Apple server bug leads to corrupted App Store downloads

If you downloaded Instapaper, Angry Birds Space, or GoodReader from Apple's App Store over the past couple days, you may have discovered that the app crashed nearly instantly when you attempted to launch it. Those apps—along with more than 100 others and counting, according to Instapaper developer Marco Arment—got bitten by a bug on Apple’s end that ended up corrupting functional, approved app updates, causing the crashes.

Apple hadn't responded to Macworld’s request for comment by the time we first published this story. Around 6:00 p.m. PT, Apple acknowledged the problem to Macworld, describing it as “a temporary issue that began yesterday with a server that generated DRM code for some apps being downloaded.” Apple added: “The issue has been rectified and we don’t expect it to occur again.”

Arment announced the availability of Instapaper 4.2.3 late Tuesday, July 3. Not 15 minutes later, he posted a second update documenting what he called “a serious problem” with the update.

Customers who downloaded the Instapaper update in iTunes saw error codes; attempts to run the app on an iPhone or iPad were met with immediate crashes back to the home screen. As you might expect, the updated app was quickly hit with a flurry of one-star reviews.

Worse still: Arment was powerless to fix the bug. The app worked in his testing, and of course it had successfully passed the App Store review process. Through corroborating reports from other developers, coupled with the fact that many users were able to fix the issue by deleting and reinstalling the app a short while later, Arment (and similarly affected developers) concluded that the issue with the affected apps rested entirely on Apple’s end.

The problem, those developers report, arises for those iOS users who spot app updates very quickly. On the GoodReader blog, developer Good.iWare writes:

While in theory Apple’s servers must be ready to distribute the new app binary by the time they start sending update notifications to users’ devices, something goes wrong inside Apple’s distribution servers, and customers receive a damaged binary instead of the good one that we’ve sent to Apple. The exact reason is up to Apple to determine, but it looks like some binary encryption that happens internally in the App Store is only halfway-done at this point, and customers receive incorrectly (or partially?) encrypted binaries to their iPads. Those binaries do not get recognized by iOS as valid App Store executable binaries, and iOS simply refuses to launch them.

Arment, via email, told Macworld that although he obviously has no direct knowledge regarding the specifics of Apple’s internal server setup, “it looks a lot like corrupt binaries being published first, then being cached on a bunch of [servers distributed around the world], and eventually fetching fixed, working binaries once those caches expire.” After waiting a bit, users who reinstall the affected apps again do indeed find that they start working.

Of course, many users won’t know that fault lies with Apple and not the developer—hence all those one-star reviews that Instapaper scored in the moments following the corrupted app’s release.

Sources told Macworld that Apple will be removing one-star app reviews developers earned unfairly because of the company’s server issue. On Friday morning, MacStories reported that indeed Apple had removed all reviews for the latest versions of the affected apps.

Updated July 5 at 6:00 p.m. PT with references to Apple’s public statement and information about reviews; updated July 6 at 6:00 a.m. PT with confirmation that Apple had removed reviews for the affected apps.

Subscribe to the iOS Tips & Trends Newsletter

Comments