Misuse of enterprise and developer certificates

There is some distribution of apps outside the App Store using provisioning profiles and enterprise certificates, which allows those apps to be installed on non-jailbroken iOS devices. This violates Apple's developer agreements.

Some of them used an expired provisioning profile that required the user to set the device's time back to 2012 before installing the app (the "date trick"). The ability to use expired profiles like that was fixed with iOS 8.1.

There is speculation that these misused enterprise certificates sometimes come from companies that got the certificates from Apple for a seemingly-legitimate purpose, then mysteriously "went out of business" and started up again using those enterprise certificates for shadier purposes.

It's not known how often iOS checks to see whether an enterprise certificate has been revoked. It's possible that iOS doesn't check very often.

Related, there are also people who sell access to normal iOS developer certificates, which allow you to self-sign apps to install them on non-jailbroken iOS devices, meant for developers working on apps. These certificates cost $99/year from Apple, but each certificate can be associated with 100 devices, so people sometimes sell some of those "UDID slots".

Examples

 * Pangu - uses a revoked enterprise certificate to help inject the jailbreak, which is removed after the jailbreak is complete.
 * iOSEmulatorSpot, JBWithoutJB, and NoJailbreakApps redistribute various apps developed by other people, mostly without permission.
 * Some piracy sites and tools distribute cracked App Store apps that have been re-signed using developer certificates.
 * "Popcorn Time releases iOS app tomorrow, no jailbreak needed", April 7, 2015