use security flaws to steal your data. In fact, the iOS 3 hack involving jailbreaking the device simply by downloading a PDF file from the Internet helped Apple fixed a bug that could have been misused by anyone else. The devs welcomed Apple’s security update that fixed that jailbreak.

Finally, what about the tweaks that people install? Well, when it comes to getting the right installs with no bugs, I trust only one name – BigBoss. It is a repo hosting provider that hosts paid and free tweaks in Cydia. The point? It’s a safe environment where tweaks are tested before being allowed to go to the general public. And if a company is really serious about setting up a BYOD environment, they can work with these repository hosting providers to test and approve tweaks that work on the iOS.

There’s a general misconception in the public and in companies that since Android is open and so freely available, it’s easier to support Android. Not true. Android devices are heavily fragmented. Amazon’s Kindle Fire cannot do many things that an Asus tablet can. That functionality may also include SSL, Wireless security and other encrypted email. To support so many devices and so many versions of the same OS can be a much bigger pain for Enterprises.

Instead, if we look at iOS, non-jailbroken devices are freely supported by Apple (how do you un-jailbreak a device? Simply restore the OS, Apple has no way of verifying that it was ever jailbroken) and jailbroken devices will still have the same platform as the first one. There is no fragmentation in Apple devices, no multiple versions of their OS running on devices of varying hardware capabilities.

End Game? Apple devices are a lot easier to support, fix and troubleshoot than other options. Time to change your perception.

Rethinking Folders in iOS

When I first came across the Mac OS X, one of the reasons that immediately set it aside from other OSs I’d used was the way the UI was constructive towards doing work better. A simple example of that was the way I could scroll the window which was behind my work window without needing to click on the background one. This meant that I could refer to a document and type in my current window at the same time.

The other feature that really struck me was the concept of stacks in the Dock. The way stacks work is that I can choose recent documents, recent applications or just a list of favorite items to sit in the dock for easy access. That’s not all. The best feature of stacks is that they’re highly unobtrusive. Stacks don’t need a window for themselves, they’re just floating on the screen and as soon as your attention goes elsewhere and you click, the stacks disappear. That way they’re really hidden, but at our beck and call. Compared to a folder, that requires your full attention and even needs to be specifically closed when not needed, stacks are a great resource in the OS X. Continue reading

Absinthe 2.0 and troubleshooting the Jailbreak

If you’ve been awake since the past few hours, you would have found out that french hacker pod2G and his dream team have released the latest jailbreak for iOS 5.1.1 on most devices. Those who have tried to jailbreak have also faced a couple of problems.

 

Simple steps to solve your issues for the jailbreak are –

1. Do a full restore of your iOS device from iTunes and do not put the data back into the device from your iTunes backup.

2. Try jailbreaking using Absinthe. If you’re on a Mac and you get stuck on the “Waiting for reboot…” screen, dump Mac and download absinthe for Windows and jailbreak on the windows device.

3. Be very patient. If your device has data on it, it can even take up to 40 minutes for the jailbreak to work.

 

I managed to jailbreak my iPhone 4S on iOS 5.1.1 today. All the best to you too!