Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
65,312
33,589


Sideloading is a fancy word for downloading an app binary from non-official platforms or the open internet and installing it on a device like a normal app. The practice is allowed on Android, granting users the flexibility of downloading apps from official or non-official app stores and the open internet. The iPhone, on the other hand, is a polar opposite.

Mac-App-Store-General-Feature.jpg

Since the launch of the App Store in 2008, Apple has maintained stringent control over the experience of the iPhone and where customers can download and install apps. iPhone does not allow users to sideload apps, requiring that any self-contained app installed on the device is distributed through the App Store. A dedicated team at Apple vets all apps on the App Store before they're published.

Whether Apple should allow sideloading on iPhone has become a hot-button topic in recent months, partly due to the lawsuit between Epic Games and Apple. Epic Games, among other things, is seeking for users to be able to sideload apps, and it wants to bring its own Epic Games Store to iOS as a competitor to Apple's App Store.

Apple has strongly pushed back against this notion, saying that opening the iPhone to sideloading would leave customers vulnerable to malicious and insecure apps, compared to the curated experience offered by the App Store.

Apple has undertaken a sizable effort to provide users with context and information regarding its stance on sideloading, ranging from public comments by top executives to detailed studies and more. The wide range of information shared by Apple and top-ranking officials can make it difficult for customers to grasp the most important parts of Apple's anti-sideloading arguments.

To help facilitate a more constructive conversation, we've created this summary of some of the most popular questions regarding sideloading and Apple's answers to them, sourced from appearances by top company executives, testimonies, and more.

If users can sideload apps on macOS, why can't they on iOS?

mac-app-store-big-sur-macbook-pro.jpg

While Apple offers an App Store on macOS, the Mac platform has always been an open one with users also freely able to install apps from anywhere on the internet and elsewhere. Some users have wondered why that same model can't be followed on iOS. More specifically, the question is why the security features in place on macOS that protect against malicious code from software downloaded from the internet can't run on iOS.

Apple says that Gatekeeper on macOS "ensures that all apps from the internet have already been checked by Apple for known malicious code — before you run them the first time." If malicious code is found, Apple can automatically disable installations of that app and update its database to reflect that specific piece of software as dangerous to users. Apple also utilizes notarization on macOS, where scanned apps free of harmful code are presented to users without warning.

During his testimony in the Epic Games trial, Craig Federighi explained why a similar security apparatus couldn't be ported over to iOS. First, Federighi notably admitted that macOS has a "malware problem" and that Apple finds the level of malware on macOS "unacceptable." Federighi is implying here that the macOS security model is not a perfect system and that it doesn't want to implement a system that yields "unacceptable" results, in its eyes, onto iOS.

Federighi went on to say that iOS "has established a dramatically higher bar for customer protection" and that as of May of 2021, macOS is "not meeting" that bar. While Apple built the iPhone from the ground up under the curated App Store model starting in 2008, the Mac's longer history which long predates that app distribution model has required more flexibility.

Another point Federighi made during his testimony is the different use cases for iOS and macOS. Federighi noted that customers tend to install many more apps on mobile devices than they do on macOS, generating many more opportunities for potential malware to infect users.

Why can't Apple give users a choice on whether they wish to sideload apps or not?

iphone-13-display.jpg

To answer this question, we don't have to look any further than a recent stage appearance by Federighi. At the 2021 Web Summit last week, Federighi said that while some users, such as those with a thorough understanding of technology, may not be harmed by sideloading, other users with less insight might be.
Maybe you're thinking all this might be true, but I'll never download a sideloading-only app, and I won't be tricked into sideloading. Well, that might be true for you, but your child might be fooled, or your parents might be fooled, and even if you see through every deception, the fact that anyone can be harmed by malware isn't something that we should stand for.
Apple's position here is that even if one device can be harmed or infected through a sideloaded app, then it's nothing it supports. Apple took a similar stance in 2016, where it refused to create a backdoor on iOS to access the information of a single iPhone, as it would have meant that the same backdoor could be used on other users.

