Apple has removed the iPhone torrenting client, iTorrent, from AltStore PAL’s alternative iOS marketplace in the EU, showing that it can still exert control over apps that aren’t listed on the official App Store. iTorrent developer Daniil Vinogradov told TorrentFreak that Apple has revoked his distribution rights to publish apps in any alternative iOS stores, but it seems the issue is related to government sanctions, rather than a block on torrenting.
2025-09-022:12268199www.theverge.com
iTorrent’s developer has been blocked from distributing apps on alternative iOS stores.
In a statement to The Verge, Apple spokesperson Peter Ajemian said, “Notarization for this app was removed in order to comply with government sanctions-related rules in various jurisdictions. We have communicated this to the developer.”
While Apple bans torrent apps on its own iOS store, the EU’s Digital Markets Act gave iPhone users within the bloc greater freedom to install apps from third-party app stores that the Cupertino company doesn’t directly manage.
Last month, Vinogradov said on iTorrent’s GitHub page that Apple “removed Alternative Distribution functionality from iTorrent’s Developer Portal without any warning.” Apple didn’t provide a reason for the removal, according Vinogradov, and distribution was revoked at the Apple Dev Account level.
Update, August 28th: Added a statement from Apple.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Read the original article
Comments
When it comes to your personal data, Apple loves (correctly) to say "all of our user's data is encrypted, we can't access it even if we wanted to, so we cannot respond to this government request for data"
When it comes to application distribution, all of Apple's courage immediately disappears. They could say "We don't sign or control apps distributed through third party app stores, that's out of our hands, so we cannot respond to this government request". But, they chose not to. It was a choice, and Tim Cook chose an ugly, dishonorable, cowardly path.
To protect their users they chose to include a feature that allows them to remotely kill nefarious apps on all devices, regardless of how they got installed. A consequence of that is that they cannot answer government requests to kill apps with “I'm sorry, Dave. I'm afraid I can't do that”.
Was that the right trade-off? I’m not sure, but AFAIK, they aren’t allowed to add alarming warnings when users add alternative stores, so they can’t put up signs “you’re leaving the safe area”, so I can see why they made this choice.
By rickdeckard 2025-09-027:021 reply In this case they didn't remove the app from the users' devices, they “removed Alternative Distribution functionality from iTorrent’s Developer Portal without any warning.”
So they revoked the right of the developer to publish on other stores, and don't allow publishing that app on their own store.
Beside of those apparent "government sanctions-related rules in various jurisdictions" cited as reason by Apple (whatever that means), they now demonstrated that they still have indirect control over the offering of ALL digital markets.
So regardless in which market you want to publish, you still need to remain in good standing with Apple.
Combining that with Apple's ability to observe the install-base of iOS-devices it's quite a conflict of interest. (The least nefarious being Apple courting successful apps from other stores to come over to Apple)
I would say they have direct control, as they have to bless app before even it can be published on other stores and can revoke this blessing anytime.
By reactordev 2025-09-0212:322 reply So you never really own an Apple device.
By rickdeckard 2025-09-0213:221 reply You may own the device, but everything running on top of it is part of a service in control of Apple.
It would be great if vendors would be mandated to clearly separate communication about the product and the services on top, so they would have to compete again on actual product functionality, but so far it's not the case...
By reactordev 2025-09-0223:17 Unlocking/jailbreaking/installing your own software should be legal. I own the device, I should be able to do with it as I please without breaking cybersecurity laws. The issue is this covers IP/Platform Code and covers jailbreaking as that’s a form of reverse engineering in violation of the agreement you signed when you bought the device. It fucking sucks.
By kube-system 2025-09-0213:171 reply This seems more like a case of: you don't own other people's web servers.
By reactordev 2025-09-0213:251 reply No, more like you don’t own your OS. I definitely have physical ownership of their “server”.
By kube-system 2025-09-0213:311 reply No, you definitely don't own Apple's developer portal or any related infrastructure. If you did, then you wouldn't have anything to complain about, you could just fix it.
And of course you don't own iOS -- were you under any impression otherwise?
I don't really understand this culture of buyers remorse. If you don't buy FOSS, you don't get FOSS.
By reactordev 2025-09-0214:061 reply So you’re saying if I buy a computer, I don’t own that computer?
This is what it is. I own this device in my pocket. I should be able to install, tinker, take apart, said device - granted voiding its warranty - without a company bricking the device intentionally or removing software from the device simply because I chose a p2p network over a centralized one.
Stop defending this. Once you sell something, it’s sold. It’s no longer yours. You may have made it, you may support it, but it’s no longer yours.
By kube-system 2025-09-0214:181 reply You do own the physical device and you can do whatever you want with it. You can take it apart and tinker with it however you please.
If you don't like the software that they do or don't deliver to you over the internet, that is something entirely different.
By reactordev 2025-09-0214:292 reply They didn’t deliver software. A 3rd party did. Stop making straw-man arguments to defend their actions. If the app was pulled from the normal App Store, fine, that’s Apple’s prerogative. But a 3rd party store? The app signing shouldn’t be used a weapon against software “you don’t like”.
By kube-system 2025-09-0214:361 reply Apple revoked notarization -- which is delivered as a service from their computers.
If you don't like that the phone connects to Apple's servers and uses the data delivered, then you shouldn't have bought a product that works that way. Or alternatively, you can take it apart and change it. Nobody is stopping you.
But Apple doesn't owe you an ongoing service that works exactly the way you like just because you bought one of their devices.
