Unlucky Day 13 of Epic v. Apple, starting in 10 minutes. App Store games guy Michael Schmid will return, followed by another big Apple name: Craig Federighi. Then another expert witness, Dominique Hanssens.
theverge.com/2021/5/18/2244…
theverge.com/2021/5/18/2244…
https://twitter.com/thedextriarchy/status/1394665595476533249
Apple already took one shot today, asking a court to dismiss Epic’s “essential faciliities” claim against it theverge.com/2021/5/19/2244…
Judge is giving an update on scheduling. She’ll go through the case on Monday, but we shouldn’t expect a verdict right afterwards — she’s got “hundreds of other cases to deal with.”
Another update on Tim Cook: We’re expecting him at the start of the day on Friday, per Apple’s lawyer.
Apple’s head of games business for the App Store, Michael Schmid, is up now being questioned by Apple’s lawyer.
Schmid says there’s a long and “fairly fluid” list of developers Apple checks in with. The discussions cover monetization, marketing, localization, engineering support — “quite a live list of subjects."
“Do you personally play video games?”
“Maybe too much,” Schmid says.
The lawyer asks him how many games he’s played in his life.
Smith, uncertain: “You want me to start in like, 1992?”
“Maybe too much,” Schmid says.
The lawyer asks him how many games he’s played in his life.
Smith, uncertain: “You want me to start in like, 1992?”
Apparently Schmid was 5 years old when he started playing, and he’s played “thousands” of games.
so you say you work in apple’s store for games, can you name 1000 of them
Schmid is explaining that Apple considers game and app developers very separate — one typically doesn’t work on the other, game developers are more on the “bleeding edge” of pushing iOS graphics, and games focus more on in-app purchases while apps are moving toward subscriptions
Judge says she’s noted that the public teleconference line isn’t working, so we’re going to hold and reconnect it.
Judge notes that there’s been “much more public access” thanks to all the pandemic-related changes courts have had to make. Musing about what’s going to happen when courts open back up.
We’re back. Lawyer’s asking why in-app currency is becoming more popular. Schmid says it gives developers more control over an ecosystem.
Is there a way for a user to avoid Apple’s commission making purchases?
A game developer can make the purchase available on many platforms, says Schmid — he gives Hearthstone, Roblox, and Candy Crush as examples.
A game developer can make the purchase available on many platforms, says Schmid — he gives Hearthstone, Roblox, and Candy Crush as examples.
You may recall Candy Crush’s ill-fated turn in court last week thanks to @mslopatto theverge.com/2021/5/13/2243…
Delving into the Hearthstone example, Schmid shows a video he recorded a few days ago. He launches Hearthstone on iOS and notes he has no card packs, goes to mobile Safari where he’s logged into Battle.net, buys the pack through web, and returns to the native app.
Apple knows a thing or two about the pitfalls of live demos.
We’re going to another prerecorded demo, this one of Candy Crush. Schmid gets around the problem Epic highlighted (no mobile support for the game’s web version) by manually requesting the desktop version of the site.
Schmid puts the blame on King for not supporting mobile browsers — he says it made an active choice to try to push people toward the native mobile apps. Does Apple discourage making purchases available on the web?
“Absolutely not."
“Absolutely not."
Schmid goes into ways developers get help from Apple: business and marketing support, engineering support, and developer tools and products.
“We want to be the best platform to develop a game or app in the world,” says Schmid. He wants to be “more than a checkmark … we want to be the primary platform” that developers want to build for.
Like other Apple witnesses, Schmid cites consoles, PC stores like Steam, Android, and cloud gaming services as Apple’s competitors for gaming.
Schmid says Epic took advantage of Apple tools like Testflight and app analytics, as well as ARKit, Apple’s augmented reality API.
“From Day 1, when we began supporting Fortnite on the store, we had engineering engaging with Epic not just on the game, but on the Unreal Engine, and that was support that grew over time.” Over phone, email, and in person at Epic’s HQ.
