Posted by nobody9999 12/12/2025
If I get your FIDO2 token and reprogram it without somehow also wiping the data on it, your problem is that I got your FIDO2 token, not that I could reprogram it without erasing it (which theoretically could perhaps be true right now)
For this exact reason, I store my cryptographic keys in a ring which I never remove from my finger.
Also, you should probably spend more time reading about cryptography and less time reading FIDO Alliance propaganda.
The first is if I can reprogram it, then so can anyone else. I don't know what the situation is where you live, but government has passed laws allowing them to compel all manufacturers of reprogrammable devices to all them to reprogram is with their spyware.
The second is places I interact with, like banks, insist on having guarantees on the devices I use to authenticate myself. Devices like a credit card. "I promise to never reprogram this card so it debits someone else's account" simply won't fly with them.
The easy way out of that is to ensure the entity who can reprogram it has a lot of skin in the game and deep pockets. This is why they trust a locked pixel running Google signed android to store your cards. But take the same phone running a near identical OS, but on unlocked hardware so you reprogram it, and they won't let you store cards.
But that's the easy way out. It still let's a government force Google to install spyware, so it's not the most secure way. One way to make it secure is to insist no one can reprogram it. That's what a credit card does.
In any case, if someone successfully got the law changed in the way the OP suggested, so people could not use their devices as a digital passport, it won't only be me wishing a pox on their house.
It's actually the other way around, the only way to garantue that your device is free of spyware is you reprogramming it. You shouldn't have to trust the potentially compromised manufacturer.
The fact that there is always something you must trust in a device, as opposed to being able to prove it's trustworthy to yourself by just looking at it is so well known it has a name: is called the root of trust.
The interesting thing is it can ensure the root of trust the only thing you need to trust. The ability to do that makes your statement factually wrong. In fact it's drop dead simple. The root of trust only need let you read all firmware you loaded back, so you can verify it is what you would have loaded yourself. TPM's and secure boot are built around doing just that. Secure boot is how the banks and whoever else know you are running a copy of Android produced by Google.
It doesn't work for the same reason the electricity company doesn't let you reprogram your electricity meter. Unlike the raucous response here as far as I far as I can tell, no one complains about that arrangement, despite the fact the meter is on your property, on land you own, and you effectively pay for it. They put up with it because of want the electricity, they know the electricity can't trust all their customers with metering it, and when it's all said and done putting a small box on their property the electricity has absolute control over is hardly a big deal.
It's exactly the same deal with your computer, or should be. There is a little area on a device you own that you have no control over. Ideally visible and running open source software with reproducible builds, so you can verify it does what it says on the box, and yes neither you nor anyone else can change it, so it meets your condition.
But it's purpose doesn't. It's purpose is to load the equivalent of electricity meters, which are software other people can change and you can't. Thus this area on the your device carves out others areas it can give ironclad guarantees to a third party they solely control, you can not reprogram, and you can't even see the secrets they store there (like encryption keys). These areas don't meet your definition. The third party can reprogram them, but you can't, you can't even see into them.
These areas can do things like behave like a credit cards, be a phones eSim, house a FIDO2 key that some their party attests is only ever stored securely.
Currently we depend on the likes of Google and Apple to provide us with this. I'm not sure Apple can be said to provide it, as they insist on vetting everything you can run that doesn't live in a browser. Google does better because you can side load, if you are willing to jump through hoops must people can't. Wouldn't it be great if debian could do it too? But to pull that off, debian developers would have to be believe allowing users to hand over control of a space on their computer they can't see or alter, to a third party debian didn't trust somehow works open source. It's not a big jump from the current firmware policy.
Samsung already installs very suspicious auto updating, can't be removed without root, apps and ads. This is the natural consequence of locking out the users capabilities. If you want to get rid of them completely, youd have to root it, breaking compatibility with banking apps. Thats the world you are rooting for.
https://www.malwarebytes.com/blog/news/2025/11/budget-samsun...
It's not your electricity meter, it belongs to the electricity company. There is no pretense that you own it.
> It's exactly the same deal with your computer, or should be. There is a little area on a device you own that you have no control over.
No thanks. Society has functioned thousands of years without something like that.
