I've come across this application today, Adblock Mobile, which installs a Profile on the users device and routes all web traffic through its secure VPN to disable/block advertisements both when surfing the web, and when using an application that implements advertisements, for example banner or interstitial ads. The majority of my applications revenue is ad based so this causes some concern for me and I'm actually surprised Apple would approve this application, as it hinders iAd from working as expected.
Is there a way to access a user's installed Profiles to check if this Profile is installed from my application?
No, it's not possible to check for existence of configuration files. Some sources:
"... if you're thinking about checking whether the profile exists and if not to install it, it's impossible (as for available documentation thus far)", October 2012, iOS - Prevent iPhone Configuration Profile from being deleted OR check to see if it's installed
Apple dev forum: How can I read the configuration profile, 2011. "Not specifically. However, iOS 7 added a bunch of enterprise integration features that might allow you to achieve the same goal via a different path.", 2013.
But you if you merely want to know whether your ads are served you can do this in another way: Simply try to load some of your ads and see if they're actually loaded and act accordingly.
This should be easy to implement. And it's all you need you only care about the fact that the ads are blocked, not in what way.
Quite a few websites do this. E.g. the Dutch tech website tweakers.net serves a message to people who block ads. And I'm sure a few iOS apps will start doing this soon as well.
Check this SO question How to detect Adblock on my website? for some ways that websites handle this.
No this is not possible due to sandbox. It would be a huge security issue if you could programmatically check or install profiles. Apple is very strict about security.
More details about the topic you can find there: iOS - Prevent iPhone Configuration Profile from being deleted OR check to see if it's installed
Retrieving data programmatically from a Configuration Profile in IOS
How Configuration Profiles Could Be Installed:
http://www.howtogeek.com/176195/why-configuration-profiles-can-be-as-dangerous-as-malware-on-iphones-and-ipads/
Related
I am trying to detect the jail break on the application startup and don't know how to check for the application other then the cydia like Tweakbox, iNoJB etc are installed or not.
This question is different from other jailbreak question which detect for only cydia app not tweakbox and other is because i want to look all the application like cydia not just only cydia. and other answers in stack overflow are just checking for the cydia application and access for certain files that exist in sandbox
Those apps have nothing to do with jailbreak, full or not. All of them are properly signed iOS apps. For example, GBA4iOS is signed with "Meridian Medical Network Corp." enterprise certificate allowing it to be installed on any device. That violates ToS and can get your account terminated but works.
Given that and the fact that recent iOS versions closed private APIs for getting a list of installed applications, there's no way to achieve what you want. Furthermore, Tweakbox, iNoJB, AppValley are not even apps. They're websites with links to enterprise signed applications. Some of them require you to install configuration profile but its only purpose is to put a web link on the SpringBoard that leads to their website. You can download the profile and check its contents in any text editor, it's just a plist with signature at the end.
There are two methods:
Download Apps without App Store via iOSEmus App
Download Apps without App Store via AppValley
Method 1; iOSEmus is designed to enable users to download different kinds of apps on your devices without jailbreak and it won’t even prompt people to enter their Apple ID.
Method 2; AppValley is one of the popular tools that enables users to download countless apps without jailbreak. It also requires no Apple ID. With it, you can get as many paid apps as you want for free.
I am aware that we can block safari content using swift code. I am interested in finding out if we can restrict install of certain apps from AppStore using similar approach ?
Also, is it possible if we can restrict a user from deleting the app from device (not from phone settings but from code) ? Even if Apple does not allow that to publish such app, I am looking for a solution as a part of research.
There are two things you mentioned.
First, can restrict install of certain apps from AppStore
Using Swift code I feel there are no Public API provided by Apple for the developer till now but there is a similar way that is called Device Enrollment Program.
The Device Enrollment Program (DEP) is part of the Apple Deployment
Programs (ADP), which help businesses and educational institutions
easily deploy and configure iOS and OS X devices. DEP provides a fast,
streamlined way to deploy institutionally owned iPad and iPhone
devices and Mac computers that are purchased directly from Apple or
participating Apple Authorized Resellers or carriers.
For more visit this developer guide.
Second: restrict a user from deleting the app from device
Same response for that, till now no Developer API, but lets say if we see this as a part of research and we develop some POC still, it does not make sense for me at all (It's my device and I install the app for making my life easy and better if I don't want to use it anymore, I need an option to delete it) and I don't think so this will be possible in future as well because the USP for iOS device is user experience and we can't make this like that.
I also want to hear something from others and if possible give the use case why you are looking a solution like that.
I hope this will help.
I'm building an in-house app that is distributed via the AirWatch app catalog. The app always runs with Guided Access enabled and all devices running it are managed by AirWatch. My questions are regarding auto-update:
Is there a way that AirWatch can force the update immediately or as soon as the device comes back online, without asking for the user's input? If so, how does the app being open affect this behavior? How does guided access being enabled affect this behavior?
Is there a link from AirWatch, perhaps an itms-services:// link, that the app can call to install the new version if a web service had indicated that it's no longer the latest version? If so, how does Guided Access being enabled affect this behavior?
Is there any other good model for remotely updating the app that will spread the update as quickly as possible and under the above conditions? The solution can be using MDM or a custom web service or both combined.
Thanks a lot for your help!!
If your devices are running iOS7 and you have your app Deployment settings set to "Auto" (as opposed to "On-Demand") the device will automatically take the update once it processes the APNs notification to do so. If the device is locked/offline it will typically check for outstanding APNs messages within a minute or so of being unlocked or coming back online.
