Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
IOS Privacy Apple

Purism Says Unfair iOS Policies Forced it to Remove Its VPN Tunnel from IOS Store (puri.sm) 94

In 2019 Purism launched a suite of privacy-protecting, no-tracking apps and services named Librem One. And it included an encrypted, no-logging, virtual private network tunnel named Librem Tunnel.

Unfortunately, "Recently we've been forced to remove Librem Tunnel from iOS due to their unfair policies," explains a post this week on Purism's blog: Apple's policy is that applications that make in-app purchases or offer subscriptions using Apple's payment platform pay Apple 30% of their revenue. The justification behind that fee is that companies are benefiting from all of the work Apple has put into its payments platform and so the fee helps them maintain that payments infrastructure while saving app developers from having to implement their own payment or subscription infrastructure...

Recently our VPN endpoints have changed, which required us to update the Librem Tunnel application. Unfortunately our attempts to push an update were blocked, because Apple saw that the application was a VPN, which flagged it to check whether it was a subscription service (which VPNs frequently are). Even though Librem Tunnel is just part of the overall Librem One offering, because it's part of a subscription service, Apple is requiring us to add the ability to sign up and pay for Librem One subscriptions within the Librem Tunnel app before they will allow updated versions into the App Store. Why are they making that requirement even though we already have our own independent payment infrastructure? Because once that app allows in-app purchases, Apple can then automatically take their 30% cut.

We do not accept these kinds of monopolistic practices, nor do we want to fund them through our own customers. Since Apple does not allow alternatives to the App Store on their platform, we have no choice but to remove Librem Tunnel from iOS, until such time Apple changes their policies either on their own, or through government intervention.

For their existing users on iOS, "Because Librem Tunnel uses the standard, open, OpenVPN protocol, we have been working with customers to apply their OpenVPN configuration to a different iOS OpenVPN client."
This discussion has been archived. No new comments can be posted.

Purism Says Unfair iOS Policies Forced it to Remove Its VPN Tunnel from IOS Store

Comments Filter:
  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Saturday March 20, 2021 @02:02PM (#61179802) Homepage

    Apple's policy is that applications that make in-app purchases or offer subscriptions using Apple's payment platform pay Apple 30% of their revenue. The justification behind that fee is that companies are benefiting from all of the work Apple has put into its payments platform and so the fee helps them maintain that payments infrastructure while saving app developers from having to implement their own payment or subscription infrastructure...

    Surely: a large part of the reason why people buy iphones is because there are many apps available. If all of the apps were to go I suspect that far fewer iphones would be sold. But, as usual Apple's logic is arse about face.

    • by Sebby ( 238625 )

      But, as usual Apple's logic is arse about face.

      That's because Apple is all about "services, services, services!" now.

      "Courage", remember?

      • Unlike with Windows Phone, iOS has enough users that market demand would prevent mainstream app developers from pulling out. When Windows Phone was a thing, it offered unofficial clients which had very desirable features (otherwise artificially restricted) by official apps, like high-performance YouTube clients which had background play, audio-only streaming and no adverts. Windows Phone also ended up with unofficial Facebook, Twitter and Reddit clients without embedded junk and BitTorrent clients were on t
    • Surely: a large part of the reason why people buy iphones is because there are many apps available. If all of the apps were to go I suspect that far fewer iphones would be sold.

      Is there really a huge difference in the number of apps sold for Android/iPhone? Or to be more precise, apps that matter?

  • by Sebby ( 238625 ) on Saturday March 20, 2021 @02:03PM (#61179804)

    These guys also need to sign up as witnesses at the next congressional hearings (like the folks behind Hey email service app and a few other devs we’ve heard about recently).

    • Well the news release mentions “government intervention” as one remedy, so I imagine they’re pursuing that.

      These tech mega companies all seem like they could use a good dose of oversight and regulation. It’s too bad both political parties seem to believe that’s a bad thing (judging by their behavior, not their words) - then act surprised and indignant when the companies abuse their position.

