Yesterday, Apple cut off Facebook's enterprise distribution certificate after the social media giant was caught abusing it to collect user data. Google was subsequently caught doing the same thing and questions rapidly arose as to whether or not Apple would cut off Google's certificate as well. Now, it appears as though Apple has.
An Apple spokesperson gave me the following statement:
UPDATE: Both Facebook and Google spokespeople have now confirmed they've gotten their certificates restores. Now, we'll have to wait and see if any lessons have been learned.
The Verge has the background:
This follows the revelation by TechCrunch that Google was also violating Apple's Enterprise Distribution program to collect information from iOS users, although in a way slightly less egregious than Facebook was caught doing just the day before.
The Facebook violation, in case anyone's lost track in this whiplash of a news week, was discovered by TechCrunch just the day before:
Apple then removed the certificate Facebook had been abusing. Apple's statement:
Now, it appears like Apple has done the same thing to Google's certificate.
Of course, this is getting headlined as "Apple is breaking Facebook and Google's internal apps", which to me is kinda all shades of counter-factual.
It was Facebook and Google's choice to tie these data harvesting apps to their main Enterprise distribution certificate. Apple didn't make them do that. They chose to do that and for reasons of their own choosing. (There's a theory being floated that Facebook, at least, did it intentionally on the hopes it would make Apple hesitant to take action, but it's just as likely they were dumb, lazy, or simply didn't consider it instead.)
The bottom line is, though, that if you're going to run a red light, don't do it in your work car. Because, if that work car gets impounded, and your ability to make deliveries suffers, it's nobody's fault but your own.
Now, all that remains to be seen is whether or not these are time outs or full on cut offs.
Rene Ritchie is one of the most respected Apple analysts in the business, reaching a combined audience of over 40 million readers a month. His YouTube channel, Vector, has over 90 thousand subscribers and 14 million views and his podcasts, including Debug, have been downloaded over 20 million times. He also regularly co-hosts MacBreak Weekly for the TWiT network and co-hosted CES Live! and Talk Mobile. Based in Montreal, Rene is a former director of product marketing, web developer, and graphic designer. He's authored several books and appeared on numerous television and radio segments to discuss Apple and the technology industry. When not working, he likes to cook, grapple, and spend time with his friends and family.
Hmmm... Actually pretty reasonable take, RR. I acknowledge your restraint here, as I expected a much more "torches and pitchforks" piece from you. Regarding the recent events, the certificates they were using were revoked and new ones issued. The apps that shouldn’t have been running now can’t run. Apple clearly needed to take some action, mainly because of the press IMO, but I think the press ran a little over the top with the "revocation" story. No matter how some may frame things, in the end, Apple doesn't want or need ill will between two of the biggest service providers on their platform. That doesn't end well for anybody, IMO. This was resolved before it even started, really.
@DMP89145 And the “two of the biggest service providers” don’t want or need ill will between Apple either, the most dominant and profitable hardware platform. Some are saying Apple needs Google and Facebook more than Google and Facebook need Apple. That’s not even close to being true. Remember that iOS users actually spend money unlike the majority of Android users. And users who spend money are the lifeblood of companies like Google and Facebook as they are the target of the advertisers both companies covet. It’s a two way street.
Indeed, it is a two way street and it's quite balanced, IMO. All concerned parties need each other, though for different reasons. While, I take issue with the bulk of your post, I understand your overall point.
Something tells me if it were to come down to it, people would side with Google and Facebook services over their iPhone devices. Not all, but I imagine a majority might. But admittedly, it's a situation that wouldn't be in the best interests of anyone.
What's more of a concern: it was bad enough thinking people (especially teenagers) were willing to give up so much of their privacy for $20/month - now we found out that Google acolytes did it for FREE. Why are we constantly proving Agent K right: "A person is smart. People are dumb, panicky dangerous animals and you know it."
And it doesn’t bode well for our future. It appears most people don’t care about privacy or security until they get compromised or victimized by the lack of them. Then they scream bloody murder and want somebody to make them whole again. The most common password is still “password” you know. The future looks like it will one of total surveillance with cameras on every corner, companies tracking your every move, your habits, your purchases, your politics, your religion. Oh wait! We’re already living in that future.
It's important that websites actually try to help users secure their accounts, websites whose password requirements are just "six characters or more" so they actually let you just enter "password" are partially to blame, plus websites that have no option for 2FA as well. The Web Authentication API will play a big part in securing users' accounts, also known as the "end of passwords"
You'd be surprised how much $20 a month can mean to someone, there are more people living in poverty than you might think.
The lesson learned is, that Apple is a nanny and thinks it can break agreements that users went into. As long as both of these apps said what they did outright, who cares? It's a consensual agreement then.
Get the best of iMore in in your inbox, every day!
Thank you for signing up to iMore. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.