You cannot (generally) install and run apps that aren't (recently) notarized, though. They do owe the service inasmuch as they require it for installing and running apps.
By kube-system 2025-09-0222:181 reply Yeah, the OS preinstalled on the phone functions that way. But this is not in opposition to your ownership of the physical device. You can do still do whatever you want with the phone. Grab a hot plate and pull off the NAND, chuck the whole thing in a blender, anything -- knock yourself out.
By analogy, if food was sold with poison in it, "hey man, you bought it, just remove it if you don't like it. not a chemist? crack a book buddy". And now imagine you had no means of producing your own food and all food sold contained poison.
If unlocking an iPhone and running e.g. AOSP on it were feasible, people would be doing it. And you know that. Your argument is disingenuous.
By kube-system 2025-09-0222:521 reply Food with poison in it is both criminally and civilly illegal, and it puts peoples lives in danger.
Equating something like this to closed source software is why some people don’t take FOSS seriously.
You might think I was being facetious, but I’m being completely serious: the only way for FOSS to compete is by producing good products and bringing them to market. If FOSS advocates keep trying to fight some software licensing culture war instead of producing good technology, they’re not going to change anyone’s mind. 99.999% of people do not give two shits about a software license, they just want to use a damn phone.
It was an analogy. You're moving the goalposts and ignored the latter point.
And I'm not a foss advocate, I just want to be able to run software of my choosing and without spyware, as has been the case since the advent of personal computing.
As a side note, legality seems irrelevant to your position. What if a world government mandated optional sideloading + unlocking? Wouldn't you then argue against that law?
By kube-system 2025-09-0223:332 reply I know it’s an analogy. I just think it was a bad one. The desire for nerds to run unusual software on their phone is not really a life or death situation. I think it’s important to remember that in context, the number of us who care about this issue rounds to about zero. Most people using a phone don’t care.
I also want to run the software of my choosing. But there’s not a single phone you can completely do that with. Some of this is due to design decisions, some of it is due to corporate lock-in, and some of it is due to regulatory requirements.
I wouldn’t be against a law requiring side loading and unlocking, I would be in favor of it. This only addresses part of the software on a phone, though. There’s a lot of software on a phone beyond user space applications.
But I do think it would be reasonable to put some hurdles to make it difficult to do. There are completely valid reasons to protect the average user from being scammed by malicious software.
By RedComet 2025-09-043:45 It sounds like we largely agree, then, so I'm not sure what you were arguing in the first place. That because the companies are legally able to do this and that [hardware-based] jailbreaking is possible in theory, it can't be opposed?
To your other point, firmware is another battle entirely and currently has less practical value.
By reactordev 2025-09-030:38 Yet it happens all the time. More than half of Android phones are infected. So again, a poor argument for security. If anything, by opening it up, we (the collective nerds) could help harden it. Protect it. Improve it.
By keysdev 2025-09-0212:50 Devil is in the detail
By franga2000 2025-09-028:304 reply Why can't they add a "this app is not verified by apple, we can't guarantee it's safe" popup? Making people jump through ridiculous hoops (like jailbreaking) would violate the DMA, but surely not a simple matter-of-fact warning? Windows does the same with unsigned apps, as do many version of Android.
By StopDisinfo910 2025-09-029:181 reply Because they want to cripple alt stores and ignore the DMA for as long as they can to protect the 30% extortionate rate their position as the sole provider allows them to force on developers.
By fwn 2025-09-0215:10 The deliberate crippling of third-party stores is a clear example of malicious compliance, something Apple is well known for when facing regulatory pressure.
It's neither new nor surprising. Think about it: the Netherlands' dating app payment pricing trick, South Korea's alternative billing law, the US anti-steering injunction in Epic v. Apple, the Core Technology Fee for the EU's DMA, their ridiculous 'right to repair' process, etc.
What’s striking is how often parts of the discussion around Apple completely ignore this known pattern, instead leaning on apologetic corporate narratives about safety, integrity, privacy, or the environment.
I am against most of the (current!) regulatory pressure on Apple, but regardless of whether one supports these regulations, we can talk honestly about this practices of malicious compliance or even corporate disobedience. They exists in the world regardless of our personal stance on regulation (or Apple).
Generally speaking: If a tech giant does something and there are several possible motives, one of which is profit or power consolidation, and the others are different things, it is always profit/power. They did not start out a giant after all.
Because people don't read and scammers would just teach people how to click through that.
It's tragic, the amount of babysitting supposed adults need...
(I'm not totally against it, the mythical grandma would otherwise lose all her savings because of an animated dancing monkey exe)
Protecting grandma from scams by blocking a torrent app on her phone is rich. Getting a phone call is how grandma is going to get scammed.
By const_cast 2025-09-0214:31 Telling these people about threat modeling completely destroys their arguments. The arguments are lazy, a thin veneer for corporate profiteering, rent seeking, and restrictive behavior.
Youre right - granny isn't installing unsigned binaries and anyone proclaiming otherwise is just bullshitting you.
The reality is that there is no security here. We have massive, glaring holes in the systems we use. Adding a door lock when there's a giant hole in the wall next to it does nothing.
Granny is being scammed via phone, but nobody wants to fix that. I wonder why? Hm, maybe money has something to do with it.
By mschuster91 2025-09-029:091 reply Unfortunately, said grandma isn't all that mythical. Scams of all kinds cost US citizens alone 158 billion dollars a year [1].
[1] https://www.linkedin.com/pulse/ftc-states-scams-cost-us-cons...
