Huawei is sending developers requests to publish on its app store

Late last month, news that Google had revoked Huawei’s Android license shook the tech community. Since then, we’ve seen hardware suppliers, chip designers, standards organizations, and other companies pull out of deals with Huawei.

Huawei’s growing pains have forced the company to speed up development on its Android OS and Play Store alternative. If the company wants to survive without Google, then they need to ensure that their smartphones have access to a flourishing app ecosystem. To that end, the company is continuing to send out requests to developers of popular Play Store applications to get them to publish their apps on EMUI‘s pre-installed AppGallery app store.

A trusted developer, who wished to remain anonymous, reached out to us this morning with an email they received from Huawei. The email was an invitation to join AppGallery, an app store that the company says has “270 million monthly active users” on over “350m phones,” about half of which are sold outside of China.

The email promises that developers will be provided with “full support” to help them publish their app on AppGallery, but it’s unclear exactly what kind of support will be provided to developers. Lastly, the email mentions a free invitation to a developer community of over “560k”, though we don’t know how active this community really is.

https://www.xda-developers.com/huawei-request-developers-publish-appgallery/

#huawei #AppGallery #AppStore #developer #apps
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Interview with the developer of the Aurora App Store

The Aurora App Store is a good example of how you can do without Google. The basic idea of Open Source played an important role in the development of this Android App. Programmers all over the world should have the opportunity to profit from this open source project or to actively participate in it.

When it comes to the topic „FOSS“ (Free Open Source Software), or Open Source in general, many people still have misunderstandings. Aurora is not any different. But we hope that developer Rahul Patel can explain this to us in this interview.

Aurora OSS: What does „OSS“ mean and why Open Source?

Tarnkappe.info: Why are only Open Source applications allowed? Is it primarily about security? Or rather by principle?

Rahul Patel: That’s an interesting question. Aurora OSS (Open Source Software) is, as the name suggests, a small collection of „FOSS“ or Open Source Apps. Why only Open Source? Well, it’s because we wanted to be very transparent about what we were doing right from the start. Everyone should be able to check the code for themselves. What is also important to us is that everyone should have the opportunity to start their own open source project. Or even better, to participate actively in the development and thereby improve the quality of the software.

Tarnkappe.info: And to detect and remove possible bugs. What does that mean explicitly referring to the Aurora-Store or Aurora Droid ?

Rahul Patel: Well, the Aurora App Store is an alternative (open source) client for the Google Play Store. Therefore, like Google’s Play Store, it includes all types of apps, proprietary and non-proprietary. (Explanation: Proprietary means that only the owner has access to the source code of the program.)

The Aurora Droid, is an alternative (open source) client for F-Droid, so it only supports FOSS apps, which is the main principle of F-Droid.

Internal, malware in apps

Tarnkappe.info: How many people work on Aurora, what do they do in detail?

Rahul Patel: Well, as a developer, I’m the only one who actually writes the code. But there are several designers who help me with the design of the app interfaces. Not to mention the many supporters who help me with domains, servers and dummy accounts.

👉🏼 Read more:
https://tarnkappe.info/interview-with-the-developer-of-the-aurora-app-store/

#Aurora #app #store #AppStore #Interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Fortnite for Android has also been kicked off the Google Play Store

You can still install it directly from Epic, however

Following its removal from the Apple App Store, Fortnite has also been kicked off of the Google Play Store for Android. Earlier today, Epic Games snuck in an update for both the iPhone and Android versions of the game that allowed users to pay Epic directly for in-app purchases instead of using the officially sanctioned system for both platforms.

What followed was a wild ride: Apple kicked Fortnite off the App Store, then Epic sued Apple, and finally there was an in-game video parodying Apple’s own 1984 commercial, positioning Apple itself as the monopolist.

https://www.theverge.com/2020/8/13/21368079/fortnite-epic-android-banned-google-play-app-store-rule-violation

https://www.engadget.com/fortnite-android-225437892.html

https://youtu.be/euiSHuaw6Q4


#Google #apple #fortnite #appstore #playstore #payments #EpicGames

Malware Injected Into Xcode Projects Could Infiltrate Mac App Store

Last week, we reported on a severe new kind of Mac malware that has been found to infect via Xcode, discovered by security researchers at Trend Micro.

In an exclusive interview with #MacRumors, the security researchers behind the discovery, Oleksandr Shatkivskyi and Vlad Felenuik, have provided more information about their research.

The malware, which is part of the XCSSET family, is "an unusual infection" that is injected into Xcode projects. When the project is built, the malicious code is run. This can lead to "a rabbit hole of malicious payloads," and poses a significant risk to Mac users.

Specifically, the malware was found to be capable of abusing Safari and other browsers to steal data. It can use a vulnerability to read and dump cookies, create backdoors in JavaScript, and in turn modify displayed websites, steal private banking information and passwords, and block password changes. It was also found to be able to steal information from apps such as Evernote, Notes, Skype, Telegram, QQ, and WeChat, take screenshots, upload files to the attacker's specified server, encrypt files, and display a ransom note.

Shatkivskyi and Felenuik told MacRumors that they believe the XCSSET malware will become extremely common among bad actors who seek to exploit Mac systems. The malware is particularly dangerous because verification methods, such as checking hashes, would not identify infection. It was found to be present in projects shared on GitHub. This means that developers who rely on repositories could face a supply-chain attack and be unaware that their project has become infected.

Xcode projects infected with the malware can create maliciously modified applications, unbeknownst to the developers who make the apps, and may then distribute them as trojans. Shatkivskyi and Felenuik believe that the Mac App Store review team will be largely unable to detect apps that contain the XCSSET malware. "As an #iOS developer I know how easy it is to fool them and release an app with hidden features," Shatkivskyi said.