  • Oy vey (Score:4, Insightful)

    by Ecuador ( 740021 ) on Saturday March 20, 2021 @02:20PM (#61179842) Homepage

    Oy vey, here we go again. The app store does not take 30% off (or 15% now in most cases) for payment processing, that's the least of what they do. They give you development tools, portal for handling testing/submission etc and an app store that showcases your app and, importantly, gives access to the Apple user base which one of the highest spending user bases around. I don't like the cut they take (I have written before that I am even more annoyed about unadvertized fees - e.g. they get 5% currency conversion without giving me the chance to do it through my bank for much less), but I have to admit they do give value and at a much more reasonable cost than in the past (you had to pay tens of thousands of $ - I estimate a minimum of about $30k in BREW platform fees alone - to have a change of getting listed to Verizon Get It Now, which was popular before the iPhone). In fact, with their reduction to 15% for those who make under $1million/year or 2+ years of subscriptions, their fees are lower than many others (Microsoft's Xbox, Sony's Playstation, Amazon etc).
    It's a bit tough luck in this case that "Purism" has a service of which VPN is just part of, but if they want to have a client on Apple's app store they have to work around the rules - e.g. have a "vpn only" subscription through the app or something like that. It is quite a bit easier for them to just call Apple on it and give up on the app, as they won't get much flak from their customers given that it's still possible to use other OpenVPN clients.
    Apple is one of the most anti-consumer companies out there, but they built the app store so they can make money, which is certainly their right, and both devs and apple users seem to find it valuable. No need for a new story every time a developer doesn't agree with the app store policy.

    • by Gabest ( 852807 )

      > gives access to the Apple user base which one of the highest spending user bases around

      The user base exists because there are apps.

      • by Anonymous Coward

        People who buy Apple hardware are high spenders with no regard to money. Otherwise they'd buy something cheaper and better.

        • Re:Oy vey (Score:4, Informative)

          by jeff4747 ( 256583 ) on Saturday March 20, 2021 @06:11PM (#61180450)

          Android devices aren't worse on the software or hardware at release. They're worse because I don't want to have to upgrade the hardware every year or two if I want an up-to-date OS. I can keep an iPhone for 5+ years and still get updates.

          And no, "just root it and then find someone else's monkeypatch of the operating system that hopefully won't fuck up anything" is not a solution to that.

          • I can't believe someone can be so wrong and so arrogantly confident still. What shall I tell you? You are wrong? Will that convince you? What fucking world are you living in? Buy an android phone and use it for 5+ fucking years you will still get the upgrade... I mean... how much exactly is your head deep inside the sand?

            • My Samsung Android tablet received one OS patch, 6 months after release. It was not an upgrade to the new version of Android. There has been nothing in the years since then.

              Is there a particular reason you enjoy lying about this, or just hate Apple that much?

              • When someone posts something idiotic I am not sure what to do besides calling them an idiot. That's old age I suppose.

                Android is a platform/OS. You will need to do some research before talking about stuff you have no clue about. Using Apple products won't make you superior.

                Android One [wikipedia.org] for example. My Mi 3, released in 2013, still gets updates, as another example. This is a site for nerds you know.

                • I love it when people shout "idiocy", and then post links that refute their own claims.

                  Android One devices receive OS updates for at least two years after their release

                  Hrm....almost like

                  have to upgrade the hardware every year or two if I want an up-to-date OS

        • People who buy Apple hardware are high spenders with no regard to money. Otherwise they'd buy something cheaper and better.

          I went the iPhone route in the end because it works out better in cost compared to equivalent Android phones over the full lifecycle of the device. The claim of big spenders buying Apple has been outdated since the release of the iPhone SE due to Apple now offering a 7 year lifecycle. Even folks who lack funds can buy second hand towards the end of a given lifecycle to get a price which beats out almost all supported Android handsets.