One of Epic’s witnesses previously complained about having to reengineer Fortnite on short notice to reduce its memory footprint at iOS — Schmid appears to refer to the same incident, but says Apple was working closely with Epic to help.
Schmid also points to Apple doing promotion for new Fortnite seasons and other content on the App Store and its social channels. “Apple sent over 500 million marketing communications about Fortnite,” he says.
“That’s a pretty specific number,” judge notes.
Schmid says his team aggregated all the ways Apple interacted with users about Fortnite — email, social media, paid marketing. It totaled > 500 million communications by August of 2020. Sounds like a lot of that pie is email.
Schmid says his team aggregated all the ways Apple interacted with users about Fortnite — email, social media, paid marketing. It totaled > 500 million communications by August of 2020. Sounds like a lot of that pie is email.
How much did Apple spend on marketing support for Fortnite?
On the 11 months before the ban, “We spent just under a million dollars. … It was far more than any other game I’d worked on at that point, and more than I’ve seen [on] any game since."
On the 11 months before the ban, “We spent just under a million dollars. … It was far more than any other game I’d worked on at that point, and more than I’ve seen [on] any game since."
Fortnite support was a “never-ending crescendo,” says Schmid. “It was quite intense. There were 3am phone calls, 5am phone calls, Christmas phone calls, it was a pretty demanding relationship."
The overall relationship while Fortnite was on the store?
“Fairly tumultuous. There was a lot of good times and a lot of really stressful times.” But it was “absolutely a net positive” it was on the store, says Schmid.
“Fairly tumultuous. There was a lot of good times and a lot of really stressful times.” But it was “absolutely a net positive” it was on the store, says Schmid.
“Fortnite was the hottest game at the time. I personally played Fortnite,” says Schmid. So did his son and wife. “It was a really awesome thing to be able to bring to users on the App Store."
“Personally I thought it was incredibly exciting, professionally it was an amazing game … it was in my opinion worth that effort to give them that nonstop support."
Epic was super-focused on adding new content, so it “often couldn’t step back and fix some systemic issues” with review, says Schmid — which resulted in a lot of expedited review requests for Fortnite.
(You can contrast Schmid’s “500 million interactions” number with Epic’s story, which is that Apple basically provided rote and strictly transactional promotions for Fortnite.)
A March 27th, 2019 email chain getting pulled up now. “It almost feels like they’re abusing expedite requests due to a systemic issue on their end,” one of Schmid’s colleagues said. Schmid says he doesn’t agree they were “abusing” the system, but they weren’t addressing issues.
Schmid compares Epic’s request pattern to him always being late to things even if he had a reasonable excuse every time. “If you know you’re always late, you should start planning things earlier.” (“To be clear, I’m still always late to things,” he jokes.)
“There was certainly the concern and sometimes the threat that we would be left behind and our users would not receive” the latest updates to Fortnite. “It was never a situation where it felt like it was appropriate to say no” to Epic’s expedite requests.
Another email chain here — Epic gets an agreement to some redaction/sealing. It’s a thank-you email from Epic’s Haseeb Malik after another expedited request.
Schmid says he became personal friends with some Epic team members — Apple counsel asks him to name them, but Epic successfully objects.
Another email where Epic effusively thanks Apple for what Schmid recalls was supporting a crossover between Epic’s Fortnite and Houseparty apps.
Schmid is sort of awkwardly trying to describe the way that he thinks someone at Epic felt about his work on Fortnite while Epic objects on the basis that he can’t actually know that. The judge sustains the objection, so we’re moving on.
Epic is up now cross-examining Schmid — asks if Apple offers special commission deals to anyone. “They have not,” says Schmid, on the gaming side.
Lawyer is discussing Sign In with Apple, which lets users sign up for apps without creating an account with developers, as she basically characterizes it. Schmid says it’s more nuanced than she describes.
Lawyer says at one point this caused problems because Epic wasn’t able to get information it needed to comply with child protection laws, and Apple (she says) wasn’t helpful. Schmid doesn’t offer more detail here, suggests he’s not familiar with it.
