A security vulnerability in the payments system of the Cydia app store has led to its developer to close it down effective immediately.
Jay Freeman, formerly known as saurik, announced the decision in a Reddit thread as a response to news of the vulnerability first reported by one Andrew Wiik. Wiik found that Cydia users logged into the store were at risk of “unconsented cydia store purchases.” However, there was no risk of anyone’s data leaked and if users are not logged into the store, they should have no concern of being affected.
Moreover, as Freeman goes on to say, after more than 9 years of operation and iOS’s vast capability to adopt new features ahead of what jailbreak developers could open up, no one is using Cydia anymore:
The reality is that I wanted to just shut down the Cydia Store entirely before the end of the year, and was considering moving the timetable up after receiving the report (to this weekend); this service loses me money and is not something I have any passion to maintain: it was a critical component of a healthy ecosystem, and for a while it helped fund a small staff of people to maintain the ecosystem, but it came at great cost to my sanity and led lots of people to irrationally hate me due to what amounted to a purposeful misunderstanding of how profit vs. revenue works.[…]
However, given the push from Nullpixel and Andy Wiik to do something about it this morning […] I’ve had to reconsider my timelines; I have thereby gone ahead and shut down the ability to buy things in Cydia, effective immediately.
Cydia was Freeman’s most visible prong against what he sees as Apple’s brash consolidation of authority when it comes to its applications stores be it for iOS, macOS or otherwise.