By const_cast 2025-09-0214:331 reply This granny is mythical - granny isn't installing unsigned binaries off an alternative app store. Let's not argue dishonestly - we both know how scams actually happen. That statistic is less than worthless in this context.
By cindyllm 2025-09-0214:37 [dead]
By edm0nd 2025-09-0214:17 If you had told me many years ago end users would be opening powershell prompts and willingly copy pasting commands into them to infect themselves with infostealer malware, i wouldn't have believed you yet here we are with ClickFix
By franga2000 2025-09-028:352 reply That's not "Apple is not allowed to", that's "they don't because they think it's ineffective".
By happyopossum 2025-09-0213:49 No, they are literally prohibited from doing that - they tried and were shut down by the eu
By franga2000 2025-09-028:431 reply Yes, the person I was replying to...
> I’m not sure, but AFAIK, they aren’t allowed to add alarming warnings when users add alternative stores, so they can’t put up signs “you’re leaving the safe area”, so I can see why they made this choice.
By klausa 2025-09-028:54 Sorry, I misunderstood your question.
I thought you meant "why couldn't they have done so in the first place, without ever giving themselves the ability to killswitch any apps at all, and just show a scary looking message?".
By Someone 2025-09-0214:52 I think that’s because of the last phrase in this provision in the DMA (article 13.4 in https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%...):
“The gatekeeper shall not engage in any behaviour that undermines effective compliance with the obligations of Articles 5, 6 and 7 regardless of whether that behaviour is of a contractual, commercial or technical nature, or of any other nature, or consists in the use of behavioural techniques or interface design.”
By rickdeckard 2025-09-0213:071 reply Because Apple is not allowed to discourage the use of other distribution methods, and such a popup implies that an app provided via other channels is "less safe" than an app provided by Apple.
> Windows does the same with unsigned apps, as do many version of Android.
This is not the same. Windows states that they cannot verify the origin of the app because its not signed. In the current state Apple thoroughly verified the origin of the app, and the app is also signed.
Imagine a guy standing in front of your grocery store telling you that "the food in this store did not pass quality control of Walmart, so we can't guarantee that it's safe"
By franga2000 2025-09-0214:001 reply I still don't see the problem. Apple can say this app wasn't verified for safety by Apple because...it wasn't. I see an argument for them having to have a setting to disable the nag screen, but it's just stating a fact, just like Windows says "this app is not signed, you can't verify it comes from the correct publisher".
The walmart comparison makes no sense. A better comparison is the operator of a mall putting up a sign saying the products the stores in there sell are not verified by them. Often a store chain also owns malls, so Walmart saying "the things in the Walmart in the WalmartMall are ours and we vouch for their quality, but the other stores in the mall are independent and not vetted by Walmart.
It's only weird because it's so obvious nobody would think otherwise for a mall. But apparently people expect different for phones, which does make sense given Apple hasn't allowed third parties until now.
By rickdeckard 2025-09-0215:08 > I still don't see the problem. Apple can say this app wasn't verified for safety by Apple because...it wasn't.
In the context of this popup, Apple is not just the manufacturer of the device, it is the operator of a competing marketplace. The fact that they suddenly present themselves and state that they did NOT verify this app implies that the quality of the products offered in that market are somewhat inferior to what Apple themselves are offering. <-- This is anti-competitive behavior
> It's only weird because it's so obvious nobody would think otherwise for a mall.
No, it's weird because Walmart has no business telling customers of OTHER markets that THEY don't vouch for its quality.
In this Metaphor Walmart was already caught and ordered to stop hindering other players from competing on equal grounds, so naturally Walmart cannot put someone in front of every competing store to cast doubt on their offering.
> To protect their users they chose to include a feature that allows them to remotely kill nefarious apps
This feature is part of antivirus solutions for ages.
If an OS needs antivirus for this, that OS has been designed wrong (excluding Linux, FreeBSD etc as the target audience isn't regular end users) in the first place.
An OS should NOT need antivirus, it needs proper sandbox and containerization.
- defense in depth means adding such an extra layer is a good idea
- an app can 100% stay within its sandbox and still be nefarious. For example, a password manager could secretly send all your passwords to Mr(s) Evil.
With a proper sandbox, a password manager won't have internet access.
By kube-system 2025-09-0214:22 It also wouldn't have a competitive feature set if that were the case -- syncing across devices is a bog standard feature for password managers.
Also, the possibilities for nefarious apps that aren't thwarted by sandboxes are endless: social engineering and phishing are very common and effective.
By ruszki 2025-09-029:30 There is no OS sandboxing and containerization which would prevent an internet facing software, like browsers, to be part of bot networks.
These are good to have, just like how it's good to have an antivirus. In some cases.
Most of the people download things which were checked before with an antivirus (like Play Store, App Store, GMail), or they don't really download anything outside of browsers (e.g. on desktop), so most of the people (almost everybody in case of percentage) don't need that much protection than 20 years ago. I also don't need neither OS level sandboxing, containerization, nor antivirus by default, because I know how to prevent compromise even without those. I, of course, use those when they are needed, when for example I install or browse something risky. But then I use a full blown VM, or an ultra sandboxed browser, and I know the risk, that there is nothing I can really do, if they use a vulnerability of my hardware for example.
By reactordev 2025-09-0212:31 It wasn’t their choice to make. The user purposefully installed the app from a 3rd party store. That sounds like user intent. If Apple cared about their users, they would allow a user to use without caveat. Including installing whatever software they wish so long as it worked on the platform.
