Apple restores Google enterprise developer certificate after five-hour ban

Jump to First Reply
AppleInsiderAppleInsider
Posted:
in General Discussion edited February 2019
Roughly five hours after Apple revoked Google's enterprise developer certificate over an illicit data gathering campaign, the iPhone maker late Thursday restored access to the program just as it did for Facebook hours earlier.

Screenwise Meter
Google's Screenwise Meter.


The restoration of privileges was first noted by Bloomberg reporter Mark Bergen in a tweet and later confirmed by TechCrunch.

In a statement, a Google spokesperson said they "can confirm that our internal corporate apps have been restored," the publication reports.

Earlier in the day, Google saw Apple revoke its Enterprise Certificate revoked following revelations about the search giant's Screenwise Meter app. The app offered users gift cards in exchange for access to device monitoring tools accessed via a VPN.

Google relied on its Enterprise Certificate to enable sideloading of the Screenwise Meter app, allowing the company to effectively skirt the App Store's stringent privacy policies. Following an expos by TechCrunch, Google voluntarily shut down the program on iOS and offered an apology.

Facebook found itself in a similar situation this week after a report exposed a data gathering program called Facebook Research. Like Google's Screenwise Meter, Facebook Research paid users to sideload a VPN app on iOS, granting root access to host devices for the purpose of collecting usage data.

Facebook's certificate was revoked on Wednesday and ultimately restored on Thursday.

Apple framed both Google and Facebook's programs as violations of its developer guidelines. As noted in Apple's terms of use, Enterprise Developer Certificates are designed expressly for the distribution of private software within corporations. Facebook, for example, relied on the certificate to disseminate unreleased betas, internal communications apps and other software to tens of thousands of employees.
«1

Comments

  • Reply 1 of 35
    krreagan2krreagan2 Posts: 75member
    Too quick!  Should have made them sweat a little longer!
    lollivertyler82mobirdmacseekerdysamoriajbdragonAppHellanton zuykovwatto_cobra
     9Likes 0Dislikes 0Informatives
  • Reply 2 of 35
    croprcropr Posts: 1,144member
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    muthuk_vanalingam
     1Like 0Dislikes 0Informatives
  • Reply 3 of 35
    Rayz2016rayz2016 Posts: 6,957member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    n2itivguyStrangeDaysjbdragonanton zuykovwatto_cobra
     5Likes 0Dislikes 0Informatives
  • Reply 4 of 35
    avon b7avon b7 Posts: 8,224member
    Rayz2016 said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    It makes sense. What doesn't make sense is to take it away for such a short period.

    If Facebook were to announce the dropping of support for iOS in 18 months and Google were to do the same, who do you think would have more to lose?

    I think chess is the word here.
    muthuk_vanalingamjbdragon
     2Likes 0Dislikes 0Informatives
  • Reply 5 of 35
    chasmchasm Posts: 3,724member
    Facebook and Google need Apple and it’s affluent users FAR more than Apple needs them. All of FBand Google services can be reached from a web connection.

    You’re playing tiddlywinks, not chess.
    n2itivguyStrangeDaysdysamoriajbdragonwatto_cobra
     5Likes 0Dislikes 0Informatives
  • Reply 6 of 35
    avon b7avon b7 Posts: 8,224member
    chasm said:
    Facebook and Google need Apple and it’s affluent users FAR more than Apple needs them. All of FBand Google services can be reached from a web connection.

    You’re playing tiddlywinks, not chess.
    That isn't true. Using WhatsApp via web would be an issue and the web experience is very different to the app experience.

    Who needs who more  - today - is very much up for debate.
    muthuk_vanalingam
     1Like 0Dislikes 0Informatives
  • Reply 7 of 35
    kimberlykimberly Posts: 434member
    +1 @Rayz2016 and @Chasm.
    watto_cobra
     1Like 0Dislikes 0Informatives
  • Reply 8 of 35
    tbornottbornot Posts: 116member
    My “trust score” for Apple has added 35 points in two days,
    tmaywatto_cobra
     2Likes 0Dislikes 0Informatives
  • Reply 9 of 35
    seanismorrisseanismorris Posts: 1,624member
    “Google is paying Apple billions per year to remain on the iPhone, Bernstein says. Google will pay Apple about $3 billion this year to remain the default search engine on iOS devices, Bernstein says. The licensing payments make up a large bulk of Apple's services revenue.Aug 14, 2017”

    Apple was never going to punish Google significantly.  I wish they hit Facebook harder though... barely a slap on the wrist.

    dysamoriawatto_cobra
     2Likes 0Dislikes 0Informatives
  • Reply 10 of 35
    tmaytmay Posts: 6,466member
    seanismorris said:
    “Google is paying Apple billions per year to remain on the iPhone, Bernstein says. Google will pay Apple about $3 billion this year to remain the default search engine on iOS devices, Bernstein says. The licensing payments make up a large bulk of Apple's services revenue.Aug 14, 2017”

    Apple was never going to punish Google significantly.  I wish they hit Facebook harder though... barely a slap on the wrist.

