Apple Says iOS is Safer Than Android Because Sideloading Apps Isn't Allowed

[Skyscraperfan]

It is your phone and therefore your should have the power to decide which apps are installed on it. Imagine a TV manufacturer disallowing people to watch a TV channel that is not on their list of "safe" TV channels. Or a car manufacturer that does not allow the customer to drive anywhere he wants.

Besides that the ability to load apps from other sources is necessary to load older versions that often are better. Instagram is a good example. Since last year Instagram spams the news feed of people with posts from accounts they do not follow. That makes all versions since then pretty unusable. As I have an Android phone, I was able to delete Instagram and install an older version that still works fine and does not spam my news feed.

Another thing is the censorship of Apple. I live in Germany and here nudity is nothing special. Noone would complain about nipples. However a German newspaper who had female nipples on their front page every day for decades also had them in their app of course, but then Apple threatened to ban that app from the App Store because of the nipples. So some cojnservative Apple Taliban from Silicon Valley forces his middle age moral standards about nudity on German iPhone owners. That should not be possible. If you paid for that phone, you should be able to see as many nipples as you want.

Apple also deleted some apps that made fun of Jesus, which also is not a problem here in Europe except maybe Poland. Who wants a phone without apps that make fun of Jesus?

I would even go a step further: Apple should allow people to install Android or any other OS if they really want.

I hope the EU will also force Apple to make the battery easily replaceble again.

 

[0924487]

They all came from the Mac app store with the exception of Firefox, so yes, I have one.

I would prefer if all Mac apps were forced to have a presence in the Apple app store so that I can have the choice to use their payment system. Every single day you hear "X business was hacked", "Y business was hacked" and names, credit card numbers and other information was compromised. I am not saying Apple can't be hacked but it is far less likely than it happening to some random dev with a homegrown payment system. Add to this the number of devs that are flat out spying and selling user information... at least with the App store approval process and reviews there is a greater chance that scam and spy apps will be found out or reported.

My question is why do people feel entitled to bending Apple's ecosystem to their will? If you want the freedom to sideload, buy an Android, if you want Apple's walled garden, buy an iPhone. Its really as simple as that! Choice exists, vote with your wallet. If all the sideloading fans leave for Android then Apple will be forced to adjust to a changing market, my guess is that all of 4 people will leave.

I think when everyone has a choice, developers should have choices too. It’s up to Apple, Google, Amazon, Huawei, etc., to make those storefronts as attractive as possible. Huawei pays subsidies to developers, and Apple charges bank.

 

[saudor]

I'm skeptical of Apple's claims.

The Macintosh is wide open: we can side load, we can write our own kexts, we can use alternative boot loaders, and yet the Mac is pretty secure. So I'm not buying it. I am on the side of giving users choice. No one has to use an alternative App Store if they don't want to.

And regarding some apps for school not being available on the main App Store and thus possibly resulting in security risks, why couldn't the school(s) ensure a secure website for users to download the app onto the phone? Just like what happens on the Macintosh? One could argue that with Apple's current policies, certain legitimate apps are unavailable because Apple didn't want to allow them onto the App Store (e.g., Wifi Explorer).

I think some of that deals with the fact that no one uses macs (compared to windows) so it’s less of a target. Why waste development resources on 5% market share? On iOS, its massive share makes it quite the juicy target. The average joe (not macrumors users) is pretty stupid and many of them needs to constantly hold apple‘s hand or they start crying immediately.

That being said, I still think apple needs to loosen up. Even with iOS downgrades, if we’re messing with SEP, blobs, apnonce, etc, we obviously know what we’re getting into. Just let us downgrade sheesh. Just make the barrier high enough that the average joe can’t get to it randomly but the rest of us who know what we’re doing still can.

 

[twintin]

Well, considering many of the Android malware that has plagued the platform in the past wasn't sideloaded at all, but directly from the Google Play Store...so not sure sideloading is the main problem here. Certainly a vector, but not the main one.

Maybe not, but sideloading does not make that situation any better. That's for sure.

 

[0924487]

It is your phone and therefore your should have the power to decide which apps are installed on it. Imagine a TV manufacturer disallowing people to watch a TV channel that is not on their list of "safe" TV channels. Or a car manufacturer that does not allow the customer to drive anywhere he wants.

Besides that the ability to load apps from other sources is necessary to load older versions that often are better. Instagram is a good example. Sinve last year Instagram spams the news feed of people with posts from accounts they do not follow. That makes all versions since then pretty unusable. As I have an Android phone, I was able to delete Instagram and install an older version that still works fine and does not spam my news feed.

Another thing is the censorship of Apple. I live in Germany and here nudity is nothing special. Noone would complain about nipples. However a German newspaper who had female nipples on their front page every day for decades also had them in their app of course, but then Apple threatened to ban that app from the App Store because of the nipples. So some cojnservative Apple Taliban from Silicon Valley forces his middle age moral standards about nudity on German iPhone owners. That should not be possible. If you paid for that phone, you should be able to see as many nipples as you want.

