Google gets Facebooked by Apple

TL;DR – There’s a way to push apps to people that Apple called the Apple Enterprise Program. It’s for enterprises, strictly limited to a business distributing and installing internal iOS apps on their fleet of phones.

The apps don’t have to go through the App Store verification, and are generally assumed to be things like a campus navigation app, door unlocker, or something that the public should never ever see.

Facebook used it a couple of days back to push a monitoring app for teen’s phone usage through Facebook. They promptly were removed from the program and no longer can install apps that don’t go through the App Store on the Apple platforms.

Basically a violation of the ToS, and Google was guilty of it as well on the iSide. No certificate for you Google.

Everyone’s got their certificates back after removing the apps and backdoors to the app store they’d effectively invoked, but Google and Facebook are not the only one according to one developer. (Amazon, Doordash, Sonos, Instacart are mentioned although Amazon’s might not be)

So basically the week of Apple’s security nightmare, they’re waking up to realize there are a lot more attack vectors than they thought.

Oy.

[The Verge]
Liked it? Take a second to support Pocketables on Patreon!

Paul E King

Paul King started with GoodAndEVO in 2011, which merged with Pocketables, and as of 2018 he's evidently the owner. He lives in Nashville, works at a film production company, is married with two kids. Facebook | Google+ | Twitter | Donate | More posts by Paul | Subscribe to Paul's posts