Concerning revoked iOS Application Signing Certificates and why Apple must change their policies

I enjoy using Apple’s products and will likely continue to buy new ones and upgrade existing ones throughout my life, recently however Apple did something that upset me. That being they revoked a set of iOS Application Signing Certificates used by the service Builds.io (BuildStore) a service that acts as an alternative to the Apple App Store. BuildStore is a unique niche App Store alternative that appeals to people who want to tweak the apps they already use and to those who like emulating retro video games on their iOS Devices. In this case certificates issued by Apple to the BuildStore were revoked to disrupt their business operations. Here’s why it matters…

What is an iOS Application Signing Certificate

Commonly referred to by Apple’s website as the Apple Developer Enterprise Program, Apple will give you the ability to sign your iOS Applications and distribute them outside of the App Store for the price $299/year, in comparison it costs $99/year to distribute through the Apple App Store, the reduced cost is an incentive to “just use the App Store” rather than using the Enterprise Program to distribute your app. Without a certificate from the Enterprise Program under Apple’s control (which they can revoke at any time, without notice, and you have no recourse against the revocation) you cannot sign the app and install it on an iOS Device. An iOS device’s security features make sure Apple signed an app as safe and secure before allowing users to install or run said app. Additionally iOS devices check frequently to make sure Apple has not revoked the certificate, if the certificate is revoked the app will no longer launch and the only option is to delete it from the device.

Since Apple builds the only hardware that can run iOS, and since Apple completely controls what is and is not included in iOS through controls they built into the operating system, they can at will remove an app from your device at any time. They have total control over the device that consumers traded money for. Due to the controls Apple put on their devices one cannot simply remove iOS and install Android or a similar operating system instead. If you buy an iOS Device you must use iOS under Apple’s term or not use the device at all. This behavior arguably hurts consumers and must change.

Compare this with an operating system like Microsoft Windows where you have the option to buy software from the Windows Store, but you may also buy software from an alternative source at will. Apple has justified this level control over iOS devices as a necessary security precaution to protect users from malware and viruses (which are much more difficult to deal with on a phone than on a computer).

Apple abused a so-called security feature to stifle their competition

As described above the application signing requirement of iOS is considered a security feature. Apple can pick and choose who they issue certificates to. Under their enterprise program’s rules, only employees of an organization are allowed to install apps signed with those certificates. Apple does not allow you to operate an App Store alternative using the certificates and will revoke any certificate found to be used for that purpose. This means that no one is allowed to compete with the App Store.

Apple is free to create complicated legal agreements with their corporate legal team to justify their actions all day long, and while those agreements may be enough to sastify a court and rule in Apple’s favor (at least for now), and whether Apple’s actions are legal or not, at the end of the day their behavior is still harmful to consumers who cannot make an informed choice due to the ways these terms are added to huge legal agreements that relatively few people can understand and hidden in the fine print.

Despite the challenges, BuildStore handled the situation quite well

Despite having more certificates revoked than ever before by, the BuildStore addressed the situation swiftly and released a statement to their customers through Twitter explaining what happened:

To make it up to their customers, the BuildStore extended their customers memberships by a full-year at their own expense. This means they will need to get new customers to cover the costs of more servers and more signing certificates, meanwhile they’ll have to cover those out of pocket.

It’s true that the BuildStore is going against their agreement(s) with Apple, and that one could say that Apple is simply enforcing their Enterprise Program’s terms of service, however there is no other way the BuildStore could operate. The BuildStore must either break the rules, or not operate at all. The BuildStore is willing to break the rules to solve a problem that Apple created. It’s true they also capitalize on this problem with a $12/year fee but they have to cover the expenses of operation somehow. I believe that in this case Apple is in the wrong here, in spite of any legal agreements that exist.

What must happen next

Apple should release an update to iOS that, like Android, allows consumers to install an application “from untrusted sources”. The problem Apple created is so bad that consumers are willing to pay companies in China and Russia to help them get apps they couldn’t get otherwise. Consumers should not have to fund companies to commit fraud or “jailbreak” their devices and give up security updates just to install the apps and tweaks thy want to use. Change is necessary, and it needs to… it must happen now.

Published by Nathaniel Suchy

Software Engineer at Universal Layer LLC | 🏳️‍🌈 Non-binary Transgender Person (They/Them pronouns)

%d bloggers like this: