Apple Rejects/Removes Unity-built Games to Protect User Privacy


It looks like Apple is using its rejection power for good this time -- removing games built on the Unity engine which included private-API calls that could be used to steal private user information like your iPhone's phone number.

Not all of the rejected/removed games were engaged in privacy violations (or even had the network capability to exploit it), but Apple isn't taking any chances following the Storm8 lawsuit. Touch Arcade has the details:

The Unity engine currently uses the two private API calls that Storm8 allegedly exploited to steal user data, _NSGetEnviron and exc_server. Mantas Puida of Unity Technologies explains these two API's utilized by the Unity engine serve the following functions:

_NSGetEnviron is used by Mono runtime to provide implementation of .NET core API method: Environment.GetEnvironmentVariable().

exc_server is also used by Mono runtime to provide graceful NULL reference exception handling.

The Unity engine, however, has been updated to remove the offending API calls, and the games are being recompiled and resubmitted to the App Store. Hopefully this will keep users' data safe from unscrupulous developers, while the scrupulous ones continue to turn out great games.

[Touch Arcade via TUAW]

Rene Ritchie

Editor-in-Chief of iMore, co-host of Iterate, Debug, Review, The TV Show, Vector, ZEN & TECH, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts



← Previously

Apple Hiring Gaming Engineer for iPhone Team

Next up →

Verizon iPhone Attack Ads Take the Gloves Off, Target Steve Jobs?

There are 11 comments. Add yours.

Jackal says:

The factory warranty on your car is about to expire.
Thanks apple, way to finally take one for the team, and not one for yourself

Jordan Wan says:

I think that it should be noted in this article that there is actually no requirement to build a game in with the Unity platform in order to retrieve phone numbers and submit them to a server.
Although Storm8 may have been using Unity to do this, from what I understand, such functionality is already available to programmers using public APIs and without Unity.

Jordan Wan says:

Apple may have other motives for removing apps based on the Unity platform, and for the record I agree with removing Storm8 if they are violating privacy.
However without Unity these actions are still possible even through the official public APIs.

Jordan Wan says:

Just a clarification, I was talking about the address book framework. Which makes it possible to retrieve any phone number stored in the phone book.
If the Unity "hack" allowed for retrieving the owners phone number which was not stored in the address book this is definitely a cause for concern.
However Unity appears to have already fixed this issue, and developers that have built under the new version are still being rejected:
I hope for them that Apple will begin to approve Unity based apps again as long as they are built with the new version.

Rene Ritchie says:

Let's keep it on-topic folks and discuss the story, not each other. We appreciate everyone's time, and their understanding. Thanks!

Carademiverga says:

So are there any apps like this currently in the app store?

Temeto Mipito says:

That's one reason I'm apple is such a stickler on approvals

Vergaparato says:

So what other phones have apps like this if any?

hand me the gun and ask me again says:

so where apps removed from actual phones or just the app store ?

IGenius says:

"That’s one reason I’m [happy] apple is such a stickler on approvals"
Huh? Apple approved Spyware for your iPhone! WTF are you talking about? Apple being "a stickler" seems to give you no protection, given tat they have approved multiple pieces of Spyware.
And besides, if there were any other mainstream place to get apps, it would be YOUR decision whether or not to install them. You gain nothing by Apple being "sticklers", and yet you lose choice. Why does that make you happy again?

cheat man says:

To much gaming is bad for your health. you will get fat! there are loads of other things you can do in life. but still a great story