          Second hand, the iPhone SE (2016 model) goes for approximately £

      • The user base exists because there are apps.

        Which is completely irrelevant. It's Apple's exclusive userbase to do with as they please.

    • Re: (Score:1, Informative)

      by mrbester ( 200927 )

      > They give you development tools...

      Give? Last I looked, I had to buy a developer subscription to be allowed to code in the first place, an iPhone to test with (no, emulators / simulators won't cut it), and a MacBook to write the code on. In this case, "give" is "give Apple several thousand dollars".

      And what I develop can be refused for "reasons", so I'm also "giving" time with zero guarantee of any return. If it is miraculously accepted, I also "give" Apple a cut of my hard earned money every time some

      • Re: (Score:2, Informative)

        by Anonymous Coward

        I had to buy a developer subscription to be allowed to code in the first place,

        Flag on the play. False statement. 10 yard penalty. 3rd down.

      • Re:Oy vey (Score:5, Informative)

        by Anonymous Coward on Saturday March 20, 2021 @03:35PM (#61179980)

        Ok I feel really weird "defending" Apple as I don't like them, but I don't like misleading statements.

        Give? Last I looked, I had to buy a developer subscription to be allowed to code in the first place

        Simply false. You only need a paid subscription upload to the app store. You can code & run on simulators and devices for free.

        an iPhone to test with (no, emulators / simulators won't cut it),

        I've used emulators/simulators for mobile devices for decades. I always hated it. Except the iOS simulators are a step above everything else I've used before, apart from things like compass/gyro, they behave pretty much like the device and can be faster too. You realize they are different in that they run native code, right? Apple can compile their entire iOS/OS X stack in any of ARM/intel arch they want, so the simulator simply runs the same frameworks compiled on your architecture which might be different than the target phone or even the same (M1 Macs).

        Having said that, developing for ANYTHING in the end requires you to get a device to test it on. For iPhone, you can do more things with the simulators than other platforms, but regardless you are still supposed to get a device if care about some QA testing. If you make a PS game, you have a PS, if you make an Android app, you have an Android phone (or several for various configurations). etc. You are just making a point because you dislike Apple.

        and a MacBook to write the code on.

        Well, mostly, yeah, although I have run XCode on VMs in the past, for an automated compiling pipeline, while using a Linux host. It's not uncommon for development to require a specific platform. Most smaller companies give you a way to develop on Windows, but Apple doesn't have to do that and they don't. I much prefer developing on MacOS than Windows anyway.

        And what I develop can be refused for "reasons", so I'm also "giving" time with zero guarantee of any return. If it is miraculously accepted, I also "give" Apple a cut of my hard earned money every time someone buys it.

        I'll tell you a story about how it was before the iPhone. Back in good ol' 2007. I worked in a company that had spent about $200k developing an app with the intention of getting it into what was the app store at the time - Verizon's Get It now. Of that amount, about $40k was spent as testing fees on the development platform, because Verizon would not consider you for inclusion unless you have passed verification for a few dozen of their phones (I forget the exact number) and each device class required $1k in fees every time it was tested. So you spent a f***load of money without any guarantee. Apple at least has some rules (that they interpret any way they want of course) so you usually know if you are on "grey" territory, but back then it was whether Verizon "likes" your app. Some demos on trade shows etc and we actually got in. Until a couple of months later when Verizon updated their store software (which was responsible for installing apps - developers submitted simple binaries, the store installed it on phones) and borked the new installations of our app. Instead of fixing it, they simply dropped our app, and there was nothing we could do. Yes, and they did get a cut on top of everything too!

        Apple came and lowered the bar to $0 (true, as long as you had a Mac, but if you are against Macs ideologically who are you kidding - you are not going to try and develop for Apple anyway!), or $79/year to actually list the app in your store - and they'll accept over 99% of the apps submitted. This was huge compared to the past.

