Apple Stands By Decision To Terminate Account Belonging To WWDC Student Winner

TechCrunch’s Sarah Perez reports: Apple is standing by its decision to terminate the Apple Developer Account of Appstun, a mobile app company created by one of Apple’s own Worldwide Developer Conference 2021 student winners. According to an announcement published on Appstun’s website, Apple moved to terminate the developer’s account after multiple rejections of its app that Apple says violates its App Store guidelines. Apple’s decision to shut down the developer’s account was recently highlighted on X by Apple critic and 37signals co-owner and CTO David Heinemeier Hansson, where he celebrated how much better web developers had it, noting they could run their businesses without the involvement of big tech gatekeepers. “No fear on [sic] capricious rejections that might suddenly kill the business overnight,” he remarked.

Appstun co-founder Batuhan Karababa says that he and the other co-founder had been trying to work with Apple over the App Store rejections. (Karababa tells us that he’s only the formal founder on paper.) “We responded transparently and collaborated with Apple to ensure our app doesn’t violate any guidelines. However, as the process continued, we began to face rejection for the issue that we thought we had already resolved in previous submissions. Apple didn’t find our solution good enough,” according to the announcement on Appstun’s website. The company went back and forth with App Review, receiving multiple rejections over an app for designing Apple Watch faces. In addition to a more standard watch face, Appstun also came up with a workaround that would allow it to offer more highly customizable watch faces. But these weren’t actually watch faces in the traditional sense, but rather custom images and animations that run independently of the App Watch face system. Essentially, the app would take over the screen showing an image that was similar to a watch face, allowing Appstun to offer more customization. Of course, running a custom animation in this way could drain the Apple Watch battery faster.

Apple was also concerned that customers wouldn’t understand that they weren’t running a normal watch face, and that Appstun deceived them by suggesting that’s what it was offering. Though Appstun added notifications to its app that these were not real watch faces, in an attempt to placate App Review, Apple instead decided to terminate the company’s developer account after repeated back-and-forth. The company pleaded on its website for any help in getting its developer account restored. According to Apple, there’s more to this story, and it thinks it made the correct decision. The iPhone maker said Appstun’s app repeatedly tried to mislead users into thinking that it offered features and functionality that it didn’t support and also marketed the app with deceptive ads, leading to negative app ratings and reviews. […] Apple pointed to its guideline 5.6 — a developer code of conduct — that warns developers that “repeated manipulative or misleading behavior or other fraudulent conduct will lead to your removal from the Apple Developer Program.”

Read more of this story at Slashdot.

Wells Fargo Worker Dies At Desk, Nobody Notices For Four Days

Denise Prudhomme, a 60-year-old Wells Fargo employee, was found dead at her desk four days after clocking in. Apparently, nobody noticed her body because of the secluded location of her cubicle and the fact that many employees were working remotely. VICE reports: Prudhomme last scanned into her office job in Tempe, Arizona, at 7 AM on Friday, and her body was reportedly discovered at 4:55 PM on Tuesday, August 20. Her coworkers did pick up that something weird was going on. They detected a weird smell but assumed it was some kind of plumbing issue.

Prudhomme’s cubicle was on the third floor of the building, tucked away from any main thoroughfares that employees would use to travel between departments. On top of that, most employees at the Tempe Wells Fargo location worked remotely, significantly cutting down the chance of someone finding her body.

Tempe police and the Maricopa County Medical Examiner didn’t detect any signs of foul play, but the woman’s official cause of death remains to be seen. Wells Fargo has said that they’re going to look into their internal procedures to make sure employees receive some kind of check-in to make sure they’re not, you know, dead.

Read more of this story at Slashdot.

City of Columbus Sues Man After He Discloses Severity of Ransomware Attack

An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a recent ransomware attack on the city of Columbus scooped up reams of sensitive personal information, contradicting claims made by city officials. The order, issued by a judge in Ohio’s Franklin County, came after the city of Columbus fell victim to a ransomware attack on July 18 that siphoned 6.5 terabytes of the city’s data. A ransomware group known as Rhysida took credit for the attack and offered to auction off the data with a starting bid of about $1.7 million in bitcoin. On August 8, after the auction failed to find a bidder, Rhysida released what it said was about 45 percent of the stolen data on the group’s dark web site, which is accessible to anyone with a TOR browser.

Columbus Mayor Andrew Ginther said on August 13 that a “breakthrough” in the city’s forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them “unusable” to the thieves. Ginther went on to say the data’s lack of integrity was likely the reason the ransomware group had been unable to auction off the data. Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.

On Thursday, the city of Columbus sued Ross (PDF) for alleged damages for criminal acts, invasion of privacy, negligence, and civil conversion. The lawsuit claimed that downloading documents from a dark web site run by ransomware attackers amounted to him “interacting” with them and required special expertise and tools. The suit went on to challenge Ross alerting reporters to the information, which ii claimed would not be easily obtained by others. “Only individuals willing to navigate and interact with the criminal element on the dark web, who also have the computer expertise and tools necessary to download data from the dark web, would be able to do so,” city attorneys wrote. “The dark web-posted data is not readily available for public consumption. Defendant is making it so.” The same day, a Franklin County judge granted the city’s motion for a temporary restraining order (PDF) against Ross. It bars the researcher “from accessing, and/or downloading, and/or disseminating” any city files that were posted to the dark web. The motion was made and granted “ex parte,” meaning in secret before Ross was informed of it or had an opportunity to present his case.

Read more of this story at Slashdot.

ChatGPT Passes 200 Million Weekly Active Users