Is it still conceivable to remain an anonymous developer nowadays?

If you prefer to use a pseudonym, why not just register an LLC? There are services out there that will register your company and be your registered agent in states that do not require your name ever made public (Wyoming for example). These services also provide a mailbox that would work for anything you need.

You can then get a business checking account (Mercury works well) with your newly registered business.

You can then create a business account on Apple and Google (and anywhere else).

All of the public facing information will be your company name. If you want more details or help, just ask here.

So.. I'd suggest a project of mine. Full disclosure, you require more than one burner device. Ultimately you'll want a VPN you can trust. Also - it depends how much your anonymity is worth to you, and your relative cost. Similarly - to whom do you want to be anonymous?

I wanted to create a fully digital individual. My goal was to go from end to end. I bought (in cash) a prepaid credit card. I used said prepaid credit card to sign up to the VPN, paying for 3 years - under the assumption the card is burned. With said VPN I created a paid for email account with a trusted service (not gmail or office). I used said email to sign up with a VOIP provider, to receive a telephone number that could receive SMSes.

Then, I signed up for a twitter, and a domain. Use the above to set up a corporation with nominee shareholders in the jurisdiction of your choice, same with bank account. Congratulations - you can now buy your certificate.

Now, using the funds of the corporation do everything above again - such that you're able to tie the corporation's CC to the outcomes.

There's a lot more - but this is a reasonable start.

This may be illegal where you live. At the very least, depending on how you use the above there are tax implications.

Does "turning into a real business" mean "making money"? If so, how do you expect to anonymously receive funds from the app store (or any other payment service provider).

The only way you could remain (externally) anonymous and comply with all the AML/KYC and other legal, corporate and service requirements (including taxation, etc) would be to have a company with a nominee director.

There are three levels of anonymity: anonymity to the general public, to Apple, and to a state-level actor.

Anonymity to the general public is very easy, incorporate a company behind some of the shell corporation mumbo jumbo that any corporate lawyer can prep for you, it will cost $ but it will be easy.

Anonymity from Apple could probably be pulled off by incorporating in a country with fairly weak transparency and having the company owned by an offshore trust.

Anonymity from a state level actor would be pretty hard. You'd have to have a shell corp in a foreign country owned by a shell corp in another foreign country and even that might not be enough.

I’d say it depends what you mean by anonymous. If you mean you don’t want every mention of your software to be “John Smith’s app” then just start a company. That would make it “Company X’s app.” No one would care much about who owns Company X or which of their developers wrote the code. You wouldn’t be completely anonymous, as you’re still the owner of Company X, but users referencing your apps wouldn’t know about or mention you by name. They could, but they won’t.

Yes, it is absolutely conceivable to be anon developer, except for officially publishing in the Apple/Google/MS walled gardens.

Then if you would want to accept donations or payments, anonymity is only possible with cryptocurrencies and cash-by-mail. The easiest one (anonymity wise) is Monero and the most popular one is Bitcoin.

It is, yes. You can simply self-sign and then tell users how to bypass the security warning, which is what you're already doing so what's the problem?

It's a common misconception that macOS forces all software to be signed by Apple. It doesn't. ARM Macs require all software to be signed, but crucially, any signature is OK at the kernel level. It's only at the first-run-from-finder level that Gatekeeper gets involved. This has been true from the start and I've seen over the years scattered comments from Apple developers that they view the Mac as a true general purpose computing device, and thus have no plans to change this. The ramped up signing requirements on ARM are more to do with simplifying the core OS by ensuring all code has an identity than stopping non-Apple approved software.

If you think users should trust you despite your anonymity then you can simply point them to Apple's official documentation on how to work around Gatekeeper:

https://support.apple.com/guide/mac-help/open-a-mac-app-from...

The process is straightforward if you know about it:

1. Download a self-signed or unsigned app.

2. Locate it in the finder.

3. Hold down the control key and right click it, then choose open.

4. Click open when the security alert appears.

Most people think you have to use the command line to open non-signed apps on macOS but it's not actually the case.