In this case the government may mandate to have spyware pre-installed in the factory - which is already the case for phones and laptops in some countries.
> I promise to never reprogram this card so it debits someone else's account
When reprogramming, the card should wipe private keys so it becomes just a "blank" without any useful information.
Secondly, they have no control over companies not based where I live. So I could just import it myself, provided you are successful get ever country to pass a law the denies me the right to do this the way I want to do it.
If that's the only option they have, it will fly. Just like you used to be able to use banking apps with any Android before they had the option to restrict that to only Google-controlled ones.
I prefer to have my auth device bricked than compromised.
for anything else, i want to be able to reprogram.
so for vendors, a simple choice :
* be OTP, but no "patching"
* be R/W, but also by its owner
Regardless the rest us who don't want to go through the extra work OTP creates still of use want to put our credit cards, fido2 keys, government licences, concert tickets and whatever else in one general purpose computing device so we don't have to carry lots of little auth devices. To do pull that off securely this device must have firmware I can not change.
The OP wants to make it illegal to sell a device with firmware I can not change.
In asking for that, they've demonstrated they don't have a clue how secure and opening computing works. If they somehow got it implemented it would be a security disaster for them and everybody else.
It should very much be enforced though, similar to speed limits on the road. It's much easier to zero in on weird electromagnetic waves than it is to catch people speeding on roads.
I'm all in to allow free access to reading waves, but broadcasting is regulated for good reason. Today I was in the subway when my Bluetooth headset started lagging, it's happened once before on a highway close to a specific car, this is DOS.
The radio spectrum is limited and it must be regulated and follow regulations, enforcement is really hard, it's a lot easier and reasonable to dump it on the manufacturers by locking the juice behind closed firmware.
2.1033 Application for grant of certification. Paragraph 4(i) which reads:
For devices including modular transmitters which are software defined radios and use software to control the radio or other parameters subject to the Commission’s rules, the description must include details of the equipment’s capabilities for software modification and upgradeability, including all frequency bands, power levels, modulation types, or other modes of operation for which the device is designed to operate, whether or not the device will be initially marketed with all modes enabled. The description must state which parties will be authorized to make software changes (e.g., the grantee, wireless service providers, other authorized parties) and the software controls that are provided to prevent unauthorized parties from enabling different modes of operation. Manufacturers must describe the methods used in the device to secure the software in their application for equipment authorization and must include a high level operational description or flow diagram of the software that controls the radio frequency operating parameters. The applicant must provide an attestation that only permissible modes of operation may be selected by a user.
2.1042 Certified modular transmitters. Paragraph (8)(e) which reads:
Manufacturers of any radio including certified modular transmitters which includes a software defined radio must take steps to ensure that only software that has been approved with a particular radio can be loaded into that radio. The software must not allow the installers or end-user to operate the transmitter with operating frequencies, output power, modulation types or other radio frequency parameters outside those that were approved. Manufacturers may use means including, but not limited to the use of a private network that allows only authenticated users to download software, electronic signatures in software or coding in hardware that is decoded by software to verify that new software can be legally loaded into a device to meet these requirements.https://www.ecfr.gov/current/title-47/chapter-I/subchapter-A...
Likewise for requiring someone to change out drivers or firmware.
> The radio spectrum is limited and it must be regulated and follow regulations, enforcement is really hard, it's a lot easier and reasonable to dump it on the manufacturers by locking the juice behind closed firmware.
By far the largest problem in this space is users importing devices purchased via travel abroad or drop shipping and then those devices don't follow the rules.
Getting domestic users to follow the rules is not a significant problem because a) most people don't know how to modify firmware anyway, b) the people who do know how to do it are sophisticated users who are more likely to understand that there are significant penalties for violating regulatory limits and know they actually live in the relevant jurisdiction, c) if those users really wanted to do it they're the sort who could figure out how to do it regardless, and d) there is negligible benefit in doing it anyway (increasing power increases interference, including for you, and it works much better to just get a second access point).
It's not a real problem.
I am against regulation of broadcasting equipment. There's a difference.
At most, it prevents people from accidentally doing it. Anyone who wants to do can figure it out on their own.