What I don't know is since your app is in guided access mode if you're receiving a pop-up to install the new version. I've seen previously where if the app that requires an update is open iOS will prompt. What we have done to battle this is embed a check in the app that phones home to see if the app is current. If the app is NOT current the user can't do anything until they update their app.
Regarding a direct-link to the App Catalog to update the app that might get tricky with guided access enabled. Before you even try to tackle that issue understand that the app catalog webclip URL contains the UDID of the device as of AW7.1 (I think). Since the UDID is no longer programmatically accessible code-side AirWatch allows you to push the UDID upon app installation in the Deployment/Application Configuration section. You can embed {DeviceUid} into the key share on the device which will make it accessible for that applciation, hence allowing you to create the appropriate App Store URL within your app.
Good luck
honestly I didn't work with AirWatch. But I don't think that Apple provides a way for automatic update of ad-hoc or enterprise apps.
Well, I can describe a solution for an enterprise app I developed last year. Hope it will help you somehow.
First of all, I made it as a part of our secure website. (a little test flight)
Here's how app update works
When the app launches it sends special request to a server asking if
it is outdated and a new app version is available. (+ servers sends
url for new version installation (with itms-services://))
Then
if update is required, app fires alert with description of new
version, if user taps update, the app opens Safari where the user
is able to install a new version.
We made to different kinds of alert, optional (minor version change) and compulsory(major version change). With later variant user is unable to get rid of alert view, so he has to update the app.
You can update your internal app through the AirWatch Console and applications versioning.
I never used it but I imagine that at the end of the new version process, there is a way to push the updated app to the related devices. If the Push Mode is set to Auto, the user won't have to do anything and the app should be updated. If it is On Demand, the use will have to initiate the process from the App Catalog. From for the latest option, you have the solution to send a notification to the user.
It is also possible to retire or inactivate older versions to only keep the newest one.
If you have access to AirWatch Online Documentation, I recommend you the page Using Add Version for Applications. If you don't, contact your administrator and ask for all the pages located in Mobile Application Management -> Internal Applications and the page Using Add Version for Applications.
You should try it with a single device though ;)
Couple of days ago I flew through JFK and they had iPad's for travelers with several interesting features:
Most of default applications are gone (no Settings, Calendar, Camera, Photos, Video, Notes, AppStore etc)
Installed application can't be deleted (if I press and hold an icon - nothing happens)
I know that some apps could be hidden using Restriction payload in a configuration profile (https://developer.apple.com/library/ios/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html#//apple_ref/doc/uid/TP40010206-CH1-SW13)
However, I don't know how to
Hide apps like Calendar and Settings
Prevent uninstallation of all apps
Do you know how programmatically do this? Do they use some private configuration profile settings or do they use some custom firmware provided by Apple?
Update 1
Ok. I just found how to prevent uninstallation. You can go to settings->Restriction and uncheck "Deleting Apps".
Some companies can get special permission from Apple to do specific things, but they have to have a valid reason and it has to be approved. The JFK deployment was an Enterprise deployment and you can't buy the apps from the App Store.
I also know that the ones going in LA Public Schools are modified specifically for the school requirements.
Basically unless you have a hell of a reason, you are not going to be able to do this.
Is there a way to remvoe TestFlight apps from users that have installed them? Also is there a way that TestFlight can bake into the app some sort of password that the users all have to log in with (in case of a lost phone, we don't want our developement apps exposed).
If left untouched, the provisioning of your apps will eventually expire automatically. Even without the native ability to remove applications with TestFlight there is still something of an expiration date on the application.
That would still leave your question of a "baked in password prompt" and removing the application itself physically from the device.
The first part, the app checking for authentication could be solved by implementing a solution with a more robust SDK that happens to have that sort of security-minded approach. As far as I know, and based on TestFLight's feature grid, this exceeds the abilities of their tool.
The second part, removing the application itself from the device, would be accomplished by using a tool that has the ability to use MDM (Mobile Device Management) for device-level control. Specifically you'd want to look for something that can selectively control a single application, rather than having to apply a blanket MDM policy. Again based on knowledge of TestFlight and based on their web page this is also not something TestFlight is capable of.
There are solutions out there that will give you exactly what you are asking about - easy beta testing with the added ability to force the app to check in and re-authenticate as well as the ability to remove applications from the device when you're done testing. If you hit your search engine of choice you can find a few tools that will give you a "yes" to all of your questions here. The list is very short so they're easy to find. :)
If it is at all helpful to you, I am associated with one of those companies, AppBlade, and would be happy to answer questions about this sort of thing. We're at https://AppBlade.com and you're welcome to give us a call or even log into the tool to see how it works for yourself.
Unfortunately you can't delete apps that are already installed on the device via TestFlight, unless you do it on the device itself. As for the password, TestFlight doesn't exactly support that either. You could however put a passcode lock feature in all of the Beta versions of your apps through your code. Sorry thats probably not the answers that you wanted to hear, but TestFlight is still in its early stages.
You are not able to delete apps from a users device, however TestFlight is testing in their 'Area51' an option to force users to update to a new build if there is one available.
If you no longer want testers to access your app you probably could add a new build which justs shows some info screen.
There is a way to expire the builds in the app store connect when you click on build.
Another way if you want to get rid of it as a tested to open the app page and click on stop testing.