Apple Working to Add Support for Sideloading and Alternate App Stores in Europe

[Unami]

Why do people think this will be so different from macs? You want to install some software that's not signed? Sure, allow it in settings and you're good to go. You only trust the app store? Fine, leave your security settings as they are and only download software from there. It might be a little limited, because it's sandboxed, but if you don't care or notice or even embrace the security that tradeoff gives you - all the better.

I've never met someone who bricked his mac because of bad software and all people I know who were victims of data or identity theft got their google or facebook passwords stolen or were on windows, installing trojans by themselves. If you actively decide against a wall, but then also pull wooden horses onto your lawn, it's your own fault imho.

Also, apple will have to step up it's security game as iphones are more popular targets than those 6% of mac users. (And macs are notoriously the first ones that get cracked in hacking contests - they are just more secure because they are more obscure).

So, your iphone will become more versatile - if you want to - some apps will become cheaper and iOS will be more secure and transparent. Some people will want to install pirated software, lower their security settings without accepting the risks and eventually catch malware. Still, imho the pros far outweigh the cons here.

 

[Athonline]

Now you're the one being silly. This is being pushed by corporate lobbyists. The self important people who read the articles written about it and comment on it are not the ones influencing anything.

Sorry, but this is incorrect.

When the EC initiates the discussions for an act, there are a number of 'voices' heard:
1. The EuroBarometer usually provides an 'everyday citizen's view' into topics and is, often, the first alarm to the EC that this is a topic to investigate.
2. For completely new high-level topics, the Commission establishes High-Level Expert Groups to initiate discussions and recommendations. These groups contain field experts from academia, industry, and the public sector.
3. The Joint Research Centre produces technical reports by connecting policy to academic research.
4. Consortiums on Horizon2020 and HorizonEurope projects on relevant projects are consulted for quantitative analysis.
5. A qualitative pilot study takes place across member states.
6. CENELAC is also consulted as they may have related standards already published or in works.

After the initiation and first draft, there are a number of consultations:
1. A public consultation takes place - anyone can provide input as individuals or representatives of legal persons.
2. Member states provide input through their permanent representatives at the EC.
3. The responsible Directorate-General, e.g. DG-Connect, is responsible for organising further consultations with key stakeholders from both academia and industry; they often form 'task forces.'

Only after the final draft is done, it goes for formal debate in the European Council and Parliament. The European Parliament goes through at least 2 readings. Member states often bring experts, e.g. local standardization bodies, academia, and industry, for in-house consultations during the Council voting. The Parliament also reaches out.

As an academic, I provided input at most of the above steps to one degree or another. I did not for the Digital Services Act, but I can confidently tell you that voices are heard—even of the public—having seen the 'insides' of the eurobureaucracy.

 

[4743913]

Apple is gonna make back that 30% somehow, someway. They aren't doing this because they are alturistic.

I enjoy denying Apple their 30%.. I don't buy iOS apps nor Mac AppStore apps anymore. All of my subs are paid directly to the dev (TextExpander, Fantastical, 1Password, Adobe). I don't have a problem paying apple for the service they provide like storage and music, but they won't be skimming off the top for other things.

 

[mzeb]

nope nope nope. if your app is not in the apple app store i will not be using it

This is still good news for you. Additional app stores create competition for Apple. This means that apple might lower their fees which will in part get passed on to you.

 

[mzeb]

People who are asking for sideloading have no idea how bad it's going to ruin the UX

"but you don't have to sideload"

yeah until microsoft, google, activision, epic, adobe create their stores and make their apps/games exclusive

then you'll have to install a bunch of apps running 20 auto updater/notification services in the background sucking up all the battery

"but android allowed sideloading and that hasn't happened yet"

yeah because iOS is where the money is. once iOS does it, it'll happen

You make it sound like the end consumer no longer has a choice. Pages and Keynote will always be on Apple’s store. I use them because MS is already breaking iOS UI guidelines. The consumer will ditch crappy software over time. And the consumer can force these issues.

 

[Abazigal]

I suspect the people expecting to be able to freely download apps from 3rd party sources at no extra cost will be disappointed. It's probably not going to be the free-for-all model we see on Android (or even on the PC). If people think Apple is going to just throw the gates wide open, they are sorely mistaken.

Rather than rub your hands in glee about how Apple will presumably “suffer” because of this (they won’t), it will probably be more meaningful to think about how Apple will implement all this in a manner such that they still continue to come out on top. One scenario that comes to mind is their implementation of third party keyboards with iOS 8. On paper, it sounded like a win for functionality, but said feature was hamstrung right from the get go due to ram limitations and a rather scary warning prompt.