This is right to repair. This is ownership. When you buy some hardware, you should be allowed to install any software you wish, provided it works and you have the technical know how to do so.
By SirMaster 2025-09-0213:28 >they chose to include a feature that allows them to remotely kill nefarious apps on all devices, regardless of how they got installed.
Huh, I sideload some pretty nefarious apps all the time on my iPhone and have been doing so for about a decade, and they have never got remotely killed or removed.
By rjh29 2025-09-027:54 > To protect their users they chose to include a feature that allows them to remotely kill nefarious apps on all device
And yet if you refund an app it's not automatically removed from your device. Always thought that was weird.
It would be trivial for Apple to push out silent targeted OS updates to specific individuals that would log decryption keys and send them to Apple, enabling Apple to decrypt that specific user's data.
Remember, Apple is the same company that cooperated with the NSA to secretly log and feed user data to the NSA starting back in 2012, as revealed by Snowden's heroic disclosure of the PRISM program (which was ruled unconstitutional by a federal judge).
Apple's privacy-protecting image is nothing more than marketing.
Apple is actually far worse at protecting your privacy than Google.
On iOS, you cannot install any apps without an Apple Account, and even some preinstalled apps (like Pages, Numbers, Keynote, GarageBand, iMovie) cannot be used before you assign them to an Apple Account.
On Android, you can install any app from any third-party store without having any accounts. There's a store called Aurora Store that even lets you install apps from Google's Play Store without an account as well, so, you can even install all the mainstream apps, all without any accounts.
That's one point of privacy.
Meanwhile, they protect vast amounts of your data with encryption, especially if you opt in to the most protection.
I don't have any wish to promote Apple, but those are not comparable. Even though I have hated Apple's closed App Store policy.
What do you mean by your data being protected by vast amounts of encryption? Can you verify those claims beyond trusting what Apple tells you? Isn’t the commenter above insinuating that a targeted individual can be compromised anyway?
By theshrike79 2025-09-027:302 reply The amount of money you can get for a iPhone 0day confirms it.
If they were playing fast and loose with cryptography and encryption, we'd have a lot more exploits in the open.
By theshrike79 2025-09-0212:021 reply If iPhones had flaws in the encryption or security, they WOULD be exploited and monetised.
A zero day remote attack on an iOS device is worth so much money that you have to be _really_ ethical as a hacker not to sell it and report it to Apple for a small reward instead.
The last time one was deployed "publicly" was against Jeff Bezos (or his wife) - one of the top10 richest people in the world anyway. And then it was patched for everyone.
By const_cast 2025-09-0214:351 reply Apple owns the code and all it's visibility - you're not allowed to see it.
They don't need a 0 day to compromise your device, they can just choose to do it at any point. You're simply trusting they don't.
By theshrike79 2025-09-0215:051 reply And you think not having a the source available hiders security researchers?
It’s kind of what they do.
By const_cast 2025-09-0215:271 reply If the attack is targeted, it doesn't matter.
Again, you're just trusting Apple not to do that. Please bear in mind that if the government asks, it's not like they have a choice.
By theshrike79 2025-09-0218:003 reply If the government "asks", EVERY company will fold.
Apple is the only one building stuff so that they can't fold, even if they wanted to.
You can turn on the extra protections and encryptions yourself at the cost of user experience.
By cnst 2025-09-0315:54 Apple is the only one that effectively knows the Real Name of all their users, because you cannot do anything on an iOS device without signing up for an Apple Account first.
It's virtually impossible to sideload anything on an iOS device without extensive developer know-how; but for Apple itself to do a targetted attack, would be a trivial task.
Android is the privacy heaven by comparison.
It's relatively trivial to get started with F-Droid and Aurora Store, and then you can install whichever apps you need, without providing any identifying information system-wide, without needing anything beyond the Android device itself.
No PCs, no mandatory 0days, no exploits, no specific software/hardware requirements, no warez, no copyright infringement, just pure free software and a few warning dialogues from Google about the dangers of installing the third-party apps, before you can do whatever you wish with the hardware you paid for, on any Android device of any vendor.
By const_cast 2025-09-0219:37 The difference is the open source software is auditable - Apple necessarily isn't. Its not the same.
Its not a user interface problem either, that's just a lame excuse. iMessage is end to end encrypted and is arguably one of the most pleasant to use messengers.
Apple is very explicitly and deliberately building their systems to forcibly collect massive amounts of user data that they can and do provide to the federal government.
While it is true that close to all companies will comply with lawful orders (but not EVERY company, FWIW: Lavabit famously shut down instead of handing over SSL keys to feds), it is possible to design systems in such a way as to protect FAR more user data privacy than Apple does. Case in point: review the contents of Signal's subpoena response a few years ago:
- https://signal.org/bigbrother/cd-california-grand-jury/
This isn't a sham privacy claim like the kind made by Apple that requires you to trust the provider, either. Signal's clients are famously open source - something Apple does not do for pretty much any part of iOS or Mac OS:
- https://github.com/signalapp/Signal-Android
- https://github.com/signalapp/Signal-iOS
- https://github.com/signalapp/Signal-Desktop
Additionally, most of the Signal server's source code (nix the anti-spam components) is open source, as well as the libsignal library used across the clients and server alike:
- https://github.com/signalapp/Signal-Desktop
- https://github.com/signalapp/libsignal
Apple could be this transparent if they wanted to. They choose not to be, because the truth is, they do not actually care about user privacy, they are constantly collecting massive amounts of telemetry, user data, and user metadata from every single device they make, and they have been proven to share this data extensively with the federal government via the Snowden leaks, even in spite of the few actions they take publicly to maintain the marketing illusion of being a company that cares about user privacy, such as in the wake of the San Bernardino shooting.
