04/20 Update below. This post was originally published on April 17
Apple leaks just revealed the company’s best secrets but they can also reveal the worst, and now a notable Apple insider just issued a warning to all iPad and iPhone users.
A former senior Apple executive labelled App Store ecosystem as “breaking at the seams”
Michael Gartenberg, Apple’s former Senior Director of Worldwide Product Marketing, has backed shocking recent reports from developer Kosta Eleftheriou about App Store security flaws. And it has implications for all iPad and iPhone owners.
04/19 Update: While big things are expected from Apple at its ‘Spring Loaded’ launch event tomorrow (including a major upgrade for iOS to improve user privacy), pressure is mounting on Apple to do significantly more. Writing today, Ruby on Rails and Basecamp CTO David Heinemeier Hansson has come out swinging: “It blows my mind that Apple would choose the ostrich method for dealing with scams in the App Store. That they literally used to have a method for reporting them, but THEY TOOK IT OUT?? And now millions of dollars have been lost to scams. See no evil, hear no evil, be the evil.” Hansson quotes Eleftheriou who points out that Apple has removed the ‘Report a Problem’ option from the App Store which previously helped users alert Apple to scams and fleeceware. Expect this to run and run until Apple takes decisive action.
Secret Russian gambling app Lucky Stars tricks the App Store into thinking its a kid’s game
“I believe @keleftheriou has brought an important issue about the App Store to a mainstream audience. I hope Apple gets its act together soon. The ecosystem that is often praised is breaking at the seams IMHO,” he tweeted (via iMore).
This language echoes comments from Eric Friedman, Apple’s head of Fraud Engineering Algorithms and Risk unit, which were revealed as part of court documents in the current Apple Vs Epic Games lawsuit. Friedman described Apple’s App Store defences against malicious actors like “bringing a plastic butter knife to a gunfight” and “more like the pretty lady who greets you… at the Hawaiian airport than the drug-sniffing dog”.
Against this background, Eleftheriou continues his exposé of egregious App Store scams and the examples are only getting more shocking. For example, earlier this week, he revealed an app which “pretends to be a silly platformer game for children 4+, but if I set my VPN to Turkey and relaunch it becomes an online casino that doesn’t even use Apple’s IAP [in-app purchasing].”
“The scam has been on the App Store for a few months, and has even received a couple of updates,” he explains. “The same developer also has another app that does the same thing! It’s impossible to know how much money these scammers have made from unsuspecting users, but such schemes make bank.”
“As part of their ongoing legal battle with Epic, Apple recently told the court: “Apple conducts a robust app review before apps are published. They’ve been telling lawmakers like @amyklobuchar the same thing again and again. Only now, the truth is coming out. And it’s ugly,” he concludes.
Apple regularly markets App Store security as industry-leading
Furthermore, while many are pointing to the implications these revelations will have on the Epic Vs Apple court case, the more immediate impact is on all iPad and iPhone users. Apple markets heavily on its reputation for industry-leading security and millions of customers happily pay a premium for it.
Next week, Apple is expected to launch iOS 14.5 at its ‘Spring Loaded’ event and the update brings several critical user protections into play. That said, as the revelations keep coming, it is clear Apple needs to undertake root and branch reform ASAP.
Follow Gordon on Facebook
More On Forbes
Apple Engineer Claims App Store Security Brings ‘A Plastic Butter Knife To A Gunfight’
New App Store Fleeceware Warning For iPhone, iPad Users
I am an experienced freelance technology journalist. I have written for Wired, The Next Web, TrustedReviews, The Guardian and the BBC in addition to Forbes. I began in
I am an experienced freelance technology journalist. I have written for Wired, The Next Web, TrustedReviews, The Guardian and the BBC in addition to Forbes. I began in b2b print journalism covering tech companies at the height of the dot com boom and switched to covering consumer technology as the iPod began to take off. A career highlight for me was being a founding member of TrustedReviews. It started in 2003 and we were repeatedly told websites could not compete with print! Within four years we were purchased by IPC Media (Time Warner’s publishing division) to become its flagship tech title. What fascinates me are the machinations of technology’s biggest companies. Got a pitch, tip or leak? Contact me on my professional Facebook page. I don’t bite.