Radu PiroșcaAug 18, 2024
Anders Borum

Patreon being forced to pay creators through in-app purchase reminded me of a cool app I made two summers ago.

VPN clients on iOS lie on a spectrum between selling you out to data brokers or being expensive subscriptions.

Having prior experience with Digital Ocean my app made it easy to spin up droplets configured as VPNs ready to use from your iPhone.

It was so fast that droplets could be launched on-demand and shut down fast keeping costs extremely low.

Aug 18, 2024 at 3:42pmIceCubesApp
Show threadAnders BorumAug 18, 2024

The app used OAuth to act on behalf of users on their personal Digital Ocean accounts making the cumbersome task of setting up a truly personal VPN available to the less technical or less patient user.

App Review rejected the app because I didn’t collect payment to Digital Ocean through in-app purchase.

Tried to appeal and spoke to Apple on the phone arguing that the payment was outside my control and that my app was a privacy boon but they did not care.

Show threadAnders BorumAug 18, 2024
Without a way to collect a revenue cut for Apple the app wasn’t allowed.
Show threadPasi SaleniusAug 18, 2024
@palmin Sounds like it would’ve been a wonderful app!
Show threadMieszko ŚlusarczykAug 18, 2024
@palmin Have you thought about releasing it on @altstore ?
Show threadLeon OverweelAug 18, 2024
@spitfire @palmin @altstore +1, would love an app like this!
Show threadErlendAug 21, 2024
@leonoverweel @spitfire @palmin +2, this should go to @altstore!
Show threadNilsAug 18, 2024
@spitfire @palmin @altstore Yes please, also with support for Hetzner would be amazing!
Show threadJuan VillelaAug 18, 2024
@palmin This is great app idea. Maybe something like a tip jar would satiate Apple and keep the original idea mostly intact.
Show threadDanielAug 18, 2024
@palmin It doesn’t matter that it is privacy-conscious if it doesn’t produce revenue for Apple.
Show threadJosh RiversAug 18, 2024
@palmin Wow. You just flipped me on the App Store cut. Most of the time I have felt like there are frustrating but comprehensible trade offs. But “you didn’t collect payment on something you don’t offer”? Nope. Where do I send my letter to the DOJ?
Show threadsometimes ianAug 18, 2024
@palmin @eramdam one of my apps was rejected because it was possible to use an embedded web browser to navigate to any website where you could buy things outside of Apple's ecosystem.
Show threadAnders BorumAug 18, 2024
@ecn @eramdam 😑
Show threadCassandrichAug 19, 2024
@ecn @palmin @eramdam Embedded web browsers absolutely should be rejected because they're inherently phishing. They lead users to enter credentials for other sites/services into your app without realizing it's your app. Only an app clearly presented as a browser be allowed to act as a browser.
Show threadMikeKAug 18, 2024

@palmin

Can I get it on Android? Sounds good

Show threadTeknikal_DomainAug 19, 2024

@palmin

Even better: they kinda admit that. It's mandated in the App Store guidelines (iirc) that all purchaces made because of the app are handled through Apple's in-app payment API...

Yes, you can apply for an "entitlement" to not do that, but then you have to give them basically the same cut yourself.

Because subtlety is dead.

Show threadJenniferAug 19, 2024
@palmin I hope the DOJ breaks up their store. I'm so sick of monopolies screwing us.
Show threadLutin DiscretAug 22, 2024
@palmin genius. That's why we needed #DMA, @altstore (and FLOSS phones like @e_mydata)
Show threadJohn GruberAug 25, 2024
@palmin Have you ever written about this before (before this thread, that is)?
Show threadAnders BorumAug 25, 2024
@gruber I have not. When it happened it made me extremely disappointed and I decided to focus on other things.
Show threadJohn GruberAug 25, 2024
@palmin I can’t blame you. But man, this sounds like an almost perfect hypothetical example of the problems with Apple’s App Store rent demands, but it isn’t hypothetical. It’s actual.
Show threadRichard SmithAug 18, 2024
@palmin I wonder how many stories there are of apps that never got made because of stuff like this. @viticci can we have that as a Macstories feature alongside your iOS18 review?
Show threadDuncan BabbageAug 18, 2024

@palmin I’m guessing that it was probably possible for users to create a new Digital Ocean account within the app, possibly from an embedded web view that was intended to allow them to sign in and get the OAuth credentials?

I’m not defending Apple’s choices here, but if that was the case it would fit more squarely within the expected cases for rejection we’re used to seeing.

Show threadZOPAug 19, 2024
@palmin @hailey I really hope the DOJ gets their crap together and slaps the snot out of Apple soon. The payments must be through them App Store requirement is egregious, especially on top of no side loading.
Show threadCassandrichAug 19, 2024
@palmin Could it not be done as a PWA?
Show threadsmolwaffleAug 19, 2024
@dalias
A PWA can't configure iOS' VPN settings to talk to the newly spun up instance.
@palmin
Show threadCassandrichAug 19, 2024
@smolwaffle @palmin Yeah. Is it possible to c&p needed settings tho or does iOS make that difficult or impossible too?
Show threadsmolwaffleAug 19, 2024

@dalias
Maybe there's a file which could be generated? IDK, I'm not trying to write such a thing.

It would also require hosting a web app that deals with auth etc rather than having that all local, which adds further complexity.

I think the point is that Apple won't let you do lots of things which would be useful because they can't make money on it, not that it's impossible to do useful things despite the limitations they artificially impose.
@palmin

Show threadCassandrichAug 19, 2024
@smolwaffle @palmin Yeah. I'm just always looking at "can this be done with PWAs?" because ultimately that's the way out of the walled garden trap. But ways to do PWA that don't involve a website having authority to change the code out from under you or disappear are also needed...
Show threadAnders BorumAug 19, 2024

@smolwaffle @dalias Perhaps it would be possible by someone else but not me.

I had some experience with Digital Ocean APIs, cloud config and networking on Apple platforms and felt I could improve the state of VPNs on iOS but it wasn’t meant to be.

Show threadMatthiasAug 18, 2024
@palmin @Migueldeicaza funny, I built something similar for myself when I noticed the country I’m in restricts internet access. I built it so that I can spin up a @tailscale exit node on demand, to be used by the whole family. The Vultr bill for the whole holiday was under a dollar.
Show threadHarold LeewisAug 18, 2024
@palmin sounds like a great app for in a third party App Store, right now I have a vps always on for Tailscale, but that’s not really ideal.
Show threadPatrickAug 18, 2024

@palmin Ouch. I would absolutely have purchased such an app. But it’s bad luck for me because without a clear way for Apple to take a cut I’m out of luck.

If you ever decide to release it on Alt Store or something I’d happily lay 2€ a year or whatever CTF B.S. Apple wants from you.

Show threadJohn ClearyAug 18, 2024
@palmin Sounds like an amazing app. 😭
Show threadalexanderadamAug 19, 2024
@palmin is the source open?
Or do you have structural API documentation that you'd share?
Show threaddanielAug 19, 2024
@palmin well, ironically, this is what I use the droplet feature for on Secure ShellFish
Show threaddjoll Aug 21, 2024
@palmin that’s so disappointing - it’s exactly the kind of VPN service I’ve often thought of putting together myself. Would’ve happily paid for such an app to avoid the roll-you-own hassle.
Show threadHubertAug 22, 2024
Yet another example (in addition to Bandcamp and Patreon) of how Apple enforcing in-app payments harms devs and stops users having nice things. Regulators do your thing
Show threadOrca 🌻 | 🎀 | 🪁 | 🏴🏳️‍⚧️Aug 22, 2024
@palmin Wow that's genius 😮