Hacker News new | ask | show | jobs
by mortenjorck 721 days ago
Original post is from April, but there is an update at the bottom from June:

> Got a call from Apple after 2 months. They have decided that iDOS is not a retro game console, so the new rule is not applicable. They suggested I make changes and resubmit for review, but when I asked what changes I should make to be compliant, they had no idea, nor when I asked what a retro game console is.

We need a DMA over here yesterday.
4 comments
Shank 721 days ago
> We need a DMA over here yesterday.

I understand why you would believe this, but Apple currently refuses to notarize UTM for distribution outside of the App Store via Notarization under rule 2.5.2:

> UTM also noted that Apple is barring UTM SE from being notarized for third-party app stores because the app apparently violated guideline 2.5.2. That rule states that apps have to be self-contained and can’t execute code “which introduces or changes features or functionality of the app, including other apps.” [0]

While the DMA may eventually force Apple to slide on this rule, currently it doesn't actually solve the problem at-hand.

[0]: https://www.theverge.com/2024/6/24/24185066/apple-pc-dos-emu...

link
TillE 721 days ago
> While the DMA may eventually force Apple to slide on this rule, currently it doesn't actually solve the problem at-hand.

People keep saying stuff like this about the DMA and it's very confusing to me. Of course Apple can choose to break the law, but there are consequences for that. It doesn't mean the law is ineffective just because investigation and enforcement is not instantaneous.

link
phone8675309 720 days ago
Right?

By that logic, why have laws against murder?

link
hulitu 720 days ago
Boeing whistleblowers ? /s
link
lxgr 721 days ago
> apps have to be self-contained and can’t execute code “which introduces or changes features or functionality of the app, including other apps.”

Meanwhile, on the very same app store:

iSH – runs unmodified x86 Linux binaries and even supports custom APK repos: https://apps.apple.com/us/app/ish-shell/id1436902243

a-Shell – runs WASI binaries (via Apple's native out-of-process runtime, so it even gets to JIT, I believe!) and comes with a C compiler, as well as Python: https://apps.apple.com/us/app/a-shell/id1473805438

LibTerm – compiles and runs arbitrary C via lldb: https://apps.apple.com/us/app/libterm/id1380911705

But yeah, sure these are all somehow self-contained in a way that a DOS emulator can't possibly be in a way only App Store reviewers are enlightened enough to grasp.

link
p_l 721 days ago
Apple has been well known to be absolutely obtuse, random, and not reliable when it comes to approvals for over 12 years now[1], at least unless you're a big company and can hound someone in upper management about it.

It's a good reason why, for a lot of people, claims about Apple walled garden being such a privacy and security boon fall flat[2].

For all purposes, it's as capricious as other companies inscrutable "AI" systems.

[1] Back in 2011, when I tried my hand at the startup roulette, I remember meeting companies which due to bad experience decided that Apple market is not worth possibility of going bankrupt because approvals might suddenly get denied so late in the process to kill the project

[2] I remember how, before MS started submitting their own applications to AppStore/MAS, searching for certain microsoft products like a naive user got you a ton of scams that might be threading the needle on Apple rules - but not on intent.

link
akmarinov 721 days ago
Meanwhile, every RN app uses CodePush to dynamically update its code
link
muro 721 days ago
What is a RN app?
link
bsaul 721 days ago
React native. the code of the app is in javascript, and so updates can be downloaded dynamically by the app itself, without the need to submit another version to the app store
link
infotainment 721 days ago
Let's hope it forces their hand. Either way, it shows that there is room for improvement to the DMA language to prohibit that type of behavior explicitly, which other countries could address in their DMA versions.
link
cageface 721 days ago
I could sort of see the justification for requiring notarization giving Apple a kill switch to shutdown malware. But if it's just turning into another kind of app review then we can't really say the Mac is still an open platform.
link
idle_zealot 721 days ago
Notarization is not a reasonable implemetation of a malware kill switch. All you'd need for that is an Apple-published list of known-bad app ids that the OS could check itself against periodically. No, notarization is a control mechanism to impede the creation and distribution of any non-Apple-approved apps.
link
rekoil 721 days ago
App IDs don't really work for this purpose if Apple aren't in control of generating them, nothing is stopping a malware vendor from literally never reusing app IDs. Notarization is a reasonable implementation, and it can even require some form of developer identification, it just can't be very deep identification, an e-mail address is enough (along with IP and other metadata gathered during the process). That way they can disable all apps signed by one developer, and can more quickly react to malicious actors, without it becoming a problem for normal users.
link
Someone 721 days ago
> nothing is stopping a malware vendor from literally never reusing app IDs.

Or form using the ID of another vendor.

> and it can even require some form of developer identification, it just can't be very deep identification, an e-mail address is enough (along with IP and other metadata gathered during the process).

