Sonos should learn from Facebook

by Volker Weber

0cf45ddc9e2aee095acc72e213e6c697

Apple pulled the rug out from under Facebook today by revoking their Enterprise Developer certificate. You deploy this on your employees' iOS devices so you can distribute apps without going through the App Store process.

Facebook used this mechanism to deploy their spyware and Apple simply killed those apps by revoking the certificate. Collateral damage: all other internal apps using the very same certificate also died the very same minute.

Sonos is still using the same process to distribute their betas outside the company and I would wager they violate the same terms and conditions as Facebook. The proper way to do this is use TestFlight, like everybody else.

Comments

Maybe Sonos is using private APIs in the beta versions of their iOS app and hence they have chosen this deployment approach?

Abdelkader Boui, 2019-01-30

I don't know. Maybe they are just lazy because they always did it this way, before TestFliight existed.

Volker Weber, 2019-01-30

As far as I understood, Facebook's main violation was, that they used it for spying. In days before Testflight, wasn't this the usual method for deploying betas?

Christian Gut, 2019-01-31

What Facebook did here was against Apple's privacy stance. That called them into action, and using the enterprise developer certificate for distributing apps outside the enterprise gave Apple a reason and means to stop them. They could do the same thing to Sonos if they ever chose to.

Volker Weber, 2019-01-31

Prior to Apple's acquisition of TestFlight the usual method was also the prescribed one — adding individual test device UDIDs to the build. TestFlight was created as nothing more than a streamlined workflow for use of the limited allocation of UDID slots provided to every developer account for testing on 'external' devices. There has never been a time when the issuing agreement for enterprise certificates permitted deployment to users not directly bound by the enterprise's legal obligations. Apple may have been less than aggressive in enforcement of this rule but also has no direct method of monitoring such breaches of the agreement.

Facebook egregiously flouted this rule for malign purposes with predictable consequences - including that their own internal apps and testing workflows, which daily operation of their business is dependent upon, are now non-functional.

Any organization using this mechanism in this way exhibits a shocking lack of foresight consistent with the absence of adult supervision. It makes one wonder what other bad decisions Sonos has made.

David Richardson, 2019-01-31

I can remember they used to add UDIDs way back when. Which in the olden days limited them to 200 test devices. I used to have to of them: one iPhone and one iPad.

Volker Weber, 2019-01-31

Post a comment

Store next two fields in a cookie for you?




Use your full name and a working email address. Unless you want your comment to be removed. No kidding.

Recent comments

Ben Langhinrichs on Empathy and innovation :: this is not your dad's Microsoft anymore at 23:50
Bernd Hofmann on Empathy and innovation :: this is not your dad's Microsoft anymore at 21:55
Hubert Stettner on Empathy and innovation :: this is not your dad's Microsoft anymore at 21:54
Daniel Gebauer on AutoSleep Tracking mit der Apple Watch at 21:02
Jens Becker on ANC Headphones :: Beats vs Bose vs Microsoft vs Sony at 14:06
Mark Dörbandt on Jetzt auf meinem Sonos :: Das Radio der von Neil Young Getöteten at 13:38
christoph Graber on Jetzt auf meinem Sonos :: Das Radio der von Neil Young Getöteten at 12:53
Ahmad Masrieh on AutoSleep Tracking mit der Apple Watch at 11:53
Norbert Niemeyer on ANC Headphones :: Beats vs Bose vs Microsoft vs Sony at 11:51
Henning Heinz on Barry Gibb :: The Last Bee Gee at 11:12
Volker Weber on ANC Headphones :: Beats vs Bose vs Microsoft vs Sony at 11:03
Dominique Roller on ANC Headphones :: Beats vs Bose vs Microsoft vs Sony at 10:49
Volker Weber on Barry Gibb :: The Last Bee Gee at 10:26
Henning Heinz on Barry Gibb :: The Last Bee Gee at 10:24
Ragnar Schierholz on AutoSleep Tracking mit der Apple Watch at 09:47
Christian Heindel on AutoSleep Tracking mit der Apple Watch at 09:26
Volker Weber on AutoSleep Tracking mit der Apple Watch at 08:59
Jochen Schug on AutoSleep Tracking mit der Apple Watch at 08:57
Volker Weber on Invoxia Pet Tracker :: Ein kleiner Zwischenstand at 20:37
Johann Görken on Invoxia Pet Tracker :: Ein kleiner Zwischenstand at 20:35
Volker Weber on Barry Gibb :: The Last Bee Gee at 08:20
Claus Böhmer on Barry Gibb :: The Last Bee Gee at 08:05
Eric Bredtmann on udoq :: Es kommt auf das Netzteil an at 14:19
Nils Michael Becker on Invoxia Pet Tracker :: Ein kleiner Zwischenstand at 12:58
Bernd Fellerhoff on Sonos Amp ab 12. Februar at 12:32

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 02:53

visitors.gif

buy me coffee

Paypal vowe