thats the point. you have a choice. thats what everyone wants.
are all of the apps installed on your mac from the AppStore? funny how nobody wants to answer that question.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Says iOS is Safer Than Android Because Sideloading Apps Isn't Allowed
- Thread starter MacRumors
- Start date
- Sort by reaction score
thats the point. you have a choice. thats what everyone wants.
are all of the apps installed on your mac from the AppStore? funny how nobody wants to answer that question.
Why???IF Apple is forced to allow sideloading... is there some way Apple could limit them to make them almost useless?
For instance... yes you can download an app from some source outside the App Store. But it will be super-sandboxed and not have access to GPS/Location Services, or ApplePay, or any other nifty useful capability.
Apple could make it to where the only apps that can be sideloaded are brochure apps for museums. Not games, Uber, etc.
I only ask because I'm sure Apple won't be too thrilled about letting unchecked and unverified software onto the iPhone.
Yes... scam apps exist in the App Store... and that's with App Review. Sometimes bad apps sneak through.
So imagine the kind of apps that can be downloaded from some random website with no review?
It could be the next addictive Candy Crush game that is only available form the developer's website... that harvests your contacts and starts spamming everyone. For example.
I'm hoping that Apple will sandbox the hell out of those apps. If they are forced to allow them.
see my posts above.
Both of my children have automatic iOS updates enabled, and yet as of 2 days ago, they still had 14.7.1 installed, and were vulnerable to the "zero click" messaging hack. Both of them have been receiving multiple, unrecognized group chats with suspicious links in them. On my daughter MacBook, the messages app was pegging her CPU. When I checked, it had racked up 10 hours of CPU use.
Sorry, but they don't get to play the security card.
Sorry, but they don't get to play the security card.
You're gonna have to point me to the correct post.
Because I see that you've posted multiple times about some app... and it's starting to look like you're spamming the forum.
You will probably be moderated.
So, you agree that it’s the user, not the system, right? You should improve the tech literacy of your daughter. Teach her cyber security, programming, and software engineering.
Any of them. About the app argument.
It‘s difficult to glue you guys together in a single post after the fact on mobile.
If you guys know, let me know.
Many care about what's good for Apple. Apple is a religion to them.
Attachments
Technically yes, but it's not officially supported by Apple. There are two ways go to about it (apart from jailbreaking, which itself requires either a computer, sideloading an app, or both):
- Use your own Apple ID to sideload apps using your computer (using Xcode, AltStore, or other tools). This has two limitations: at most 3 sideloaded apps can be installed per device, and they expire in 7 days and must be refreshed or reinstalled after that. (If you pay $99/year for the Apple Developer program these limitations are removed and apps are valid for 365 days, but nobody is going to pay that much just to sideload.)
Technically this method is meant for testing apps you have developed yourself, but Apple doesn't really bother trying to stop people from doing this as the 7-day expiry already makes it inconvenient enough, and you cannot distribute apps to others this way. - Use one of those websites that use enterprise certificates to distribute apps. This is obviously a violation of the Apple Enterprise Developer Program's terms, therefore Apple will quickly revoke the certificate and stop the apps from working as soon as they notice, so it's a cat and mouse game.
Last edited:
Apple does check that those apps do not use private APIs that could potentially pose a risk as they cited.
Imagine an app that steals your personal information without you even inputting anything because it’s able to scan your contacts without going through the public API that forces a prompt to appear before allowing access.
Apps would be able to make direct use of system functionality bypassing the restrictions of the public API flow. Literally every setting for privacy would essentially become pointless.
I think users or the companies/schools managing the devices should be given the choose to enable or disable sideloading.
It would be even more secure if Apple doesn’t allow 3rd party apps on iOS. Just like iOS 1
I don't think all this would be the big issue it is if Apple wasn't so darn greedy with the huge cut it takes from it's App Store sales. Similar to it's iWork apps, they should (in part) view the App Store as an enabler for selling more of it's hardware. I'm certainly not saying everything in the App Store should be free, but they should reduce their cut to something much more reasonable and if there are some very successful developers then they should be allowed to make their multi-millions with less AppleTax.
