Apple pulls iPhone torrent app from AltStore PAL in Europe
68 comments
·September 2, 2025827a
Someone
To protect their users they chose to include a feature that allows them to remotely kill nefarious apps on all devices, regardless of how they got installed. A consequence of that is that they cannot answer government requests to kill apps with “I'm sorry, Dave. I'm afraid I can't do that”.
Was that the right trade-off? I’m not sure, but AFAIK, they aren’t allowed to add alarming warnings when users add alternative stores, so they can’t put up signs “you’re leaving the safe area”, so I can see why they made this choice.
ruszki
> To protect their users they chose to include a feature that allows them to remotely kill nefarious apps
This feature is part of antivirus solutions for ages.
can16358p
If an OS needs antivirus for this, that OS has been designed wrong (excluding Linux, FreeBSD etc as the target audience isn't regular end users) in the first place.
An OS should NOT need antivirus, it needs proper sandbox and containerization.
anonym29
It would be trivial for Apple to push out silent targeted OS updates to specific individuals that would log decryption keys and send them to Apple, enabling Apple to decrypt that specific user's data.
Remember, Apple is the same company that cooperated with the NSA to secretly log and feed user data to the NSA starting back in 2012, as revealed by Snowden's heroic disclosure of the PRISM program (which was ruled unconstitutional by a federal judge).
Apple's privacy-protecting image is nothing more than marketing.
cnst
Apple is actually far worse at protecting your privacy than Google.
On iOS, you cannot install any apps without an Apple Account, and even some preinstalled apps (like Pages, Numbers, Keynote, GarageBand, iMovie) cannot be used before you assign them to an Apple Account.
On Android, you can install any app from any third-party store without having any accounts. There's a store called Aurora Store that even lets you install apps from Google's Play Store without an account as well, so, you can even install all the mainstream apps, all without any accounts.
Nevermark
That's one point of privacy.
Meanwhile, they protect vast amounts of your data with encryption, especially if you opt in to the most protection.
I don't have any wish to promote Apple, but those are not comparable. Even though I have hated Apple's closed App Store policy.
vlovich123
> On Android, you can install any app from any third-party store without having any accounts. There's a store called Aurora Store that even lets you install apps from golgle's Pay Store without an account as well.
I thought Google recently announced changes to this requiring a developer account to side load.
greyadept
This is what I’ve always struggled to explain to people, that any software’s security and privacy is only as good as its most recent update.
hsbauauvhabzb
One is a selling point to the security conscious user. The other they no longer need to care about because Android is now a walled garden too.
hopelite
You haven't noticed that the tyrannical agencies, aka "intelligence" agencies in the west no longer white and throw tantrums about "going blind" and "black holes" etc. regarding Apple device encryption?
I do not get the impression that they just forgot and stopped being traitors.
habinero
I mean, you can just look it up instead of spreading conspiracies.
Apple put in functionality that makes it impossible for them to unlock phones and added additional controls to make brute forcing infeasible. The fight was fought, they had it out in court, and it's done.
If that wasn't true, literally all iPhones would be backdoored by the Russians and Chinese lol. Law enforcement is utterly incompetent when it comes to technology, you think they wouldn't immediately leak keys or access?
WatchDog
Some more context from the linked github issue[0], the app was removed because of European sanctions against Russia, it seems that the app developer who now lives in Malta, has a Russian background.
What is interesting is that it's Apple enforcing these sanctions, rather than AltStore.
The amount of control that Apple exercises over these alternative app stores, really does seem to be against the spirit of the DMA.
[0]: https://github.com/XITRIX/iTorrent/issues/401#issuecomment-3...
jkaplowitz
That’s also weird to me. I don’t have current 2025 info on the sanctions, but back in early 2022 I had a colleague with Russian citizenship who was living in Ireland (with proper permission to live and work - I think even permanent residence). He was exempted from the nationality-based sanctions because of his EU residence, although he did have to prove it to e.g. his banks.
Do the sanctions applicable in 2025 apply even to EU residents of Russian nationality or origin without such an exemption, or is this person covered by more narrow sanctions like one which name him individually, or is Apple going beyond the sanctions rules here for a store they don’t even operate?
Edit: reading the linked GitHub discussion more closely, it seems that he expects to benefit from the same exemption as I was describing, with the problem being twofold: one, the developer had neglected to update his personal info in Apple’s dev portal - not Apple’s fault, at least assuming that sanctions enforcement is their job at all in this scenario. But two, Apple has taken a long time to react to this guy providing proof of his Maltese residence, so that’s on them for being an unresponsive bottleneck.
throw-the-towel
You're technically right, but entities find it easier to just ban everyone suspicious than to devote time and manpower to actually investigate.
duskwuff
> But two, Apple has taken a long time to react to this guy providing proof of his Maltese residence, so that’s on them for being an unresponsive bottleneck.
Someone I know has Maltese citizenship. From the stories they've told, the unresponsive party might not be Apple.
(At one point, my friend had to show up at the Maltese immigration office in person to get them to respond to an inquiry.)
isodev
And 3, Apple asking for a photo of the ID instead of using eID so the entire process can be tap > Face ID (in your country’s eID app) > done.
Also for some reason on App Store Connect, Apple is asking for a country of birth, not citizenship so with that alone, it’s unclear to me how can they make a determination at all.
Once again, our random spawn point (of which we have no control) is interfering with what we can and can’t do in life. Oh and Apple totally not getting how people live and move in the EU.
throw-the-towel
> Once again, our random spawn point (of which we have no control) is interfering with what we can and can’t do in life.