No more reasonable than limiting cars to 75mph (which some people, admittedly, are probably in favor of).
I wouldn't be in favour of a hard 75mph because current speed limits are set by social consensus on the basis that they aren't strictly enforced. The police are extremely unlikely to stop you for doing 76mph in a 70, so I don't think your car should.
https://github.com/meshtastic/firmware/blob/develop/src/mesh...
The true limits are imposed by the hardware, not the software, as it should be!
Let's get them opened up next.
I swear not even Micro$oft attained this level of commitment.
Being able to reprogram a pacemaker isn't enough!
We should require that any devices that our lives depends on, especially devices that go inside our bodies, to be open source: not just reprogrammable, but with source code available for inspection and modification.
I've been working in this industry for too long in order to trust a closed source pacemaker to be bug-free.
Requiring that the pacemaker be outside a human body in order to reprogram it seems like a very sensible solution.
You're legally (and technically) prohibited from re-programming GPS modules, GSM modules, and probably many stuff in cars as well.
(Actually, maybe contractually when it comes to GPS modules.)
Besides that your point is missing the fact that you are dealing with outside services that provide a contract for their usage (GPS, GSM). You should be free to program your own devices but if you use an external service, then yes they can specify how you use their service. Those are contractual obligations. Cars on the road have clear safety risks and those are legal obligations. None of those obligations should govern what you do with your device until your device interacts with other people and/or services.
It wouldn't be fit for purpose (letting soldiers know precisely where they are on the globe) if it required transmission of any type from the user. That would turn it into a beacon an adversary could leverage.
Sounds like something Apple would say.
GPS et al would be non-functional if everybody could make a jammer.
(That’s not to say that app stores fall even remotely in that category.)
>GPS et al would be non-functional if everybody could make a jammer.
Then it should be illegal to make a GPS jammer. Making it illegal to reprogram a GPS receiver in any way is unnecessarily broad.
It would be difficult to catch in an inspection if you could reprogram the OEM parts.
I don't care about closed-course cars, though. Do whatever you want to your track/drag car, but cars on the highway should probably have stock software for functional parts.
Essentially all passenger cars use physical/hydraulic connections for the steering and brakes. The computer can activate the brakes, not disable the pedal from working.
But also, this argument is absurd. What if someone could reprogram your computer to make the brakes not work? They could also cut the brake lines or run you off the road. Which is why attempted murder is illegal and you don't need "programming a computer" to be illegal.
> It would be difficult to catch in an inspection if you could reprogram the OEM parts.
People already do this. There are also schmucks who make things like straight-through "catalytic converters" that internally bypass the catalyst for the main exhaust flow to improve performance while putting a mini-catalyst right in front of the oxygen sensor to fool the computer. You'd basically have to remove the catalytic converter and inspect the inside of it to catch them, or test the car on a dyno using an external exhaust probe, which are the same things that would catch someone reprogramming the computer.
In practice those people often don't get caught and the better solution is to go after the people selling those things rather than the people buying them anyway.
I'm not seeing an argument here.
Cars have posed a physical threat to humans ever since they were invented, and yet the owners could do whatever the hell they wanted as long as the car still behaved legally when tested[1].
Aftermarket brakes (note spelling!), aftermarket steering wheels, aftermarket accelerator pedals (which can stick!), aftermarket suspensions - all legal. Aftermarket air filters, fuel injectors and pumps, exhausts - all legal. Hell, even additions, like forced induction (super/turbo chargers), cold air intake systems, lights, transmission coolers, etc are perfectly fine.
You just have to pass the tests, that's all.
I want to know why it is suddenly so important to remove the owners right to repair.
After all, it's only been quite recent that replacement aftermarket ECUs for engine control were made illegal under certain circumstances[2], and that's only a a few special jurisdictions.
What you are proposing is the automakers wet dream come true - they can effectively disable the car by bricking it after X years, and will legally prevent you from getting it running again even if you had the technical knowhow to do so!
---------------------------
[1] Like with emissions. Or brakes (note spelling!)
[2] Reprogramming the existing one is still legal, though, you just have to ensure you pass the emissions test.
This would be easy to inspect if the device were open.
