Apps that are outliving their developers

What happens when apps that are no longer supported by their developers live on in your phone? Learn about the security, memory and other consequences of leaving discontinued apps lying around.

January 19 2018 by

Liarna La Porta

An iPhone against a dark wood background with the

Have you ever given thought to “dead” or discontinued apps and what developers do when they decide to end-of-life their apps? It’s the developer’s responsibility to remove them from the app stores, but developers are not given the ability to remove those apps from your phone.

Think about app production like newspaper production. You can’t just go into people’s homes and take your discontinued newspaper off their coffee table.
Developers face a difficult position here. They can remove their discontinued apps from the app stores, but this might upset users that still run these apps frequently. Maybe it’s best to leave them there and sneak away quietly…

The annoyance of disappearing apps

From an end-user perspective, disappearing apps can cause quite the upset. Imagine you had an app on your phone that you loved and used all the time. Then, one day, you buy a new phone. You go to the app store to redownload it and you realize it’s not available anymore. Even more frustrating when you’ve paid good money for it.

For Android and iOS users, backing up apps is pretty simple, so even if an app you’ve paid for and downloaded is pulled from Google Play Store or Apple App Store, you can still restore that app from your previous phone’s backup. There’s no guarantee that the app will work optimally forever, but at least you’ll always have the version you own available.

Zombie App-ocalypse

Now for the downside – you obviously won’t get bug fixes or updates since the app is now “dead” but still in use. These zombie apps are now in a prime position to be exploited by hackers, offering fake updates or targeting known vulnerabilities that were never patched. According to research, while malware can be found on less than 0.5 percent of apps, dead apps represented as much as five percent of total apps found on enterprise devices.

As a business trusting hundreds or thousands of mobile devices to carry and store your sensitive corporate data, you can’t have these holes reducing the effectiveness of your security armor.

The app stores do sometimes do their bit by removing old apps – whether it be for security or vulnerability concerns (like data leaks), violation of app store terms and conditions, developer end-of-life plans or other reasons – but they remain on users’ mobile devices.

A discontinued app that is no longer available from the respective app store is an app that can no longer be updated to address bugs or vulnerabilities. In some cases, the app may have been abandoned or the domains associated with the apps may have expired. So should the app stores do something about removing them from your phone too? Whose responsibility is it?

The dead weight of dead apps

Aside from security issues, these abandoned apps that are no longer updated and maintained by their developers might also be causing performance and storage issues on your device.

iOS has a useful feature in the storage settings that shows the last used date for each app on your phone, and it also gives you the option to have apps that are inactive for a certain amount of time automatically offloaded when your storage is low.

If you are running hundreds of apps on your device and don’t have the time to manually go through your apps to remove them, this is a useful way to purge the old apps that you aren’t using frequently. Should you decide to reinstall them, they will only reinstall if they are still available on the App Store.

But what about apps that you do use frequently that have been abandoned by their developers? Should Apple have another function that goes one step further to alert you to those apps that have been removed from the App Store?

RIP 32-bit apps – and other App Store purges

The most recent major purge of iOS apps was ahead of the introduction of iOS 11. Developers had to scramble to update their 32-bit apps to a 64-bit version in order to be compatible with iOS 11.

So if you had a 32-bit app still installed on your phone, it would fail to launch and you would receive an error message saying the developer needs to update their app.

Before that, Apple did a number of major purges in 2016 as part of an effort to remove problematic or abandoned apps. Research from Sensor Tower shows that in October 2016, around 47,300 apps were removed as part of this effort, around 3.4 times more than the average month.

The removal of discontinued apps from the app store didn’t affect the user experience for those that still had the apps but new users searching for the apps wouldn’t be able to find them.

So the apps that have been long gone from the App Store live on on users’ phones. If Apple deems them unworthy for the store then surely users should really be questioning their value on their devices. Unless they have good reason to keep them.

Ways for discontinued apps to live on

Since there is no way to have a discontinued app removed from your device by the developer nor the app stores, then theoretically, an app could outlive its developer. It could continue being migrated over from device to device via iCloud or other backups long after it’s been removed from the app stores.

Unless there was a way for a developer to end-of-life their existing deployments. But do users really want to hand over that control to developers or app stores? They might hold important data that users haven’t had a chance to back up yet. This is especially relevant for password-keeping apps.

What do you think?

Should there be a way to remove discontinued apps from end users devices? And if so, who should be responsible, the app stores or the developers?

Find out how Jamf Threat Defense can help your company to counter security threats to employees' devices.

Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.