Scammy iOS App Discovered That Refuses To Open Unless You Give it a Good Review (theverge.com) 49
App developer and scam app hunter Kosta Eleftheriou's latest discovery is a real doozy: an iOS app that refuses to function until you give it at least a 3-star review in the App Store. From a report: Although the UPNP Xtreme app -- which claimed to let users stream video to their TVs -- now appears to have been pulled, we were able to verify that it generates the App Store rating box the second it opens. You can't dismiss the ratings box, nor can you tap the 1 or 2-star ratings, Eleftheriou said. We verified this behavior, but some other users report they were able to dismiss the dialog box or leave a lower rating.
Re: (Score:2)
Some developers have been putting IP checks in their apps that disable the scammy parts when they see that the address corresponds to a location in or around a known Apple address.
On the other hand, we've also recently seen some internal emails from Apple that came out via the Epic trial, indicating that they are not pleased at all with how fallible their reviewers have proven. There was more than one email more or less asking while yelling, "how the hell are we still letting these things through?!". So it
Re: (Score:3)
It would take literal magic to NOT let these things through. All somebody has to do is create an A/B test, then wait to enable it until after the app is on the store. There's zero chance of Apple being able to catch that.
Any app review process is fundamentally useless for catching malice. The only thing it can realistically do is catch some types of mistakes, such as crashing frequently. It can't even reliably catch use of private APIs, if somebody really wants to hide what they're doing, much less cat
not really true about the review score. (Score:2)
for example the app could be made to not have access to the score, the review should happen outside of the application etc.
in any case that the application would have access to the score is insane in concept.
anyway the target only non western ip's is an old tactic. like even slashdot has had literal scam install update advertisements, which I doubt are showing if you're not browsing from asia/africa.
Re: (Score:3)
for example the app could be made to not have access to the score, the review should happen outside of the application etc.
AFAIK, the app doesn't have access to the review score. Those are in remote view controllers (_UIRemoteViewController) that are run in an out-of-process fashion, and are merely hosted by the app.
What the app does have control over is the view hierarchy, and more to the point, where a remote view controller is presented. As a result, this particular app is able to abuse the view hierarchy by putting a transparent view on top of the review window that steals the tap events and prevent users from tapping on
I see the shills are downmodding today. (Score:2)
Metamodders take note and that other posts saying the same thing have not suffered similarly.
Re: (Score:2)
https://apple.slashdot.org/sto... [slashdot.org]
Do a CTRL+F for "Apple horror story".
Remember kids (Score:2, Insightful)
Walled gardens are just security theater.
Re: (Score:2)
Walled gardens are just security theater.
Speaking of kids, remember your audience.
Like they give a shit.
Re: (Score:2)
How many updates is your two your old Android phone receiving?
Re: (Score:1)
Re:Remember kids (Score:4, Interesting)
That particular concern mostly stopped being relevant as of Android 8.1
https://source.android.com/set... [android.com]
As of Android 10, you can also boot to a separate instance of a completely different version of Android without actually having to install it
https://developer.android.com/... [android.com]
Useful for developers wanting to try beta versions of Android without having to permanently alter their phone if its their daily driver; just reboot and you're back into the permanently installed copy.
Re: (Score:2)
So? (Score:1)
Re:So? (Score:5, Insightful)
My standard response to such a move would be to quit out of the app, and proceed to give it 1 stars in the app store itself.
Re: (Score:3)
Followed by a prompt uninstall and search for another app doing the same function but without the bullshit.
Congratulations, your ratings farming just earned you a lower score and less usage than you would have otherwise gotten by just making an app that does what it claims without a bunch of bullshit.
Why not? (Score:3)
Not Actually In Violation (Score:3)
As horrible as this is, I am not sure it actually violates either Appleâ(TM)s or Googleâ(TM)s App Submission guidelines.
All it will take are a few actual Reviews that point out the Scam, and Poof go the sales.
Problem solved the Free-Market way!!!