Apple also deleted some apps that made fun of Jesus, which also is not a problem here in Europe except maybe Poland. Who wants a phone without apps that make fun of Jesus?

I would even go a step further: Apple should allow people to install Android or any other OS if they really want.

I hope the EU will also force Apple to make the battery easily replaceble again.

Exactly my point!

also lol on “If you paid for that phone, you should be able to see as many nipples as you want.” 🤣

Apple does a lot of American style censorships as well as local censorships, which can easily be circumvented if sideloading is allowed. Just like chrome store or Android.

 

[silicon_chip]

Technically yes, but it's not officially supported by Apple. There are two ways go to about it (apart from jailbreaking, which itself requires either a computer, sideloading an app, or both):

• Use your own Apple ID to sideload apps using your computer (using Xcode, AltStore, or other tools). This has two limitations: at most 3 sideloaded apps can be installed per device, and they expire in 7 days and must be refreshed or reinstalled after that. (If you pay $99/year for the Apple Developer program these limitations are removed and apps are valid for 365 days, but nobody is going to pay that much just to sideload.)
  
  Technically this method is meant for testing apps you have developed yourself, but Apple doesn't really bother trying to stop people from doing this as the 7-day expiry already makes it inconvenient enough, and you cannot distribute apps to others this way.
• Use one of those websites that use enterprise certificates to distribute apps. This is obviously a violation of the Apple Enterprise Developer Program's terms, therefore Apple will quickly revoke the certificate and stop the apps from working as soon as they notice, so it's a cat and mouse game.

IMO, they could at the very least allow sideloading via a computer with an extended expiry time. It could be opt-in and require a computer to reduce the risks slightly. But some people would still not be satisfied with that as apparently people who have an expensive iPhone but not a computer still exist in 2021.

Those enterprise apps would literally fit the purpose of people arguing here that companies should be able to sideload apps. That’s already what they do.

 

[firewood]

Apple definitely does not encourage you to do this for apps you didn't develop yourself. It's meant for testing before publishing to App Store/TestFlight, or private in-house distribution …

It’s also meant for education, learning to code in Swift, the popular Stanford online iOS programming course, code camps for girls, and etc. All of which Apple occasionally advertises.

 

[icanhazmac]

I think when everyone has a choice, developers should have choices too.

Devs have choices! If they want access to Apple's Eco system, play by the rules. If they want access to the wild, wild, west, then they can develop for Android. Its really that simple. Same as game devs that develop for Xbox or Playstation, they have choice and they made theirs.

Huawei pays subsidies to developers, and Apple charges bank.

Huawei is little more than an arm of the Chinese Communist Party so I'll take Apple any day.

 

[Saebah]

"[...] Apple added that some proposed sideloading legislation would also mandate removing protections against third-party access to proprietary hardware elements and non-public operating system functions, resulting in security and privacy risks for users."

Reading this let me understand that Apple team knows they will have to allow third-party stores to propose and promote apps for iPhones. They know it and they already know how they will deal with it. And I'm pretty sure Devs and users wanting "freedom" on iPhone will be upset as it won't meet their expectations.

First, all apps which would not be "screened" by Apple won't have any access to useful functions of the phone. This is what they told to EU people. This is fair and nobody can force them to do otherwise.
Second, they will propose "Screening" Fees for apps wanting to be AppleTrust Certified (that's a good name I think^^). If Apps is certified then you will be allowed to mentioned it and more important, you will have access to all functionalities of the iPhone and iOS. BUT those fees will be significant and you will have to pay for each update you will make or will have to make (to cope with iOS update).
And Third, if, as a devs, you don't want to pay fees but want to be AppleTrust Certified, then you will have to possibility to subscribe to an AppStore program and, you will then be on AppStore and Certified. Obviously, even if you could get your apps to be on different Side-Stores, you won't be allowed to mention they are Certified. In that case, you would probably pay 15%~30% fees that devs currently pay.

At the end, AppleTrust will probably be an "independent" company yet a subsidiary of Apple but, legally independent to prevent anyone to claim that Apple kills the competition by refusing to certify apps.

For us users, we will see many new stores popping up, but price difference won't be significant or at least, not significant enough to take a risk getting their software outside the AppStore. And for those who enjoy side-loading they will be probably upset as uncertified apps will be somewhat "crippled" in regards of their expectations.

The AppStore scenario is the simplest solution for Apple and they do it well, but experience shows that when you force someone to do differently for your own advantage (here the devs), it never meets your expectations and often, this situation becomes even worse for you. And I do believe that many smart people work at Apple, which explain why they're so successful, so I'm convinced they anticipated the situation long time ago and, they already know what they will implement. What they will do in South Korea will give us a good idea of what they prepare for the rest of the world.

 

[0924487]

Will we hear Google's rebuttal that Android is actually safer because of sideloading?

It’s all about the skill level of the user, really.

 

[icanhazmac]

Imagine a TV manufacturer disallowing people to watch a TV channel that is not on their list of "safe" TV channels.

Any TV manufacturer has the freedom to test those waters, the market will decide if it is needed/wanted. To your point I don't think there will be many takers but the freedom of choice is there.

