App Rejections

(NB: in the time between researching this and publishing it, someone at Apple read the news – or was tipped-off – and the app has already been pulled)

The iPhone is great – unlimited internet access, a decent browser, email, etc. It’s got an almost fully-fledged computer inside there – including the ability to share that internet access with a laptop, if you plug it in (known as “tethering”). Apple has fought long and hard to prevent anyone doing this. Now, a sneaky developer released a tether app – disguised as a Flashlight app:

“Nick Lee’s Handy Light app, which looks like any other flashlight app that uses the iPhone’s screen to provide illumination, actually camouflages a tethering feature using the SOCKS proxy, à la Nullriver’s Software’s NetShare app that was available for a short time nearly two years ago.”

There’s some irony to this – the infamous Flashlight apps, which so many people hate, and which stand as the main example of Apple’s inability to act as a quality-based gatekeeper … being used to sneak in a feature that many people want, except for Apple’s commercial partners.

(AT&T et al are happy for you to tether your phone – they just want to charge you a lot more money for the priviledge. Despite the fact you’re (usually) already paying for the service as part of your main contract)

On the flip-side, it also shows the HUGE flaw with Apple’s “personal judgement” approach to app-rejection: Apple didn’t notice this feature was in there. It is TRIVIAL to fool Apple in this manner, and sneak everything into an app – from hardcore porn to viruses that steal all your addressbook and send it to spam-marketers.

Security, Obscurity, and the ease of deceiving Apple

You can’t blame Apple – the only way you’d know about the secret feature in this app is if someone told you the special order to tap the buttons:

open the Handy Light app and tap the flashlight colors at the bottom in the following sequence: blue, yellow, red. Then tap the top right corner of the screen and the color should change to purple. Your iPhone is now capable of sharing its internet connection with the computer you set up.

…but this just goes to show how weak Apple’s submission process is. There are far more advanced techniques available to developers, that are known to work on iPhone (and to bypass all of Apple’s protection), and which make life much easier for users.

There’s one technique in particular that I believe is still 100% effective in getting you on the app store and Apple would NOT remove your app – even after you went public with the info.

(Not that I’ve tried it. Nor will I try it – no matter how much I may disagree with Apple’s approach, I have no desire to do anything illegal. I’m not even sure this is illegal, it’s probably just “immoral”, but even that is a place I don’t want to go. I try to stick to the spirit of the rules, not just the letter.)