Going back to the cross-platform claims, lawyer points to Apple’s anti-steering rules, but she and Schmid start talking over each other until judge steps in and tells them to cut it out.
Schmid says he wasn’t familiar with last week’s court Candy Crush saga, if you will, when he made his video. Epic’s lawyer says he didn’t show the process of actually logging into King’s site — he says “I can’t recall exactly how I logged in."
Epic says users who sign up for Candy Crush through Apple’s sign-in service can’t actually use the process he shows in the video.
We are now in Epic v. Apple Courtroom Candy Crush Demo #3
“The developer’s choice was to push users toward the native app,” Schmid says. But at lawyer’s insistence, he admits that Apple would stop King from telling iOS app users that they can buy currency elsewhere.
Epic counsel says that “request desktop” is not a widely known feature for iOS users, but Schmid disagrees. I’m glossing over a lot of back-and-forth over the precise capabilities of the feature, but Epic contends it’s super awkward to use.
Schmid’s counter, again, is that all this friction is on developers’ side — they could have made the sign-in process easier and supported Sign In with Apple if they wanted, he says.
“That’s the developer’s choice. They have not enabled that,” he says of the sign-in process.
I did not expect to ever spend this much time livetweeting a series of lawyers narrating their struggles logging into websites.
Going to Hearthstone, there’s some confusion about whether it lets you buy packs directly through the App Store (known as “promoted”) purchases or only through the app itself. Either way, lawyer notes Blizzard can’t tell people they can visit its website.
Judge asks if the cost for card packs is the same on the native app and the web. Schmid says they’re both $2.99.
“So the consumer pays the same?”
Schmid says he thinks actually you spend more on the website because there’s separate tax.
“So the consumer pays the same?”
Schmid says he thinks actually you spend more on the website because there’s separate tax.
New development in the Candy Crush drama: Schmid had to recover a password at some point in the login process.
Lawyer is asking whether Roblox could have submitted itself as not a game, but an app — Schmid says maybe Apple would overruled that classification, though.
Lawyer asks if Schmid is aware that Roblox was escalated to the App Store review board for being potentially a ‘store within a store,’ as in the saga below — Schmid says he only vaguely is theverge.com/2021/5/14/2243…
Just to be clear Apple’s witness testimony is absolutely all over the place with Roblox. Schmid just said Apple would force it to classify as a game, an earlier Apple exec claimed it was categorized as an app.
Fourth wall break alert! Epic’s lawyer is now bringing up the article I just tweeted.
“I’ve never seen this article,” Schmid says of my article. Which is good, since witnesses were ordered not to read coverage.
“So you want him to read the whole thing?” judge asks.
We are going to take a break while Schmid reads one paragraph of my story.
We are going to take a break while Schmid reads one paragraph of my story.
Okay there is some confusion about whether Roblox is still categorizing itself as a game. I think Epic’s lawyer may have slightly misconstrued my story and is implying Roblox no longer classifies *itself* as a game, which isn’t correct. It’s the user-generated experiences.
Schmid says he interacts with Roblox “quite frequently.”
I have sympathy for people involved in the nightmare hell of content moderation not all being on the same page, but I still find Apple witnesses' sheer conflicting befuddlement at the Roblox Conundrum very funny.
Asking Apple to describe Roblox is like asking an AI in a movie to divide by zero until its logic boards explode.
Now is a solid time to note that Roblox is older than the iPhone.
Anyway we’re reading through Apple’s developer agreements
https://twitter.com/leah_nylen/status/1395057435237363715
They’re trying to pin down what would count as “encouraging” breaking rules in a way that would lead Apple to withhold payments from developers.
“I don’t focus on App Review or any matters [that] touch App Review,” says Schmid. Which is not unexpected but sort of interesting.
Epic refers to the provision she’s describing as a “guilt by association” provision — Schmid disagrees.
