There’s a lot of thinking about Apple’s growth over the last two decades and the recent rise to $ 1 trillion and $ 2 trillion market values, but their common theme is that Apple has grown from David to Goliath – no doubt too big for everyone’s good, saved his own. What once seemed to be Apple’s small “fenced garden” in an app ecosystem, has become one of the world’s largest software stores, if not the largest, and opponents have increasingly characterized the company as a dominant and unsympathetic villain, and crush less developers at will.
My own view is that Apple̵
Apple is not a perfect company, nor is it entitled to a presumption of purely good intentions. Over the years, it has wavered between populism and benevolent dictatorship, echoing Henry Ford by suggesting (quietly) that it knows users’ needs better than they do. There have been times when it has traded with a heavy hand, and certainly examples of when it has put its own interests ahead of users’ needs. But user satisfaction is still an important factor in decisions and successes. Although a given decision is controversial, Apple’s general overview of creating intuitive hardware, software and services has defined the company, and it has been rewarded with incredible wealth for delivering world-class solutions on a global scale. It’s now a giant, although it’s apparently trying hard not to be a heavyweight.
This week, security researcher Patrick Wardle gave his latest example of Apple screwing up: evidence that the company inadvertently “notarized” a piece of macOS-malicious software so that it could run without objection on even newer Macs. If you do not remember Apple’s Notarization requirements, it was announced in 2018 as a way for developers to assure users that apps distributed outside the Mac App Store were free of malware. Seen in the worst possible light, Notarization was another example of Apple trying to exercise control over it everything running on their computers, despite the company’s benevolent explanation: “Notarization gives users greater confidence that developer ID-signed software you distribute has been checked by Apple for malicious components.”
The problem Wardle identified was that Apple somehow gave a thumbs up to malicious adware payloads that contained OSX.Shlayer malicious software – notifications that it “quickly” revoked after notification. Wardle rightly pointed to Apple for “promis[ing] trust, but still fails[ing] to deliver “with Notarization, which suggests that a security system that does not work as marketed, eventually” may put more users at risk. “
This is where Hanlon’s razor comes in. Notarization has been around for a while, but there have not been many issues with malicious software being notarized. Keep in mind that Mac damage issues tend to be called solely by security researchers rather than end users, as unpatched, on-the-wild exploits are almost as rare as public users’ Mac complaint programs, which has not been true on Windows PCs. for decades. The fact that Apple’s screening process screwed up this time – or the implication that the screening system may have a bigger hole – will not mean that it neither tries to screen properly nor to succeed broadly in keeping users safe. In other words, this is not an example of safety theater, but rather a mistake that should be addressed.
Earlier today, Apple reminded developers of some important changes to the App Store guidelines announced during this year’s WWDC: They can now appeal decisions that App Store submissions violated Apple’s policies, propose changes to the policy, and not see the bug fixes delayed. due to alleged guidelines. (except legal issues). This is not to say that the legions of small and large developers who have been outraged by Apple over the App Store guidelines will suddenly be happy with the company – least of all Epic Games – but that Apple is not standing still, and is apparently trying to take at least some developer requests into consideration.
It’s tempting to take Apple’s moves as proof that it’s trying to stay nimble and flexible despite its growing size, a challenge it’s faced every time it’s reached a new high. Some may find the concept of appnotization condescending, but instead of maintaining an impenetrable street, Apple’s screening system is not as strong as it could be, and it responds quickly to reports of problems. Similarly, to the extent that the process of App Store approval may have felt one-sided or unnecessarily brutal to some developers, Apple opens the door to discussion and evolution. It sounds like a positive set of developments.
However, after seeing Apple spend years seemingly ignoring bug reports from users and developers, my biggest concern is that invitations to appeal or change policies in the same way will fall into a dark chasm, the digital equivalent of a proposal box being emptied into a rubbish. And what I tend to look at as imperfect execution or short-term decisions can obviously be revealed to be somewhat worse.
It’s going to take some time to see if Hanlon’s razor applies here. Apple has a chance to prove definitively that it is not a malicious actor, just one who has not performed ideally in the past, and is doing his best to get better – at least not obviously stupid – in the future.