Apple under fire for their Idiotic decision to charge 27% for 3rd party payments

[mr moose]

Are we really arguing that it is good too deny developers access to half the market on the grounds that 0.4% of people might get malware or become pirates and cheats? 

 

FFS,  anyone who desperately wants to cheat in a mobile game already is.   And to think people who are trying to get content for free most of the time have a financial reason for doing so, do you really think they are going to pay the apple premium when not only does android work just as well but it's OS so easier to pirate/cheat with? 

[Mark Kaine]

2 hours ago, mr moose said:

Are we really arguing that it is good too deny developers access to half the market on the grounds that 0.4% of people might get malware or become pirates and cheats? 

 

I mean yeah, Im also baffled by this, but then you have bad actors like Epic, proving that there might be some credence to these thoughts…

 

I mean I dont really  get it though, how can the iOS version of Fortnite be safe, but the Android sideloader version somehow has a ton of critical security bugs?

 

 

[RejZoR]

1 minute ago, Mark Kaine said:

I mean yeah, Im also baffled by this, but then you have bad actors like Epic, proving that there might be some credence to these thoughts…

 

I mean I dont really  get it though, how can the iOS version of Fortnite be safe, but the Android sideloader version somehow has a ton of critical security bugs?

 

 

How do you know the Fortnite someone downloads is the version Epic released? I still remember few years ago when I was testing Android (LineageOS) without Gapps and I used APKPure to install apps, so I've installed avast! Antivirus from it because I was familiar with it and I tried it to see if it all works fine. Everything suggested it was the real deal, but when it was installed, it was some whatever thing that wasn't even remotely what it was advertised. And that was from a major APK repository/app store. If you think people give any credit to "download stuff from vendor's site", you'd be greatly mistaken. They just click the first thing it mentions what they are looking for and it may not be the real deal. A lot of people use Youtube as guidance, someone may offer a "guide" how to sideload Fortnite and provide fake links in it and now thanks to no dislikes, you can't even know it's bad for a long time. Hell, just "some" links since all use URL shortening to obfuscate. And it may even be the real thing, with few extra bits bolted on top. Wouldn't be the first time, so it makes detection even harder because it seems legit, it works legit, but does nasty things behind the scenes.

 

That to happen on iOS is very much unlikely. Not gonna say impossible because I've seen sophisticated attacks done on legit accounts, but the lengths you'd have to go to achieve that would be beyond anything like uploading fake stuff on APKPure. GooglePlay is about half way there. It's suppose to be controlled and moderated, but it had several pretty bad flops and it's the primary official app store for Android. It's why I actually prefer Apple's "walled garden". Everyone seems to hate on it super hard, but after seeing all sorts of shit through years of using Android, the "walled garden" works way better with way less garbage in it. It's now been years of using it and that's what I instantly spotted when using it and I still hold the same opinion years later.

[Arika]

6 hours ago, HRD said:

No, I am proving why sideloading is a bad option to exist. If epic had no option other than the official store, none of that would have happened. iOS kids had none of these issues and malware because epic was forced to come to the official store.
having sideloading as an option changes everything and we already have Android. Can we just keep iOS as it is for the people who love this model?

guess it's time to link this again

 

 

Quote

Facebook can’t get around the privacy restrictions because there is only one store and they could be removed if they miss around(which some apps tried at the beginning by breaking the app if you opt-out of tracking) 

and to ask you again; are apple's software engineers inept morons? I really don't get it, do you think apple's security is great as it is, or is it held together with stickle bricks and string and that the moment side-loading is allowed, everything crumbles to dust?

 

If the only way they are enforcing their privacy rules in their os is because everything runs through their store (which is what you're arguing) then that's not security.

[Mark Kaine]

3 hours ago, RejZoR said:

How do you know the Fortnite someone downloads is the version Epic released?

Well, i dont, but i think that was the claim, and i tend to take these things at face value, even if just for arguments sake…

3 hours ago, RejZoR said:

If you think people give any credit to "download stuff from vendor's site", you'd be greatly mistaken. They just click the first thing it mentions what they are looking for and it may not be the real deal

I mean im not saying that this isnt a "problem" but instead of taking advantage of these people with a promised "secure walled garden" Apple should rather teach those people how to use the internet. 

 

"Give a man a fish and feed him for a day or teach a man how to fish and give him food for life." comes to mind.