Oftentimes even the stock software can cause those problems you've mentioned, and has happened quite a few times in the past
This is silly. Prohibiting modifying car firmware because it would enable some methods of sabotage is like prohibiting making sledgehammers because someone might use one to bludgeon someone, when murder is already a crime to begin with.
The only reason it's "illegal" is because they were thinking people would use it to make missiles easily - but that's already the case even with non-reprogrammable gps. And in big 2025 you can also just use drones with bombs attached to it.
Hardware receivers cannot be reprogrammed as transmitters.
We already have well known areas with constant GPS manipulation. https://www.flightradar24.com/data/gps-jamming
They're becoming self aware!
That's the whole point.. parent is arguing that it should not be illegal.
It is however, illegal to broadcast into spectrums you're not allowed to.
But if I modify the uc in a GPS module to calculate 1+1=3 then AFAIK that's totally allowed.
In support of this irrefutable statement:
• > "Whatever is, is right." — Alexander Pope
• > "If you want to get along, go along." — Sam Rayburn
• > "Reform? Reform! Aren't things bad enough already?" — Lord Eldon
• > "We've always done it this way." — Grace Hopper (referred to it as a dangerous phrase)
• > "Well, when you put it that way..." — [List of millions redacted to protect the compliant]
Rebuttal:
• > "“The reasonable man adapts himself to the world: the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man.” ― George Bernard Shaw
• > "Yeah, well, ya know, that's just like, uh, your opinion man." — The Dude (In someone's pharmaceutically elevated dream, addressing the Supreme Court.)
John Deere is already subject to extra regulation in Europe; it's only in America that they're allowed to molest consumers in the aftermarket. And Xbox has had sideloading for decades now, in case you were unaware: https://learn.microsoft.com/en-us/previous-versions/windows/...
Which clearly shows the problem is not John Deer, Apple, etc.
The problem is weak consumer protections in the US from corrupt US lawmakers who were bought by the companies they are supposed to regulate.
For those who didn’t click the link, Xbox allows you to either load your own software or load software you buy from the Xbox store. Not both.
I would think making sure outside payment links aren’t scams will be more expensive than that because checking that once isn’t sufficient. Scammers will update the target of such links, so you can’t just check this at app submission time. You also will have to check from around the world, from different IP address ranges, outside California business hours, etc, because scammer are smart enough to use such info to decide whether to show their scammy page.
Also, even if it becomes ‘only’ hundreds of dollars, I guess only large companies will be able to afford providing an option for outside payments.
If you have a hint of a payment button 15 clicked after leaving your support page through the site logo link your app would get immediately flagged for removal unless you deal with it within week or two give to you.
He seems to be ignoring the part of the ruling finding that Apple is entitled to "some compensation" for the use of its intellectual property.
> The appeals court recommends that the district court calculate a commission that is based on the costs that are necessary for its coordination of external links for linked-out purchases, along with "some compensation" for the use of its intellectual property. Costs should not include commission for security and privacy.
https://www.macrumors.com/2025/12/11/apple-app-store-fees-ex...
Apple wanted 27% and Epic thinks it should be 0%. The lower court will have to pick a number in between the two.
So, to you answer your question, the fee that Epic should take is exactly the same as Apple's. It is exactly Zero dollars for all apps that do not go through their app store. Thats already how it works though.
It, of course, would be absurd if Epic was able to force you to pay them money for apps that don't involve Epic in any way and dont go through their app store!
"Royalty". It's common to charge a royalty when allowing someone to distribute your copyrighted property.
> Why can’t Apple collect fees for any apps that are built on their software AND hardware?
Because that's not a royalty - you aren't distributing Apple's copyrighted property when you send someone an iPhone application.[1]
When you send someone your game built on Unreal Engine, you are sending them Epic's copyrighted property.[2]
-------------------------
[1] If people could side-load iPhone apps, that is. I don't believe that they can.
[2] If you sell someone code to your game and tell them to to download Unreal Engine, then compile and/or link it against Unreal Engine themselves, then sure, Epic won't get a dime. But your customer might still have to pay for that, depending on whether Epic makes single-user no-sale licenses free (I believe they do).
