Apple has disrupted internal operations at the social media giant’s headquarters by stopping critical apps using the Apple Developer Enterprise Program — will it do the same to Google next?
Updated 2/1/19: Apple has also banned Google's internal iOS apps too by revoking Google's certificate.
Citing a breach of agreement, Apple has revoked its distribution certificate from Facebook, abruptly powering down all apps using the intra-company iOS app distribution service. This does not mean that the Facebook app will stop working on your iPhone, but it does mean that Facebook as a company has lost its Apple Developer Enterprise Program certificate privileges for the time being.
The transgression was taking Apple software explicitly intended for intra-office communication and using it to distribute a tracking app to consumers. Security researchers broke the story yesterday, in response to which Facebook announced it would shut down the iOS version of the tracking app. Before they could, however, Apple took quicker action and revoked Facebook’s Enterprise Developer Program certificate. The shutdown immediately stopped the tracking app from working, but it also affected various internal operations at Facebook that are reliant on Apple software.
The tracking app is called “Facebook Research,” and it is a VPN that embeds itself at the root of the device, from where it can monitor all phone activity from calls to texts to apps. Users aged 13-35 years old who downloaded the app were paid up to $20 a month for this accumulation of personal data. The breach with Apple came about because Facebook used the Enterprise Development Program — a service Apple provides organizations for internal app distribution — to distribute the Facebook Research VPN to users, an obvious workaround to the higher visibility of having the app in the Apple App Store.
In the wake of this news coming out in the last 24 hours, it was learned today that Google has essentially been doing the same thing. Using its Enterprise Certificate with Apple, Google has been distributing “Screenwise Meter,” a VPN that clocks your every move just like the Facebook Research app. As of this writing, Apple has not announced that it is revoking the Google certificate privileges, but Google apologized and said they would be disabling the app on iOS devices.
The Cybersecurity Tech Accord and Economist Intelligence Unit report measures the beliefs of IT security leaders and experts regarding threats posed by state-led and sponsored threat actors.
MyData Global is a non-profit organization built to empower individuals by improving their rights regarding personal data. Read up on their current efforts to enable secure data sharing.