Apple restores Google enterprise developer certificate after five-hour ban

Posted:
in General Discussion edited February 1
Roughly five hours after Apple revoked Google's enterprise developer certificate over an illicit data gathering campaign, the iPhone maker late Thursday restored access to the program just as it did for Facebook hours earlier.

Screenwise Meter
Google's Screenwise Meter.


The restoration of privileges was first noted by Bloomberg reporter Mark Bergen in a tweet and later confirmed by TechCrunch.

In a statement, a Google spokesperson said they "can confirm that our internal corporate apps have been restored," the publication reports.

Earlier in the day, Google saw Apple revoke its Enterprise Certificate revoked following revelations about the search giant's Screenwise Meter app. The app offered users gift cards in exchange for access to device monitoring tools accessed via a VPN.

Google relied on its Enterprise Certificate to enable sideloading of the Screenwise Meter app, allowing the company to effectively skirt the App Store's stringent privacy policies. Following an expos by TechCrunch, Google voluntarily shut down the program on iOS and offered an apology.

Facebook found itself in a similar situation this week after a report exposed a data gathering program called Facebook Research. Like Google's Screenwise Meter, Facebook Research paid users to sideload a VPN app on iOS, granting root access to host devices for the purpose of collecting usage data.

Facebook's certificate was revoked on Wednesday and ultimately restored on Thursday.

Apple framed both Google and Facebook's programs as violations of its developer guidelines. As noted in Apple's terms of use, Enterprise Developer Certificates are designed expressly for the distribution of private software within corporations. Facebook, for example, relied on the certificate to disseminate unreleased betas, internal communications apps and other software to tens of thousands of employees.
«1

Comments

  • Reply 1 of 35
    Too quick!  Should have made them sweat a little longer!
    lollivertyler82mobirdmacseekerdysamoriajbdragonAppHellanton zuykovwatto_cobra
  • Reply 2 of 35
    croprcropr Posts: 966member
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    muthuk_vanalingam
  • Reply 3 of 35
    Rayz2016Rayz2016 Posts: 4,790member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    n2itivguyStrangeDaysjbdragonanton zuykovwatto_cobra
  • Reply 4 of 35
    avon b7avon b7 Posts: 4,306member
    Rayz2016 said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    It makes sense. What doesn't make sense is to take it away for such a short period.

    If Facebook were to announce the dropping of support for iOS in 18 months and Google were to do the same, who do you think would have more to lose?

    I think chess is the word here.
    muthuk_vanalingamjbdragon
  • Reply 5 of 35
    chasmchasm Posts: 1,706member
    Facebook and Google need Apple and it’s affluent users FAR more than Apple needs them. All of FBand Google services can be reached from a web connection.

    You’re playing tiddlywinks, not chess.
    n2itivguyStrangeDaysdysamoriajbdragonwatto_cobra
  • Reply 6 of 35
    avon b7avon b7 Posts: 4,306member
    chasm said:
    Facebook and Google need Apple and it’s affluent users FAR more than Apple needs them. All of FBand Google services can be reached from a web connection.

    You’re playing tiddlywinks, not chess.
    That isn't true. Using WhatsApp via web would be an issue and the web experience is very different to the app experience.

    Who needs who more  - today - is very much up for debate.
    muthuk_vanalingam
  • Reply 7 of 35
    +1 @Rayz2016 and @Chasm.
    watto_cobra
  • Reply 8 of 35
    My “trust score” for Apple has added 35 points in two days,
    tmaywatto_cobra
  • Reply 9 of 35
    “Google is paying Apple billions per year to remain on the iPhone, Bernstein says. Google will pay Apple about $3 billion this year to remain the default search engine on iOS devices, Bernstein says. The licensing payments make up a large bulk of Apple's services revenue.Aug 14, 2017”

    Apple was never going to punish Google significantly.  I wish they hit Facebook harder though... barely a slap on the wrist.

    dysamoriawatto_cobra
  • Reply 10 of 35
    tmaytmay Posts: 3,984member
    “Google is paying Apple billions per year to remain on the iPhone, Bernstein says. Google will pay Apple about $3 billion this year to remain the default search engine on iOS devices, Bernstein says. The licensing payments make up a large bulk of Apple's services revenue.Aug 14, 2017”

    Apple was never going to punish Google significantly.  I wish they hit Facebook harder though... barely a slap on the wrist.

    Facebook is going to get more than a slap on the wrist from regulators; just give it some time.

    Apple had to kill the certificate just to make sure that they also killed all of those other potential and unknown violations that Facebook had in process. Just standard pest management; kill everything while you are on site.
    watto_cobra
  • Reply 11 of 35
    linkmanlinkman Posts: 935member
    What does Apple do with little developers (such as an individual) that violate terms in a similar manner?
    dysamoriawatto_cobra
  • Reply 12 of 35
    jungmarkjungmark Posts: 6,719member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nonsense. CIOs know not to violate the license agreement. Your logic doesn’t make sense as Android is the Wild West of security. Why would any CIO allow more vulnerable devices on their network?
    lkrupptmayn2itivguyStrangeDaysjbdragonwatto_cobra
  • Reply 13 of 35
    lkrupplkrupp Posts: 7,478member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Well, you can always hope I guess. 
    watto_cobra
  • Reply 14 of 35
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    tmayn2itivguyStrangeDaysjbdragonwatto_cobra
  • Reply 15 of 35
    linkman said:
    What does Apple do with little developers (such as an individual) that violate terms in a similar manner?
    The same thing they did to Facebook and Google.  Those incidents just don't get the press.
    watto_cobra
  • Reply 16 of 35
    MplsPMplsP Posts: 1,739member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    muthuk_vanalingam
  • Reply 17 of 35
    jungmarkjungmark Posts: 6,719member
    MplsP said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    It's still a violation. It also pushes the perp to resolve any differences quicker. 
    watto_cobra
  • Reply 18 of 35
    gatorguygatorguy Posts: 21,305member
    MplsP said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    Even if they didn't have any real issue with Google they still needed to do a ban at least for show to demonstrate consistency. 
    muthuk_vanalingam
  • Reply 19 of 35
    steven n.steven n. Posts: 1,129member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    This is incoherent at best. The threat of check mate is not nearly as effective as a checkmate. 

    Likewise, a CIO should know better than to use their enterprise deployment keys to allow side loading of apps to the general public. This reaks of basic incompetence or extreme arrogance. 
    tmayStrangeDayswatto_cobra
  • Reply 20 of 35
    avon b7 said:
    Rayz2016 said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    It makes sense. What doesn't make sense is to take it away for such a short period.

    If Facebook were to announce the dropping of support for iOS in 18 months and Google were to do the same, who do you think would have more to lose?

    I think chess is the word here.
    You have it wrong. Facebook is dependent on ads and would never chop off their nose in such a fashion. iOS users spend more than the knockoffs do. 
    edited February 1 watto_cobra
Sign In or Register to comment.