The only other category you can really compare this to is game consoles, but the hardware is sold at a much smaller margin and they still (for now) support physical media.
12% is if you sell directly through Epic's platform - nobody is claiming Apple shouldn't get a cut of that for their own platform.
"0% Store Fee For First $1,000,000 in Revenue Per App Per Year Starting in June 2025, for any Epic Games Store payments we process, developers will pay a 0% revenue share on their first $1,000,000 in revenue per app per year, and then our regular 88%/12% revenue share when they earn more than that. "
Aren't Epic's 12% fee less than half of what is usually charged?
Since courts work on what is reasonable, what makes you think that they will reduce it?
But I also recognize that few out there are pressing strong opposition to the idea of paying 3% for someone else to manage their financial transactions, or to host their own business. If I make a million dollars, paying 50k to Patreon or Kickstarter for hosting the service seems to make sense in my mind
Like, if all major marketplaces only charge 12% from the get-go, we probably would have had much less fuss and lawsuits over this.
This issue was always the disproportionate size of the fee, not the fact that they charge a fee.
Doing it this way makes no economic sense for either the seller or the buyer but it's coincidentally the absolute best way for a middleman to maximize the tax they can extract from a two-sided marketplace they control. In competitive markets, blanket taxing on total gross revenue generally only occurs when there's a single fundamental cost structure tied to that revenue, or the amounts being collected are so small it's de minimis. App stores are highly profitable, multi-billion dollar businesses.
Perhaps the most perverse thing about this is that electronic transactions for purely digital goods which occur entirely on real-time connected digital platforms make it trivial to price each service for maximum efficiency. It's easy for the price a 2GB game with frequent updates pays for electronic delivery to reflect the cost they impose on the infrastructure while a 100k one-time purchase app can pay a vastly smaller amount. And that's exactly the way the competitive marketplaces evolve - from moving shipping containers around the planet to residential propane delivery.
The scaling also helps so that some (probably most) games aren't losing money to be hosted kn a store. That would be catastrophic as at some point games would need to remove themselves to name financial sense.
Pick 3 imaginary games for sale priced at $1, $10 and $100. Any one of those games could be a million download a month success, and any one of them could be a complete dud.
What flat rate would you suggest to:
* Pay the developer for their work (ongoing per sale)
* Review each game and ensure it meets store guidelines (once per update)
* Host said game regardless of how popular it is (ongoing)
* Process transactions for the game (ongoing)
The alternative would be pricing based on revenue tiers (similar to what Unreal Engine does now), which aren't known in advance and don't take global variance into account (USD$200 in Eastern Europe might be a month's salary).
Percentage is just simpler. It also means that they'd be taking a loss on every free app or in the case of Free-to-Download In-App purchase apps - until users start transacting.
Do you object to other sorts of royalty-based compensation, like for Unity engine or Unreal engine?
There should be caps overall and under the caps there should be the option to choose between lump sum and royalties.
Nobody should be collecting unlimited revenue for a brilliant idea at the start and benefit from cheap or free scaling.
This entire model is ripping apart the fabric of modern society.
And yes, I known this is blasphemy on this website.
You should look at it the other way, where ANY income or income equivalent, of any kind, should be taxed like income.
So when Bezos spends $5bn per year, that means he made $5bn per year (at least), so his tax statement should show him paying $2bn or whatever the top tax rate would imply.
If something gets super popular, it presumable costs Epic more. But does 100 sales cost 100x more than 1 sale? That seems unlikely.
Does Microsoft earn their 30% cut on Xbox since they do provide the OS, hardware development and gaming APIs?
Wherever competing services drive it. If Epic can charge 90% margins while remaining attractive to users, more power to them.
> Does Microsoft earn their 30% cut on Xbox
It's an irrelevant comparison. No serious person can accuse Microsoft of having a gaming monopoly.
> Apple should be able to charge a commission on linked-out purchases based on the costs that are genuinely and reasonably necessary for its coordination of external links for linked-out purchases, but no more.
> In making a determination of Apple’s necessary costs, Apple is entitled to some compensation for the use of its intellectual property that is directly used in permitting Epic and others to consummate linked-out purchases.
