Apple's App Store Distributes Corrupted Updates - InformationWeek

10 Companies Driving Mobile Security

(click image for larger view and for slideshow)

More than 100 recently updated iOS apps have been crashing when launched, a problem that appears to be related to the way Apple processes app files for distribution.

Developer Marco Arment on Wednesday wrote about receiving a flood of crash reports from users of Instapaper version 4.2.3, an update recently approved by Apple. He notes that the file had worked when Apple reviewed it and concludes that the binary was somehow corrupted on Apple's servers.

Webcasts

More >>

White Papers

More >>

Reports

More >>

"I emailed App Review less than an hour after the update went live and yelled about it on Twitter," he said in a blog post. "About two hours after the update went live, a correct, functional version of [Instapaper] started being distributed on reinstalls. As far as I know, the problem hasn't recurred since then."

[ Are there problems with Apple's rival in the mobile market? Read Android Botnet Seen Spewing Spam. ]

However, Arment notes that other developers have reported similar issues with updates released July 3rd, 4th or 5th. He initially kept a list of affected apps, but after reaching 114, he said the list had become impractical to maintain.

Apple did not immediately respond to a request for comment. A report on TechCrunch indicates that Apple, in its private developer forum, said it is aware of the problem and is working on a fix.

Arment is urging Apple to deal with the problem as soon as possible because it's a serious setback for developers. He notes that users confronted with crashes will see the developer as incompetent and will respond by leaving angry 1-star reviews. Poor reviews, particularly in volume, can ruin the commercial prospects of an app.

Apple has had other App Store issues to deal with. The company on Thursday removed an app from the App Store called Find and Call that hijacks the user's contact data and sends SMS spam to the stolen contacts. The Android version of the app has also been removed from Google Play.

Kaspersky Lab published a report on the malicious app Thursday morning, noting that it is "a Trojan that uploads a user's phonebook to remote server." Kaspersky says that Find and Call is "the first case that we've seen [of] malware in the Apple App Store."

New apps promise to inject social features across entire workflows, raising new problems for IT. In the new, all-digital Social Networking issue of InformationWeek, find out how companies are making social networking part of the way their employees work. Also in this issue: How to better manage your video data. (Free with registration.)