[kcimc]

Hi, OP here. Just some technical clarification. There were two apps. The first one took a photo once a minute and uploaded it to a PHP script on my server. Apple probably identified this one because it sent a ping to my server even when it didn't send a photo. The second app was essentially a screensaver that regularly checked a URL to see whether it should go fullscreen or not, and then it quit after one minute. These were both custom-built apps, less than 100 loc each and missing all of the functionalities of spyware and RATs. I would expect that real RATs have been installed on Apple Store machines in the past, and perhaps Apple suspected this was another. If I had been sniffing and posting keystrokes, the situation may have turned out completely different. But this project was focused on face analysis.