Apple says sideloading of iPhone apps would open users to serious security risks

nanoguy

Posts: 917   +12
Staff member
In context: Back in 2011, Phil Schiller told other Apple executives the company would one day have to adjust the revenue split from the App Store and pushed for a solution to be found before this would turn into a fierce fight against external pressures. Ten years later, the company is trying to get out of a situation that it could have avoided -- where developers and regulators are pressuring it into allowing sideloading of apps on iOS devices.

The App Store is a money printing machine that generated $643 billion in sales last year, which is why Apple uses every occasion to tout its role in the creation of an app-based economy that will soon reach $1 trillion per year. The company explained during the Epic Games trial that it's being wrongly accused of gatekeeping the App Store, and that it doesn't make nearly as much money from it as you would think.

Epic's lawsuit against Apple may not be successful in bringing Fortnite back on iOS, but it's already kicked in a public debate about the Cupertino giant's insistence on making the App Store the one and only way users can download apps on iPhone and iPads. Regulators in the US and the EU are scrutinizing Big Tech corporations and preparing a new set of antitrust rules that could see the tech industry change dramatically over the next few years.

Today, Apple unveiled a 16-page report titled "Building a Trusted Ecosystem for Millions of Apps," where it tries to make a case for why the App Store works the way it does and the impact sideloading apps would have on the security and users privacy protections that are currently in place.

Apple argues that allowing sideloading would open over 1 billion iOS users to serious security risks as malicious actors would have a huge incentive to exploit this new avenue for scamming users or installing malware on their phones. The company claims the strict App Store review process in combination with built-in iOS protections like running apps in a sandbox are the reason why iOS users see 47 times less malware in the wild when compared to Android users.

The timing of the report is interesting, as lawmakers are currently debating five antitrust bills that target tech giants like Amazon, Google, Apple, and Facebook.

Google, Facebook, and Amazon on Tuesday released statements where they warn of "significant negative effects" on consumers and small to medium sized businesses, from price hikes to degrading services that many depend on to earn an income. Google also believes the new bills have the potential to "undermine US technology leadership."

Apple didn't comment on the bills, but industry groups backed by and other tech and media companies expressed their concerns on the fast-tracking of the proposed antitrust legislation. The Cupertino giant is, however, aggressively lobbying against the bills, as Apple CEO Tim Cook personally called Speaker Nancy Pelosi on Tuesday to warn her that they have the potential to seriously disrupt the iPhone. Cook is also scheduled to have a virtual meeting with EU competition head Margrethe Vestager today.

Permalink to story.

 

Nobina

Posts: 3,291   +3,369
It definetely would. But that's like not wanting to leave the house cause it can be risky - miserable.

Androids sideloading is one of it's best features cause it opens a door to a whole new world of apps. Some of them can ofcourse be malicious but it's mostly FOSS apps that are way more privacy respecting than apps on Play Store.

One of my favorites is NewPipe which is a YouTube player that has Premium features and more but is free open source. I feel way more secure using that than anything made by Google.
 

gigantor21

Posts: 307   +491
TechSpot Elite
It definetely would. But that's like not wanting to leave the house cause it can be risky - miserable.

Androids sideloading is one of it's best features cause it opens a door to a whole new world of apps. Some of them can ofcourse be malicious but it's mostly FOSS apps that are way more privacy respecting than apps on Play Store.

One of my favorites is NewPipe which is a YouTube player that has Premium features and more but is free open source. I feel way more secure using that than anything made by Google.

NewPipe is exactly what I think of whenever Apple trots out this argument.

Security was never the main reason. Apple is perfectly willing to throw users under the bus in China and other autocratic countries for the right price. This is about control--and, ultimately, protecting their precious revenue streams from App Store purchases.
 

dangh

Posts: 256   +336
It is up to me of I take this risk of not. I have enabled dev account in my android device to install other application syores and all is good.
 

m4a4

Posts: 2,504   +2,906
TechSpot Elite
It shouldn't be up to Apple to nanny their customers to this degree. Give the option, give your "it's dangerous and we don't want you to" prompt, and then let the person sideload.

Or at least be publicly honest and say that the main reason why you won't is so you can keep your cash cow. No more of this "we know best"...
 

NeoMorpheus

Posts: 883   +1,677
Bunch of liars.

But of course they will say this, they will never say the real reason, sideloaded apps wont provide them with a cut, so they are resorting to lying.

Of course, the rabid cult members, especially the ones at Ars are running wild with that BS.
 