        Funnily enough, I'm not about to do any of that.

        You dislike Apple, that's the only reason, nothing else you mentioned is really an issue. I dislike them too, but I can see past that.

        • I'll tell you a story about how it was before the iPhone. Back in good ol' 2007. I worked in a company that had spent about $200k developing an app with the intention of getting it into what was the app store at the time - Verizon's Get It now.

          If your argument is "Apple is not as bad as Verizon" then you should know that's not a compliment. Apple denies fundamental freedoms [gnu.org] to their users, that is why they are bad.

          In other areas, Apple does a lot of good things.

        • by tepples ( 727027 )

          Say I maintain, as a hobby, an Android application distributed as free software that is on GitHub, F-Droid, and Google Play Store. How would I find the revenue to cover the cost of a Mac on which to run Xcode, an iPhone on which to run post-simulator QA, and a developer license? Is it within users' expectations to distribute an application for Android as free software and charge a price for the iOS version of the same application specifically to recover the additional cost of supporting iOS?

          • How would I find the revenue to cover the cost of a Mac on which to run Xcode, an iPhone on which to run post-simulator QA, and a developer license?

            That's up to you, if you can't justify it then don't do it. Or open source it and if it has value then somebody in the community with the requisite hardware is likely to volunteer to help. Try crowdsourcing.

            Is it within users' expectations to distribute an application for Android as free software and charge a price for the iOS version of the same application specifically to recover the additional cost of supporting iOS?

            If you provide enough value then users will pay for it, if not then they won't. Maybe it provides them enough value to switch from iOS to Android to get it for free but not enough for them to pay for it on iOS.

        • That was a rambling anecdote about a board decision to invest business assets after deliberating over costs, risks, timelines and returns, complete with PowerPoints, in producing a product which has no bearing on a developer even vaguely interested in developing for iPhones on their own time at their own expense.

          Did the company make any money out of this app? That was the purpose, after all.

    • They give you development tools, portal for handling testing/submission etc and an app store that showcases your app

      These are lies. Unless you are incredibly lucky, your app will never be "showcased" in the app store. Apple doesn't do promotion work for the vast majority of developers, you have to do it yourself.

      gives access to the Apple user base which one of the highest spending user bases around.

      This is double-speak. Apple prevents people from installing apps, and there is a subset of people they don't prevent from installing. Apple is clearly bad here, and freedom denying [gnu.org].

    • "They give you development tools, portal for handling testing/submission etc and an app store that showcases your app and, importantly, gives access to the Apple user base which one of the highest spending user bases around."

      Apple provides all of that for apps that charge nothing as well, for which Apple gets no incremental income.

      • by tepples ( 727027 )

        From each developer of iOS apps distributed without charge, Apple gets $99 per one-year increment, plus $999 for a MacBook when Apple increments the oldest hardware revision needed to run new versions of macOS and thus new versions of Xcode needed to submit apps.

  • by iamhassi ( 659463 ) on Saturday March 20, 2021 @02:36PM (#61179858) Journal
    You signed up knowing it’s 30%. Why would you suddenly abandon half your customers over 30%? Getting 70% is better than 0%, right? Only reason that makes sense is if they had no customers, and this announcement going viral will at least help get them some cheap publicity which might translate into income.
    • by zekica ( 1953180 )
      It wasn't 30% if you don't offer subscriptions in the app itself.

      If you have a service that you cannot buy in the app and nowhere in the app you put a link to a place where you can buy/subscribe, it was OK by Apple's rules. From this example, it is no longer the case.

      Otherwise, they wouldn't have had the app in the app store in the first place.
    • by dgatwood ( 11270 )

      Because the service isn't iOS-specific, and they have never offered in-app payments before. This is no different than if Apple suddenly demanded that Comcast allow you to buy Internet service via in-app purchases. They'd laugh at Apple, flip them the middle finger, remove their app from the store (assuming they have one), find other ways for their customers to do what they need to do, and tell Apple to do something anatomically impossible with themselves, which is exactly what this company did.