federighi-sideloading.jpg

Federighi continued, explaining that one infected iPhone could present a danger to all other iPhones on a network and that all users' data would be "less safe" in a world where sideloading was allowed on iOS.
The fact is, one compromised device, including a mobile phone, can pose a threat to an entire network. Malware from sideloaded apps can jeopardize government systems, infect enterprise networks, public utilities, the list goes on. So even if you never sideload, your iPhone and data are less safe in a world where Apple is forced to allow it.
Lastly, Apple says that leaving decisions to users on whether a sideloaded app is safe or not is an onerous burden to put upon iPhone customers. "Users would now be responsible for determining whether sideloaded apps are safe, a very difficult task even for experts," Apple says in a paper arguing against sideloading. Furthermore, Apple says that even users who don't want to sideload could be led into doing so.
Even users who decide they don't want to sideload, and prefer to download apps only from the App Store, would end up being harmed. They could be forced to sideload an app they need for work, for school, or for social inclusion if it is not made available on the App Store. Furthermore, cybercriminals and hackers may trick users into unknowingly sideloading an app by mimicking the appearance of the App Store, or by touting free or expanded access to services or exclusive features.
What if users were shown a prompt before being able to open a sideloaded app?

sideloading-popup.jpg
Concept of what an iOS pop-up could look like for opening sideloaded apps

On macOS, when users download an app from the internet, they're shown a warning if that app is not notarized. A similar pop-up warning on iOS for sideloaded apps is not a new idea, and as a matter of fact, it was even approved by Steve Jobs.

In a 2008 email uncovered during the Epic Games trial, Steve Jobs approved specific wording that users would have seen before opening a sideloaded app. Replying to an email from Scott Forstall, Jobs said he liked "Are you sure you want to open the application 'Monkey Ball' from the developer 'Sega'?"

With a pop-up, Apple would still be able to provide users with a choice while making it clear of the potential dangers of that app. Users who are uncomfortable or unaware of the risks can dismiss the pop-up and delete the app, while others wishing to follow through with opening the app still have the freedom. According to Federighi, however, even with this approach, users will have a "very difficult" time determining which sideloaded apps are safe or not.

Apple has said in the past it strongly believes in giving users choices over their privacy and data, and some have pointed out that such a pop-up would be in line with the company's past comments and philosophy.

What if sideloading were only allowed through authorized third-party app stores?

homescreen-ios14.jpg

Facing the hypothetical situation that users would only be able to download apps from "authorized" third-party app stores such as an Epic Games Store, Apple points to the alleged lack of adequate oversight of those platforms compared to the App Store.
The large amount of malware and resulting security and privacy threats on third-party app stores shows that they do not have sufficient vetting procedures to check for apps containing known malware, apps violating user privacy, copycat apps, apps with illegal or objectionable content, and unsafe apps targeted at children
While the App Store does have extensive rules, Apple has faced criticism for its app review process being lackluster, particularly when it comes to scam apps. Apple notes that its control over the App Store allows it to more promptly and quickly remove "rare cases" in which malicious apps make it onto the platform.

In a scenario with third-party app stores and sideloading, those malicious apps would simply move to a different medium and continue to pose a risk to users, according to the company.
In the rare cases in which a fraudulent or malicious app makes it onto the App Store, Apple can remove it once discovered and block any of its future variants, thereby stopping its spread to other users. If sideloading from third-party app stores were supported, malicious apps would simply migrate to third-party stores and continue to infect consumer devices
Why is Apple assuming all sideloaded apps are malware or dangerous to users?

iPhone-13-Security.jpg

Apple's position here is that while not all sideloaded apps are malware, the mere ability for users to install sideloaded apps means users are, by nature, more exposed to malware.