To self-sign an application you can generate certs using the Certificate Assistant in the Keychain Access app, or use OpenSSL from the command line. Then sign as normal. The fact that the cert doesn't come from Apple means Gatekeeper will ignore it, but, allows the app to run on ARM and ensures the OS has a stable identity it can use for assigning permissions across upgrades.

Hey! A couple days ago I launched anonfriendly [1]. It's a site that shows jobs where you can work pseudonymously. You might find it useful.

I launched on HN yesterday and it went #1. You might find that discussion [2] interesting as people were discussing the feasibility of working pseudonymously.

[1] https://anonfriendly.com

[2] https://news.ycombinator.com/item?id=31755025

If your app stands enough chance of making enough to cover the costs, you could probably hide your identity behind a company identity.

I recently found out that authors in the literary world often know each other's "pen names" -- it's a mutal professional respect that stops people from outing each other, not "opsec".

I'd try to take reasonable precautions, maybe cloud things a little.

I used to "post like a Canadian" sometimes -- include little references to Ottawa or poutine or whatever, throw in a few OUs... looks like you could do the opposite and be careful to write more "American" on your next project.

Also if you really want to go insane, start looking into styleometry, then styleometry as applied to code, here's two good starting points:

https://www1.icsi.berkeley.edu/~sadia/papers/anonymouth.pdf

https://oar.princeton.edu/bitstream/88435/pr1q24c/1/Deanonym...

Just small things, like writing a script that swaps tabs for spaces, single quotes for double quotes... anything that automates changing some very human part of your writing style, similar to how a handwritten note often has specific ways people cross a T or dot an i, will get you far, since your adversary will probably not assume you've been clouding your data since the 2000s or whatever.

As Banksy is said to have said : "My work speaks for itself, I'm a Painter not a talker."

You can easily be an anonymous open source developer at least.

No comment on the prospect of owning a company anonymously or publishing apps through Apple but in certain communities it is accustomed to be anonymous, particularly in those which knowledge of real-life identities could be used to gain items of value.

One omen of advice is that if you are not taking measures preemptively to actively remain anonymous that itself could be a means of exposure and makes this entire exercise futile. For longer-term anonymous identities merely picking a pseudonym and casually using it makes it easy to slip-up and potentially lead to correlation. Slightly dated now but suggest you read-up on 'OPSEC for hackers' and other publications by The Grugq as a starting point.

I've read your post on anonymity, considering that there are successful developers from Russia or some other fake-democracy countries for example, I don't really see why you should have any problems. And which kind of problems? Less revenues?

Opening a small company could probably be ok to preserve some sort of basic anonymity (meaning, it takes a variable but not negligible amount of effort to understand who the owner is).

Assuming you are in the US, and depending on your state laws, you can go to your County Clerks office and file an Assumed Name for Unincorporated Business (DBA). That is enough to open a business bank account and use that name for the Apple Developer program. It also won't have all your information plastered all over the place like LLCs/Corps (from personal experience with both)

Build a DAO for software engineers to sell their software together anonymously, bootstrap it with your own apps.

You can open an offshore company: https://www.expatica.com/working/self-employment/offshore-co...

Wait... there are "free Apple Developer Certificates"?

Publishing a closed source .dmg via github releases? Anonymously? What could possibly go wrong with that.

At least publish the sources, so people can compare it to the dmg contents.

This is not at all helpful to your current situation, but I found myself really wishing that you were working on Linux software ;-)

https://www.freeflow.dev allows you to work this way

This may have been a mistake. Apple will have a reason to revoke your certificate.

If writers can write under a pseudonym why can't coders?

Sure, just make many unsuccessful apps like me.

Is this an ad?

Inconceivable!

Do you know who is Satoshi Nakamoto?

As someone who grew up when they printed your address when your photo and name appeared in the paper, and when everyone had their name, telephone, and address in the telephone book -- this seems bizarre. Are you never planning to appear at a trade show and promote your product? Hiding who you are seems cowardly, or maybe you have nefarious motives with your program. Transparency and honesty are the best policies in business and personally.