By theshrike79 2025-09-048:161 reply Why is Apple taking the harder route then? Like having Maps go through proxies and get the route in small bits so that Apple's servers don't know who is going where, for example?
Meanwhile Google is giving you notifications about "would you like to review <this exact tiny shop you were just in>", because they are the good guys?
By anonym29 2025-09-0415:53 For the same reason the TSA exists: theater.
The TSA performs security theater, where they take the harder route, yet fail to even detect, let alone stop 95%+ of yesterday's threats, to say nothing of today's or tomorrow's threats:
- https://www.theverge.com/2015/6/1/8701741/tsa-screenings-hom...
Apple performs privacy theater, where they take the harder route, yet extensively log user data and share it with federal intelligence agencies:
- https://www.theguardian.com/world/2013/jun/06/us-tech-giants...
As for the deeper why: it's more important to the US government for passengers to feel safe than it is for passengers to actually be truly safe.
Likewise, it's more profitable for Apple to make its customers feel their data is private than it is for Apple to make their customers data actually be truly private.
Apple is not privacy-preserving company.
Apple is marketed as a privacy-preserving company.
By ohdeargodno 2025-09-0215:091 reply >The amount of money you can get for a iPhone 0day confirms it.
Less than for an Android 0day then. Yes, it's quite telling.
You got it wrong.
An iOS 0day would be far more valuable, confirmed by the rest of the thread above.
By ohdeargodno 2025-09-048:23 No, an iOS 0day _is_ less valuable. Every exploit acquisition program pays out more for an Android RCE than it does for an iOS RCE. And it's not surprising: give iMessage a mean look and a .png that looks funny and it breaks under the pressure.
The rest of the thread above is merely the delusions of an Apple fanboy, followed by dozens of people listing out reasons why an iPhone is more vulnerable to attacks, both from external actors _and_ from Apple collecting massive amounts of data and having total remote control of "your" device.
By cnst 2025-09-0315:58 The problem is that you cannot opt-out of the Apple Account.
Which means that targetted attacks are trivial if the attacker possesses the resources.
By vlovich123 2025-09-024:271 reply > On Android, you can install any app from any third-party store without having any accounts. There's a store called Aurora Store that even lets you install apps from golgle's Pay Store without an account as well.
I thought Google recently announced changes to this requiring a developer account to side load.
Yes, Google did announce of the plans, but those changes aren't active yet, and they plan to start enforcing them in only several APAC countries where sideloading is far too popular and gets abused far too much.
Hopefully, they'll see just how ineffective their measures are, and abandon before applying the plans to the rest of the world.
By hellojesus 2025-09-0213:211 reply > where sideloading is far too popular and gets abused far too much.
Why do we consider user installation of software abuse? Plenty of people install software from non-play repositories simply to prevent Google from getting data about their app profile.
By cnst 2025-09-0315:29 The issue I spoke of, is not by the user, but by the fraudsters tricking people into installing malicious apps.
I disagree that such protections (at the expense of the power users) are necessary, but, OTOH, you cannot just ignore such issue existing in the first place, because it does exist, and Google already does have the tools to combat it (by scanning all apps regardless of origin, and blocking malicious ones).
By Yokolos 2025-09-028:38 The unspoken part is, now that the functionality exists, it will be rolled out in more and more countries because it allows governments to directly control what apps users have access to. My response to Chat Control in the EU, if all efforts to stop it were to fail, was always "well, I have an Android, so I'll just install whatever app that isn't backdoored". But if Chat Control passes, this exact functionality will eventually be used to ensure that I can only use backdoored apps.
By vrighter 2025-09-0310:46 There is no way to abuse it "too much". In fact there is no way to abuse it at all. "Sideloading software" means "installing software on my own damn machine". You can't abuse installing software on your own machine.
> Apple is actually far worse at protecting your privacy than Google. On iOS, you cannot install any apps without an Apple Account
How did you decide that this one thing alone makes Apple's entire privacy approach far worse than Google's? Everything else doesn't matter anymore?
By cnst 2025-09-0315:11 What else could possibly matter if your entire identity is always exposed on every iOS device?
I can't really think of anything worse as far as privacy is concerned. Can you?
That is indeed one area of privacy but I wouldn’t say that Apple is far worse. There is countless number of examples where this just simply isn’t true.
Also regarding the App Store, you don’t have to enter a credit card, you can make an account with a new email address.
By cnst 2025-09-0315:24 What's worse than the inability to NOT have a permanent standardised real-name identifier on your device at all times and on all devices?
Apple has really questionable security as well. There's lots of people who have reported Apple randomly asking for Apple Account passwords all of a sudden in popups, on both iOS and macOS, the same way as malware would; or forcing password resets every day or every week.
BTW, do you know how many customer accounts did Apple terminate in 2024? It's 128'961'839 — nearly 129 million customer accounts terminated in just one year.
By nozzlegear 2025-09-0217:201 reply Wouldn't Apple have just done exactly that when they faced public and state pressure to unlock the iPhones of mass shooters, such as the San Bernardino shooter or the Pensacola shooter? That was their golden opportunity, but instead they refused, went to court, and forced the FBI to pay third parties to break into the phones. That's the opposite of your espionage scenario.