Its just a really heavily exploitative and one sided relationship holding everyone back and it needs to end already tbh.

 

If thats the whole Apple business model its destined to fail long-term imho.

 

 

 

 

 

 

[RejZoR]

13 minutes ago, Mark Kaine said:

Well, i dont, but i think that was the claim, and i tend to take these things at face value, even if just for arguments sake…

I mean im not saying that this isnt a "problem" but instead of taking advantage of these people with a promised "secure walled garden" Apple should rather teach those people how to use the internet. 

 

"Give a man a fish and feed him for a day or teach a man how to fish and give him food for life." comes to mind.

Its just a really heavily exploitative and one sided relationship holding everyone back and it needs to end already tbh.

 

If thats the whole Apple business model its destined to fail long-term imho.

 

 

 

 

 

 

That's not how things actually work. And it has been proven billion times over. People just never learn. But if you dumb things down to basics and ensure they can't go out of bounds even with all the stupidity they can muster, then they just can't do wrong if they simply can't. I can't argue with that because it works.

[Mark Kaine]

12 minutes ago, RejZoR said:

People just never learn.

I mean, maybe, yeah. I said it's a problem Im well aware of, but I also think Apple is taking advantage of this fact, and its not a good thing going forward, people should indeed be allowed to learn and make mistakes, maybe not all of them will, but maybe like half of them? (that leaves Apple/iOS at 12.5% market share *wishful thinking* eh = )  )

 

[Sauron]

On 2/15/2022 at 11:20 AM, Mark Kaine said:

Kinda the same thing as consoles, you cant use the xbox store on nintendo switch or playstation…

That's pretty bad too. At least those don't charge you for in-game transactions though.

On 2/15/2022 at 11:20 AM, Mark Kaine said:

And the "30%" cut is neither ok for Steam, apple, nintendo, etc, imo, so what do we do about it, only point at apple?

Because they're the only ones that lock down the platform so you can only use their store and extend the fee to in-app transactions. Out of all these they're the most egregious.

[RejZoR]

7 minutes ago, Mark Kaine said:

I mean, maybe, yeah. I said it's a problem Im well aware of, but I also think Apple is taking advantage of this fact, and its not a good thing going forward, people should indeed be allowed to learn and make mistakes, maybe not all of them will, but maybe like half of them? (that leaves Apple/iOS at 12.5% market share *wishful thinking* eh = )  )

 

So, why all the outrage if they are just 12,5% of market share? Oh right, but muh Murica with 80 something %...

[HRD]

20 hours ago, Arika S said:

and to ask you again; are apple's software engineers inept morons? I really don't get it, do you think apple's security is great as it is, or is it held together with stickle bricks and string and that the moment side-loading is allowed, everything crumbles to dust?

 

If the only way they are enforcing their privacy rules in their os is because everything runs through their store (which is what you're arguing) then that's not security.

you are narrowing the security and privacy to just malware. even if it is just malware the current model is safer. actually both apple and Epic paid experts to discuss these issues in the court and there is a lot of useful information that will help you understand how OS-level security works and what are its limitations.

 

"Under a narrow conception of security, Apple protects from malware on iOS in at least four ways. First, Apple uses malware scanning programs to detect whether a piece of software corresponds to known malware. Second, it requires developers to register with a certificate and sign their code with that certificate so that malware can be traced back to a developer and code from unknown entities can be excluded. Third, it uses “sandboxing” to prevent an app from doing anything that the user has not authorized. Fourth, it includes “reliability checks” on the App Store, which include automated app scanning, as well as human review. Together, these techniques create “layered” security that creates multiple barriers to malware."

 

"The OS then resolves the decision by prompting users for consent. Thus, even though the OS is formally making decisions, the user ultimately determines access. The evidence shows, however, that this may not be enough to protect security because users often grant permissions by mistake. Mr. Federighi credibly testified that malware may use “social engineering” techniques to trick the user into granting access and evade operating system defenses. For example, malware may represent itself as a dating app to ask for photo access—which it can then encrypt and hold for ransom against the user. Epic Games did not explain how, if at all, the operating system can protect against this type of behavior. Moreover, system-level protections do not fully prevent downloading malware in the first place. As Dr. Rubin plausibly opines, “t is unwise to first trust users to download malicious apps, and then try to subsequently detect malicious apps and deny giving malicious apps the permissions they might request.” The evidence shows that social engineering attacks act as a dominant vector of malware distribution. A 2020 Nokia report indicates that “n the smartphone sector, the main venue for distributing malware is represented by Trojanized applications,” which trick users into downloading by posing as a popular app. For example, a malicious app may represent itself as free Microsoft Word to obtain downloads. A 2020 PurpleSec report confirms that “98% of cyberattacks rely on social engineering.”