    Facebook is going to get more than a slap on the wrist from regulators; just give it some time.

    Apple had to kill the certificate just to make sure that they also killed all of those other potential and unknown violations that Facebook had in process. Just standard pest management; kill everything while you are on site.
    watto_cobra
     1Like 0Dislikes 0Informatives
  • Reply 11 of 35
    linkmanlinkman Posts: 1,063member
    What does Apple do with little developers (such as an individual) that violate terms in a similar manner?
    dysamoriawatto_cobra
     2Likes 0Dislikes 0Informatives
  • Reply 12 of 35
    jungmarkjungmark Posts: 6,927member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nonsense. CIOs know not to violate the license agreement. Your logic doesn’t make sense as Android is the Wild West of security. Why would any CIO allow more vulnerable devices on their network?
    lkrupptmayn2itivguyStrangeDaysjbdragonwatto_cobra
     6Likes 0Dislikes 0Informatives
  • Reply 13 of 35
    lkrupplkrupp Posts: 10,557member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Well, you can always hope I guess. 
    watto_cobra
     1Like 0Dislikes 0Informatives
  • Reply 14 of 35
    beowulfschmidtbeowulfschmidt Posts: 2,400member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    tmayn2itivguyStrangeDaysjbdragonwatto_cobra
     5Likes 0Dislikes 0Informatives
  • Reply 15 of 35
    beowulfschmidtbeowulfschmidt Posts: 2,400member
    linkman said:
    What does Apple do with little developers (such as an individual) that violate terms in a similar manner?
    The same thing they did to Facebook and Google.  Those incidents just don't get the press.
    watto_cobra
     1Like 0Dislikes 0Informatives
  • Reply 16 of 35
    MplsPmplsp Posts: 4,107member
    beowulfschmidt said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    muthuk_vanalingam
     1Like 0Dislikes 0Informatives
  • Reply 17 of 35
    jungmarkjungmark Posts: 6,927member
    MplsP said:
    beowulfschmidt said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    It's still a violation. It also pushes the perp to resolve any differences quicker. 
    watto_cobra
     1Like 0Dislikes 0Informatives
  • Reply 18 of 35
    gatorguygatorguy Posts: 24,731member
    MplsP said:
    beowulfschmidt said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Or, they might decide not to violate the terms of the agreement to which they agreed.  Integrity.  What a concept, huh?
    Yes, It’s just odd that it only took 5 hours for things to change and for the service to be restored. I’m thinking there was more going on than we were aware of, likely some talks preceding the outage, but if the talks were ongoing and Google was moving towards rectifying the issue, why pull the plug at all?
    Even if they didn't have any real issue with Google they still needed to do a ban at least for show to demonstrate consistency. 
    muthuk_vanalingam
     1Like 0Dislikes 0Informatives
  • Reply 19 of 35
    steven n.steven n. Posts: 1,229member
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    This is incoherent at best. The threat of check mate is not nearly as effective as a checkmate. 

    Likewise, a CIO should know better than to use their enterprise deployment keys to allow side loading of apps to the general public. This reaks of basic incompetence or extreme arrogance. 
    tmayStrangeDayswatto_cobra
     3Likes 0Dislikes 0Informatives
  • Reply 20 of 35
    StrangeDaysstrangedays Posts: 13,171member
    avon b7 said:
    Rayz2016 said:
    cropr said:
    I am chessplayer and a common rule in chess strategy is that the threat is stronger than the execution. That why I don't understand the actions of Apple. Apple might contractually be 100% right, but it should have looked at other options to make Facebook and Google comply to its requirements. Publicly threatening the revoke the certificate is much more effective than actually doing it

    This could hit massively back in Apple's face.  CIO's of large companies have now to consider the possibility that Apple could cripple the internal working of the company by revoking the certificate.  So a CIO might start contemplating if it would not be better to standardize on Android. Even if only a small percentage of the CIO actually decides to do that,  Apple can only loose.
    Nothing you said makes sense. 

    The reason that Facebook and Google thought this was okay is because they got into their heads that Apple wouldn’t dare retaliate. 

    They now know differently. 

    Swift, decisive and very fair. 

    But I suspect you already know that. 
    It makes sense. What doesn't make sense is to take it away for such a short period.

    If Facebook were to announce the dropping of support for iOS in 18 months and Google were to do the same, who do you think would have more to lose?

    I think chess is the word here.
    You have it wrong. Facebook is dependent on ads and would never chop off their nose in such a fashion. iOS users spend more than the knockoffs do. 
    edited February 2019
    watto_cobra
     1Like 0Dislikes 0Informatives
Sign In or Register to comment.