[busymom0]

This is some super click bait and borderline deceitful blog. Apps on iOS are sandboxed so you can't access data about other app's launch and usage. These apps were using MDM profiles to get that usage data. This also meant that the user's internet data was going through these third parties which is a pretty big privacy issue. Plus having MDM profiles gave these third parties enormous access to the user's device settings. It would allow all your children's phone data as well as device settings to be accessible to these 3rd parties. That's bad, exploitative of underage kids, against the TOS as well as using MDM profiles for wrong intentions. Using MDM profiles are only intended to be used for controlling employee and VPN access for filtering apps within an organization/company. They are not to be used for this purpose and as per the guidelines not to be used for consumer products. Same reason why Facebook's certificates was blocked because they were abusing the MDM profile for different purposes. This was clearly against Apple's policies and against the terms of developer agreement.

The author claiming it's because Apple is trying to eliminate competition forgot to mention any of the above very important reasons. They also forgot to mention that what they were doing was clearly against the app store guidelines which they had agreed to.

Looks like Apple released this info in a press release. NYT's poor journalism got called out too:

https://www.apple.com/newsroom/2019/04/the-facts-about-paren...

One could argue that Apple should provide an API which lets developers access to this data. Apple might be working on that or maybe they won't because Apple has a strict "privacy" policy and providing such sensitive data can be prone to being used by bad actors.

[teh_klev]

You'd think that, as reasonably smart people, you might stop and ask questions such as:

- Is this permitted within Apple's T&C's?

- What are the privacy issues? More so if I'm not fully informing my users we're intercepting their data via VPN (I don't know if that's made clear via author's T&C's or during installation)

- Even if all of the above were not concerns, am I able to properly secure user's data (against say state actors)

....even before going ahead and developing an app such as this.

[dwild]

> - Even if all of the above were not concerns, am I able to properly secure user's data (against say state actors)

Operating a VPN isn't any different than an ISP. Should that be a concerns for ISP too?

Most traffic nowadays is over HTTPS either way, so if that was even a concern, the ISP or VPN wouldn't be the cause of it, but the actual communication in itself.

[mirimir]

Yeah, that jumped out at me too.

> We could set up a VPN service and analyze the traffic passing through our servers to learn which social media services mobile devices were communicating with, and using this data we could estimate the time spent on different services and block access to them when users exceeded their self-determined limits.

I mean, I use VPN services all the time. But doing that for an app to track social media usage? That's at least crazy, and arguably deceptive.

[em-bee]

if it's done with the express consent of the user and the data is not sold, i don't see the problem. it's only a matter of who i trust with my usage data. if it's not the vpn, then it's my isp.

but, wouldn't a local 'fake' vpn be enough to capture all that locally on the phone? there is no need to send traffic to a remote server for this purpose. or does apple not allow that? it works fine on android.

[tmikaeld]

iOS doesn't allow it, it's much more restrictive than Android when it comes to sandboxing. There's also no shared storage between apps, on iOS your have to transfer files from app to app.

[larkeith]

It's especially weird to claim Apple is eliminating competition when it's replacing subscription-based apps (from which Apple gets a significant portion of the revenue) with a free feature. What are Apple supposed to be competing with, themselves?

[wysifnwyg]

I don't think I saw MDM mentioned anywhere on this blog. Yet, it's that key detail that made all the difference. I know there's a lot of functions that Apple restricts developers from accessing, but it's usually for a good reason.

[busymom0]

Yea, same way as the original hit piece written by NYT few months ago didn't even have a single mention of VPN or MDM.

[kushan2020]

It is funny how you assume Apple is first party and it gets to decide who is trustworthy or not. It might be better at privacy when compared to other companies, but a for profit company can never be fair or even correct when making such decisions on privacy.

[busymom0]

I am still willing to accept Apple's stance on privacy proven by their track record over some no reputation company which claims they got the idea from Onava (an app bought by Facebook to track users).

[justaguyhere]

It is all relative. Maybe neither Apple nor this company is trust worthy, but there is a reasonable expectation on users part to expect Apple to protect their privacy (after all, users pay crap ton of money for their iPhones) more than a tiny, unknown company.

[chronial]

My understanding is that they were providing a VPN that did the tracking and blocking, without gaining any access to the actual device. I don't see how this article is related to MDM profiles or Apple's press release.

Am I missing something?

[scarface74]

One of the points was that it was designed to stop you from “opening an app” based on certain criteria. The only way you can do that is with MDM on iOS.

[chronial]

I am confused by your use of quotation marks. That phrase is not contained in the article. You might be referring to this sentence?

> In addition to tracking the time spent on social media apps, we needed to implement the feature to block those apps when the user reached the configured time limit.

But "block those apps" is a perfectly sensible description of "blocking tcp certain connections at VPN level" and thus a very different statement to "stop you from opening an app".

Please actually check what was said before you pretend to quote someone.

[scarface74]

In the screenshot of the notes app one of the bullet points said “....don’t allow me to open Facebook more than 5 times a day”

[Causality1]

Bingo. There are several examples from years back where Apple copied an app and then removed it from the app store, but this isn't one of those times.

[scarface74]

So you care to give such an example?

[Causality1]

Camera+ and its VolumeSnap feature, f.lux and the Night Shift feature, Finder for locating your Air Pods, Coolpixel and screen recording. All of these apps offered features that were later integrated into iOS or other Apple offerings. Apple went so far as to send a demand letter to the f.lux devs demanding they stop offering the app for sideloading.

[berbec]

Hell, go back to the early jailbreaking days - Clippy before apple had cut & paste, SwirlyMMS for picture messaging. Apple's been stealing idea for ages.

[scarface74]

Really? Apple “stole” the idea of cut copy and paste? That was a criticism from day one on the phone. The other was not supporting MMS.

[Causality1]

It doesn't seem to have been obvious to Apple, considering it took them two full years after the iPhone's launch to implement the feature.