Here’s a more detailed outline of the provision.
https://twitter.com/Shannon_Liao/status/1395058730111225861
Epic lawyer claims to have cleared a “really high, embarrassingly high” number of Candy Crush levels. C’mon, give us a number!
Schmid says he’d guess Apple made over $100 million (it would be inappropriate to give more detail, he says) in commissions from Fortnite over its life in the store.
Epic’s lawyer compares that to his claim that Apple spent around $1 million promoting Fortnite in its last 11 months in the store — $100 million for $1 million is a good deal, she says.
Lawyer asks if Schmid knows if Apple’s promotion of Fortnite drove any users to it — Schmid says he doesn’t have numbers on it.
Schmid’s being asked about competitors’ paid search results getting put on top of organic App Store results. Reminder this is called “conquesting” and earlier Apple testimony claims they allow it because it lets small competitors promote themselves on searches for big apps.
That’s not really Schmid’s domain in any case, and he says so.
Apparently someone at Apple (semi-jokingly?) suggested that Epic add a Steve Jobs skin called “The Innovator” to Fortnite, and it was serious enough that Schmid followed up on it.
Lawyer is now bringing up a case where Epic had an issue in 2019 and Apple allegedly didn’t respond for two weeks.
Important update on the Steve Jobs Fortnite skin
https://twitter.com/BobbyAllyn/status/1395065212953194497
We’re going to take a 20-minute break — I’ll be back a little later than that, around 2pm. Good luck.
Okay, back just in time to get Craig Federighi on the stand. Federighi is Apple’s software engineering head and one of the biggest names testifying for Apple, alongside Phil Schiller yesterday and Tim Cook (expected) on Friday.
Apple’s lawyer asks Federighi to define an operating system after a brief introduction. Federighi describes it as a “large software stack,” which is distinctly not as vivid as the kitchen metaphor we got earlier in the trial.
Federighi describes the operating system as an engine, which lets him extend into the idea that a similar motor could be put in a car or a small plane or lots of other very different products.
Federighi says adding third-party apps “tremendously” affected how Apple thinks about security. “We envisioned people would download lots of little apps to solve all kinds of problems,” he said — compared to an early desktop computer user particularly.
Federighi says of app installation, “we wanted to make that something users could do very easily without being particularly experienced or thoughtful” about the security issues around what they were doing.
Malware makers/operators pick targets largely based on scale and opportunity, Federighi says. “How often is an attacker likely to have contact with a user? In a way, iPhone users are more prone to download apps by far than typical Mac or PC users."
“iPhones are very attractive targets. They are very personal devices that are with you all the time. They have some of your most personal information — of course your contacts, your photos, but also other things."
"They have cameras on them, microphones, they are capable of knowing your location,” Federighi says. People use them to unlock things. "All of these things make access or control of these devices potentially incredibly valuable to an attacker."
Federighi says Mac users are “typically much more wary of downloading software,” while “iOS users are just accustomed to getting apps all the time.” So attackers can find a much more receptive audience. He cites Apple’s “there’s an app for that” campaign.
Lawyer is having Federighi define different kinds of malicious apps: scam apps, vandalism/sabotage apps, ransomware, surveillanceware, and info-stealing.
I believe there are some accompanying visuals in court that I cannot describe, sorry.
Federighi’s running through how malware fools people through trojans — masquerading as a legit app or something attractive like a service offering free stuff.
There are other tactics like phishing, and Federighi emphasizes that bad actors can use “web marketing” tactics for evil, essentially.
Federighi’s implicitly going up against computer science expert James Mickens here — Epic called him to testify that iOS and macOS were similar products and the most important security was in the OS, not the App Store.
Federighi by contrast is saying that “we try to stack up many layers of defense.” And he’s talking about tactics like social engineering that trick people into voluntarily letting malware in.
Mickens also said that code signatures could be enough to let people trust an app, without the need for app review. Federighi doesn’t agree with that either.
