points by dns_snek 2 years ago

This is absolutely not a win by any stretch of the imagination, it's a farce. Every single app will still require Apple's blessings and approval to exist in any app store on iOS.

The moment any app on "f-droid for iOS" does something that Apple disapproves of, they can revoke its notarization and banish its developer from their walled garden.

stale2002 2 years ago

> does something that Apple disapproves of, they can revoke its notarization and banish its developer from their walled garden.

And the moment that that do that, they can rack up millions or billions of dollars of fines from the EU.

xvector 2 years ago

Notarization has been a massive win for iOS and macOS.

If your app store distributes malware, it deserves to get banned.

mk89 2 years ago

You are confusing apple review with notarization.

Notarization is literally to check malware and other small things.

You can probably still use private APIs and weird things that wouldn't pass the app review.

  • DuckyC 2 years ago

    "Notarization involves a combination of automated checks and human review." From the article. Human review means apple staff reviews it.

    • mk89 2 years ago

      Yeah but that's not THE apple review that everyone complains about online. Notarization is a faster process. I know because I did it on my personal project without submitting it to the app store.

      And it's notarized and can be used on other people's computers.

mk89 2 years ago

This is already the case with the official apple app store. Apple is very strict, so yeah, they should read carefully what to allow and what disallow.

  • Hugsun 2 years ago

    They shouldn't have to be careful because apple's gatekeeping is what the legislation is trying to stop.

    • mk89 2 years ago

      The legislation is not trying to stop it but it's trying to regulate it, because it got wild lately.

      You can read it here[0] and for the entire content here[1] (this I didn't read yet).

      Gatekeepers are allowed to exist, but they need to loosen up a bit. It's not an option that you are the only one able to distribute apps on a phone.

      Right now on Mac OSX you can still install apps from outside the App Store - if the developer didn't notarise the app, your OSX will shout at you before letting you install it, but you can still do that.

      On iOS you just can't (unless you root it, I think). That's where the law came in. And, arguably, I am not sure if the same can be done on Android (getting stuff from F-droid doesn't seem something that average Joe knows how to do).

      On the other hand, the way I imagine Apple wants to do it:

      - The user clicks on a link (from whatever App Store out there)

      - Downloads the app

      - Gatekeeper on iOS (behind the scenes) checks if the app was notarized

      The user flow seems similar to what we currently have on OSX as well, but with a mix with Apple Store: you can only install an app if it was notarised by Apple to prevent malware and tampering. This is not an app review, so you can still have private API calls (as far as I know).

      This is also why the responsibility falls on the external store: it's with the certificate from the external store that the notarisation will be done (on the app), as individual developers might not want anything to do with Apple Store at all. But someone has to - and this someone is the new marketplace.

      To be honest: I am not worried at all about the notarisation, it typically takes not too long, and it's a very basic step to prevent malware - can you still do ugly things? Probably yes, but this is really to set a minimum standard of what's allowed to have on the phone. If you question this step "why shouldn't I be allowed to have anything that I want on the phone", I even agree with you, maybe EU will tell apple to disable entirely the OS gatekeeping process (?).

      [0]: https://digital-markets-act.ec.europa.eu/about-dma_en [1]: https://eur-lex.europa.eu/legal-content/EN/TXT/?toc=OJ%3AL%3...

      • dns_snek 2 years ago

        > Right now on Mac OSX you can still install apps from outside the App Store - if the developer didn't notarise the app, your OSX will shout at you before letting you install it, but you can still do that.

        I don't think this is true, I recently tried to port one of my programs to macOS. After one of my test users downloaded the program and tried to run it, macOS claimed that the program was corrupted and that they needed to contact the developer for assistance (paraphrased). There was no way to bypass this error from the GUI.

        This was odd because the program ran perfectly fine on my machine (virtualized macOS). The error went away after the test user ran some terminal commands to clear "downloaded from the internet" flags from the file.

        • mk89 2 years ago

          > The error went away after the test user ran some terminal commands to clear "downloaded from the internet" flags from the file.

          My guess is that this is something the user has to explicitly check in the Privacy & Security "App store and identified developers" and in addition, when someone tries to execute the binary, the user has to explicitly allow (again) in the same privacy & security to execute that binary. That's how it works AFAIK.

          If you distribute apps not signed/notarized, users have to explicitly allow them - there is no way that you can just double click on the "MyProgramm.app" icon and it works.

          Another trick is to enter the "MyProgram.app" folder and double click the binary inside. That might work, although it's a pain for some.