I figured out the issue.

It sniffs your User-Agent.

If it says Linux, Bad Gateway error.







And it's specifically that too. If I delete "Linux" from the UA and resend the request, it succeeds. If I delete just the 'x' off the end, it succeeds. If I lowercase the 'L' it fails. They are deliberately blocking Linux users from managing their Apple ID if they have one.

Show thread

Wait what?

If I remove the "X11; " from the OS section of the UA, it succeeds. So they're sniffing for "X11; Linux" case-insensitive.

Guess Apple hates X11.

Show thread

@alexbuzzbee They know the year of the Linux desktop is soon(tm) so they must stop it at all costs

@alexbuzzbee how very strange. perhaps they ran one test, didn't like the result, and decided to just block 'the experience' altogether?

@alexbuzzbee let's keep in mind that this is the company that currently maintains Linux's printing subsystem

@zalandocalrissian @alexbuzzbee

> #Apple currently maintains
> Linux's printing subsystem

Very reassuring, indeed...

@Shamar @zalandocalrissian @alexbuzzbee Something I noticed when reading that: the file conversions incorporated into it are for us maintained separately. The ones maintained with CUPS are Mac OS-specific.

So far the core can still be compiled for Linux-based systems. But it is worrying.

@Shamar So that's why printing on Linux is just as good as MacOS. I never knew they were the same one, but I noticed that Mac/Linux support of printers is significantly less broken than on Windows.

@Shamar (Also I noticed the sarcasm, point stands.)

@alexbuzzbee Do you ever just really wish capitalism would stop fucking up software?

@typhlosion this is probably mood for you too.

@alexbuzzbee This sounds like an anti-competition lawsuit waiting to happen tbh.

Then again, with the FTC & FCC under the control of corporate CEOs atm, it probably wouldn't go anywhere even though it's as illegal as Microsoft's anti-competition practices that they were punished for in the 1990s & early 2000s.

@rick_777 @KitsuneAlicia @alexbuzzbee THAT'S WHAT WAS HAPPENING!!!

I ran into that this week trying to fix someone's new Mac, and could not figure out why it was failing only from my laptop. This is why I hate Apple.

@rick_777 @alexbuzzbee Even if they did and won, Apple would still only unblock it for the EU and the accounts would be region-locked so that someone in the USA couldn't use a proxy or anything.

I've seen it happen with the GDPR. The EU would get blazingly-fast sites while everyone here in the USA still has to deal with 90% of the bandwidth getting eaten up by trackers.

@rick_777 @alexbuzzbee The EU versions of many sites have ways to opt out of cookies and stuff. All we get here in the US is a notification that "by using this site, you agree to let us use cookies to personalize your experience" with no way to opt out.

@alexbuzzbee It may be for security purposes, since X11 lets any app sneak into each other

@espectalll @alexbuzzbee from that perspective, if your x11 is infected and they want to target this specific page, it is already possible to change the user agent. :shrug_akko:

@alexbuzzbee Maybe they balance the load based on UA (for UA-specific content) and one of the servers failed?

@alvarezp It’s also been suggested that an IPS is reacting badly to attacks with an X11; Linux UA.

@alexbuzzbee @alvarezp This is my thought, too -- some really, really shortsighted attempt at defense against some sort of attack.

That being said, I wonder how broad this "linux prevention" goes -- I've been using the wonderful, third-party site "" to use Apple Music on the web (since Apple doesn't provide a web interface, or even let you download the Apple Music app on ChromeOS), and it went down about a week ago, too.

@mdm @alexbuzzbee Yes. The problem is not so much that things fail, but how to make them aware. I wonder if they are not yet aware.

@alexbuzzbee @andreas I wonder if it came out of some incompatibility in the past or legal issue? It’s weird that they would block an entire os for no reason.

@alexbuzzbee maybe we should politely ask Apple about this? Assume it was a quick fix for something that's no longer needed and they forgot about it? I guess screaming at them in caps won't do any good...

@alexbuzzbee that’s odd, bc we have an iPad here at home and I have logged into iCloud from my laptop just last week to download photos with no problem (apart from that despicable service, which only allows you to download **one photo at a time**)... Or maybe this is a very recent thing.

@areppo iCloud works fine. It’s specifically

@alexbuzzbee maybe they blocked that user-agent because of spam? definitely a bad look for an OS vendor though

@alexbuzzbee Even if that were remotely okay to do, which it obviously isn't, that's... not what a 502 means!

@jomo @alexbuzzbee yeah, I had too call them to cancel my old apple id. Such a pain.

@jomo @alexbuzzbee it actually looks for Linux AND X11, I would say perhaps due to security concerns

@espectalll @jomo @alexbuzzbee if your security relies on user agents...... what are people paying you thousands of dollars for again?

@grainloom @jomo @alexbuzzbee it's not that, it's that you need to trust the clients to do their job. Sure, none of them are warranted to be safe, but X11 is vulnerable BY DESIGN. Even Windows won't just let any program catch any desktop I/O without admin permissions

@grainloom @jomo @alexbuzzbee yes, it's VERY easy to sort around. Yes, it's relatively easy to also detect false flags. And YES, the error message isn't very informative. AND YES, it's very opinionated and paternalistic if true. But it's Apple we're talking, after all.

@jomo @alexbuzzbee Seems to be fixed now, though, however; or not? I get a "HTTP/1.1 200" for "Linux" and "X11" and "X11; Linux".

@agbo @jomo It’s known to work for some now, but try “(X11; Linux)”.

@alexbuzzbee @jomo
:drake_dislike: increasing security of our services
:drake_like: just block Linux traffic coz they’re probably all hackers anyways

@alexbuzzbee "We know who our enemies aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaare." - Neutral Milk Hotel

@alexbuzzbee So... the website is refusing to work because people are on Linux?!

@alexbuzzbee Indeed, I can reproduce this behaviour. Strange.

@alexbuzzbee Maybe it's just a bug (i.e. a mistake, with no malicious intention). Like they used to do something specific for Linux, then got it broken somehow, and didn't notice yet.

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.