 

"For these types of attacks, human app review plays a meaningful role. During app review, a human reviewer confirms that an app corresponds to its marketing description. This prevents the “trojan” attacks described above, where malware tricks users into download by posing as another popular app. The human reviewer also checks that the app’s entitlements are reasonable for the task it purports to accomplish. Thus, a Tic-Tac-Toe game may be rejected if it asks for camera access or health data."

 

of course it is not perfect but apple is doing a good job with a small error rate

 

"The Court agrees with Epic Games that this process is imperfect. Apple has limited ability to prevent “Jekyll and Hyde” apps that change their behavior after review, and allows some malware to slip through. However, the overall error rate appears to be relatively small. 

Removing app distribution restrictions could reduce this effectiveness. First, app stores often differ in the quality of app review. On Android, which allows some third-party app stores, the main Google Play app store is secure, but a variety of third-party stores allow blacklisted apps to operate. A Nokia report attributes higher malware rates on Android to Trojan apps on third-party app stores. This creates a problem because, as Dr. Rubin opined, “security is only as strong as the weakest link.” Decentralized distribution thus increases the risk of infection by giving malware more opportunities to break through. Namely, if even one app store permits malware to operate (either accidentally or as a “rogue” app store), a social engineering attack has a chance to work."

 

"Thus, the Court finds that centralized distribution through the App Store increases security in the “narrow” sense, primarily by thwarting social engineering attacks."

 

"With respect to a “broader” definition of security, there is less dispute that app distribution restrictions help ensure privacy, quality, and trustworthiness. This again, stems primarily from human app review."

 

Privacy: Dr. Mickens agrees that computers “lack a generic way to detect which instances of user-submitted touchscreen data contain private information.” While the OS can detect app access to computer-generated private data (camera roll), it lacks the capacity to distinguish private from nonprivate user entries.

For instance, Apple requires developers to publish “privacy labels” that disclose data collection as a condition of being listed on the App Store. It also adopts the stricter privacy policies required by the European Union worldwide, including user opt-out. Not all developers like these requirements; presumably because it impacts their own bottom line. Thus, privacy concerns may be more at risk with loosened app distribution restrictions.

Quality: A variety of content may be safe but objectionable, including pornography, gambling, and inappropriate marketing to children. Mr. Kosmynka testified that human app review is necessary to detect such content because computers cannot do it alone. Importantly, offensiveness is highly context dependent, which makes it difficult to automate. For example, nudity may be appropriate in a medical app but inappropriate in other contexts.

Epic Games responds that Apple’s app review still allows objectionable apps. For example, it points that school shooting games have appeared on the App Store. However, this data is largely anecdotal and fails to provide a comparison to the “but-for” world where app review did not take place.

Trustworthiness: App review also protects against scams and other fraud, such as pirated or copycat apps. Dr. Mickens did not consider this aspect in his security analysis and admitted that his opinion about the value of human app review may change if these issues are included. He also agreed that system-level protections do not protect users against this type of content, which confirms that human review is necessary.

 

 

"These protections have an impact on users, developers, and Apple. First, app review provides Apple with a competitive differentiator. When Apple first launched the App Store, it sought to “strike a really good path” between the dependability of a closed device and the ability to run third-party apps of a PC."

 

"Since then, security and privacy have remained a competitive differentiator for Apple. Mr. Cook testified that privacy is “a very key factor, one of the top factors who people choose Apple.” The documents bear this out: internal surveys show that security and privacy was an important aspect of an iPhone purchasing decision for 50% to 62% of users in most countriesand over 70% in India and Brazil—and an important part of an iPad purchasing decision for 76% to 89% of users. Indeed, Mr. Sweeney himself owns an iPhone in part because of its better security and privacy than Android.