There’s also the question of how Apple will monetise this (I doubt Apple will willingly do all this extra legwork for free).

In short, there are still a lot of details we don’t know, so I wouldn’t rejoice too early.

 

[Lounge vibes 05]

Signed apps from outside of the App Store is a good thing, but they should also add an option buried even deeper to run unsigned apps... just like on macOS.

Overnight, they would remove almost any reason to want to jailbreak an iOS device.

Not entirely sure if that’s true, from what I’ve heard the majority of people who jailbreak do it to have absolute full control over the operating system.
You can change the lock screen to do whatever you want, the home screen, the system Sounds, pretty much everything.
Sideloading just means you can put different apps on your home screen from outside of the App Store, it doesn’t mean that you can break into the system files and change everything like JB allows you to do

 

[Unami]

What do you mean? If you do nothing but use Apple’s App Store how are you at risk?

By malware? Obviously, apple can't prevent every piece of malware and there have been some cases of malicious apps in the app store (let alone fraudulent apps or scams that posed as other apps and were even featured in apple's top lists). One might argue, by pretending this doesn't exist, apple lures its users into a false sense of security. I wouldn't, because iOS is still relatively secure compared to Windows. Android seems to be pretty secure as well but is obviously a bigger target because of its various versions, slow acceptance of updates and 2 1/2 times the market share of iOS. Still, despite all this, malware doesn't seem to be a big problem on android, so why should it become one on iOS, unless apple f***s it up?

 

[Blowback]

Apple is planning to allow for alternate app stores on iPhones and iPads ahead of European legislation that will require the company to support sideloading, reports Bloomberg.

The change would allow customers to download apps without needing to use the App Store, which would mean developers would not need to pay Apple's 15 to 30 percent fees, but to start with, Apple is only planning to implement sideloading support in Europe.

If other countries introduce similar legislation, alternate app stores could expand beyond the European Union. The United States, for example, is considering legislation that would require Apple to allow sideloading. Apple has claimed that sideloading will "undermine the privacy and security protections" that iPhone users rely on, leaving people vulnerable to malware, scams, data tracking, and other issues.

The European Union's Digital Markets Act that went into effect on November 1 requires "gatekeeper" companies to open up their services and platforms to other companies and developers. The DMA will have a major impact on Apple's platforms, and it could result in Apple making major changes to the App Store, Messages, FaceTime, Siri, and more. Apple has until March 6, 2024 to comply with the EU's rules.

According to Bloomberg, Apple's software engineering and services employees are working to open up "key elements of Apple's platforms," with Apple using a "significant amount of resources" for the change. Apple is planning for the functionality to be ready for iOS 17 in 2023, which would put it ahead of the deadline. There is a danger that these drastic updates could impact work on new features slated for iOS 17, some employees told Bloomberg.

To protect users from the aforementioned risks of sideloading, Apple is considering implementing security requirements such as verification, a process that it could charge a fee for in lieu of collecting money from app sales. Apple has a verification system on Mac that allows users to be safe while giving them access to apps outside of the Mac App Store.

Apple could open up underlying app frameworks and APIs to third-party app developers, providing deeper access to core system functions and hardware. Third-party apps could in the future get access to camera technologies not available now, and Apple is working to open up NFC in a limited way that could allow for Apple Pay alternatives. Apple is also considering further opening up the Find My network to accessory makers like Tile. As of now, Apple lets third-party device makers create Find My accessories, but there is a requirement that prevents them from working with non-Find My apps and services.

There is an aspect of the Digital Markets Act that would require Apple to allow developers to install third-party payment systems within their apps, and Apple has not yet "made a final decision" on whether it will comply with the rule. Apple is also undecided on how the Messages app might be made available to third-party services, as the DMA requires interoperability between messaging platforms.

Apple has to comply with the Digital Markets Act because the European Union can fine a company as much as 20 percent of its global revenue if the laws are violated. If Apple does not implement the changes, fines could be as high as $80 billion.

In addition to resulting in major changes to the App Store and other Apple services, European legislation is also pushing Apple to adopt USB-C across all of its devices, a change that will be made in 2023.

Article Link: Apple Working to Add Support for Sideloading and Alternate App Stores in Europe

Perfect. And when you download that malware/ virus....and go to Apple for help.....they , rightly so, can laugh in your face! After the first sings of 'hellfire' from users....this will die a quick death and have no-one at its funeral. Watch...

 

[Blowback]

Apple is planning to allow for alternate app stores on iPhones and iPads ahead of European legislation that will require the company to support sideloading, reports Bloomberg.

The change would allow customers to download apps without needing to use the App Store, which would mean developers would not need to pay Apple's 15 to 30 percent fees, but to start with, Apple is only planning to implement sideloading support in Europe.