In its detailed 31-page paper, Apple explains that simply allowing sideloading would "weaken these layers of security and expose all users to new and serious security risks" and that "supporting sideloading on iOS devices would essentially turn them into "pocket PCs," returning to the days of virus-riddled PCs."
Forcing Apple to support sideloading on iOS through direct downloads or third-party app stores would weaken these layers of security and expose all users to new and serious security risks: It would allow harmful and illegitimate apps to reach users more easily; it would undermine the features that give users control over legitimate apps they download; and it would undermine iPhone on-device protections. Sideloading would be a step backwards for user security and privacy: Supporting sideloading on iOS devices would essentially turn them into "pocket PCs," returning to the days of virus-riddled PCs.
Sideloading itself, irrespective of the specific app being sideloaded, also presents other dangers to users, according to Apple. For example, sideloading would allow spoofing on iOS, where ill-intended actors could "distribute copycat versions of popular apps that trick users" and would expose users to "apps with illegal content, such as illegal gambling apps, pirated apps, or apps containing stolen intellectual property."


These have been some of the most frequently asked questions, but it's impossible to list and for Apple to answer them all. Apple's anti-sideloading paper, published last month, is extensive and worth a read for those interested, and we've highlighted below some key facts and statistics shared by Apple in the paper.

  • Platforms that support sideloading, such as Android, recorded more than 230,000 malware infections per day, according to the European Union's cybersecurity agency
  • Mobile antivirus software, which some users may need to download to protect against sideloaded apps, cost consumers over $3.4 billion
  • Android smartphones are 15 to 47 times more likely to be infected with malware infections compared to iPhone
  • Sideloading would harm developers since user trust in the iOS ecosystem would decrease, leading to "users downloading fewer apps from fewer developers, and making fewer in-app purchases"
For many users and developers, Apple's arguments will remain unconvincing, and regulators are clearly taking a close look at Apple's practices in this regard. It remains to be seen exactly how it will all play out, but it's clear Apple is under pressure to relax some of its restrictions related to the App Store.

Article Link: Apple's Arguments Against Sideloading on iOS: All Your Questions Answered
 
Last edited:
So. Apple is making a good argument here to convince the consumers? How Tim Cook tried to explain it. Have to agree with him 100% on this.

Bottom line it all comes down to…

'Security and Privacy’

 
Last edited:

840quadra

Moderator
Staff member
Feb 1, 2005
9,361
6,170
Twin Cities Minnesota
Android isn't the problem, users being cheap, lazy, and not sourcing / buying quality applications is the problem. Side-Loading prompts you with similar warning messages that Mac OS does.

image000000.png


The fact that you get the option like you can install any app on a PC and Mac, is actually a great feature. As long as you aren't obtuse, careless, or otherwise, Android is not much worse off than those operating systems or iOS.
 

rictus007

macrumors 6502
Oct 12, 2011
433
1,131
Works for me, no need to fix an iPhone with a “Yahoo search engine bar at Safari” at every family meeting during the holidays. Having my employer go through the App Store prior to make any recommendation about what apps should be used at my office…is good too.
 

metapunk2077fail

macrumors 6502a
Oct 31, 2021
634
845
In case people don't know already.

Even if you have been avoiding or deleting social media, many apps try to sneakily get access to your phone contacts.

Once they do that they grab and map your connections. So they know who your family, friends and relations are.

If a government ever became authoritarian enough or racist enough they have that data against you and they can hold it against your throat.

Save your family or obey?

That's why side loading and letting apps run wild is not only a privacy problem it is a deadly problem, especially in countries that have very poor human rights and dictators.
 
Last edited:

topdrawer

macrumors 65816
Oct 1, 2012
1,159
1,787
  • "Mobile antivirus software, which some users may need to download to protect against sideloaded apps, cost consumers over $3.4 billion"
but iOS has a lot of antivirus software
 

TheDailyApple

macrumors 6502a
May 30, 2019
664
2,901
I‘d be happy to allow side-loading if I could be sure none of the apps I use would take down their app store versions and force users to side-load. If all apps were made available from the app store as well as through other means, side-loading would introduce more choice. However, realistically users wold have to side-load many apps by companies that don’t like apple’s restrictions.

Point and case: I have to use zoom, but would never want to install a non-AppStore version. That’s why I zoom exclusively from my ipad instead of my mac. I they could, zoom would definitely bypass the app store.
 