    • Why would you suddenly abandon half your customers over 30%?

      Well that kind of proves Apple has a market distorting position and is ripe for an antitrust smackdown. 30% is a fucking enormous fee. If lots of people can't leave Apple despite having punishing fees, there's no way they're not distorting the market.

    • Go actually read the blog post. They sold the service outside the app store, and the app was a slightly modifies Open source VPN client that had custom branding and was easier to configure for their own particular service. For whatever reason they needed to update the client to point to new servers. Apple found that it was related to a service sold outside of the app store and blocked the update.

      Unable to update, and unwilling to give 30% to apple, they pulled the software. You can still use the official op

    • "You signed up knowing it’s 30%."

      It's 30% of the price of the app and/or in-app purchases through the app. There was no charge for the app, and you could not purchase anything through the app.

    • Comment removed based on user account deletion
  • Eventually (Score:4, Interesting)

    by Revek ( 133289 ) on Saturday March 20, 2021 @02:45PM (#61179872)
    Some Craze like fortnite will come along and they creators will refuse to release it on apples platform. It will cause a shift in sales and they will seek out this future company and learn that being too greedy can have unperceived consequences.
    • Yeah, that totally destroyed Microsoft and Sony's practices on their consoles!

      Oh wait...

      • by Revek ( 133289 )
        It won't destroy apple. but it will cost them. I refuse to purchase a sony products due to their practices. It cost them very little but how many did as a I did.
  • I wonder, does this company hate money? They must hate money, because instead of withdrawing the application, they could simply charge 30% more (the company makes more than $1m/year?) to users paying through iOS. Hell every year after that Apple would only be taking 15% for recurring customers no matter how much they make/

    They could have 0 dollars, or however much they would make with the smaller percentage of people willing to pay a higher in-app fee, and they chose 0... insane.

    • But consider the free marketing they're getting out of this. Apple's app store practices are a hot news item, if you can metoo yourself into it for the free press, and sites like Slashdot that are now evidently being paid to trash Apple and promote M$, suddenly your service nobody has heard of is now front page news.

      • consider the free marketing they're getting out of this.

        Free marketing - with no way to run the product on iOS once someone goes to look at your service...

        I think they could have got almost as much free press by being one of the first companies to do the logical thing and charge bunches more on iOS (though I'm sure other companies must also be doing this already).

        • by dgatwood ( 11270 )

          consider the free marketing they're getting out of this.

          Free marketing - with no way to run the product on iOS once someone goes to look at your service...

          Maybe you missed the part where you can configure any standard OpenVPN client to use their service.

    • by bsolar ( 1176767 )

      They must hate money, because instead of withdrawing the application, they could simply charge 30% more

      The reason why they are not doing that is clearly stated in the article (empasis mine):

      We do not accept these kinds of monopolistic practices, nor do we want to fund them through our own customers.

    • "to users paying through iOS."

      No users were paying though iOS. The app was free; there was no in-app purchasing. People were paying for a VPN outside of the app. The app was used to configure the device to use the VPN based on subscription held by the account.

      It's a no-log VPN. There's be no way to satisfy any reporting requirements to show that only accounts with the iOS surcharge used an iOS device.

    • they could simply charge 30% more (the company makes more than $1m/year?) to users paying through iOS.

      Since when did Apple drop the rule that subscriptions made from within the app cannot be more expensive than subscriptions from outside the app?

  • You won't see me with an iPhone but some people want one. They are crazy expensive and iOS apps are expensive too.

    Librem One iOS Edition can be $14.29 a month and Librem One Android Edition can be $10 a month.

    If users don't like it they don't have to buy (any of the above).

    • IPHONE SE is only $400. Yes top of the line is 3x.

