side load application

Deploying to Mac OS? Ask Mac OS specific questions here.

Moderators: Klaus, FourthWorld, heatherlaine, robinmiller, kevinmiller

Post Reply
chipsm
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 208
Joined: Wed May 11, 2011 7:50 pm
Location: Southern California

side load application

Post by chipsm » Thu Sep 14, 2017 6:16 pm

is there a way to side load an application into an IOS device without going through the Apple iTunes store?
I know that I can do this with an Android Device.
Clarence Martin

jmburnod
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 2359
Joined: Sat Dec 22, 2007 5:35 pm
Location: Genève
Contact:

Re: side load application

Post by jmburnod » Thu Sep 14, 2017 6:36 pm

Hi,
is there a way to side load an application into an IOS device without going through the Apple iTunes store?
Yes. First you have to create an iOS Apple account (99$ for one year) and get certificate and provisioning profile.
Once that is made you can transfer your app on your iPad with xCode and you can do this for 100 devices for tests.
Airlaunch is a excellent tool to make this simply for several devices
You may also use iTunesConnect and TestFlight.
(I can't say something clever about them, I now test them and that is an hard experience)
Best regards
Jean-Marc

richmond62
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 3442
Joined: Fri Feb 19, 2010 10:17 am
Location: Bulgaria

Re: side load application

Post by richmond62 » Thu Sep 14, 2017 7:25 pm

1. Download this onto your computer:

http://www.cydiaimpactor.com/

Step 2: Connect your iPhone or iPad to your computer using a USB cable.

Step 3: Open Cydia Impactor and drag and drop your IPA file onto it.

Step 4: You’ll be prompted to enter your Apple ID and password, which is sent to Apple to generate a signing certificate.
If you’re concerned about this, you can create a new Apple ID and use that instead.

Step 5: Once you enter your Apple ID information, Cydia Impactor will begin installing your program onto your device.
After it’s done, you should see the app’s icon on your device’s Home screen.

Step 6: Before opening your program, go to Settings -> General and tap on Profile (or ‘Device Management’).

Step 7: Find the profile labelled with your Apple ID and open it.

Step 8: Tap on the Trust button.

Step 9: Go back to the Home screen and open your program.

chipsm
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 208
Joined: Wed May 11, 2011 7:50 pm
Location: Southern California

Re: side load application

Post by chipsm » Thu Sep 14, 2017 10:57 pm

Thanks all.
Clarence Martin

jacque
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 5080
Joined: Sat Apr 08, 2006 8:31 pm
Location: Minneapolis MN
Contact:

Re: side load application

Post by jacque » Fri Sep 15, 2017 5:49 pm

Cydia Impactor appears to be a hacking tool. It may be fine but I wouldn't trust it.
Jacqueline Landman Gay | jacque at hyperactivesw dot com
HyperActive Software | http://www.hyperactivesw.com

richmond62
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 3442
Joined: Fri Feb 19, 2010 10:17 am
Location: Bulgaria

Re: side load application

Post by richmond62 » Fri Sep 15, 2017 7:12 pm

I have always wondered about the word "hacking". When I studied programming at the
University of Durham in 1984 it had positive connotations.

If by "hacking" you mean "getting round restrictions placed on machines by the manufacturers",
then "hacking" is what Cydia Impactor does.

But "getting round restrictions placed on machines by the manufacturers" does not always
have to be bad or illegal.

http://iphonecydiaios.com/download-cydia-impactor/
Last edited by richmond62 on Wed Sep 04, 2019 7:43 am, edited 1 time in total.

capellan
Posts: 609
Joined: Wed Aug 15, 2007 11:09 pm
Contact:

Re: side load application

Post by capellan » Fri Sep 15, 2017 8:43 pm

Thanks a lot Richmond for posting this link to Cydia.
Just today, I am learning about these bugs in mobile OS.
http://www.saurik.com/id/17

I keep wondering... It's just me that find disheartening that Security Researchers
discover and publish first about these bugs, instead of their creators???

Very disheartening... :(

Al

jacque
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 5080
Joined: Sat Apr 08, 2006 8:31 pm
Location: Minneapolis MN
Contact:

Re: side load application

Post by jacque » Fri Sep 15, 2017 11:35 pm

capellan wrote:Thanks a lot Richmond for posting this link to Cydia.
Just today, I am learning about these bugs in mobile OS.
http://www.saurik.com/id/17

I keep wondering... It's just me that find disheartening that Security Researchers
discover and publish first about these bugs, instead of their creators???
In this case, the bug was reported to Google very early and they worked around it in the Play Store before it became public. The September security patch which was just released fixes it on user devices too, though some vendors are slow to release patches and some devices will never receive them.

Google has changed the way they verify Play Store uploads now, so this attack will no longer be possible.
Jacqueline Landman Gay | jacque at hyperactivesw dot com
HyperActive Software | http://www.hyperactivesw.com

richmond62
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 3442
Joined: Fri Feb 19, 2010 10:17 am
Location: Bulgaria

Re: side load application

Post by richmond62 » Sat Sep 16, 2017 10:46 am

this attack will no longer be possible
I must be a bit goofy, but I have 2 questions:

1. Why use the extremely negative word "attack" for finding a way to install some software on a machine one owns?

2. If I want to jail-break, smash, dunk in water, or whatever with a tablet/phone/computer I have paid good money for
then why should companies who make operating systems and/or hardware try to stop me?