If Apple never decrypts a user's data, then this debate will never resolve, because there will always be people who insist that Apple's teetering on the precipice of logging decryption keys and decrypting a user's data – or worse, that they've already done it and we're just waiting for another heroic whistleblower to reveal their corruption.
> Remember, Apple is the same company that cooperated with the NSA to secretly log and feed user data to the NSA starting back in 2012, as revealed by Snowden's heroic disclosure of the PRISM program (which was ruled unconstitutional by a federal judge).
PRISM compelled Apple to provide the NSA with access to cloud data they already held under FISA orders. Apple was not installing spyware on people's devices as you seem to be implying.
By anonym29 2025-09-0222:59 >PRISM compelled Apple to provide the NSA with access to cloud data they already held under FISA orders.
Cloud data that's supposedly encrypted with encryption keys Apple pinky promises they don't have, right?
>Apple was not installing spyware on people's devices as you seem to be implying. I am very clearly not implying this is currently happening - just that there is nothing theoretically preventing this from happening, and the company already has a history of secretly cooperating with illegal government surveillance programs to provide cleartext user data - user data that they love to present an image of protecting vigorously.
By rickdeckard 2025-09-027:11 > It would be trivial for Apple to push out silent targeted OS updates to specific individuals that would log decryption keys and send them to Apple.
I don't think they even need to do that. They are in control of the encryption process and obviously already process the data to create a persona of the user (after which it is no longer considered "user data")
By greyadept 2025-09-026:22 This is what I’ve always struggled to explain to people, that any software’s security and privacy is only as good as its most recent update.
By hsbauauvhabzb 2025-09-024:46 One is a selling point to the security conscious user. The other they no longer need to care about because Android is now a walled garden too.
You haven't noticed that the tyrannical agencies, aka "intelligence" agencies in the west no longer white and throw tantrums about "going blind" and "black holes" etc. regarding Apple device encryption?
I do not get the impression that they just forgot and stopped being traitors.
I mean, you can just look it up instead of spreading conspiracies.
Apple put in functionality that makes it impossible for them to unlock phones and added additional controls to make brute forcing infeasible. The fight was fought, they had it out in court, and it's done.
If that wasn't true, literally all iPhones would be backdoored by the Russians and Chinese lol. Law enforcement is utterly incompetent when it comes to technology, you think they wouldn't immediately leak keys or access?
I regret to inform you that the latest leaked Cellebrite support matrix [1] (from summer 2024) showed that all iOS devices on then-current iOS versions could be forcibly unlocked by law enforcement in AFU state (After First Unlock, following a reboot) using their software.
The only devices that successfully resisted their attempts were Google Pixels running GrapheneOS. According to those documents Cellebrite hasn't had the ability to crack them open since 2022. There's an updated matrix for Android from February [2] which indicates that this hasn't changed on the Android side.
[1] https://discuss.grapheneos.org/d/14344-cellebrite-premium-ju...
[2] https://osservatorionessuno.org/blog/2025/03/a-deep-dive-int...
Yeah, I know. It requires expensive 0-days, which are rare and very much not what the other guy was implying, which is "Apple unlocks things for LEO".
Both Google and Apple have world-class security teams, it's not surprising that it's that difficult.
By dns_snek 2025-09-038:52 We don't know what Apple does or doesn't do. They might not be able to unlock iPhones in their normal state, but what stops Apple from instructing your device to silently install a specially crafted update which makes that possible, prior to your arrest? I don't think that there is anything stopping them.
You also said "[...] and added additional controls to make brute forcing infeasible." which isn't true as demonstrated by Cellebrite's capabilities. They can take the latest iPhone running the latest iOS and unlock it for you for a price (allegedly only with a warrant which law enforcement can always get).
> If that wasn't true, literally all iPhones would be backdoored by the Russians and Chinese lol.
This comparison also doesn't hold up because "Russians and Chinese" don't have physical access to our devices (seemingly required for most of these exploits) while law enforcement who arrested you does, and they can easily ship your device to Cellebrite's lab if need be.
So Pegasus and others that aare not public are not a thing because it was dealt with in court?
And no, there are things that are not shared with law enforcement for that very reason.
By habinero 2025-09-038:37 I don't think spyware sold by ex-Mossad that relies on expensive and easily burned 0-days count as "Apple rolls over for LEO" lol
By const_cast 2025-09-0215:331 reply None of that matters if the government just asks Apple to put out a targeted update and break encryption or leak the keys.
You're still relying on blind faith in good actions.
By habinero 2025-09-038:25 As I said, the government did ask them to do that.
Apple refused and then rearchitected their hardware so they couldn't even if they wanted to.
And no, Apple bakes in immutable encryption during chip fabrication. They literally cannot update it.
https://support.apple.com/guide/security/boot-process-for-ip...
There's no blind faith involved. Apple has one of the best security teams in the world. If they decided to punch a hole in their flagship product security, I am very certain at least one engineer would speak up about it.
Some more context from the linked github issue[0], the app was removed because of European sanctions against Russia, it seems that the app developer who now lives in Malta, has a Russian background.
What is interesting is that it's Apple enforcing these sanctions, rather than AltStore.
The amount of control that Apple exercises over these alternative app stores, really does seem to be against the spirit of the DMA.
[0]: https://github.com/XITRIX/iTorrent/issues/401#issuecomment-3...
