It would kill Mac OS.
Apple Says Allowing Sideloading on iPhone Would Expose Users to Serious Privacy and Security Risks
- Thread starter MacRumors
- Start date
- Sort by reaction score
cupcakes2000
macrumors 601
Its nothing like jail breaking. Jail breaking is a process you have to find out about and then painstaking apply. Even if there is a hidden switch buried deep in ios, it will be still be attainable by nefarious groups or devs to vulnerable people.
iPhone are a computing device for those that dont know anything about computers. Nans and grandads use them, some of whom have never even touched a mac or windows pc.
There are a ridiculous amount of iPhones in the world. I’m sure you have heard of phishing? So, side loading is forced, and orchestrated phishing attempts en masse start spamming emails, facebook, whatsapp - everyone uses these right?
So not everyone is going to fall for the classic Nigerian prince, but people that dont understand this stuff can easily fall for a fake National Lottery page, for example, which instructs you to download the application, switches and all. Bank details, direct debits, information stealing, ‘special offers’. Could be years before someone realised.What would you do if that was you Mom or Nan?
Everyone knows apple stuff. Everyone knows it’s safe, and everyone knows it’s almost foolproof. But only fools doesn’t understand why this is the case.
The fact of the matter is, Android manufacturers make equal or better phones depending on what you want. And you can do what you want with the OS. Just go there…? It’s obvious, no? Why even bother with apple in the first place? Baffles me. All it is is grown adults acting like children because they want something they cant have. The world today, I guess.
kiv.atso
macrumors regular
Same here. But it would be good to have some kind of “advanced” mode which can only be enabled by certification and could be revoked if there’s malicious activity coming from the account. The rest should be locked down.
"Because of the large size of the iPhone user base and the sensitive data stored on their phones – photos, location data, health and financial information – allowing sideloading would spur a flood of new investment into attacks on the platform. Malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users, thereby expanding the set of weaponized exploits and attacks – often referred to as a "threat model" – that all users need to be safeguarded against. This increased risk of malware attacks puts all users at greater risk, even those who only download apps from the App Store."
This is the part many are missing. If Apple is forced to allow sideloading, it's only a matter of time before most of us are hacked. I'm in the Apple ecosystem because I want the walled garden. If anyone else doesn't want it, they should feel free to go to Android. If Apple loses this fight, I am very likely to stop using a smart phone.
This is the part many are missing. If Apple is forced to allow sideloading, it's only a matter of time before most of us are hacked. I'm in the Apple ecosystem because I want the walled garden. If anyone else doesn't want it, they should feel free to go to Android. If Apple loses this fight, I am very likely to stop using a smart phone.
Last edited:
It is in everyone’s best interest that side-loading be enabled. However, many of those interests will be exceptionally selfish in motivation (i.e. Epic wants to sell their own stuff on the device and give $0 to Apple, but Epic still wants Apple to be responsible for support and warranty. Another developer installs malware). And, yes, it will play out exactly as Apple stated. Clever social engineering will convince millions to unlock their phones for a variety of reasons: money, performance, “sticking it to apple”, utilities, system tweaks… you name it. After 12 months of unlock capability the hit-pieces from NY Times will start accusing Apple of not doing enough to educate users or protect them. Expect lots of anecdotes about emptied bank accounts, middle-aged single women who suddenly don’t know how they’re going to live, and the tech-savvy 20-year-old who “never thought it would happen to him.” We will be appalled that Apple didn’t want to unlock, then happy they were forced to unlock, and then disgusted that Apple allows bad actors to harm their (naive) customer base.
I foresee Apple allowing “unlocking” in the future, likely by legal force, but it will be recorded against your Apple ID and device ID. Expect lots of warnings and multiple “I agree” buttons. Certain warranty benefits may be forfeited while in an “unlocked” state (this would be specifically targeting devices bricked by bad/malicious software).
I wrote in another post that the mobile phone is now most people’s “personal computer”. Unfortunately for Apple, that is going to require some loss of control. Conceptually, I agree with Apple’s argument. I don’t expect perfection out of their App Store review process but it’s far better than Android. They’ve spent years polishing the entire ecosystem and establishing a brand and perceived value to their customers.
At end of the day they will have to offer side-loading or risk having it court-ordered, and the real risk is the requirements that might be attached to that order.