A more relevant example, should Sony be forced to allow LG software to run natively on their TVs? No, one buys a TV after choosing the best panel and software offerings. No one buys an LG and then sues them because they cannot sideload Sony's software on it.

My point is that Apple has created an Eco system that many users appreciate and don't want disrupted by the few that want their cake and to eat it too.

 

[silicon_chip]

Generally it might work out that way in practice, but it is not a logical implication. For example, if the approved apps have some security issues, sideloading could actually improve security. Like, say, some country forces Apple to only approve messenger apps that allow the state to listen in, then sideloading would allow users to install more secure alternatives.

Sideloading would not prevent private API usage which is your biggest threat. Nation-states could sideload apps that bypass Apple and OS rules and allow them to listen in and have access to the entirety of the phone contents.

 

[ArtOfWarfare]

Well there’s no arguing with that

There actually is - Apple is cherry picking data here, picking one very different OS and saying that this one particular difference among thousands is the reason for the different amount of malware.

I think a much better comparison that Apple should make is the prevalence of malware on Macs with Gatekeeper enabled vs disabled. If Apple permitted Gatekeeper to be disabled on iOS, the same as they already do on macOS, I think all of the controversy would end pretty quickly.

I'd imagine a surge of people dropping thousands of dollars on new iPhones would probably easily make up for a small drop in usage of the App Store.

It's become bizarre how Apple is so willing to shoot themselves in the foot and reduce hardware sales (where their money is made) just so they can prop up the App Store. I guess it's to give an illusion to investors that they're diversified, when really, Apple is 100% the iPhone - none of the services can live without the iPhone.

 

[holisticrunner]

a better word would be disingenious..

you assume that Apple is "checking" all of the functionalities of all apps in the AppStore which is naive.

numerous shadow and scam apps exist in the AppStore.

Nobody is going to be worried about sideloading apps from known devs.

Then you've never heard of scams where scammers make their apps look exactly like the known devs hoping that careless users mistaken the malicious apps for legit apps.

Everyone should be worried about sideloading apps.

To say buyers beware is asinine BTW.

 

[silicon_chip]

Always. There is a reason the smart suffer for the stupid every day. We have to live with captchas, 2FAs, calls/texts before login, etc.

None of that has to do with being “smart” or not. Even in a “smart” society you would still need security and those would still have a place.

 

[vipergts2207]

Excited for this legislation. It would be nice to go back to the days of being Apple’s customer again, rather than Apple’s product. Funny how that criticism is blindly leveled at Google and Facebook while Apple is ignored.

 

[MJaP]

Apple's Master Plan:

1) Prevent installation of programs on Macs unless they come from the App Store.
2) Stage yearly Parades of Strength where their technology might is shown off to the world.
3) Silence dissenting voices by deleting forum comments, and later email and accounts citing "violating terms of service".
4) Block websites that spread anti-Apple "propaganda" criticizing Apple and their regeme, err, I mean ecosystem.
5) Rename themselves the People's Republic of Apple and claim all the restrictions are to protect their people.

 

[uller6]

It’s trivial for developers to make HTML5 websites that can be added to the iPhone Home Screen, but no one seems to be interested in this route. Why the need for native apps?

 

[k1121j]

Apple isn’t wrong

 

[kemal]

What percentage will sideloaded apps pay back to Apple?

 

[laptech]

Well of course there is going to be more malware on Android because Android is the most used mobile OS with approx 72% marketshare (https://gs.statcounter.com/os-market-share/mobile/worldwide). Apple only has approx. 26% marketshare. Microsoft Windows suffers the same problem. It is the dominant computer OS and thus has more malware than Apple OS does.

If a hacker/criminal wants to cause the most trouble, they are going to target the dominant players in the market because that is where the most damage is going to be done.

I am sure if the figures were adjusted so that Androids marketshare matched that of Apples and then the security studies were run again, the results would turn out nearly identical for both.

 

[djphat2000]

Nobody is going to be worried about sideloading apps from known devs.

a better word would be disingenious..

 

[bobenhaus]

Has nothing to do with sideloading if you have 1/2 a brain and just don't install anything. Its the person who owns the phone responsibly. Can have the nanny mentality and expect a safety net.

 

[bobenhaus]

Well, considering many of the Android malware that has plagued the platform in the past wasn't sideloaded at all, but directly from the Google Play Store...so not sure sideloading is the main problem here. Certainly a vector, but not the main one.

Can you prove it. I've had an Android phone since day one and never get any malware or virus from the Playstore.

 

[djphat2000]

I guess it's technically true, but how many people are sideloading apps? I'm big into tech and I don't think I sideloaded an app since I had a Droid X in like 2009 or so.

It's not that you do or not. If it's made into law, you and everyone else WILL have to deal with this. You can't not have the side loading ability if the phone/iOS can do it. It's there if you want it or not, use it or not. We are all affected by this.

This system is trying to give the consumer choice. But in fact they are taking away my choice. I can't "not" (double negative) have side loading's vulnerabilities affect me.