New iOS Update To Break Emulators On iPhones Just Because
from the game-over dept
It's been pretty well established that the major console manufacturers out there hate independently developed emulators of their consoles. Why they react so violently against them instead of working out some kind of mutually beneficial licensing arrangement is a bit beyond me, but you may recall that a couple of years ago, both Sega and Nintendo strong-armed Google into pulling a bunch of emulators from the mobile marketplace. That move has worked so spectacularly that a cursory search in the Play Store returns all kinds of emulators. Job well done!In any case, Apple appears to be bending to their collective wills in a similar fashion, with the most recent iOS update nixing an easy exploit that would allow emulators to be installed on iPhones that had not been jailbroken. The method that had been used by "antique" game enthusiasts was really easy.
Developers discovered the “date trick” that allows unapproved apps to be installed without hacking simply by rolling back the date and time on an iOS device and downloading apps through Safari. This is now the preferred method of gaining access to apps like GBA4iOS or Popcorn Time without losing things like software updates and support from Apple.I have no idea about the technical details behind how rolling back the time on the phone somehow allows the installation of the emulators, but apparently a ton of folks utilized it, stimulating an active emulation community for iOS devices. What with Apple's cozy relationship with console makers and its own authoritarian practices with its app store, everyone knew it was only a matter of time before the exploit was removed.
In a blog post entitled “Apple Is Slowly Killing Everything We Love,” Dario Sepulveda writes, “iOS 8.1 beta was seeded to developers yesterday and it’s already causing panic among iOS emulator aficionados… The Date Trick fuels the emulator communities nowadays… Without it, everything looks bleak.”A massive shame indeed, especially since the move is so wholly unnecessary. There's absolutely no reason why console and game makers couldn't utilize the apps and communities already in place to both build up their fan base and make a little coin as well. Instead, by going the protectionist route, they only anger true fans and limit the exposure of their products.
Indeed it does. Of course, it did seem inevitable that this would come sooner or later; Apple has been working to put a stop to jailbreaking since it started back in 2007 — the same year the iPhone made its debut — so it has always seemed unlikely the Cupertino company would just turn a blind eye to this. But it’s a massive shame.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
I see what you did there
signed
Mr Bending.
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
Seems to me the folks at Google need to close that gap...
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Clueless
[ link to this | view in thread ]
Re: Clueless
As for why the exploit works, that's not relevant to the article at all.
[ link to this | view in thread ]
Re: Re: Clueless
[ link to this | view in thread ]
Re: Re:
[ link to this | view in thread ]
Re: potential vector for end-running around security on the phone
[ link to this | view in thread ]
Re: Re: Re: Clueless
The vast majority if iOS users are far more concerned about the absence of malware than the availability of emulators. Apple, like any company, does well to serve their most important clientele. Has anyone tried to create an emulator that could be distributed through the App Store?
[ link to this | view in thread ]
It's about security
The "trick" that was being used was to piggyback on the Enterprise software distribution system Apple have to completely bypass the App Store. All software installed on an iPhone has to be digitally signed to guarantee it has not been tampered with and to identify where it came from. App Store apps all have this, obviously. But enterprises needed a method of distributing software to employees that bypasses the App Store as they don't want those private apps available to anyone. They rely on a separate set of digital identities. The emulator crowd were using an enterprise developer ID on the verge of expiry to sign their app. By taking the clock back to an earlier time when the signature was valid you bypass the full security checks. This is an obvious security hole - it means that even if a malicious developer has their key revoked by Apple to protect users their malware can still be installed and run.
Going forward there are still other mechanisms that can be used: jail breaking (which means there's no security on your device, so take your chances), limited distribution of developer beta test profiles and there's nothing stopping you installing Xcode to compile the Open Source source code yourself and install it on your own devices.
[ link to this | view in thread ]
Re: Re: Re: Re: Clueless
Try re-reading the first paragraph of the article, add in Apples control freak nature, and you will understand why there are none in the App store.