Android is, supposedly, open source Linux, and as such should be accessible in all respects.

jacque
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 5080
Joined: Sat Apr 08, 2006 8:31 pm
Location: Minneapolis MN
Contact:

Re: side load application

Post by jacque » Sat Sep 16, 2017 6:28 pm

I used the word "attack" because the article that was linked to was discussing malware vulnerabilities. My response was about how the attack was made known to Google long before it went public, and Google has put preventative measures in place.

I agree you can do whatever you like with your own devices, and many do. However, stripping your phone of all malware protections is generally a poor decision.
Jacqueline Landman Gay | jacque at hyperactivesw dot com
HyperActive Software | http://www.hyperactivesw.com

richmond62
Livecode Opensource Backer
Livecode Opensource Backer
Posts: 3442
Joined: Fri Feb 19, 2010 10:17 am
Location: Bulgaria

Re: side load application

Post by richmond62 » Sat Sep 16, 2017 7:06 pm

stripping your phone of all malware protections is generally a poor decision
I agree with that wholeheartedly.

What I do not agree with is that Google makes the decision as to what constitutes malware for me.

Whether Cydia Impactor (which is NOT for Android, but for iOS) constitutes malware or Apple have labelled it as such
because it allows end-users to nibble into their revenue stream is an interesting question.

One should remember that any decisions and/or judgements handed down by Microsoft, Apple, Google or
any of the other Commercial Major "Players" will inevitably be tainted by their interests.

FourthWorld
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 6774
Joined: Sat Apr 08, 2006 7:05 am
Location: Los Angeles
Contact:

Re: side load application

Post by FourthWorld » Sat Sep 16, 2017 7:34 pm

richmond62 wrote:One should remember that any decisions and/or judgements handed down by Microsoft, Apple, Google or
any of the other Commercial Major "Players" will inevitably be tainted by their interests.
Of course. As it is with any business in any industry. It would be both illogical and a violation of fiduciary responsibility to their investors to do anything against their own interest.

If you want freedom in an OS you'll want Linux, the most prolific OS that has complete freedom to use or modify however you like explicitly guaranteed in the license.

KDE's Plasma Mobile runs on a few different phone models:
https://plasma-mobile.org/

The folks at Purism, who make what is arguably the world's most secure laptop, are crowd-funding a Linux-based phone:
http://www.omgubuntu.co.uk/2017/08/puri ... owdfunding

And you can build a smartphone yourself with a Raspberry Pi as a base:
https://fossbytes.com/make-zerophone-op ... martphone/
Richard Gaskin
Community volunteer LiveCode Community Liaison

LiveCode development, training, and consulting services: Fourth World Systems: http://FourthWorld.com
LiveCode User Group on Facebook : http://FaceBook.com/groups/LiveCodeUsers/

jacque
VIP Livecode Opensource Backer
VIP Livecode Opensource Backer
Posts: 5080
Joined: Sat Apr 08, 2006 8:31 pm
Location: Minneapolis MN
Contact:

Re: side load application

Post by jacque » Sat Sep 16, 2017 9:49 pm

richmond62 wrote:Whether Cydia Impactor (which is NOT for Android, but for iOS) constitutes malware or Apple have labelled it as such because it allows end-users to nibble into their revenue stream is an interesting question.
There are two (fairly unrelated) issues being discussed. The first is the ability to control the device you've purchased, which is what you're talking about. My response about "attacks" is a different issue, addressing the link which discusses an Android vulnerability, where I pointed out that Google was notified well ahead of the public announcement:
Just today, I am learning about these bugs in mobile OS.
http://www.saurik.com/id/17
To your point: Apple is deeply concerned about users contracting malware because their reputation depends on iOS being invulnerable. To that end, iOS does not allow any installations that are not properly signed and downloaded from the App Store where the app has been thoroughly vetted before release. I understand this. Using any workaround could be dangerous, and potentially open up your device to attack threats. If you trust this company then go ahead -- but be aware that you don't know what they are doing with your data or your installations.
Jacqueline Landman Gay | jacque at hyperactivesw dot com
HyperActive Software | http://www.hyperactivesw.com

LCMark
Livecode Staff Member
Livecode Staff Member
Posts: 1030
Joined: Thu Apr 11, 2013 11:27 am

Re: side load application

Post by LCMark » Tue Sep 03, 2019 6:28 pm

I feel that I should urge any readers of the suggestion of using Cydia Importer to side-load applications as suggested in the post above to do so with the utmost care.

Specifically:

Do not use it on any iOS device which you use on a day-to-day basis and as a result holds saved login details for any services which you use. e.g. banking apps, mail, amazon - indeed any accounts which, in particular, may contain or allow access to details such as your bank account or credit card details.

Do not use your usual apple id, instead setup one up with a throw away email address and use that on the device you are installing on.

Do not install any IPAs you have not built yourself (and thus, by extension, have the source-code and thus know precisely what it does!).

The reality is that whether you like them or hate them, the restrictions put in place by Apple and Google which restrict the ways you can install apps on devices running their OSes is at least (in part!) motivated by protecting you from nefarious individuals who use computer software to try and do you harm.

For all we know the tool could, at the very least, be harvesting apple-ids and passwords; and, indeed, could be exploiting a vulnerability exposed by a USB connection to install malware, or cripple the security protections which would prevent malware being installed from doing such a simple thing by browsing to a compromised website.

Of course, it might be doing neither of these things and it might be an entirely safe way to side-load iOS apps - but until I see any proof of that, I'd be very very cautious!

Post Reply

Return to “Mac OS”