    • "Librem One iOS Edition can be $14.29 a month and Librem One Android Edition can be $10 a month."

      It's a no-log VPN. There's no way to satisfy auditing that only accounts with the iOS surcharge used an iOS device to connect to the paid-for VPN.

      Remember: the app cost nothing; there were no in-app purchases. Apple is demanding their 30% of a transaction that took places outside of the app. The current workaround is to use manually configured clients, so you couldn't even add a charge to the iOS app to satisfy

  • Why would anyone spend anything on something as common and commoditized as an OpenVPN client? Would you? I'd think stuff like this would just end up being part of the OS distribution anyway.
    • "Why would anyone spend anything on something as common and commoditized as an OpenVPN client?"
      They weren't charging anything for the client. They were charging for the VPN. Their client was free, with the added feature that it looked up the configuration details based on your account. Because updates to that client are now blocked, configuration now has to be done manually.

  • Don't like Apple TOS? Don't sell through Apple.

    Work on those Linux phones to free people FROM Apple instead of (in effect) making a competing ecosystem more attractive with your products.

    Those who love Apple products and services should buy them, but they are in no way a necessity. I don't whinge about their walled garden because I never opted in.

  • "Recently our VPN endpoints have changed, which required us to update the Librem Tunnel application"

    ---

    That sounds like a design flaw right there....why not make an API call to retreive the endpoints?

    • You realize those API endpoints would have to be ... ahem.... hard coded?

      But also it thier VPN client was just a re-skinned version of an existing client with the end points hardcoded to make setup easier. Making a remote call might have fixed them particular problem for now, but being unable to update the app would come up as a problem again in the long term, just delaying the inevitable.

  • Employees of the company where I’m working at the moment allow their staff to use a number of different iOS applications, including and RSA SoftToken, the Blackberry Mobile suite, plus a bunch of in-house applications.

    While some of these are available from the Apple App Store, there are several that are hosted on a private App Store that the company has set up. There are a couple of steps required to do this, including a requirement for the user to over-ride default iOS permissions and “trust
    • Am I missing something in the detail here?

      Yes, you're missing several things.

      1. The people using that private app store have to be employees or contractors of the company that owns the store.
      2. The contract with Apple to get the "App Store" server requires the company to not charge for the apps.

    • Because an iPhone won't run any code that has not been signed by Apple's private key. That internal company app store? Its using a private key that has been signed by Apple's key and that company has paid Apple a large pile of money for that privilege. A privilege that Apple can revoke at any time. Want to run your own app store for iOS devices that isn't limited to just your employees? Guess what the odds are of Apple letting you by signing your key? Zero. Companies participating in the "private app store"

    • The enterprise developer license, only available for "legal entities" that have 100 or more employees.

      I aslo suspect the device must be tied to a corporate MDM program to access that feature. In which case it's the corporate sysadmnin than can approve custom apps, not the end user

      But a normal developer license only lets you install a custom app on 100 devices. But you've tied the key to your legal identity forever which maybe isn't what you want if you are concerned about privacy.

  • another one jumps on the bandwagon...

  • If you gave away an app for free but accepted donations, can Apple demand 30% of the donations?

    If a bank provides an app to it's customers, can Apple demand 30% of the interest in their savings account? Or even 30% of all deposits?

  • If they had bothered to have anyone with experience working with VPN products on IOS they would have known about the issues and been able to work around them. This is cheap company that failed to do the research to work with a necessary vendor.
  • Plenty of corporate applications require a server or external login account (Netflix, etc, etc, etc). Does Apple prevent new startups from doing the same?

    Why not install the app for free and require the user setup an account with the vendor's website like Netflix does? Apple won't let you explain it on the iOS app to the user and you have to be careful to dance around their restrictions on directing the user to your sign up / login page.

    You don't have to use the subscription API's in your App. But you do

Genius is ten percent inspiration and fifty percent capital gains.

Working...