> In deciding how much that should be, the district court should consider the fact that most of the intellectual property at issue is already used to facilitate IAP, and costs attributed to linked-out purchases should be reduced equitably and proportionately;
> Apple should receive no commission for the security and privacy features it offers to external links, and its calculation of its necessary costs for external links should not include the cost associated with the security and privacy features it offers with its IAP;
https://fingfx.thomsonreuters.com/gfx/legaldocs/lgvdqxweopo/...
https://store.epicgames.com/en-US/news/introducing-epic-web-...
Not that they'd ever do the review to begin with, so the hashing won't be done either, but it's something that could be done on iOS/ipados.
And if you consider that infeasible, you might want to check out current CSP best practices, you might be surprised
According to the ruling on page 42, "(c) Apple should receive no commission for the security and privacy features it offers to external links, and its calculation of its necessary costs for external links should not include the cost associated with the security and privacy features it offers with its IAP"
I'm not versed in legalese, so maybe I misunderstand. Isn't it reasonable that Apple receives money for a service they provide, that costs money to run?
Think about it this way: totally free apps with no IAP get reviewed by Apple too, and there's no charge to the developer except the $99 Apple Developer Program membership fee, which Epic already pays too.
Yearly fee. And about $500 a year in hardware depreciation, because you can reasonably develop for Apple _only_ on Apple hardware.
This is _way_ more than Microsoft has ever charged, btw.
Tens to hundreds every time an app goes through review is "super supor minor"... This is how you know Epic has the backs of all the indie devs who fret about $100/year dev membership.
Is Apple actually checking outside payments for scams outside of review times? Do they check non-payment links for scams outside of review times? How often?
The point is that they should only be able to charge a fee for work they are truly doing, and it shouldn't be retaliatory.
Or we end up with this modern disease where the OS wants to update itself, the browser needs to update itself, Acrobat wants to update itself, etc, etc, all the time.
On average, Apple spends less than a minute on app reviews for new versions.
You really think that the aggregate cost of fraud mitigation in the app store is 30% of revenue? That seems laughable, the credit card industry as a whole does far, far better than that with far less ability to audit and control transaction use.
There has been craploads of litigation about “Fair, reasonable, and non-discriminatory” licensing over the last two decades, and fees that are percentages of revenue with no cap have survived and there is no reason to believe any of these legal standards will change.
In fact, I think it’s likely that Apple and Google will team up to create a standards body that defines the method for distributing/installing smartphone apps (because this is now in their best interest, not that I want them to). These standards are going to end up using a bunch of patents that you will have to license on FRAND terms.
Yes, the cost is going to go down. Yes, Epic is going to benefit a lot more than any indie developer. Such is life
I'm not even sure about that. This very ruling shows that Apple blatantly violated the law (the previous ruling) and tried to collect as much fee as possible while the case goes through the system.
And Apple isn't afraid of being sued. As long as they can earn more money in revenue than paying for lawyers, that's a net profit for them. They can certainly afford all of this.
And small companies are hit by 30% platform tax the most. More money for small compsnies mean more competition.
For starters, small companies are paying 15%, not 30%.
I'm also not sure where a small company can find a payment processor that will only charge 1%. Stripe charges 2.9% plus 30 cents per transaction.
If you have a $4.99 in-app purchase that will cost you 44 cents per transaction to use Stripe vs 75 cents to use Apple's IAP.
But Stripe does not act as a merchant of record so you are responsible for remitting sales tax yourself. Registering for and remitting sales tax in every jurisdiction where you have nexus adds huge administrative overhead to a small company.
If you want to avoid this overhead, Paddle will act as a merchant of record for you, but then you're paying 5% plus 50 cents which adds up to 75 cents on a $4.99 purchase anyway.
Linking to external payments also reduces conversion rates (https://www.revenuecat.com/blog/growth/iap-vs-web-purchases-...) compared to using IAP.
Taken all together, depending on their pricing structure, small companies may very well be financially better off sticking with IAP rather than linking to external payments anyway.
When talking in the grand scheme of this case, the 15% arose out of these proceedings. It was 30 back on in 2018.