This is how wartime works.
tempaccount420
> our random spawn point
It's not random.
andai
If Apple can decide what you can publish on alternative stores, doesn't that defeat the purpose of having alternative stores?
Fade_Dance
I believe it was the Apple fee monopoly that was the central thrust of the anti-trust case, not open distribution of apps themselves. The goal was to allow storefronts to compete on fees.
If Apple was banning apps from alt stores but keeping them listed in their own store, then it would be a legal issue.
I personally I think it defeats the purpose as well, but I'm more concerned with the right for people to do what they wish with their own device. These antitrust court cases can get pretty specific with what they are addressing.
AnthonyMouse
Aren't they both anti-trust problems? Suppose Apple bans apps that compete with some service they offer themselves. Allowing them to be banned in alternate stores as long as Apple also bans them in their own store is clearly not going to make that better, right?
seany
Yes
null
null
teekert
I’ve never managed to get this torrent client working myself. I paid money for Altstore, but I’ve only ever found some emulator. I think I just don’t understand how it works.
Just now: I open Altstore, see an ad for the Epic Games Store, I tap it, the install button at the top sends you in a loop back to the same page, nothing happens. Oh, there’s another button (lower on the "page"): Install on iPhone or iPad, I tap that, then another button, Install. I tap it. New screen: Open the Epic Games Store on your home screen. Except that there is no Epic Games Store anywhere on my device.
And that’s basically all my experiences with Altstore.
The idea is really nice, indeed, which is why I paid for it immediately (just 1-2 euros or so I believe) but I never got anything out of it, ah well.
can16358p
Not to play devil's advocate here and also IANAL but:
If (as as it is) Apple is still controlling apps via notarizarion/digitally signing apps of and recognizing developers, and if the app is developed for something that would land Apple in legal trouble (e.g. it makes it easy to freely and illegally download music and Apple also has legal contracts with record labels as they have Apple Music, and not only legal but it also affects Apple's own music revenue too) as the app has passed explicit notarization of Apple (in other words: Apple "knowlingly" allowed them and greenlighted them by notarizing the app), wouldn't it cause legal trouble for Apple?
For that, it's the logical behavior for a company like Apple to stop allowing the app.
Again, I'm not supporting it, but I can imagine where it's coming from and that makes sense from a business perspective as torrenting on mobile has almost no legal use cases. We all know you have not installed it to download your favorite Linux distro to your iPhone.
bmandale
If the ability to remove apps obligates them to remove apps, then that is a strong argument for them not to have the ability to remove apps.
It also almost certainly doesn't so obligate them. They aren't acting as an intermediary, they are just incidentally signing the app. The app signing certifies in the first place that they checked the documents of the app devs, and in the second place that they haven't decided to remove the app. But removing the app is an action, not an inaction, they can't be compelled to take it. It would be like the record label saying I had to stop a bootlegger I happened to observe while I was out for a walk.
ronsor
1. Signing apps does not constitute endorsement. Re-read the developer agreement.
2. Apple's obligations under law supersede their agreements with any record labels.
can16358p
1. Not endorsement, but at least a recognition of some sort that Apple recognized the dev and the app and allowed them to publish this app (regardless of which store).
2. AFAIK Apple isn't doing anything illegal by pulling out this app. Malicious compliance? Perhaps. Illegal? Nope. If Apple doesn't do this, then it would indeed attract legal issues due to the first point.
like_any_other
Legally that sounds about right, but morally, your argument does nothing to defend Apple. They pioneered stealing autonomy from their users. They know governments abuse this [1,2,3]. Yet they prefer to profit off keeping their users prisoner, than give them control of the devices they paid for.
Maybe the first time you chain a man to a tree, you can plead ignorance, that you didn't know wolves would come eat him at night. But by the 100th time, you're as guilty as the wolves.
[1] Apple pulls app used to track Hong Kong police, Cook defends move - https://www.reuters.com/article/us-hongkong-protests-apple-i...
[2] Apple removes nearly 100 VPNs used by Russians to bypass censorship - https://news.ycombinator.com/item?id=41712728
[3] Apple's Cooperation with Authoritarian Governments - https://news.ycombinator.com/item?id=26644216
can16358p
Actually I didn't mean anything that contradicts your comment. I do agree with what you are saying.
I don't think we should be expecting moral values from any company over a certain size, be it Apple, Google, or anything else. They "care" about privacy as long as they profit from it directly as device/service sales or indirectly with brand value/trust/PR.
cnst
And, to clarify, the problem here is not that the company collaborates with governments in policing their own stores, the problem is that they do NOT allow you using any alternative stores.
null
prxtl
This is a fine example of "chit bhi meri, pat bhi meri" which in Hindi translates to "heads I win, tails I win".
fluoridation
That saying exists in English, with a (in my opinion) more pleasing phrasing: heads, I win; tails, you lose.
ChrisArchitect
[dupe] Earlier: https://news.ycombinator.com/item?id=45040064
null
yieldcrv
Violate sanctions or violate DMA?
What do
everyone
Is there no way to torrent on iOS? If so that is utterly pathetic.
When it comes to your personal data, Apple loves (correctly) to say "all of our user's data is encrypted, we can't access it even if we wanted to, so we cannot respond to this government request for data"
When it comes to application distribution, all of Apple's courage immediately disappears. They could say "We don't sign or control apps distributed through third party app stores, that's out of our hands, so we cannot respond to this government request". But, they chose not to. It was a choice, and Tim Cook chose an ugly, dishonorable, cowardly path.