Malcolm Owen
Developers of Linux and Unix shells have received warnings from Apple that their iOS apps violate App Store Review Guidelines, with the threat of termination from the App Store said to be reversed in at least one instance.
A shell is a tool that enables users to perform command-line operations on a device, which usually doesn't offer that sort of functionality, such as the lack of a terminal in iOS. These terminal emulator apps like a-Shell and iSH enable the use of many Unix commands in iOS, which can be useful for developers and power users.
However, according to a series of tweets on Sunday, it seems that the two apps have come under fire from Apple's App Store team for seemingly violating the App Store Review Guidelines. The iSH Twitter account advised it was informed by Apple it would be removing the app from the App Store on Monday.
Hours later, the developer advised they had received a call from the App Review team apologizing for the notification, the appeal against the takedown was accepted, and that iSH would not be removed from the App Store.
We got a call this evening from someone who runs App Review. They apologized for the experience we had, then told us they've accepted our appeal and won't be removing iSH from the store tomorrow. We'll stay in contact with them to work out details.
— iSH (@iSH_app) November 9, 2020
As to why the app was rejected, iSH suggested it could be related to section 2.5.2 of the App Store Review Guidelines, as it put out a request for feedback from other developers enduring the same trouble. In response, a-Shell advised it had received a "similar notice of termination" a few days prior, but the appeal was still pending.
Section 2.5.2 deals with the self-containment of apps within their bundles, and to not read or write data outside its designated container area, nor to "download, install, or execute code." As shell apps may have the capabilities to run scripting, it could be this element that is being picked up by the review process.
In a full blog post, iSH developers Theodore Dubois, Saagar Jha, and Martin Persson explain the removal threat was due to the team believing the app was "not self-contained and has remote package updating functionality," with a request to remove the offending items and other remote network commands. It was thought that iSH was a "security concern" if it allowed users to import code into the app.
"We believe iSh is fully compliant with the App Store Review Guidelines," wrote Saagar, with Apple thought to have misunderstood or misinterpreted the app, its own guidelines, or "the consequences of what they are asking." Saagar suggested that a consistent enforcement of this "incorrect interpretation" would ensure the "removal of all scripting apps" from the App Store.
The a-Shell tweet further advises it was requested to remove access to the unix commands "curl, pip, and wasm" for the app to stay in the App Store. The curl command handles data transfers over a network, pip is used to install Python packages, and wasm relates to WebAssembly, a code that could be run in web browsers.
Apple updated its App Store Review Guidelines on August 31, including a new element that allowed developers to challenge the guidelines themselves, with the potential to make Apple change some of its review rules. A challenge has already been successfully logged with Apple by Guardian VPN, which wanted more flexibility in how it charges for auto-renewing subscriptions.
William Gallagher
Christine McKee
AppleInsider Staff
Chip Loder
5 Comments
Yet again several problems with Apple's approach on this.
1) Why did Apple make a mistake and threaten the developer?
2) Why did the developer not get a proper justification and citing of the specific rule violated?
3) Why is it some apps are fine for years but then all of a sudden are violating a rule, even if the rules haven't changed?
4) Why is Apple not being especially careful considering the antitrust investiv
If the rules weren't so overly complex and in many cases vague, maybe the App Store reviewers wouldn't keep making mistakes. Though I'm sure at times Apple just doesn't like what an app is doing, even if it's not explicitly breaking a rule. So they use a vague rule as a reason to remove it. They really need to stop being so blazé with the enforcement, this is literally someone's livelihood they're destroying at the click of a button. Each of these cases only strengthens the antitrust investigations into Apple, and increases the likelihood Apple will be forced to allow third party app stores. One step in the right direction is the ability to challenge the rules, however.
The Philippines. Sometime in the early 2000s. I was visiting to enjoy hot weather and sweet women. And I did.
Fancy cellphones were THE status symbol in the Philippines just like cars were in the USA. People would brag about their new Nokia model just like we would brag about our new BMW. And of course they used them, texting like madmen and women. I couldn’t help but notice that my sweet women would be more in love with their phones than they were with me. So I played along with the gag and treated Celly the cellphone like she was a member of the family. It got some laughs.
Turns out it was a bit worse than that. The virus promised sexy jokes. When you pulled them up it called special expensive numbers. The virus ran out a bill of over $300, and unlike 976 numbers in the USA there was no option to take them off of the bill. You were stuck paying them. As a result she had to cancel her service since she did not have the money or anywhere near it.
Worse yet it spread by sending itself to everyone in your address book. And her best friend had the same model phone as her, so she wound up getting the virus and staring at some remarkably vulgar pics. It cooled their friendship for about a week, until we all figured out what was going on. Fortunately most of the people it sent the virus to didn’t have that model phone so it resulted in confusion and nothing more.
Ever since that ordeal I have had enormous sympathy for companies that felt they had to control the software running on their devices. It is just too vulnerable to scams. And of course it is even more so today.