But yes, overall most people will stick with Apple regardless. I still see it as a win that companies who want to put the work in to go around apple can. That simply seems reasonable in my eyes.
I'm not sure about the timeline, but in general the reduction to 15% for small developers was due to market signals as much as it was anything else. Both Apple and Google need small developers to continue to create new apps and if the 30% is onerous to small developers (which I think it probably is) they'll lower it to attract more products and services.
> But yes, overall most people will stick with Apple regardless. I still see it as a win that companies who want to put the work in to go around apple can. That simply seems reasonable in my eyes
When you think about it, there's maybe half a dozen companies that truly could put in similar work to Apple or Google in creating and maintaining these stores and platforms at the scale and with the features and security that they have built. Most people are going to stick with Apple and Google, except when one of those large competitors like Meta decides to bypass those stores and create its own and continue to nudge folks to their store for various features or downloads or whatever. It introduces friction for no obvious benefit to customers.
You can argue that 3rd party app stores will be more permissive in what they allow, but most of the things that people complain about "scary surveillance" or other onerous regulations for example have to also be followed by any legitimate App Store. So all you've really done is create worse versions of the Apple or Google App Store that siphon away applications. It reduces the profit margins of Apple or Google but it doesn't benefit customers.
Are there any good places to grow this kind of knowledge? How to use payment processors? How to actually setup a business and get paid yourself?
I don't want to get into the whole founder ethos, I just want to make something and get paid for it.
Google are doing exactly the same as Apple previously were doing, mandatory from end of next month - January 28, 2026.
Their new requirements: https://support.google.com/googleplay/android-developer/answ...
https://support.google.com/googleplay/android-developer/answ...
F-Droid notwithstanding using an alternative app is not a very attractive option right now as there no good alternatives. But if Valve can create an Android app store that competes with the Play store, the in principle situation is very different.
I've no idea, but I presume it's not even possible to use the Google Play purchasing API if your app isn't on the Play store.
My understanding, at least several years ago, that Netflix was paying as much to Apple in subscription fees, as they did for their AWS hosting.
I also noticed when upgrading my Spotify account, I couldn't do that through the iphone app itself - I assumed this was because it would break TOS, or they didn't want to pay a massive chunck of the monthly subscription cost to Apple.
Apologies for being unable to find a better source at the moment, but it links to this press release: https://www.apple.com/newsroom/2021/09/japan-fair-trade-comm...
“You download the app and it doesn’t work, that’s not what we want on the store” https://techcrunch.com/2020/06/18/interview-apples-schiller-...
Apple wins partial reversal of sanctions in Epic Games antitrust lawsuit
https://www.reuters.com/sustainability/boards-policy-regulat... (https://archive.ph/Cbi3f)
Both articles appear to point at the same 9th circuit appeals court ruling:
The Ars piece points at:
https://cdn.arstechnica.net/wp-content/uploads/2025/12/US-Co...
Which appears to be the same ruling as the Reuters piece links to:
https://fingfx.thomsonreuters.com/gfx/legaldocs/lgvdqxweopo/...
As such, I believe that, yes, this is the same ruling reported by both Ars and Reuters.
insist on Apple IAP links/buttons to be the same as buttons/links to external payments. But they can't ask for the outgoing links/buttons to be less prominent
charge for links/buttons to external payment, but not as they please. One interpretation is that it has to be based on real cost and can't in any way be tied to IAP costs.
can't use scare screens on external purchases
Devil's always in the details. But in this instance, any even partial win is still a win. Something is better than nothing.
And I don't think any of the big players are interested in fracturing consoles. Consoles change every 6-8 years so it's a moot point.
https://developer.nintendo.com/faq
Q: How much does it cost to develop on Nintendo platforms?
A: Registering for the portal and downloading the tools is completely free.
Also, if you plan to release a digital only title, you can use the IARC system to retrieve the age rating for no fee, which will allow you to publish in all the participating countries.
All that is left is the cost of acquiring development hardware: you will find more information on this inside the portal.
Heck, pre-COVID, you needed a business address to even receive a kit. Things changed quickly at the turn of the decade.
This would be for a clear subset of the web, with strong protections.