Second, there is evidence that Apple’s restrictions benefit users. As noted above, many users value their iOS devices for their privacy and security. As the result of having a trusted app environment, users make greater use of their devices, including by storing sensitive data and downloading new apps. The witnesses are unanimous that user security and privacy are valid procompetitive justifications."

 

 

 

 

[HRD]

31 minutes ago, Sauron said:

At least those don't charge you for in-game transactions though.

they do. in fact sony charges an extra 15% on off-platform transactions if you mostly play on playstation but buy elsewhere and these console makers are even more restrictive. for example, sony and nintendo do not support cross-wallet.

 

"Epic Games has agreed to such a rate on all Fortnite transactions via the Microsoft (Xbox) Store, the PlayStation Store, the Nintendo eShop, and Google Play. Epic Games has also agreed to extra payments for certain platform holders above and beyond the standard 30% commission rate. For example, for all Fortnite transactions via the PlayStation Store, Epic Games agreed to make additional payments to Sony above this commission rate based on the amount of time that PlayStation users play Fortnite cross-platform."

epic v apple

 

43 minutes ago, Mark Kaine said:

I mean, maybe, yeah. I said it's a problem Im well aware of, but I also think Apple is taking advantage of this fact, and its not a good thing going forward, people should indeed be allowed to learn and make mistakes, maybe not all of them will, but maybe like half of them? (that leaves Apple/iOS at 12.5% market share *wishful thinking* eh = )  )

not everyone is a tech enthusiast and even people who are knowledgeable about tech, might not want to deal with such risks on a daily basis on their smartphones. for example, epic games' CEO Tim Sweeney has testified under oath that he uses an iPhone as his daily phone because of its better security and privacy.

the app store is way more convenient even if you know what you are doing. every app is in one trusted place and you just tap to download it, all subscriptions are in one place for you to manage quickly and easily. not to mention updating these apps you would have to search the web again for these newer versions of the sideloaded apps and update them one by one.

[Sauron]

6 minutes ago, HRD said:

they do. in fact sony charges an extra 15% on off-platform transactions if you mostly play on playstation but buy elsewhere and these console makers are even more restrictive. for example, sony and nintendo do not support cross-wallet.

Ok, then that's also bad. As a baseline I'd say that any fee at all is unacceptable if you can't use third party stores or at the very least sideload. I can only imagine that the reason Apple is getting in trouble here is that you don't really have dating apps on playstation.

[darknessblade]

1 hour ago, Mark Kaine said:

I mean, maybe, yeah. I said it's a problem Im well aware of, but I also think Apple is taking advantage of this fact, and its not a good thing going forward, people should indeed be allowed to learn and make mistakes, maybe not all of them will, but maybe like half of them? (that leaves Apple/iOS at 12.5% market share *wishful thinking* eh = )  )

 

Make that 42+% if you only look at the Netherlands, which is the exact country the lawsuit is in

https://gs.statcounter.com/os-market-share/mobile/netherlands

[WhitetailAni]

18 hours ago, HRD said:

If Apple has done such a thing please let me know

Starting with iOS 11 and the iPhone 8/8 Plus/X, 32-bit apps and code were no longer supported.

This killed support for a number of older games, with the only way to run them is to get an iPhone 7 or older that runs iOS 10 or older (very hard now).

[WereCat]

2 hours ago, RejZoR said:

That's not how things actually work. And it has been proven billion times over. People just never learn. But if you dumb things down to basics and ensure they can't go out of bounds even with all the stupidity they can muster, then they just can't do wrong if they simply can't. I can't argue with that because it works.

You can argue that about pretty much anything. 

Eliminate free will and live on "rails" and you can never mess up. Easy. 

 

Except when the one in control screws up. 

[HRD]

 

49 minutes ago, FakeKGB said:

Starting with iOS 11 and the iPhone 8/8 Plus/X, 32-bit apps and code were no longer supported.

This killed support for a number of older games, with the only way to run them is to get an iPhone 7 or older that runs iOS 10 or older (very hard now).

And? 

Apple publicly announced that iOS 11 won’t support 32bit apps. So you knew that. No one is forcing you to update your old phone or buy a newer phone.

Please read what I was replying to when I said that. 

[pas008]

58 minutes ago, HRD said:

 

And? 

Apple publicly announced that iOS 11 won’t support 32bit apps. So you knew that. No one is forcing you to update your old phone or buy a newer phone.