I foresee Apple allowing “unlocking” in the future, likely by legal force, but it will be recorded against your Apple ID and device ID. Expect lots of warnings and multiple “I agree” buttons. Certain warranty benefits may be forfeited while in an “unlocked” state (this would be specifically targeting devices bricked by bad/malicious software).
I wrote in another post that the mobile phone is now most people’s “personal computer”. Unfortunately for Apple, that is going to require some loss of control. Conceptually, I agree with Apple’s argument. I don’t expect perfection out of their App Store review process but it’s far better than Android. They’ve spent years polishing the entire ecosystem and establishing a brand and perceived value to their customers.
At end of the day they will have to offer side-loading or risk having it court-ordered, and the real risk is the requirements that might be attached to that order.
Last edited:
mrat93
macrumors 68020
My only way to not rage at this headline is to imagine it being said by a small child trying to convince their mom of something totally asinine.
But then I read the comments and people are actually buying it. I can’t help but think the people who say they want iOS more locked down are just trolling.
But then I read the comments and people are actually buying it. I can’t help but think the people who say they want iOS more locked down are just trolling.
69Mustang
macrumors 604
You completely missed the point of the post. Jailbreaking and rooting were mentioned as a niche choices. Just like sideloading would be a niche choice. Exactly what I said in the reply you're quoting.
Your anecdotes are silly. Trying to portray the iPhone user as a "helpless old" is pretty cheap theatrics. It's also embarrassingly insulting. The logic fail continues because these "don't know anything about computers" people wouldn't even know how to sideload. So in your fantasy scenario, they'd be protected by their ignorance.
Ironically, your post exposes you as somewhat tech ignorant. The leap in logic you took to associate sideloading with phishing scams is laughably wrong. Even more inaccurate is your scam paragraph. It's as if you gathered all the negative terminology you know, put it in a pile, and decided it would sound ominous to associate it with sideloading.
This poop: "So not everyone is going to fall for the classic Nigerian prince, but people that dont understand this stuff can easily fall for a fake National Lottery page, for example, which instructs you to download the application, switches and all. Bank details, direct debits, information stealing, ‘special offers’. Could be years before someone realised.What would you do if that was you Mom or Nan?"
↑↑ How exactly do you think this relates to sideloading?
Thats not true. Hackers are smart. If you allow sideloading, they will find a way to install something on your phone by clicking on a banner or similar. You know that an OS is secure when even the dumbest user cant get infected with a malware. That is what iOS is today. And it is not only rooting, the problem is also with adware, cookies and so much crap that can get into through the back door, if you build a back door. Even with the AppStore verification process in place, Apple is still struggling to keep user safe and numerous security updates are issued every year. The same apps that are available on the App Store are also available Google Marketplace so if you want sideloading go buy one of the hundreds other phone available in the store. If users were unhappy with the AppStore policy and Apple's approach towards installing apps, then iPhone sales wouldnt be hight. Dont you agree?
69Mustang
macrumors 604
Yeah, you could do all of those things. It would only be to your detriment though. Your negative activity would only result in your loss of users. This is social media age. Your activity would be known in short order and with the internet being the internet, you'd be summarily dismissed as a viable and reputable dev. So sure. You could abuse private API's in any way you want. No one could stop you from doing anything. Well, almost anything. They could, and would stop you from generating any revenue since no one would continue to use an abusive app. Yours is an example of punching yourself in the nads. It is not a cautionary tale against sideloading.
mrochester
macrumors 603
But how does this help developers, which is the whole point of epics legal battle and any proposed legislation?
You're correct on most points, but there is one other important issue that isn't talked about much, but should be, Apple's Complete & Total Stranglehold on App Discovery !
Apple has both a Duty & a Responsibility to promote & recommend the best apps, but they do NOT do that.
They cherry-pick the best apps that are best-aligned with their Business Goals.
Anything they want to Sherlock OR anything that poses ANY Business threat to them, is effectively squashed because "Apple has a Complete & Total Stranglehold on App Discovery".
Companies that have investors can usually get around Apple's control, but ALL others have major challenges.
Anyway, new apps, like "The App Discovery App," are absolutely needed !
69Mustang
macrumors 604
Sideloading doesn't allow hackers automatic access to your phone. So they couldn't install anything without you actively seeking to sideload an app. Users control the decision to sideload or not. It's a pretty safe bet that most users would keep doing what they do now, dl apps from the App Store. Sideloading would be a option, not a requirement.
