2 comments

[ 3.0 ms ] story [ 18.9 ms ] thread
(comment deleted)
This is nothing new. I wrote an app for a subscription service. We monitored the server usage like a hawk expecting to watch the approval process step by step using our special approval account.

Apple only connected to the service once during the first approval and stopped after logging in. The next three submissions they didn't log in at all. They pretty much used the application in airplane mode and, frustratingly, rejected the app only when it failed to show a warning indicating that it did not work without a network connection even though a sensible error message was clearly given.

I have no idea what the App Store reviewers do, but I don't have confidence it's much.

I do know their profiling tools are able to detect system calls and I would strongly suspect they have at least automated detecting private API usage by now.

I am extremely paranoid about how iOS apps can access the address book and send off data without any prompting. The aforemention app I wrote did heavy access to the address book and saw little scrutiny. They really, REALLY need a "this app wants to access your address book" permissions system like for location and push services.

People who have used more sophisticated in-app analytics probably have probably seen similar app reviewer behavior.