By jkaplowitz 2025-09-022:573 reply That’s also weird to me. I don’t have current 2025 info on the sanctions, but back in early 2022 I had a colleague with Russian citizenship who was living in Ireland (with proper permission to live and work - I think even permanent residence). He was exempted from the nationality-based sanctions because of his EU residence, although he did have to prove it to e.g. his banks.
Do the sanctions applicable in 2025 apply even to EU residents of Russian nationality or origin without such an exemption, or is this person covered by more narrow sanctions like one which name him individually, or is Apple going beyond the sanctions rules here for a store they don’t even operate?
Edit: reading the linked GitHub discussion more closely, it seems that he expects to benefit from the same exemption as I was describing, with the problem being twofold: one, the developer had neglected to update his personal info in Apple’s dev portal - not Apple’s fault, at least assuming that sanctions enforcement is their job at all in this scenario. But two, Apple has taken a long time to react to this guy providing proof of his Maltese residence, so that’s on them for being an unresponsive bottleneck.
> But two, Apple has taken a long time to react to this guy providing proof of his Maltese residence, so that’s on them for being an unresponsive bottleneck.
Someone I know has Maltese citizenship. From the stories they've told, the unresponsive party might not be Apple.
(At one point, my friend had to show up at the Maltese immigration office in person to get them to respond to an inquiry.)
By franga2000 2025-09-028:33 AFAIK Apple doesn't actually check with the governments, they just look at the PDFs you send them.
By jkaplowitz 2025-09-0218:10 The proof of residence that he said he sent Apple was his Maltese residence permit, so unless Apple verifies provided documents with the issuing authorities (honestly doubtful), the bottleneck is within Apple and/or anyone to whom they outsource these appeals.
By throw-the-towel 2025-09-025:541 reply You're technically right, but entities find it easier to just ban everyone suspicious than to devote time and manpower to actually investigate.
By j-bos 2025-09-0210:14 No due process from corporations.
And 3, Apple asking for a photo of the ID instead of using eID so the entire process can be tap > Face ID (in your country’s eID app) > done.
Also for some reason on App Store Connect, Apple is asking for a country of birth, not citizenship so with that alone, it’s unclear to me how can they make a determination at all.
Once again, our random spawn point (of which we have no control) is interfering with what we can and can’t do in life. Oh and Apple totally not getting how people live and move in the EU.
By throw-the-towel 2025-09-025:51 > Once again, our random spawn point (of which we have no control) is interfering with what we can and can’t do in life.
This is how wartime works.
By jkaplowitz 2025-09-0218:13 My understanding is that the EU sanctions themselves do care about place of birth, separately from citizenship, not just Apple’s implementation. I’ve certainly seen such a question in non-Apple implementations of these sanctions.
As for not supporting eID, yeah that isn’t great, but so many people have non-electronic EU residence permits (including me within the last few years - though I don’t have Russian origin or citizenship) that they’d have to support the non-eID flow regardless. Maybe they wanted one fewer flow to implement, or maybe they felt that eID verification didn’t meet their compliance needs. No idea there.
By delfinom 2025-09-0210:49 >And 3, Apple asking for a photo of the ID instead of using eID so the entire process can be tap > Face ID (in your country’s eID app) > done.
Because actual technology is alien to Americans. We are still signing documents as if that means securitah.
By tempaccount420 2025-09-024:322 reply > our random spawn point
It's not random.
By leshenka 2025-09-029:26 > European sanctions against Russia
last time I checked if there are no sanctions against you personally you shouldn't have any troubles?
I believe sancitons lists are public so that has to be verifiable by searching for "Daniil Vinogradov". Quick search on EU sanctions tracker [0] did not yield any results. Neither did [1]. So what's up with that?
By viktorcode 2025-09-029:39 That statement cannot be taken at face value. Russian developers and Russian registered entities are freely publishing apps on App Store. EU sanctions do not prevent that.
By rickdeckard 2025-09-027:17 > What is interesting is that it's Apple enforcing these sanctions, rather than AltStore.
That's quite a red flag. Apple demonstrated that despite their seemingly compliance with the EU DMA, they are still indirectly in control of ALL digital markets.
This is still an uneven playing field, and I hope the EU is not blinded by this "feature demonstration" of Apple now...
Lots of Russian apps and services registered in Malta or Cyprus, but their devs continue to live in Russia. And naive users think they’re using a European app or service. For example Adguard.
It's not the first time I've noticed you spreading this misinformation on HN, so let me respond.
Most of AdGuard's staff relocated in 2022, and I (CTO and co-founder of AdGuard) personally live in Limassol, Cyprus. We commented on that publicly, but it seems that random forum posts often regarded as more reliable sources of information.
I am totally fine with anyone not trusting AdGuard for any reason, but please keep your statements factually correct.
PS: Sorry for sticking a small promo in the comment, but this year we're organizing the annual summit (adfilteringdevsummit.com) for ad blockers' devs on our home turf in Limassol, a perfect opportunity to meet us, other ad blockers and even browsers' devs.
> "Most of AdGuard's staff relocated in 2022"
So a lot of your staff remain in Russia?
If you've still got most of your devs working in Russia, and it looks like that from your github projects, I'm not sure what part of the comment you responded to is not correct or misinformation.
By ameshkov 2025-09-0212:49 Most of the employees relocated including senior staff, devs and people with access. We still have some contractors working from there, mostly in support service, content and qa. Not "most" or "a lot", but nevertheless.
We encourage people to move closer to the head office, but as long as it's not required by law, we’re not going to force people to move out, as I know very well how hard it is.
> and it looks like that from your github projects
You do realize that a russian name != working in Russia, right?