They all came from the Mac app store with the exception of Firefox, so yes, I have one.
I would prefer if all Mac apps were forced to have a presence in the Apple app store so that I can have the choice to use their payment system. Every single day you hear "X business was hacked", "Y business was hacked" and names, credit card numbers and other information was compromised. I am not saying Apple can't be hacked but it is far less likely than it happening to some random dev with a homegrown payment system. Add to this the number of devs that are flat out spying and selling user information... at least with the App store approval process and reviews there is a greater chance that scam and spy apps will be found out or reported.
My question is why do people feel entitled to bending Apple's ecosystem to their will? If you want the freedom to sideload, buy an Android, if you want Apple's walled garden, buy an iPhone. Its really as simple as that! Choice exists, vote with your wallet. If all the sideloading fans leave for Android then Apple will be forced to adjust to a changing market, my guess is that all of 4 people will leave.
Last edited:
iOS safety has been compromised for a while by the infamous Pegasus, so side-loading apps is just a part of the overall picture. I still trust iOS and macOS more than Android and Windows, but I am not sure for how much longer Apple can pay this “safety” card.
Kind of a BS statement.
A) it is Opt-IN on Android. No one forces you to sideload
B) Android actually does not recommend it either. On some devices you have to enable it with some secret gesture to enable hidden developer settings
C) there is yet another warning before enabling it
D) PlayStore / Samsung Store also has a safety scan of any app downloaded
E) It is your own risk. Just like on macOS
but of course Apple wants their share
A) it is Opt-IN on Android. No one forces you to sideload
B) Android actually does not recommend it either. On some devices you have to enable it with some secret gesture to enable hidden developer settings
C) there is yet another warning before enabling it
D) PlayStore / Samsung Store also has a safety scan of any app downloaded
E) It is your own risk. Just like on macOS
but of course Apple wants their share
Nothing to see here.
Side loading is already allowed and encouraged. All you need is complete source code, Xcode, an Xcode project file, and a developer enrollment, and you can sideload any app on your own iOS device. No app approval required.
If you don’t mind re-signing your apps weekly, you don’t even need the $99/annum developer enrollment. Just an Apple ID.
Just write your own code (or download source from github) and side load.
Side loading is already allowed and encouraged. All you need is complete source code, Xcode, an Xcode project file, and a developer enrollment, and you can sideload any app on your own iOS device. No app approval required.
If you don’t mind re-signing your apps weekly, you don’t even need the $99/annum developer enrollment. Just an Apple ID.
Just write your own code (or download source from github) and side load.
Always. There is a reason the smart suffer for the stupid every day. We have to live with captchas, 2FAs, calls/texts before login, etc.
I think this argument is not related to security and Apple didn’t make your argument. It‘s about user choice. iOS users should have as much control over the iPhone as Mac users. It‘s up to the user to decide if they want to use an adblocker or select a different YouTube app. It’s not Apple‘s job to moderate.
VPN apps and many games are blocked in places like China. It’s the users right to side load those VPN apps directly from provider websites. Without sideloading, users in China cannot use VPN apps on their iPhone, and have to use resbarryPi or other router based methods.
Generally it might work out that way in practice, but it is not a logical implication. For example, if the approved apps have some security issues, sideloading could actually improve security. Like, say, some country forces Apple to only approve messenger apps that allow the state to listen in, then sideloading would allow users to install more secure alternatives.
Apple definitely does not encourage you to do this for apps you didn't develop yourself. It's meant for testing before publishing to App Store/TestFlight, or private in-house distribution within companies. They don't exactly try to stop it either (tools like iOS App Signer and AltStore even allow sideloading of IPAs without source code), but the 7-day expiry is a pretty severe limitation, also you are only allowed to have 3 sideloaded apps per device with the free account. (AltStore can refresh your apps seamlessly in the background if you're near a computer at least once a week, but then you're left with only 2 actual apps that you can sideload.)
The apps are still signed though. Developers have to get certificates to distribute their app, just like they do for iOS. There is a way to bypass that and load unsigned apps /. system extensions but I doubt the people who want sideloading would know about those methods.