Please read what I was replying to when I said that. 

if you want security on 14 but forced to update to 15

topic here

 

[darknessblade]

Recent article:

https://www.law.com/international-edition/2022/02/17/how-the-netherlands-became-europes-prime-class-action-jurisdiction/?slreturn=20220117153239

 

Looks like aside from Anti-consumer behaviour. apple also faces charges for

Quote

approximately 50 class-action suits—most of them focused on the climate, privacy, securities, anti-trust and corporate misconduct—have currently been lodged, according to a public central register. “I would expect at least 30 new claims this year,” said Isabella Wijnberg, counsel in Houthoff’s Amsterdam office. “There’s [been] an exponential growth.”

 

[Mark Kaine]

7 hours ago, darknessblade said:

Make that 42+% if you only look at the Netherlands, which is the exact country the lawsuit is in

yeah, i mean lots of richer countries buying into this concept, apple also always got this luxury item touch (and pricing) going for them.

 

In the end i dont think its illegal, but i also think there should be limits to such a walled garden, be it 3rd party stores, sideloading, or whatever…

Sideloading would still be the easiest (as in most straight forward) thing… you could even have mandatory malware scans or something perhaps.

 

For now it seems to be the "27%" fee , which is maybe seen as an easy common target, something like sideloading would have more far reaching implications obviously. 

[mr moose]

16 hours ago, RejZoR said:

How do you know the Fortnite someone downloads is the version Epic released?

Because you'd get it from the official epic store,  C'mon, you are really stretching the arguments so thin now.

 

[HRD]

9 hours ago, mr moose said:

Because you'd get it from the official epic store,  C'mon, you are really stretching the arguments so thin now.

In the beginning, it was not available from the epic website they just announced it is coming outside the play store. bad actors took advantage of that. and don't forget we are talking Fortnite whose user base is mostly children who can easily be tricked.

[mr moose]

11 hours ago, HRD said:

In the beginning, it was not available from the epic website they just announced it is coming outside the play store. bad actors took advantage of that. and don't forget we are talking Fortnite whose user base is mostly children who can easily be tricked.

A few people not being responsible with where they get their software from is not argument for antitrust.

[mecarry30]

On 2/17/2022 at 12:36 PM, darknessblade said:

Recent article:

https://www.law.com/international-edition/2022/02/17/how-the-netherlands-became-europes-prime-class-action-jurisdiction/?slreturn=20220117153239

 

Looks like aside from Anti-consumer behaviour. apple also faces charges for

 

Number of claims lodged ≠ number of cases where Apple is actually guilty.

I could accuse Samsung of antitrust violations for only allowing their OS or whatever on their smart fridge, and it would count as a complaint, but would have no meaningful basis whatsoever.

[RejZoR]

On 2/17/2022 at 8:06 PM, pas008 said:

if you want security on 14 but forced to update to 15

topic here

 

First time to see people actually complain for getting too much software updates. If anyone didn't get the memo yet, Apple ALWAYS pushes major updates forward, which is why their minimum OS requirement is also always set pretty high. Only time you remain on old version is when you're not eligible anymore, which is usually after 5 years. Or in case of iPhone 6s, 6 years. It's most likely not getting iOS 16 this year. How terrible for company to actively support device for 6 years. And this is just major OS updates. iPhones 6s from 2015 will continue to get security updates, usually until the 10 year mark when support is entirely dropped and you can't login to Apple's system anymore with it (same as with Androids). Lets say 10 years period through which you constantly get updates is very respectable and I don't know many (any) people who use same phone for 10 years for it to be an actual problem.

 

I guess you folks are just too used to not getting any updates on Android phones that you freak out when you do get them every year and all the months in between on iPhone...

[mr moose]

4 hours ago, mecarry30 said:

Number of claims lodged ≠ number of cases where Apple is actually guilty.

I could accuse Samsung of antitrust violations for only allowing their OS or whatever on their smart fridge, and it would count as a complaint, but would have no meaningful basis whatsoever.

You could, but the fridge not only doesn't make up half of any significant market, but also no one is writing apps for it.  In the event that samsung has half the market share and 3rd party apps for iot devices such as fridges are in high demand and they did happen limit the sale of apps to their own store, then charge 30% for a simply in app purchase, then it would be exactly the same.    That's a lot of things that have to happen before it becomes the same thing.

 

I hope you can see why your example is not reflective of the actual problem.