“The code signature is a deterrent, but the signing certificates themselves can be stolen. They can fall into the wrong hands.” And a lot of these certificates are granted, so “in practice, it’s common for attackers to get a hold of these certificates."
Same with sandboxing, which helps stop malicious code from getting access it shouldn't — it’s useful, but not enough, Federighi says.
Lawyer is prompting Federighi to talk about some other security methods, like ASLR. en.wikipedia.org/wiki/Address_s…
Interesting to contrast Federighi, who’s talking through all this *very* fast, with Mickens, who clearly focused on making the ideas legible to non-infosec people. (I joked that he didn’t extend his metaphors enough, but he uses them in legitimately helpful ways.)
oh man I had never heard this
https://twitter.com/bergmayer/status/1391016722791075841
Federighi is still looking at the different security mechanisms on a computing platform. He explains a lot of OS-level tools that are useful, but also the ways social engineering can get around their technical protections.
“Those red people are supposed to indicate bad attacker people” feeling very left out of the court slide exhibits right now
Federighi now lays out the ways that human app review is part of the security process for iOS.
An app developer has to tell human reviewers what it does, and the human reviewer can check the app to make sure it matches. Federighi says that frustrates one major vector: impersonation.
“An attacker cannot with any long-term success hope to say 'I am Adobe Flash' to the App Store and have reviewers continuously approve that ‘This is Flash.’” Because Adobe’s already got a Flash app there, Federighi says. (Yes, he acknowledges a moment later that Flash is dead.)
A reviewer can also judge whether an app like a calculator should be asking for access to sensitive health data (no!), and whether an app is dangerous, like an app that encourages people to post pictures of themselves speeding.
Sort of oddly, that example is arguably the Snapchat Speed Filter, which as far as I know was on iOS for years. (Although maybe I’m wrong on that?)
Would sideloading change security on iOS?
“Dramatically,” Federighi says. “No human policy review could be enforced because if software could be signed by people and downloaded directly, you could put an unsafe app up and no one would check that policy."
“Dramatically,” Federighi says. “No human policy review could be enforced because if software could be signed by people and downloaded directly, you could put an unsafe app up and no one would check that policy."
“There are multiple stores on the Mac,” judge asks. “Why should we not allow the same stores to exist on the phone?”
Federighi: “It is regularly exploited on the Mac. iOS has established a dramatically higher bar for customer protection. The Mac is not meeting that bar today."
Federighi: “It is regularly exploited on the Mac. iOS has established a dramatically higher bar for customer protection. The Mac is not meeting that bar today."
“Today, we have a level of malware on the Mac that we don’t find acceptable,” Federighi says, and if you used that method on a platform with far more devices and more sensitive info, it would get immediately run over.
Judge mentions Mickens’ testimony that iOS and Android didn’t have dramatic security differences. Federighi cites a recent Nokia report saying Android had 30x the infections of iOS, and another (don’t know source) saying it’s something like 50x.
“It’s well understood in the security community that Android has a malware problem, and that iOS has succeeded so far in staying ahead of the mwalware problem,” Federighi says.
Federighi compares the Mac to a car that people have to learn how to drive safely. “With iOS, we were able to create something where children — heck, even infants — are able to operate an iOS device and be safe in doing so. It’s really a different product."
Is macOS safe?
“If operated correctly, much like that car, if you know how to operate a car and obey the rules of the road and are very cautious, yes. If not, I’ve had a couple of family members who have gotten some malware on their Macs."
“If operated correctly, much like that car, if you know how to operate a car and obey the rules of the road and are very cautious, yes. If not, I’ve had a couple of family members who have gotten some malware on their Macs."
“Overall, I think the Mac can be operated safely,” Federighi says.
sorry craig i’m gonna get hammered with my friends and surf my mac all over the internet without a license
Lawyer notes that you can get Mac apps safely through its App Store, where Federighi notes Apple has more options, like freezing malware immediately on the store if it’s found to be malicious, than it does with sideloaded content.
