In the past, things like this used to be done for signing certificate rollovers.
NeoBild 1 hours ago [-]
The FairPlay certificate rotation theory makes the most sense. Apple has done silent re-signing before when DRM certificates expired. What's unusual here is the update note surfacing in the App Store UI at all — that's probably an unintended side effect of whatever pipeline they're running this through, not intentional transparency.
eecc 2 hours ago [-]
hmm, my money is on some actively used 0-day exploit that Apple is sealing shut before the CVE gets announced.
By the looks of the app list, they seem to be apps and games that used to be popular and have fallen in disrepair and apps that are starved of maintenance attention.
On the one hand it could be an exceptionally good example of "stewardship"; on the other hand, if this is true, what if authorities could later compel Apple to manipulate applications in some malign manner?
iso1631 1 hours ago [-]
If you are worried about apple being compelled to do something, then they can do that at the OS level rather than something obvious in the
I think this is simply updating some api call which no longer works properly, coupled with the terrible "changelogs" that are the norm on the app store. Someone down thread mentioned certificate rollover.
A sensible changelog would be "update expired certificate", or "fix integration with ios 26.2", or "patch security issue"
An actual changelog would be "we're bringing you ever more great new improvements"
Here's the latest Audible one:
> At Audible, we're always making updates and improvements to make your listening experience better.
> If you're experiencing issues, please reach out to customer services. For feedback or suggestions contact us at audible.co.uk/help
This is the same every time, because these changelogs are meaningless.
hdgvhicv 3 hours ago [-]
Vast majority of change logs are along the lines of “implements to make things better”
akimbostrawman 1 hours ago [-]
that's proprietary software for you
politelemon 3 hours ago [-]
Neither developers nor consumers should be comfortable with this, as this breaks the trust model and is extremely worrying. The site is of course downplaying it given its name, which is a huge shame.
calmingsolitude 1 hours ago [-]
What trust model? Is there anyway to verify that an app from the app store is the same as the one the developer uploaded?
gbil 3 hours ago [-]
I saw this the other day in a couple of apps, I've checked other apps and didn't have that, did a quick check on HN frontpage and saw nothing and said wth I'll update to see if something changes in the app or there is a message. Got nothing, and didn't think more about it but I'm not sure why, is it the "trust in the process" thing or what?
merelysounds 3 hours ago [-]
Speculation for fun: I always thought popular apps can use private apis or are handled in a special way by the OS itself. If yes, perhaps this is related.
Then again I found no source for that - and some certificate rollover seems more likely.
3 hours ago [-]
ting0 2 hours ago [-]
Has anyone ever done a proper security audit of VLC that is downloaded from the web? I don't trust it, and the fact that their releases on Github don't include binaries makes me trust it even less. Nobody is compiling VLC from source, and they don't provide any sort of provenance from the GH actions pipeline.
kykat 2 hours ago [-]
All linux distros build VLC from source
ohhman11 2 hours ago [-]
This seems utterly pointless to worry about. You're fucked either way if you trust VLC.
bloudermilk 2 hours ago [-]
Care to elaborate?
NSUserDefaults 4 hours ago [-]
Could be a fix for per-device asset optimization that got messed up somehow.
Someone 3 hours ago [-]
FTA: “The update text is appearing on apps that have not been updated in some time, as well as apps that received recent updates, so it's not clear what the apps have in common.”
⇒ I think that’s unlikely. If some optimization got broken that produces results that bad that it has to be fixed, users would have noticed in those apps that “have not been updated in some time”.
charcircuit 2 hours ago [-]
This sounds like a bug with the App Store app than a new update actually being installed.
swizz89 4 hours ago [-]
Is it a conspiracy, or just a bug in the app store? Nobody knows.
Rendered at 11:36:12 GMT+0000 (Coordinated Universal Time) with Vercel.
By the looks of the app list, they seem to be apps and games that used to be popular and have fallen in disrepair and apps that are starved of maintenance attention.
On the one hand it could be an exceptionally good example of "stewardship"; on the other hand, if this is true, what if authorities could later compel Apple to manipulate applications in some malign manner?
I think this is simply updating some api call which no longer works properly, coupled with the terrible "changelogs" that are the norm on the app store. Someone down thread mentioned certificate rollover.
A sensible changelog would be "update expired certificate", or "fix integration with ios 26.2", or "patch security issue"
An actual changelog would be "we're bringing you ever more great new improvements"
Here's the latest Audible one:
> At Audible, we're always making updates and improvements to make your listening experience better.
> If you're experiencing issues, please reach out to customer services. For feedback or suggestions contact us at audible.co.uk/help
This is the same every time, because these changelogs are meaningless.
Then again I found no source for that - and some certificate rollover seems more likely.
⇒ I think that’s unlikely. If some optimization got broken that produces results that bad that it has to be fixed, users would have noticed in those apps that “have not been updated in some time”.