Re: (Score:2)
Someone really contorted that one badly. I don't know the original incarnation, but that can't be it, and it needs work. The Canadian in the joke is superfluous and adds nothing except to pad the length.
It would work far better with Trump in Hussein's place wishing for a wall around the US to keep people out; what with all his campaining about big beautiful walls that someone else would pay for.
And maybe replace Canada with with Israel or China or North Korea or Russia, states with a history of walls/firewa
Re: The Walled Garden (Score:2)
How about the Canadian goes last and asks for the American wall filled with water
Re: (Score:2)
Well I lol'd so i guess it works. :)
Re: (Score:2)
Afghanistan? Saddam Hussein?
Re: (Score:2)
Evidently genie was an American.
Re: (Score:2)
'Murica
I hate those "Review ME" popups (Score:2)
Re: (Score:2)
Review popups isn't just an app store phenomenon. From Amazon to Reddit they want me to review something like anyone gives a damn what I think.
Re: (Score:2)
Ask me for a specific star rating you get a 1-star review and a comment saying that the app is a bitcoin miner.
Re:I hate those "Review ME" popups (Score:4, Interesting)
I have the SAP Concur app on my phone so I can do expense reports for work. Got a review popup asking "how much do you love it?" gave it 1 star and in the text "Why would I love an app like this? I'm required to use it by my work to get my money back, and SAP costs way too much money anyhow."
If Apple profits they should share liability (Score:4, Interesting)
Bad review (Score:3)
"Can't open app unless I give it a 5 star review. DO NO INSTALL"
Why can't people simply respond appropriately to scams and manipulative apps? When did we learn to acquiesce so quickly?
Real question is... (Score:2)
...does it actually work? In the Android world I've found the scammiest apps are streamers, wireless display connectors, and anything UPNP gets the 'scam' label from me instantly anyways.
Let's Review-Bomb This App (Score:2)
So, it's time for us iPhone-wielding Slashdotters to Install the App (but not launch it!), which gives you the right to Review it; then, in the App Store, Leave a 1 Star Review and a Warning to others.
Then, Uninstall the App.
We should be able to bury this App in about 30 minutes...
Re: (Score:2)
You didn't read the summary, did you?
Re: Let's Review-Bomb This App (Score:2)
You didn't read the summary, did you?
Yes I did. Tell me, what did I miss?
Re: (Score:2)
Although the UPNP Xtreme app... now appears to have been pulled...
Now I am not an iPhone user, so if it is possible to review an app that has been removed from the store, I apologize.
Re: Let's Review-Bomb This App (Score:2)
Now I am not an iPhone user, so if it is possible to review an app that has been removed from the store, I apologize
I don't know about Reviewing a Pulled App (kinda doubt it); but the App listing is still Up on the U.S. App Store, at least, just like when I d/l-ed it a couple of hours ago (but after the TFS was Posted).
I do admit, however, that I read right past the "pulled" phrase! Duh...
Re: (Score:2)
Huh, that is interesting...
Somewhat similar Android event? (Score:3)
I have an app on Google Play for tweaking colors on rooted Android devices, and suddenly noticed a ton of recent 5-star reviews in Spanish, a bunch of them including gibberish or even copy-and-paste from novels. My first guess was that someone had hired a reviews-for-money service for their app and the scammers by mistake directed their workers to post reviews of the wrong app.
But piecing things together from things people said in the reviews, it seems what happened was that someone had posted on TikTok saying that my app would work to enhance color saturation in a certain popular shooter game but only if they posted a "500 word" [character??] 5-star review of my app first. (I've since been posting responses to the reviews saying that whether the app works does not depend on whether one reviews it and I've flagged a number of the more obviously nonsensical reviews.)
How could Apple pull an app w such high ratings? (Score:2)
(that is all)
Delete and 1-star (Score:2)
What prevents you from deleting the app and then give it a 1-star review explaining what happened?
Re: (Score:2)
Think about how stupid the average phone user is and realize half of them are even dumber.
Who reads app reviews anyway? (Score:3)