Think somebody’s accidentally unmuted themselves on the conference line?
(It’s done now, as far as I can tell. Nothing disruptive.)
Lawyer brings up nation-states finding and using zero-day attacks — a small number of attacks, but one that’s very important for the group it targets.
“I don’t want to downplay how important it is … but it’s not something the average user would confront,” Federighi says.
Not sure if this is their intent, but worth noting this is Apple again downplaying the impact of heavily technical attacks like zero-day exploits, after its counsel argued that Epic’s security analysis focused too much on technical vulnerabilities.
Federighi has moved into talking about the consequences of private information being compromised — bringing up algorithm-fueled extremism, filter bubbles, discrimination, basically anything anyone has criticized Facebook for in the past half-decade.
Few people have asked for this, so if you want the public conference line for the trial: cand.uscourts.gov/cases-e-filing…
Apple is going over privacy/transparency-protecting restrictions on App Store apps — categories of things that Mickens said operating systems struggle with but also suggested app review didn’t do a particularly good job with.
Computers can’t spot patterns encouraging people to give up personal info, for instance, Federighi says. “There are many entities that would love to get around these privacy protections.” If they could distribute outside the App Store, they would.
Apple lawyer now brings up the enterprise program, which lets companies install apps outside the App Store system if they sign up with Apple.
Federighi says there’s a “specific trust relationship” between employer and employee, and Apple doesn’t think all the risks found with public distribution apply.
Does the program demonstrate that iOS can be perfectly safe even without App Review?
“Not at all. Actually quite the opposite — this has been an area of significant abuse,” says Federighi.
“Not at all. Actually quite the opposite — this has been an area of significant abuse,” says Federighi.
Federighi says we have seen “all manners of attack” through enterprise. There’s a “pattern” of people signing up fake companies and setting up alternate app stores that are “absolutely full” of malware, then tricking users into signing up for the program to access them.
If you opened up iOS, “it would become commonplace for users to be directed to download misprepresented software from untrusted sources where they’d be subject to malware,” says Federighi.
Even if Apple tried to set up a system of vetting specific, trustworthy stores-within-stores, Federighi says he’s not sure how Apple would vet those stores.
Can’t people just not use stores they don’t trust? Federighi says no. “If developers wanted, for instance, to get around certain App Store policies protecting privacy or other reviews, they may make their app only available through an alternate app store or through sideloading."
“If a user needs that app for their job, for school, to be in the right social group with their friends, whatever it is, then they have no choice but to get it from the only place it’s available, which may not be the App Store."
We’re going to break for lunch now. Back with more Federighi at 4:15ET!
Court is back in session, with Apple still examining Craig Federighi.
We (well, they) are looking at a screenshot of a malware-injected SketchUp on a web page designed to mimic Apple’s store.
Users could also send software to each other over DM, and attackers could compromise their accounts and send malicious apps that way.
Federighi says the App Store builds “trust and confidence” that makes users feel comfortable trying lots of apps, creating an “unprecedented scale for developers.” If they become more wary of downloading things, that’s going to hurt developers, especially new ones.
Many businesses have “very different philosophies about privacy than Apple,” he says. “Users who have that expectation, they may choose to buy another product, like an Android phone.”
“When users buy an Apple device, they’re doing it because they’ve chosen an intuitive, consistent user experience that’s safe, that they can trust."
Handing off anything that would raise privacy or security issues would cause “grave concerns” because nobody’s committed to these values like Apple, Federighi says.
He’s asked about streaming games. Says iOS supports them but requires them to meet certain “human interface guidelines, which help maintain a consistent and easy user experience."
This includes making streaming game services list every game separately, because users are accustomed to the feel of “each streaming game, which constitutes for the user a distinct application experience,” being a distinct app that can be found outside the streaming service.
Federighi says users are accustomed to setting parental controls on a per-app basis, which is another reason why streaming services should have to list them separately.
“You’d lose all of that individual management, so now you’d have to give that aggregator app access to the sum of all the permissions of any apps you’d use” — so if one app needs location data, “now they all have it, potentially.”
