Super Mario Zips Through A Loophole In Apple's App Restrictions

Update, July 17: Apple has partly closed the loophole that made it possible to play Nintendo games on iGadgets.

Lots of gamers have long wanted to play classics like Pokémon and Super Mario on the iPhone. Unfortunately, publishers like Nintendo have no desire to undermine their own handheld ecosystem. Those determined to bring GameBoy functionality to their iDevices have pretty much been forced to jailbreak them.

No longer, at least for the moment. Thanks to an unexpected loophole in Apple's developer restrictions, it's currently possible for anyone to install a fully functioning Game Boy Advance emulator on the iPhone or iPad for free—without jailbreaking their device. Emulator developer Riley Testut created the app, called GBA4iOS, by basing it on another popular jailbreak emulator called gpSphone. 

Everything an iPhone Nintendo fan needs is on Testut's GitHub page. It's possible to download the app straight to an iPhone via mobile Safari in three basic steps that don't require the input of any personal information or validation of the phone's UDID, an identifying number typically necessary to install test versions of apps that aren't yet available in the App Store.

All this requires at least some technical expertise. But once it's installed, the GBA4iOS app then makes it easy to find and download unlicensed Nintendo games to play. ReadWrite doesn't condone piracy, so we're not going into any more detail on that subject.

Through The Loophole And Back Again

Testut basically exploited a loophole in Apple's iOS Developer Enterprise Program, which was designed to let an organization sideload test apps for a large number of users without jumping over the usual developer hurdles of registering UDIDs and installing "provisioning profiles" that allow otherwise unauthorized apps to run on normal (i.e., non-jailbroken) iDevices.

Because the program is designed for effortless app downloads, it imposes few restrictions—sidestepping, for instance, the requirement in regular iOS developer program that limits downloads to 100 devices—and no requirements on the user end at all. 

Testut and the Game Boy Advance emulator exploit that system via work done by a company called MacBuildServer. You see, Testut didn't actually build the GBA4iOS app that users download through the GitHub link. Rather, he just uploaded the app code to GitHub.

Under normal circumstances, that allows anyone else to compile the app—that is, to build a functional version from the underlying code—on their own using Apple's Xcode application and to register it through their own enterprise developer account. That's the hard way, not least because it requires anyone downloading GBA4iOS to deal with Xcode.

The easy way is to have someone else build the app for you, without restrictions, thanks to the Enterprise Program and it's rather unorthodox leniency. MacBuildServer, a company whose main function is helping developers ease the development process by cutting Xcode out of the equation, has such an account, and Testut used it.

So to do this the easy way, a user submits Testut's Github code to MacBuildServer, which automatically builds the app, signs off on it with the company's own enterprise program account, and installs it directly to the user's device.

Asked by WonderHowTo's Nelson Aguilar as to why the company would allow this, MacBuildServer co-founder Sergey Dmitriev explained, "Every user of MacBuildServer should have their own certificate and sign their apps with it." 

Turns out, though, that anyone going through this process doesn't actually need their own certificate. "We do sign the apps compiled with MacBuildServer with our own enterprise certificate just to show how easy the whole process works, this implies that you only use it to test the apps. We do not have any limits (at least we never reached one)," Dmitriev added. 

So if you download Testut's GBA emulator, just tell yourself that you're only "testing" the app. In other words, Testut is running what's probably the biggest beta test in iOS history—and using it to "test" an app that would stand no chance of ever being approved by Apple under normal circumstances.

Boss Fight!

It's hard to imagine that Apple is happy with this state of affairs, though it's not immediately clear what, if anything, it plans to do about it.

Apple might, for instance, close the loophole that lets Enterprise Program users sign certificates for other users. It could also impose a device limit on the program that would prevent the Nintendo-loving masses from installing the GBA4iOS app via MacBuildServer's enterprise account.

Neither step, of course, would prevent someone from obtaining their own enterprise developer account and compiling the app themselves using Testut's GitHub code and the Xcode compiler. Alternatively, the eager Zelda fan could still have MacBuildServer compile the app by providing their own enterprise account details,per Dmitriev's ethical suggestion.

There are a lot of options here, although they are somewhat daunting for those not technically inclined. Jailbreaking a phone is quite possibly easier, though it also entails other risks.

Of course, Apple could also lower the boom on MacBuildServer and Testut to nix the whole operation. That might seem like a disproportionate exercise of Cupertino's muscle, especially given that neither Testut or MacBuildServer are making money from it. But copyright concerns have forced even more extreme reactions in similar cases.

ReadWrite has reached out to the Mac overlords, and will update the story if we hear back. 

In the meantime, any iPhone user who's been dying to take another go at Pokémon Fire Red but doesn't want to jailbreak their device has a window to make that happen.