If other countries introduce similar legislation, alternate app stores could expand beyond the European Union. The United States, for example, is considering legislation that would require Apple to allow sideloading. Apple has claimed that sideloading will "undermine the privacy and security protections" that iPhone users rely on, leaving people vulnerable to malware, scams, data tracking, and other issues.

The European Union's Digital Markets Act that went into effect on November 1 requires "gatekeeper" companies to open up their services and platforms to other companies and developers. The DMA will have a major impact on Apple's platforms, and it could result in Apple making major changes to the App Store, Messages, FaceTime, Siri, and more. Apple has until March 6, 2024 to comply with the EU's rules.

According to Bloomberg, Apple's software engineering and services employees are working to open up "key elements of Apple's platforms," with Apple using a "significant amount of resources" for the change. Apple is planning for the functionality to be ready for iOS 17 in 2023, which would put it ahead of the deadline. There is a danger that these drastic updates could impact work on new features slated for iOS 17, some employees told Bloomberg.

To protect users from the aforementioned risks of sideloading, Apple is considering implementing security requirements such as verification, a process that it could charge a fee for in lieu of collecting money from app sales. Apple has a verification system on Mac that allows users to be safe while giving them access to apps outside of the Mac App Store.

Apple could open up underlying app frameworks and APIs to third-party app developers, providing deeper access to core system functions and hardware. Third-party apps could in the future get access to camera technologies not available now, and Apple is working to open up NFC in a limited way that could allow for Apple Pay alternatives. Apple is also considering further opening up the Find My network to accessory makers like Tile. As of now, Apple lets third-party device makers create Find My accessories, but there is a requirement that prevents them from working with non-Find My apps and services.

There is an aspect of the Digital Markets Act that would require Apple to allow developers to install third-party payment systems within their apps, and Apple has not yet "made a final decision" on whether it will comply with the rule. Apple is also undecided on how the Messages app might be made available to third-party services, as the DMA requires interoperability between messaging platforms.

Apple has to comply with the Digital Markets Act because the European Union can fine a company as much as 20 percent of its global revenue if the laws are violated. If Apple does not implement the changes, fines could be as high as $80 billion.

In addition to resulting in major changes to the App Store and other Apple services, European legislation is also pushing Apple to adopt USB-C across all of its devices, a change that will be made in 2023.

Article Link: Apple Working to Add Support for Sideloading and Alternate App Stores in Europe

'Outside' Apple app stores...Yes, you can go into Apple to use the ATM....or use the ATM 'around the corner and out back, in that dimly lit area, where those 'guys' always hang out'....Good Luck! This is going to be funny!

 

[sashavegas]

I hope Little Snitch will develop their famous firewall for iPhone ASAP

 

[theotherphil]

Piracy is rampant on Android hence why most apps are ad supported. I really don't want ads and I am happy to pay for an ad free experience. However:

According to Android Authority, approx 90% of apps were pirated with only 10% being actually purchased

Dead Trigger, a mobile game that debuted with a $0.99 price tag on both Android and iOS. After being hit by such an unbelievably high piracy rate, the developers had no choice but to make the Android version free.

A Slashgear report showed Android apps had a 95% piracy rate vs iOS at 5%.

Today Calendar Pro app – 85% of its downloads are pirated. Yes, you read that right 85%. Meaning, only 15% are paid downloads (source: androidpolice.com).

Towelfight 2 game – This game app has been pirated no fewer than 34,091, while on iOS it stands at 2,438.

Gentleman – 144 paid installs while 50,030 copies were pirated within three weeks of its release in 2013 (source: gamasutra.com).

95% of app users hunt Android Apps for pirated copies and stolen Android software practically outnumbers iOS counterparts by 14:1.

Because of the high piracy rates of Android apps, devs choose iOS over Android stores while launching their apps.

"Google has provided us a platform the makes it very easy for others to steal your Intellectual property. In fact, it is so easy, most of the theft is now automated. It is a bitter pill to swallow, and until Google does something about it, it will continue to happen." -- Android Dev


This is going to be a world of hurt for both Devs and users. I have my parents and non-tech savvy friends on iOS for a reason....it's really hard to be hit with malware. Now, they'll likely be targeted by phishing scams designed to get them to install the latest "virus checker" which is actually a RAT.

 

[Mrkevinfinnerty]

I suspect the people expecting to be able to freely download apps from 3rd party sources at no extra cost will be disappointed. It's probably not going to be the free-for-all model we see on Android (or even on the PC). If people think Apple is going to just throw the gates wide open, they are sorely mistaken.