Rogifan
macrumors Penryn
Seems to me this is intentional misdirection from Apple. Focus on side loading instead of IAP which is a bigger issue. Back in 2011 Phil Schiller was questioning whether the 70/30 split should last forever or once the App Store gets to a certain profitability they reduce the split to what’s needed to maintain that run rate. Schiller was right back then. It’s unfortunate that he either changed his position or someone else’s position (Cue, Cook) won the day.
9to5mac.com
App Store mess is a PR disaster Apple could've easily avoided - 9to5Mac
Apple is currently busy trying to extricate itself from an App Store mess. It's lobbying Congress, publishing white papers, and conducting ...
9to5mac.com
mrochester
macrumors 603
But how does this help developers who specifically seem to want to avoid the App Store and it’s fees?
Not automatically but it could.
69Mustang
macrumors 604
That's an entirely unrelated point. An answer for that question ↑↑ is not the same answer for the question of hackers and automatically accessing the phones.
69Mustang
macrumors 604
No it couldn't. Apple would not give anyone the ability to dl anything to your phone without your permission.
LordVic
Cancelled
Seems to me this is intentional misdirection from Apple. Focus on side loading instead of IAP which is a bigger issue. Back in 2011 Phil Schiller was questioning whether the 70/30 split should last forever or once the App Store gets to a certain profitability they reduce the split to what’s needed to maintain that run rate. Schiller was right back then. It’s unfortunate that he either changed his position or someone else’s position (Cue, Cook) won the day.
View attachment 1796847App Store mess is a PR disaster Apple could've easily avoided - 9to5Mac
Apple is currently busy trying to extricate itself from an App Store mess. It's lobbying Congress, publishing white papers, and conducting ...
Yes, it's intentional misdirection. Apple is loving the revenues/profits from their lock down to the store and aren't going to let that go willingly. No matter what was said by the executives previously.
Apple is very clearly a profit first company. Nobody should be surprised by this. Their entire decision making is around profit margins and scale. Not users or the vendors.
wanha
macrumors 68020
I'm all for Apple only allowing apps through the App Store.
BUT... this stance is in a fascinating contrast to Apple completely disallowing certain app categories (torrent clients, different video codecs, porn, gambling, etc).
It feels untenable that Apple both disallows the category and refuses to allow side loading.
BUT... this stance is in a fascinating contrast to Apple completely disallowing certain app categories (torrent clients, different video codecs, porn, gambling, etc).
It feels untenable that Apple both disallows the category and refuses to allow side loading.
I7guy
macrumors Westmere
Nobody is stopping anybody from access porn and gambling sites on IOS. To be honest, I never felt I was hampered by the lack of apps for the above on IOS. Are others hampered? Are there competing platforms that allow said apps and sideloading. Why does Apple have to be like Android?
Cormac_2004
macrumors newbie
According to Apple, allowing sideloading would put all iPhone users at risk, even if you only want to download apps from the App Store.
"Would allowing sideloading from websites and third-party app stores on iPhone threaten users who only download apps from the App Store?
Yes. By providing additional distribution channels, changing the threat model, and widening the universe of potential attacks, sideloading on iPhone would put all users at risk, even those who make a deliberate effort to protect themselves by only downloading apps through the App Store. Allowing sideloading would spur a flood of new investment into attacks on iPhone, incentivizing malicious actors to develop tools and expertise to attack iPhone device security at an unprecedented scale. Having developed expertise in ever more sophisticated attacks, malicious actors would use it to target third-party stores as well as the App Store, putting all users at greater risk. Additionally, even users who prefer
to only download apps from the App Store could be forced to download an app they need for work or for school from third-party stores if it is not made available on the App Store. Or they could be tricked into downloading apps from third- party app stores masquerading as the App Store." - Apple
LordVic
Cancelled
and right there" according to apple"
Apple has a bias in telling you this. You have to understand that bias.
Having the ability for ME to sideload doesn't impact YOUR security. Apple telling us otherwise is absolutely 100% bunk.
The harm is that more and more developers will choose sideloading in order to circumvent Apple’s rules and fees. Then as a customer I’ll be forced more and more to go out of the App Store for the apps I need. This will affect everybody.