Federighi gets to take his crack at user-generated content now, citing games like Minecraft that let you modify the world. “The mechanics are the same, the game is Minecraft, but you’re playing in a different area of Minecraft [essentially].”
As long as something feels like [loosely paraphrased] “different parts of a common game, we find that users think of it as a common game.” Which isn’t the case with cloud gaming, Federighi says.
Lawyer raises a question judge has: how is cloud gaming different from Netflix?
“Media like music or video has always been managed in collections as part of apps,” Federighi says. “These are not different application experiences from the user’s point of view."
“Media like music or video has always been managed in collections as part of apps,” Federighi says. “These are not different application experiences from the user’s point of view."
Federighi says people have a kind of “30 to 100-hour relationship” with games that they don’t have with other kinds of streaming media.
Epic’s Yonatan Even is cross-examining Federighi now.
Epic lawyer says that Apple doesn’t have “a single developer” coming into court to defend it, despite it talking up its relationship to developers.
Lawyer comes back to the Nokia malware study previously mentioned. He notes Federighi previously said he didn’t know of research on the prevalence of malware on iOS/Android. Federighi agrees, but “I do have that data now,” he says.
Lawyer brings up third-party stores that abused the enterprise program. “That was because Apple failed to conduct a thorough enough background check, isn’t it?”
Federighi: “Look, I can’t really answer that as a yes/no."
Federighi: “Look, I can’t really answer that as a yes/no."
Lawyer notes Federighi wasn’t at Apple for the launch of iOS or the App Store, and he doesn’t have personal firsthand knowledge around the iPhone’s launch.
Epic’s lawyer asks if Scott Forstall (who *was* around then) wanted to run the iPhone on Mac OS X. Lawyer suggests he did, but Federighi disagrees, says maybe Forstall had been speaking imprecisely in a deposition.
Lawyer brings up a few people who also work (or worked) at Apple. Apparently linked to Apple’s security team, although Federighi seems to disagree on exactly where they worked.
I’m having some trouble following what’s going on because it involves consulting a lot of 📒📒📒 evidence, but there’s apparently a 2007 document from the security team discussing opening the iPhone to third-party apps.
Federighi says it’s likely hypothetically about how you might architect that kind of system.
This paper apparently discussed the usefulness of sandboxing and signing systems, two things Federighi has said are insufficient.
The overall approach, lawyer says, includes features that are all part of current iOS security. But turning the page, it says “our model will allow for third parties to distribute their own applications."
“It’s left as a policy decision” whether developers should have to go through a centralized store or be able to distribute apps on their own.
There’s a list of scenarios in the document, including one titled “Guy In His Basement."
In this model the eponymous guy just submits his app for signing and distributes it.
Another model is EA, which Federighi and the lawyer concur probably means the game studio. It also includes signing but no mandatory App Store-style distribution.
Federighi notes the document also says “signing will not solve all malware problems.”
Lawyer counters that it still doesn’t say you *need* a centralized App Store. “Nothing in this paper suggests that once an application is signed, distribution through Apple would be safer."
Lawyer counters that it still doesn’t say you *need* a centralized App Store. “Nothing in this paper suggests that once an application is signed, distribution through Apple would be safer."
The report also says Apple could revoke signatures of an app if it goes bad. Lawyer describes this as “shutting off the spigot,” using a term Federighi earlier used to describe pulling an app off the App Store.
The judge indicates briefly that she is confused about whether this discussion has been about iOS or macOS. Think we’ve cleared it up, though.
Now we’re going through this document for macOS
https://twitter.com/leah_nylen/status/1395123788136820739
Epic lawyer going back to the issue Federighi raised in which opening up the App Store leads non-privacy-valuing apps to use third-party distribution and force users to go outside the official store. Lawyer notes this doesn’t seem to have happened on macOS.