Obviously, on this venue the question is rhetorical. But Apple's prohibition on any kind of real web competition is a problem.
Do you live in Europe or Japan? If so, you can [1][2]. If not, Apple forbids you from doing so.
The US, Department of Justice is suing Apple [3]. Maybe the US will be added to this list.
[1] https://developer.apple.com/support/alternative-browser-engi...
[2] https://open-web-advocacy.org/blog/japan-apple-must-lift-eng...
[3] https://www.justice.gov/archives/opa/pr/justice-department-s...
Meanwhile, Apple and Google sure aren't going to call it quits just because they take 10, 20% less.
1. No one cares about making an app store for the Ps5 when in 10 years they'll need to port it to the PS6
2. Consoles are already stagnating and it won't take much to also push Sony out. So basically we'd reduce competition back down to Nintendo to enable a feature no one cares about.
But sure. If you want to look at it in that lens: I want apple and Google to get "special punishments" because they've long proven to be a monopoly and practice anti-competitive behaviors. We can deal with other monopolies as we go along.
If the government wanted to proscribe store rates for productivity apps only, I’d be more receptive. But it’s ridiculous for the government to proscribe rates for game sales, especially if they aren’t doing the same for all game stores.
https://www.reuters.com/legal/litigation/australia-court-rul...
I think the simpler answer is that Epic isn’t upset with the arrangement they have with Microsoft/Nintendo/Sony. They’ve done a better job cultivating a relationship with Epic than Apple has who seems to have only contempt for every other developer.
https://direct.playstation.com/en-gb/buy-consoles/playstatio...
https://www.amazon.co.uk/Ubcwin-Switch-Fortnite-Wildcat-Bund...
Why? Because a console is bought as a gaming device. And because you can reasonably have multiple consoles and there’s healthy competition between them.
In comparison, people buy a phone to have a phone. Then the App Store lock-in is tacked on the side. iPhone and Android compete on who has the best cameras. But once you’ve bought your phone, you’re trapped in the manufacturer’s App Store, who can charge monopolistic pricing. And normal people don’t buy multiple phones for different app stores.
The App Store monopoly is like if your electricity company somehow made it so you could only buy an Xbox. Games on steam and PlayStation aren’t compatible with the electricity in your house. And your friend down the street could only use a PlayStation. Not for any technical reason, but simply because locking you in to a single console manufacturer means they can make you pay way more for games. And you’ll pay it, because you don’t have a choice and can’t shop around.
The problem comes about because phones and app stores are glued together. They use a captive market created by one part of the business to trap consumers and developers elsewhere. If Google and Apple had to compete on app stores - like how Nintendo, PlayStation and Microsoft have to compete - then there’s no way Apple could get away with charging their extortionate 28% for App Store sales. If chrome charged a 28% commission on all purchases I made through the browser, everyone would switch to Firefox. Apps on my phone should be more like that.
But sure, nothing on a technical lecdl stops you from using a console as a general computer. It's just that that's not what the overwhelming use is as of now. Use cases play a large factor in rulings like this.
Consoles compete on games. Phones compete on specs, and then they happen to have an app store on the side. Thats a difference.
Naturally not, Microsoft has to pay the Sony tax to publish their games into the PlayStation.
There are more mobile devices than people, since not everyone has a phone, naturally there are enough people with multiple phones.
Finally, people do browse the Internet, watch TV, and even have a general app store in XBox's case.
Consoles run more "commodity hardware" than phones, like CPUs and GPUs and standard ports etc.
Not really. They share CPU/GPU architecture but there are significant differences vs. what you can buy for a PC. For example, the latest PlayStation and Xbox use unified GDDR memory and commodity CPUs all use (LP)DDR.
However, you can buy systems that use the same (or similar) chips as phones these days. Snapdragon, Apple Silicon, SBCs?
For what it’s worth, I agree with the argument that if I buy a computer it should let me run arbitrary code. But there’s no laws against that. There are laws about monopolies. I see that as a much stronger way to attack Apple over their behaviour here.
There are 3 console ecosystems.
Such difference. wow
If phones should be "opened" so should consoles, 30 years ago.
Whatever shit you say to excuse consoles from it those same arguments can apply to phones too.