> I'm not sure what part of the comment you responded to is not correct or misinformation
The parts where:
1. It's implied that the company is just "registered".
2. It's implied that the company is not European.
3. It's said that devs reside in Russia.
All three are factually incorrect.
AdGuard has been around for 16+ years, and throughout this time I've seen similar accusations many times. I am generally fine with them — that's life — but today I just wasn't in the mood, sorry for that. Anyways, this is one more reason to have more code published to open source, a win-win for all.
The AdGuards CTO and cofounder just replied to my comment, called it misinformation, but then confirmed that a large amount of their team continues to work from Russia.
If you trust Devs working in Russia with you or your companies dns security, you’re insane.
> that a large amount of their team
no the opposite
they also clarified it further
but you either seem to intentionally want to misunderstand people or have severely lacking reading comprehension
either way you can always speculate that they are not saying the truth but you intentionally mis quoting people just makes you look like a fool
His detailed clarification came post my reply to you. Prior to that his statement was that most of their employees were no longer living in Russia. Which implied that some percentage of employees still lived in Russia. He claifies that it’s just contractors and supporter without access, which is much better that some of their employees still working from Russia.
AdGuard would still be outside my comfort margins because of exposure to the Russian government through friends and family.
By ameshkov 2025-09-0217:20 Thanks for understanding and sorry if my comment sounded too harsh. Over the past few years we went through a lot and when I hear that AdGuard is just registered I may overreact.
What for your position, I respect it and as much as I’d like to say otherwise, under certain circumstances it can be reasonable.
By tempodox 2025-09-027:02 Indeed, I thought the whole point of alternative app stores is that it’s not Apple’s decision any more whether an app can be installed or not. This looks like another case of malicious compliance.
By Aissen 2025-09-029:09 There is a lack of proof that the developer is linked to a sanctioned entity. Not saying it isn't, but The Verge should be at least trying to verify that IMHO (instead of taking the statement at face value); I'd even trust a "we verified it but won't publish to protect the developer".
If Apple can decide what you can publish on alternative stores, doesn't that defeat the purpose of having alternative stores?
By Fade_Dance 2025-09-023:504 reply I believe it was the Apple fee monopoly that was the central thrust of the anti-trust case, not open distribution of apps themselves. The goal was to allow storefronts to compete on fees.
If Apple was banning apps from alt stores but keeping them listed in their own store, then it would be a legal issue.
I personally I think it defeats the purpose as well, but I'm more concerned with the right for people to do what they wish with their own device. These antitrust court cases can get pretty specific with what they are addressing.
By dns_snek 2025-09-027:24 You're talking about the US case I believe. Alternative app stores were born out of the EU Digital Markets Act which Apple has been brazenly violating since day 1.
The purpose of the DMA is to eliminate gatekeepers' stranglehold over the market and promote competition by forcing them to compete on equal footing. Apple's compliance strategy thus far has been to create an appearance of compliance (alternative app stores, what more do you want??) while fully retaining their chokehold in strategic areas like notarization and core technology fees which completely undermine the goals of the DMA. They remain a gatekeeper who imposes taxes on competition and retains the ability to kill your project (or business) without a due process.
By AnthonyMouse 2025-09-024:211 reply Aren't they both anti-trust problems? Suppose Apple bans apps that compete with some service they offer themselves. Allowing them to be banned in alternate stores as long as Apple also bans them in their own store is clearly not going to make that better, right?
By dathinab 2025-09-0213:39 > compete with some service they offer themselves
if you move from ban to, systematically hinder updates, despotic interpretation of store TOS/Guidelines/Rules, APIs their apps can use and others can't which affect competitiveness of the apps, not having to pay their own fees, randomly removing top apps from the app store front/ranking/promotion, TOS which make competing impossible etc.
then they have been doing exactly that for years
i.e. "not ban but market wise not that different"
By rickdeckard 2025-09-027:22 > I believe it was the Apple fee monopoly that was the central thrust of the anti-trust case, not open distribution of apps themselves.
This was not just subject of the anti-trust case, it's Apple being expected to comply with the EU Digital Markets Act.
(The DMA defined objective criteria to identify a scaled market of digital goods with an uneven playing field for all players. Apple was found to have created such a market and was ordered to rectify this)
By _aavaa_ 2025-09-0213:08 How can a storefront compete on fees if apple can wake up one day and tell the other storefronts “none of your apps are available for sale anymore”.
By Rucadi 2025-09-028:39 Totally, the only ""freedom"" that they have is the free development program... But they can cancel your account at any time if they wish for "abusing" it, and you even have to refresh apps every week.
By viktorcode 2025-09-029:421 reply Apple does not get to decide what‘s published on alternative stores, but they can revoke certificates still.
By viktorcode 2025-09-0219:221 reply Difference is in the fact they don’t have any incentive in checking submitted apps to alternative stores. Does it even launches? Does it use private APIs that will break tomorrow? Who cares. Surely not Apple. It’s on that alternative stores.
But if they asked to block an app due to breach of a law, they will oblige.
You argue that they have no incentive to look through all the apps submitted to other app stores. I disagree with this premise.
And even if it were true, it is not a counter argument to my assertion that Apple has complete control over what apps exist on every App Store.
No app goes live or stays up on any App Store without Apple’s explicit consent.
By viktorcode 2025-09-059:32 Your argument was that this is a distinction without a difference. I pointed out the difference: apps on alternative app stores exist until Apple is legally forced to remove them.
By seany 2025-09-024:27 Yes
