The IT Nerd

You might recall that Facebook and Google were caught using Apple’s enterprise certificates for less than honorable purposes. And both got smacked by Apple for doing so. Well it seems that they aren’t the only ones as TechCrunch is reporting that dozens of pornography and gambling apps are abusing the enterprise certificate program as well:

TechCrunch was able to download and verify 12 pornography and 12 real-money gambling apps over the past week that were abusing Apple’s Enterprise Certificate system to offer apps prohibited from the App Store. These apps either offered streaming or pay-per-view hardcore pornography, or allowed users to deposit, win, and withdraw real money — all of which would be prohibited if the apps were distributed through the App Store.

Part of the problem is that literally anyone can request and get one of these enterprise certificates as long as they cut a cheque for $299 and provide a D-U-N-S business ID number. That’s a very low bar and the result is predictable. These certificates can be resold on the black market and can end up in places like China. Which of course is bad. Thus it’s clear that Apple needs to tighten up how people get enterprise certificates. How they do that is a bit of an open question. But they are apparently taking out as many of these rogue apps as they can as I type this. But that’s a short term solution to a much more complex problem.

This entry was posted on February 12, 2019 at 1:14 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.