Epic lawyer basically argues developers will want to stay on the App Store because it’s super popular and trusted, so Apple shouldn’t worry about losing apps to third-party stores.
“You understand at bottom, this is Apple’s market to lose, correct?” lawyer asks.
“I don’t understand that characterization,” says Federighi.
“I don’t understand that characterization,” says Federighi.
Epic lawyer is now bringing up the fact that you don’t need the App Store to scan for child sexual abuse images with PhotoDNA — there’s some confusion over whether he’s actually describing PhotoDNA correctly.
Lawyer suggests you could move some aspects of app review into the notarization process. Federighi says it’s not practical, and he tries to talk over the lawyer and explain why until the judge tells him to stop.
We are extremely deep into Epic’s lawyer trying to sell Federighi on why the notarization process is sufficient for app review.
Lawyer describes sensitive things people do on PCs/Macs, like telemedicine, and notes Apple does things like market Macs to schoolchildren.
“Not directly to schoolchildren,” Federighi says, but he agrees they’re promoted for *use* by children.
“Not directly to schoolchildren,” Federighi says, but he agrees they’re promoted for *use* by children.
Lawyer also says that you have to get apps like PhotoShop from outside the App Store, and Apple promotes those apps for education.
Lawyer generally talking about the fact that Apple presents the Mac as being safe for kids even when you download things from outside the App Store. “At no point does Apple tell consumers that if they are seeking security, they should forgo the Mac and buy an iPad."
Contrasts that with Federighi’s statement that the Mac is like a car that needs to be driven carefully.
If you want context to Federighi’s comments about Macs having an unacceptable amount of malware, @chriswelch has a fuller transcript than my tweets: theverge.com/2021/5/19/2244…
Okay Epic’s lawyer referring to streaming apps — noting there are no native game streaming apps. (There *are* apps that let you stream from a console/computer, and things that give you access to a cloud-based full computer desktop, but not mentioned here.)
We’re looking at an email about a service called LiquidSky that does cloud computing.
“What’s the point here?” the judge asks.
First point is apparently about the availability of non-game streaming apps, and there’s going to be… something… about Apple’s business incentives around cloud gaming services.
Everybody’s struggling to get on the same page for another email.
Okay we’ve moved back to Apple questioning. Lawyer is asking about signed and notarized apps that had malware. “There was an implication that [the Nokia report] was inconsistent with your testimony,” so he’s giving Federighi a chance to explain.
Federighi says the question in deposition testimony was about an extremely specific statistic that he only later was able to get an answer to.
“The technical countermeasures, the protections, would still be in place. But the level, the [kind], the sophistication of the attack would be greater,” if the iPhone was opened up, says Federighi to another question — even for users who didn’t go to sketchy stores.
Federighi also gets a chance to explain why it’s so hard to stop enterprise program certificates from getting abused — businesses go under, it’s hard to verify they exist, lots of other potential hazards, he says.
“Mac OS as we frame it externally to customers consists of a whole set of features,” Federighi says — going back to claim that Scott Forstall was a proponent of putting OS X on the iPhone.
“The question was really, do we use the Linux kernel or the Mac OS kernel or something else. This is about the kernel, Darwin really.” Not Mac OS as most people would recognize it, says Federighi.
Now we’re back to that early document where an Apple security team discussed non-centralized iOS app distribution. “We’ve learned a tremendous amount in the 14 years since this document was originally created,” Federighi notes. Security situation is different now.
Federighi says that student Macs are often “well locked down” by adults and reiterates that macOS is secure for a desktop, just meant for riskier use cases in the way driving a car is. (He hasn’t analogized the iPhone to a specific vehicle for comparison, I don’t think.)
And questioning changes sides again — back to Epic.
Sounds like actually we’re done, after one extremely brief question and entering something into testimony. Federighi is done.
We’re done till tomorrow morning. Just two days of testimony to go.
pretty sure we’re all feeling these past 13 days and extremely ready for Final Tim Day 
• • •
Missing some Tweet in this thread? You can try to
force a refresh
