Difference between revisions of "Misuse of enterprise and developer certificates"

There is some distribution of apps outside the App Store using provisioning profiles and enterprise certificates, which allows those apps to be installed on non-jailbroken iOS devices. This violates Apple's developer agreements.

Some of them used an expired provisioning profile that required the user to set the device's time back to 2012 before installing the app (the "date trick"). The ability to use expired profiles like that was fixed with iOS 8.1.

Examples

• Pangu
• iOSEmulatorSpot, JBWithoutJB, and NoJailbreakApps redistribute various apps developed by other people, mostly without permission.
• Some piracy sites and tools distribute cracked App Store apps that have been re-signed using developer certificates.
• "Popcorn Time releases iOS app tomorrow, no jailbreak needed", April 7, 2015

External links

• "New services bypass Apple DRM to allow pirated iOS app installs without jailbreaking on iPhone, iPad" (TheNextWeb, January 2013): "It’s unclear exactly how Zeusmos achieves its goal, but judging from the pricing and the correlation between UDIDRegistrations, it appears to utilize a developer licensing certificate to install ‘cracked’ apps which have had their DRM (copy protection) stripped."
• "When Criminals Exploit Apple's Own App Distribution System, What Hope Is There Of Stamping Out Piracy?" (Forbes, April 2013): "Remarkably, the site is powered by Apple’s own enterprise app distribution system, designed to allow large organizations to provide internal apps to staff. What KuaiYong has done is buy one license and then distribute apps to its customers on the pretext that they’re the company’s own staff."
• "Chinese website allows pirating of iOS apps, no jailbreaking required" (Examiner, April 2013): "[Kuaiyong] uses Apple's own enterprise app deployment technology."