Dimitriid

Posts: 953   +1,766
The only "Security risk" they might face is being secure in their decision to break away from Apple's ecosystem and being able to try competing software.

I guess it's a type of risk for Apple not to be able to fully control their users and actively lock them into the devices via software, they risk losing a lot of money in secondary sales revenue.

Which if you can't tell by the tone, they *absolutely should* lose out on that money.
 

kiwigraeme

Posts: 481   +368
Johnny can't come out and play today.
.
.

All work and no play makes Johnny a Dull boy
.
.
Here's Johnny! - all that time under Mommas' petticoats has made Johnny strange.

Not to good for Billy either

Apple:
Aren't you ashamed?

Billy:
No, I'm not.

Apple:
You know Billy, what worries me is how your mother is going to take this.

Billy:
Um, um, well, y-y-y-you d-d-d-don't have to t-t-t-tell her, Miss Apple.

Apple:
I don't have to tell her? Your mother and I are old friends. You know that.

Billy:
P-p-p-please d-d-don't tell my m-m-m-mother.
 

p51d007

Posts: 2,832   +2,181
If you purchase a phone "under contract" you should stay within the contract. I never buy a phone under contract. When I purchase it, it becomes my property, to do with as I see fit.
I have no problem with Apple locking things down. That, is their ecosystem. It works well for
them. But, I like to set up my phone MY way. I don't want apps forced on my phone just because
a manufacturer says so. I may want apps that the manufacturer doesn't want. That is my
business.
 

Kirby1

Posts: 118   +185
Legally, I can't imagine apple could be forced to allow side loaded apps. I think it would be like telling Sony they have to let the playstation side load apps. As much as I dislike apple and their dirty anti consumer business model, I can't think of a good argument why they shouldn't be allowed to control their own product. I don't see how it would make sense legally to force them to allow their devices to run software they don't want it to run.
 

duckofdeath

Posts: 448   +586
Just chop that antitrust cartel up and we won't have to listen to this nonsense from those pathological liars again.
 

duckofdeath

Posts: 448   +586
Legally, I can't imagine apple could be forced to allow side loaded apps. I think it would be like telling Sony they have to let the playstation side load apps. As much as I dislike apple and their dirty anti consumer business model, I can't think of a good argument why they shouldn't be allowed to control their own product. I don't see how it would make sense legally to force them to allow their devices to run software they don't want it to run.
Legally, lawmakers makes laws. Their duty is simply to make the laws compliant with existing laws. There are plenty of examples where antitrust laws have been used to force Microsoft to remove, add or change features.
 

ypsylon

Posts: 385   +315
Of course not living in the US I have no first hand experience with proposed bill.

However I'm very surprised by Apple. They can turn this bill to their (financial) advantage. How?

Very simple. You provide an option in settings menu. Option to turn on sideloading (in essence jailbreaking the iPhone for the user). You have to confirm it with Apple 2FA system. Activating the option is a one-off, so you couldn't disable it and go back pretending it's normal device when contacting support for example. That fingerprint would be stored on Apple servers the moment operation was performed.

If you jailbreak the device you lose all rights to free Apple support (if available), you lose warranty, OS updates, App Store access and basically you have to fend for yourself.

Profit!
 
Last edited:

psycros

Posts: 3,567   +4,345
Of course not living in the US I have no first hand experience with proposed bill.

However I'm very surprised by Apple. They can turn this bill to their (financial) advantage. How?

Very simple. You provide a option in settings menu. Option to turn on sideloading (in essence jailbraking the iPhone for the user). You have to confirm it with Apple 2FA system. Activating the option is a one-off, so you couldn't disable it and go back pretending it's normal device when contacting support for example. That fingerprint would be stored on Apple servers the moment operation was performed.

If you jailbrake the device you lose all right to free Apple support (if available), you lose warranty, OS updates, App Store access and basically you have to fend for yourself.

Profit!

Was looking for this.
 

Hexic

Posts: 1,031   +1,523
TechSpot Elite
Was looking for this.

Unfortunately I believe this would directly contradict their own mantra of "protecting you from yourself" - and would open Apple up to the real, full world of apps and thus reduce their overall security on the platform. Doesn't sound good on sound bites, no matter how much sense it may or may not make.

I think this will be the Achilles heel of iOS [eventually] if they maintain their walled-garden approach. In my opinion, it's not a long-term formula for success. Android will always have the upper hand in compatibility, integrations, and freedom because of this, IMO.