Apple Event: May 7th at 7 am PT

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Level 1

10 points

Why does iTunes 10.7 try to contact the domain bogusapple.com?

I have noticed a lot of strange behavior from iTunes over the past few days, both in the Mac app, the iOS apps, iTunes Match, iTunes in the Cloud, etc. Servers are down, purchases aren't showing up, my iPhone 5 doesn't automatically download (and when I finally got it enabled, it showed up as an iPhone 4S under the iTunes in the Cloud settings), etc.

Also, just now, I tried to search for an app using the Mac app and Little Snitch reported that it was trying to reach bogusapple.com on port 443. Does anyone have any idea what this is? I can't imagine Apple seriously using such a dodgy sounding domain name.

Posted on Sep 30, 2012 10:45 PM

21 replies

Oct 1, 2012 3:32 PM in response to kluivers

I don't believe it is a connectivity check. The request actually happens with almost every browse action in the iTunes store (i.e. every time a click a link to open a new page in the iTunes store).

The reference to bogusapple.com is actually in the HTML returned by the store, setting a value in a Javascript array "its.serverData". The actual assignment appears to be setting the properties required to log things over https to an Apple server:

"ITSLogger.ServerReportingProtocol": "https",

"ITSLogger.ServerReportingDomain": "bogusapple.com",

"ITSLogger.ServerReportingApp": "MZUserXP",

"ITSLogger.RecordStatsAction": "recordStats",

"ITSLogger.SenderName": "ITSClient"

The full HTML response for an arbitrary query is here:

http://pastebin.com/DCu047Vq

This continues to suggest to me that this is a mistake, with the bogusapple.com server being used internally for development, at the very least as a meaningless placeholder, but possibly as a development server for testing (among other things) the ITSLogger.

Oct 1, 2012 3:36 PM in response to fasgf354qvt2b5

You've just confirmed what was my current best theory. It's a mere link display issue in their Store views. They have the ability to 100% transparently fix the problem.

That's good to know, practically speaking. But a bit disappointing, personally speaking 🙂.

Oct 1, 2012 4:02 PM in response to VxJasonxV

Disappointing indeed. 🙂

As you suspected, fixing the error is easy, so much so they appear to have already fixed this issue; now the relevant assignment corrects the server to metrics.mzstatic.com.

"ITSLogger.ServerReportingProtocol": "https",

"ITSLogger.ServerReportingDomain": "metrics.mzstatic.com",

"ITSLogger.ServerReportingApp": "MZUserXP",

"ITSLogger.RecordStatsAction": "recordStats",

"ITSLogger.SenderName": "ITSClient"

Does Apple give finders fees for finding bugs? Or will they just delete this thread outright? 🙂

mzstatic.com has a long history of being contacted by iTunes (e.g., https://discussions.apple.com/thread/2791289?start=0&tstart=0); it is hypothesized to be part of MarkMonitor.com though the domain is registered to Apple.

Of course, the question remains: what are they logging, exactly? And why is it client-side instead of server-side?

Oct 1, 2012 4:11 PM in response to fasgf354qvt2b5

Wait, statistics and metrics? That means that this was never intended to test a failure state, but instead was probably just some placeholder error on the part of a developer.

Interesting. Very nice find.

Now I wish I had been more interested in examining the full payload on the server side 🙂. (Note: THICK, THICK, SARCASM!)

Oh well.

Oct 2, 2012 10:54 AM in response to amfek

Hmm... they probably forgot how to follow dots :-) ..in this case that dot has been completely forgotten: that one between bogus and apple.

bogus.apple.com actually has an MX record pointing back to apple.com MTAs.

Preparing to send email back to mothership?

Oct 2, 2012 12:31 PM in response to Rocco Lucia

iTunes doesn't e-mail.

Why does iTunes 10.7 try to contact the domain bogusapple.com?