Shatkivskyi and Felenuik first approached Apple about the issue as early as December 2019, and they hope that Apple will be decisive and swift in its response to resolving the vulnerability. They suggest that Apple could implement privacy notifications, the likes of which came to iOS 14 and iPadOS 14, to alert Mac users when the malware is active on their systems, in an effort to explicitly alert users to a potential breach.

👀 👉🏼 https://www.macrumors.com/2020/08/24/xcode-malware-infiltrate-app-store/

#XCSSET #xcode #malware #apple #appstore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

A tip from a kid helps detect iOS and Android scam apps’ 2.4 million downloads

Smartphone apps raked in ~$500,000, in part thanks to shilling on TikTok and Instagram

Researchers said that a tip from a child led them to discover aggressive adware and exorbitant prices lurking in iOS and Android smartphone apps with a combined 2.4 million downloads from the App Store and Google Play.

Posing as apps for entertainment, wallpaper images, or music downloads, some of the titles served intrusive ads even when an app wasn’t active. To prevent users from uninstalling them, the apps hid their icon, making it hard to identify where the ads were coming from. Other apps charged from $2 to $10 and generated revenue of more than $500,000, according to estimates from SensorTower, a smartphone-app intelligence service

The apps came to light after a girl found a profile on TikTok that was promoting what appeared to be an abusive app and reported it to Be Safe Online, a project in the Czech Republic that educates children about online safety. Acting on the tip, researchers from security firm Avast found 11 apps, for devices running both iOS and Android, that were engaged in similar scams.

https://arstechnica.com/information-technology/2020/09/scam-apps-with-2-4-million-downloads-found-on-apple-and-google-shelves/

#scam #kids #adware #Playstore #android #AppStore #iOS #tiktok #instagram

Apple reverses decision to charge businesses fees for events, but Facebook still isn’t happy

https://www.cnbc.com/2020/09/25/apple-temporarily-reverses-decision-to-take-fees-for-facebook-events.html

Facebook said Apple temporarily reversed its decision to take a 30% cut of sales from businesses hosting paid events through Facebook.
Previously, Facebook said Apple blocked an update to the Facebook app that displayed a message saying Apple would take a cut of the transactions.
Apple’s reversal only lasts for three months, and does not apply to gaming companies hosting paid events, Facebook said.


#Apple #appstore #facebook #fee #30% #events

New program reduces App Store commission to 15 percent for small businesses earning up to $1 million per year

https://www.apple.com/newsroom/2020/11/apple-announces-app-store-small-business-program/
Comments: https://news.ycombinator.com/item?id=25135410

https://www.theverge.com/2020/11/18/21572302/apple-app-store-small-business-program-commission-cut-15-percent-reduction
Comments :https://news.ycombinator.com/item?id=25135462

Apple's 15% Deflection Tactic
https://www.johnluxford.com/blog/apples-15-percent-deflection-tactic
Comments: https://news.ycombinator.com/item?id=25143303


#apple #appstore #store #15% #extortion

Here’s a sneak peek at Aurora Store v4, a big update to the open source Play Store client

The Aurora Store is a popular open-source client of the Google Play Store, allowing users to search, download, and update Android apps and games on any device running Android 5.0 and above. The app’s main highlight is that it doesn’t require GApps, MicroG, or Google service of any kind. Originally a fork of the Yalp Store, the app was later rewritten from scratch to offer a modern UI with Material Design.

The team behind Aurora Store is working on a major update that improves the app discovery and brings the user interface a step closer to the Google Play Store. XDA Senior Member Hb20032003 has shared some images — originally posted over at Aurora Store’s official Telegram group — giving us a sneak peek at what the fresh UI will look like. As you can see in the screenshots below, the new UI is clearly inspired by the Google Play Store, focusing on making it easier to discover new apps. The old Home, Updates, Categories tabs have been replaced by the Apps, Games, and Updates, and there’s now a floating search button instead of the top search bar. We also see new columns such as “For You,” “Top Charts,” and “Editor’s Choice,” along with proper app categories.

https://www.xda-developers.com/aurora-store-v4-update-sneak-peek-open-source-play-store-client/

#aurora #appstore #playstore #client
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The App Store is broken because it wasn't designed to work

When Kosta Eleftheriou first started revealing scam upon scam in the App Store, I have to admit I didn't quite get it. How were all these multi-million dollar scams being allowed into the App Store in the first place? And why weren't they being expediently removed when scores of customers complained in their 1-star reviews?

The answer turns out to be as simple as it is depressing: Apple's App Store was never designed to work. At least not in the way the company purports that it does. Apple presents the App Store as a highly curated, secure mall of apps which have been thoroughly vetted, and that you can safely install without any due diligence. But it's not and you shouldn't.

As part of Epic's lawsuit against Apple, we've come to learn that app reviewers typically review 50-100 apps per day. Some times spending less than a minute reviewing an individual app. We've also learned that these reviewers are hired without any technical background, let alone any particular expertise with the iOS or macOS platforms.

There's a term for a practice like this: security theater.

https://world.hey.com/dhh/the-app-store-is-broken-because-it-wasn-t-designed-to-work-aa479eb5

#apple #appstore #thinkabout
📡 @nogoolag 📡 @blackbox_archiv

Apple Tracks Every Tap On Its App Store
@takebackourtech | SOURCE

iOS developers & privacy researchers at Mysk have recently found that the Apple App Store sends every tap you make to Apple.

https://nitter.takebackourtech.org/mysk_co/status/1588308341780262912

—
⚡️ Follow us
🗣 Discuss
📩 Newsletter