[ link to this | view in thread ]
Re: Re: Re: Clueless
Why do you consider it a huge concern? It's not like anyone would root their phone on accident. I genuinely don't see why this would be so worrying.
[ link to this | view in thread ]
Re: It's about security
Indeed. But why is doing this so horrible that it must be stopped? Given that you have to go out of your way to do this, I don't see a valid security concern over it.
The app store requirement is in my top 3 reasons why I'll never own an iPhone.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: It's about security
That is... just... false. Even on a jailbroken iphone, apps still run in sandboxed mode by default. You need to explicitly give root to specific apps (which usually isn't necessary). Every single security feature is still active. The only real difference is no OTA updates, and Apple support will just look at you funny if you mention you've jailbroken. You also might want to eyeball apps before installing them, but that's nothing new.
[ link to this | view in thread ]
Re: Re: It's about security
No. It is correct.
>Even on a jailbroken iphone, apps still run in sandboxed mode by default.
The sandbox doesn't really work when, I dunno, there is working exploit code against it. You seen Project Zero's latest post? You might want to take a look.
http://googleprojectzero.blogspot.com/2014/10/more-mac-os-x-and-iphone-sandbox.html
Quite a few sandbox issues right there which are now public, some of which can be used to bypass you wonderful sandbox :D
>You need to explicitly give root to specific apps (which usually isn't necessary).
They could just use one of the many public exploits for that version to gain it.
>Every single security feature is still active.
Yeah, but we also have public code to bypass them. (Oh and btw, code signing is a security measure which is removed)
>The only real difference is no OTA updates
Leaving all the bugs you never patched open for abuse.
>You also might want to eyeball apps before installing them, but that's nothing new.
Good luck finding a well-made backdoor ;p
[ link to this | view in thread ]
Re: Re: Re: It's about security
As for no OTA updates, that doesn't mean you have to leave your system unpatched (in fact, jailbreaking often means you get patches sooner), you just have to do it yourself.
Side loading apps can be potentially harmful, yes, but that decision should be made by the user. Any apps from the app store are exactly as secure on a jailbroken or stock device (including code signing).
Saying that a jailbroken device has no security is blatantly false.
[ link to this | view in thread ]
Re: It's about security
Simple solution: Stop banning emulators from iOS. Then they can be digitally signed and run properly on a nice, secure device, just like all the other apps. Problem solved.
[ link to this | view in thread ]
Re: Re: It's about security
[ link to this | view in thread ]
Re: Re: Re: It's about security
[ link to this | view in thread ]
Re: Re: Re: Re: It's about security
[ link to this | view in thread ]
Re: Re: Re: Re: Re: It's about security
[ link to this | view in thread ]
This one says emulators == good;
Roms and Bios == bad;
http://metro.co.uk/2013/02/17/the-legality-of-emulation-part-2-readers-feature-3480905/
Also
https ://en.wikipedia.org/wiki/Video_game_console_emulator#United_States
Since emulators == good/ Roms and Bios == bad;
The conclusion could be that they would rather get rid of them.
[ link to this | view in thread ]
https://www.nintendo.com/corp/legal.jsp#legitimize
[ link to this | view in thread ]
Re: Re: Re: Re: Re: It's about security
It is illegal to use an emulator to run software that you don't own, but it's really not Apple or anyone else's place to declare emulators illegal because people might use them for that purpose.
MANY emulators exist for computers and I'm only aware of two lawsuits. Back when the Playstation was still a current system, Sony sued two different makers of commercial Playstation emulators. They lost both cases.
[ link to this | view in thread ]
It may not be their place, but that hasn't stopped them in the past with other software, did it?
Anyway, let's hope they don't screw their faithful ones once more
[ link to this | view in thread ]
Re:
The primary legitimate use is to aid in the development of software for the emulated platform.
[ link to this | view in thread ]
Ronny
https://getappvalley.com/ https://tutuappx.com/ https://tweakbox.mobi/
[ link to this | view in thread ]
https://tutuappapkd.com/
[ link to this | view in thread ]
it's about money not security.
[ link to this | view in thread ]