Rather than rub your hands in glee about how Apple will presumably “suffer” because of this (they won’t), it will probably be more meaningful to think about how Apple will implement all this in a manner such that they still continue to come out on top. One scenario that comes to mind is their implementation of third party keyboards with iOS 8. On paper, it sounded like a win for functionality, but said feature was hamstrung right from the get go due to ram limitations and a rather scary warning prompt.

There’s also the question of how Apple will monetise this (I doubt Apple will willingly do all this extra legwork for free).

In short, there are still a lot of details we don’t know, so I wouldn’t rejoice too early.

The legislation would preclude them from monetising as that would favour Apples services and that is prohibited in the DMA

 

[citysnaps]

Looking forward to all the epic whines from owners when their phone/security/privacy are compromised after side loading a malicious app.

You're on your own. Have fun!

 

[tubular]

Apple threatening to ban twitter

Uh, they never threatened to ban Twitter.

 

[SanderEvers]

That's the great thing about choice. You can continue to do that.

Except when developers take their Apps out of the App Store and I can't use them anymore without installing their "App Store". Which is very similar to what Epic Games does on Windows!

 

[Mrkevinfinnerty]

Looking forward to all the epic whines from owners when their phone/security/privacy are compromised after side loading a malicious app.

You're on your own. Have fun!

We will.

 

[klasma]

Nice! I don't know If I'm tripping or not but Sideloading reminds me of Jailbreaking your iPhone. It's basically the same concept. Am I totally off?

Yes, you are totally off. Side-loaded apps would presumably have exactly the same technical restrictions imposed on them by iOS that App Store apps have. The only way for side-loaded apps to be a security risk would be due to bugs in iOS (which potentially can also be exploited by App Store apps).

This is very different from jailbreaking, which modifies iOS to remove some of its restrictions. With side-loading, iOS remains unmodified and remains in charge, and in control of what apps can and cannot do.

The motivation for side-loaded apps, from the point-of-view of users, is that Apple shouldn’t be policing which kind of apps are available, such as emulators and alternative browsers.

 

[TheWatchfulOne]

happy to finally be able to install software on a device I own.

I've been able to install software on my devices for years now. What device do you own that you have never been able to install software on?

 

[seek3r]

I see your problem there...

Touché

 

[tubular]

I sure can't wait to deal with the first relative who punches themselves in the balls with this.

My son used to work the repair desk of a big box shop. It's positively *astounding* what some people did to their computers.

 

[SanderEvers]

Yes, you are totally off. Side-loaded apps would presumably have exactly the same technical restrictions imposed on them by iOS that App Store apps have. The only way for side-loaded apps to be a security risk would be due to bugs in iOS (which potentially can also be exploited by App Store apps).

This is very different from jailbreaking, which modifies iOS to remove some of its restrictions. With side-loading, iOS remains unmodified and remains in charge and in control of what apps can and cannot do.

The motivation for side-loaded apps, from the point-of-view of users, is that Apple shouldn’t be policing which kind of apps are available, such as emulators and alternative browsers.

There are some private APIs you can use in an App which would be blocked by Apple. But you can use them when sideloading. Which is actually already possible.

 

[Unami]

Perfect. And when you download that malware/ virus....and go to Apple for help.....they , rightly so, can laugh in your face! After the first sings of 'hellfire' from users....this will die a quick death and have no-one at its funeral. Watch...

So, what happens now if you download malware onto your mac? Apple will still be responsible for hardware warranty, but won't help you with things you (or software you installed) or someone else did to your system or data. In fact, when you bring your mac or iphone in for a repair, you might get it back with a wiped or replaced harddrive. What if for example some bad actor in 2021 installed Pegasus spyware on your smartphone via a malicious .pdf? What if you happened to install an app containing the "Scylla" malware? I'm not aware that Apple ever took responsibility for bad software behavior on their devices.

 

[TheWatchfulOne]

Except when developers take their Apps out of the App Store and I can't use them anymore without installing their "App Store". Which is very similar to what Epic Games does on Windows!

Yeah, I wonder if users will then have to repurchase the same app from a different store because it's no longer available where they originally purchased it? How fun would that be? 🤔

Just one more reason why alternate app stores will be a bag of hurt. For everybody.

 

[klasma]

There are some private APIs you can use in an App which would be blocked by Apple. But you can use them when sideloading. Which is actually already possible.

Apple could easily prevent access to those private APIs by regular apps, or for example scan side-loaded apps for such calls (exactly as they do in their current app approval process) on-device before running them.

Apple’s aversion against side-loading is not in essence for technical reasons. It’s to control the brand image in terms of which app content is deemed acceptable, and to ensure their App Store revenue.