I expect the typical malware writer will easily find a way to have a unique “e-mail address (along with IP and other metadata gathered during the process)”.

Because of that, “That way they can disable all apps signed by one developer” will not be possible.

link
rekoil 721 days ago
Yes, but all attempts at circumventing the system will give Apple more information about their behaviour. If 1000 different users are requesting to sign the same (or only slightly differing) IPA within a short period of time, from different IPs and different emails, it's a good indicator that something fishy is going on.
link
cageface 721 days ago
The requirement for a hardened runtime certainly supports this point of view.
link
isodev 721 days ago
Indeed, the entire app store review is just a facade for Apple's market grabbing practices. I'm more than happy the EU is taking steps to address this. I really wish folks in the US would step back for a second and stop defending the corporation with "end to end" control of their life.
link
curiousdeadcat 720 days ago
Yeah, it's crazy there's no other options, like a platform that openly allows sideloading. Its terrible that were all forced to buy Apple products, especially when this behavior from them is just so surprising.

/s in case.

link
LeoPanthera 721 days ago
The DMA stifles innovation and would make many recent iOS features illegal.

Apple Intelligence - points you to Apple Music or Apple Maps as a response to your query? Illegal.

iPhone Mirroring - doesn't work with Windows or Android. Illegal.

Shareplay screen sharing - doesn't work with Windows or Android. Illegal.

There's a reason those features are not getting an EU release.

link
lolinder 721 days ago
> Apple Intelligence - points you to Apple Music or Apple Maps as a response to your query? Illegal.

There's a very trivial solution here that Apple already applies to password managers and Android applies to a bunch of things: allow the user to pick a Music and a Maps app.

link
lxgr 721 days ago
They even talked about letting in others such as Gemini in the very keynote in which they introduced the ChatGPT integration!
link
yjftsjthsd-h 721 days ago
Does the DMA mandate that they actually implement extra apps/features, or just provide the API surface for others to do so? Like, just to pick the first one on your list - any reason they can't just let it point at an arbitrary app that's tagged as providing music (and, I presume, that implements some standard API to query songs or w/e). Does the law really want Apple to integrate with ex. Spotify, or just make it possible for Spotify to integrate the same way as Apple's own music app?
link
Dylan16807 721 days ago
I'm pretty skeptical of your list, but in general they can easily support interoperability and if they choose not to it's not the fault of the law.
link
kelnos 721 days ago
That's fine. If they can't implement features in a way that doesn't stifle competition or create vendor lock-in, then they don't get to implement those features. I think that's a totally reasonable consequence of the DMA, if true.
link
HumblyTossed 721 days ago
> The DMA stifles innovation

Real innovation would be for iOS devices to be interoperable with non-Apple technology.

link
doikor 721 days ago
DMA doesn't block Apple from making any of those features. It just makes it illegal for Apple to block others from implementing the same/similar features.
link
infotainment 721 days ago
Honestly, good.

If Apple can't make those features interoperable, then they shouldn't exist at all. With Apple's size and access to development resources, there is absolutely no excuse for them other than greed.

link
scarface_74 720 days ago
And they won’t exist in the EU…
link
immibis 720 days ago
Good.
link
scarface_74 720 days ago
So you’re okay with a feature not existing for customers who want because the government deigns that they shouldn’t have it? You really want the government taking away your agency to make your own choices?
link
immibis 720 days ago
I'm okay with bad things not existing and I'm okay with Apple throwing a tantrum and going home because the government says it can't do bad things. It can miss out on all that juicy revenue if it wants to, and the world will be better for it.
link
frankvdwaal 720 days ago
I for one am absolutely against features not existing for customers who want it just because the Apple deigns that they shouldn’t have it. I don't want Apple to take away my agency to make my own choices.

Good thing governments are on the side of the consumer at least, right?

link
threeseed 721 days ago
The problem isn't that it's illegal it's that it's unknown.

DMA enforcement is about the spirit of the law rather than the clear meaning and so everything is vague and subjective.

And with the fines being so ridiculously large it's not worth the risk.

link
troupo 721 days ago
1. Every law has the spirit of the law. Otherwise you wouldn't need courts to interpret laws, and no law would ever be made because it would have to describe every single permutation of every single possible human endeavour

2. Fines are capped at high numbers. It doesn't mean you will be immediately slapped with one. Stop perpetuating this bullshit. The law says up to, not just this fine and that's it.

EU especially doesn't like fining companies. The usual process in the EU is "please fix this -> please fix that -> minor fine -> greater fine if persisting in breaking the law -> even greater fine -> ..."

link
lxgr 721 days ago
None of these seem like they're impossible for a company the size of Apple to provide open APIs for. They have even already hinted at that for Apple Intelligence!

Siri has supported playing music on apps other than just Apple Music for a while now too (after taking their time with it for obvious reasons, which I found infuriating as a Spotify user).

link