Weekend good reads for Apple developers #2023/49

We're slowly approaching 2024, another issue of good reads is here to make this weekend more productive.

With this – we'd like to wish you a great weekend. See you next time with more good reads.

Developers will have to provide more information on app privacy stating in spring 2024

Apple announced requirements to provide privacy manifests for third party SDKs on WWDC23.

Starting in spring 2024, if your new app or app update submission adds a third-party SDK that is commonly used in apps on the App Store, you’ll need to include the privacy manifest for the SDK. Signatures are also required when the SDK is used as a binary dependency. This functionality is a step forward for all apps, and we encourage all SDKs to adopt it to better support the apps that depend on them.

Apple Developer

Additionally, developers will have to provide clarifications for some API usage. APIs that could be used for device fingerprinting will require clarifications for App Store review.

Starting in spring 2024, in order to upload your new app or app update to App Store Connect, you’ll be required to include an approved reason in the app’s privacy manifest which accurately reflects how your app uses the API.

Apple Developer

Apple Developer: Privacy updates for App Store submissions

Apple confirms that governments were using push notification statistics to surveil users

After a letter to DOJ by senator Ron Wyden Apple confirmed that governments were requesting push notification data to surveil users.

"In this case, the federal government prohibited us from sharing any information," the company said in a statement. "Now that this method has become public we are updating our transparency reporting to detail these kinds of requests."


Push notification statistics was used to match Apple ID with patterns of notifications for specific apps (for example, messaging apps). If app uses end-to-end encryption, contents of the messages could not be read by governments, but it is still possible to identify specific users by usage patterns.

Both Apple and Google were providing this data to governments.


Apple will provide developers with 25 hours of Xcode Cloud per month with every membership

Apple continues to promote Xcode Cloud with development community. Staring in 2024 developers will get 25 compute hours per month with Apple Developer Program membership.

Xcode Cloud, the continuous integration and delivery service built into Xcode, accelerates the development and delivery of high-quality apps. It brings together cloud-based tools that help you build apps, run automated tests in parallel, deliver apps to testers, and view and manage user feedback.

We’re pleased to announce that as of January 2024, all Apple Developer Program memberships will include 25 compute hours per month on Xcode Cloud as a standard, with no additional cost. If you’re already subscribed to Xcode Cloud for free, no additional action is required on your part. And if you haven’t tried Xcode Cloud yet, now is the perfect time to start building your app for free in just a few minutes.

Apple Developer

Apple Developer: 25 hours of Xcode Cloud now included with the Apple Developer Program

More resources for developers are added

Apple adds more resources for developers to Developer Portal. This includes:

Apple Developer: Hello Developer: December 2023

Apple provides more consultations on design and technology for developers

Apple added more slots for 1-on-1 consultations on technology and design topics for developers.

Have questions on designing your app or implementing a technology? We’re here to help you find answers, no matter where you are in your development journey. One-on-one consultations with Apple experts in December — and newly published dates in January — are available now.

We’ll have lots more consultations and other activities in store for 2024 — online, in person, and in multiple languages.

Apple Developer

Developers could schedule sessions on schedule page.

Apple Developer: New design and technology consultations now available

Bluetooth communications are still not safe in 2023

Multiple active exploits could affect iPhone use of Bluetooth.

Flipper Zero hacker tool could be used to trigger iPhone DDoS attack using Bluetooth signals by AirPods, HomeKit accessories, etc. These signals usually trigger popup on iPhone allowing to connect to headphones or perform other actions. Crafting these signals in a specific way could result in iOS restart.

Newly discovered BLUFFS attack could be used to impersonate devices and trigger disclosure of private information. It is not yet clear, if AirDrop is affected by this attack as it uses more than just Bluetooth to authenticate the device. However, it is still possible to hijack audio or other Bluetooth connection. Fix would require device manufacturers to modify security mechanisms of Bluetooth stack.


Weekend good reads for Apple developers #2023/48

It's December already. And we're getting our last installments of good reads in this year.

And this is it for today. Next week we'll have more great articles to read.

Rumor claims Apple Vision Pro is expected to launch in March, next model expected in 2025

Bloomberg reports that Apple Vision Pro development is not yet done and headset is expected to ship no earlier than March 2024.

Another report claims that Apple is expected to ship 400k units in 2024 and up to 10 million by 2026. Next generation device is expected to be available in 2025 with reduced price.

Beware, these rumors are not fully verified and should not be considered as facts.