Speculation for fun: I always thought popular apps can use private apis or are handled in a special way by the OS itself. If yes, perhaps this is related.
Then again I found no source for that - and some certificate rollover seems more likely.
Neither developers nor consumers should be comfortable with this, as this breaks the trust model and is extremely worrying. The site is of course downplaying it given its name, which is a huge shame.
What trust model are you thinking of though? Because another way to look at it is that Apple has pushed an update to ensure these apps keep working and remain secure.
And this is part of the agreement between an app developer and Apple; for a long time now, a developer doesn't upload a full compiled app to Apple, but a package containing partially compiled (itermediary language) code and assets for many different platforms and resolutions, leaving it up to Apple to do the final assembly based on what device it downloads. This allows them to (re)compile for newer hardware, 32 vs 64 bit CPUs, save bandwidth and storage space by only having the device download the assets for its device (and for e.g. games the assets for the level they are playing at that time), etc.
So again, what trust model are you thinking of? Apple is a trusted party when it comes to this, I'd even argue they're more trustworthy than the app developers themselves.
I saw this the other day in a couple of apps, I've checked other apps and didn't have that, did a quick check on HN frontpage and saw nothing and said wth I'll update to see if something changes in the app or there is a message. Got nothing, and didn't think more about it but I'm not sure why, is it the "trust in the process" thing or what?
hmm, my money is on some actively used 0-day exploit that Apple is sealing shut before the CVE gets announced.
By the looks of the app list, they seem to be apps and games that used to be popular and have fallen in disrepair and apps that are starved of maintenance attention.
On the one hand it could be an exceptionally good example of "stewardship"; on the other hand, if this is true, what if authorities could later compel Apple to manipulate applications in some malign manner?
Has anyone ever done a proper security audit of VLC that is downloaded from the web? I don't trust it, and the fact that their releases on Github don't include binaries makes me trust it even less. Nobody is compiling VLC from source, and they don't provide any sort of provenance from the GH actions pipeline.
You can find all binaries, including the one for iOS and Android, on our website, signed by the core developers. If you trust us, it is totally up to you. GitHub is used as a mirror only as we run our own infrastructure so quite obviously we are not using the GitHub release process.
The FairPlay certificate rotation theory makes the most sense. Apple has done silent re-signing before when DRM certificates expired. What's unusual here is the update note surfacing in the App Store UI at all — that's probably an unintended side effect of whatever pipeline they're running this through, not intentional transparency.
As always, it depends; VLC "the iOS app" is not the same as VLC "the binary compiled from source". The article itself says they couldn't find any code changes, and the theories are that a certificate was updated.
I don't believe an iOS distribution specific certificate falls under the license you're referring to, but I'm no expert on these matters.
22 comments
[ 0.21 ms ] story [ 54.9 ms ] threadThen again I found no source for that - and some certificate rollover seems more likely.
And this is part of the agreement between an app developer and Apple; for a long time now, a developer doesn't upload a full compiled app to Apple, but a package containing partially compiled (itermediary language) code and assets for many different platforms and resolutions, leaving it up to Apple to do the final assembly based on what device it downloads. This allows them to (re)compile for newer hardware, 32 vs 64 bit CPUs, save bandwidth and storage space by only having the device download the assets for its device (and for e.g. games the assets for the level they are playing at that time), etc.
So again, what trust model are you thinking of? Apple is a trusted party when it comes to this, I'd even argue they're more trustworthy than the app developers themselves.
By the looks of the app list, they seem to be apps and games that used to be popular and have fallen in disrepair and apps that are starved of maintenance attention.
On the one hand it could be an exceptionally good example of "stewardship"; on the other hand, if this is true, what if authorities could later compel Apple to manipulate applications in some malign manner?
Why not an introduction of a new exploit ? This could be handy in those uncertain times.
I don't believe an iOS distribution specific certificate falls under the license you're referring to, but I'm no expert on these matters.