Last edited:

1129846

Cancelled
Mar 25, 2021
528
990
Those arguments are nice. But seriously, put more app reviewers on the team.
Any more scam apps gaining traction on the App Store will put all those arguments rather unconvincing at best and pretty much invalid at worst.
Yeah those app reviewers are not that great. It more like what random trained monkey do you get to review your app. They randomly hit things and then will reject an App for complete random reason that is wrong. Big time when it the exact same reason showing they are wrong for the 4th or 5th time..... Every time the we win the appeal proving that they are wrong.

The reviewers are not so much the issue. Being inconsistent is the problem. All it is some random person poking around. They don't know what they are doing and god forbid your app has some complex things in it. You better hope they do not poke around in those areas as they get confused but it is for advance users only and you have to give them full access....
 

topdrawer

macrumors 65816
Oct 1, 2012
1,159
1,787
I case people don't know already.

Even if you have been avoiding or deleting social media, many apps try to sneakily get access to your phone contacts.

Once they do that they grab and map your connections. So they know who your family, friends and relations are.

If a government ever became authoritarian enough or racist enough they have that data against you and they can hold it against your throat.

Save your family or obey?

That's why side loading and letting apps run wild is not only a privacy problem it is a deadly problem.


they don't even need to do that. if you have geolocation on, companies compare your geolocation to other users and can pretty much know who you hang out with and target them with the same products they target you with. that's why if someone in your household goes to home depot, all of a sudden you'll get toilet ads.
 

nsayer

macrumors 65816
Jan 23, 2003
1,260
781
Silicon Valley
I am willing for sideloading to be banned on my phone, but not being able to run arbitrary software the the exact reason I don't own an iPad. And if they remove the ability to run arbitrary software from the Mac, then I will abandon the platform instantly.

Why is the phone different? Because it is the thing that has my phone number, which for better or worse has become a de facto security verification mechanism among other things. I am willing to tolerate a somewhat reduced level of functionality on that device in return for somewhat improved security. But that device and that device only.
 

smetvid

macrumors 6502a
Nov 1, 2009
555
439
Those arguments are nice. But seriously, put more app reviewers on the team.
Any more scam apps gaining traction on the App Store will put all those arguments rather unconvincing at best and pretty much invalid at worst.
The important part of that process however is eventually those scam apps are removed. Side loading means users will download apps they are never aware are scams and will keep using those apps. None will tell them its a scam app and those apps will stay online for users to keep downloading.

Any system will eventually accidentally let something bad through. Whats important is the system keeps at it and adapts.
 

metapunk2077fail

macrumors 6502a
Oct 31, 2021
634
845
they don't even need to do that. if you have geolocation on, companies compare your geolocation to other users and can pretty much know who you hang out with and target them with the same products they target you with. that's why if someone in your household goes to home depot, all of a sudden you'll get toilet ads.

Geolocation alone doesn't give them fine grain data and full access to all your contacts. We have families and friends we don't always see them in person.

I am speaking from experience and of others also. I have seen someone be offensive in one country and his mother threatened with abusive phone calls in another country. All because his phone contacts were accessed by a social media app.
 
  • Like
Reactions: Argoduck

timlopez

macrumors member
Feb 12, 2009
38
36
They have arguments that support their decision, but make no mistake - the only reason they care is because of Revenue.

If apps can be side-loaded, then they can circumvent AppStore fees, including In-App Purchase fees, which account for roughly 20% of their revenue. However, that 20% of revenue has a high profit margin since its digital goods and not physical hardware. I would wager that it's the biggest cash cow Apple has today. They will do anything to keep that system closed. It has 0% to do with security. The only way this will happen is court order, but that would be an overstep for the courts.

If this wasn't about money, they would easily allow side-loading how its done on Mac OS today, and how Android does it - by default on the approved store, with the option to allow side-loading in security settings.
 

MauiPa

macrumors 68040
Apr 18, 2018
3,438
5,084
The arguments against sideloading on iOS/iPadOS are throughly unconvincing since we can already sideload apps on macOS.

did you read the article? Yes you can, but the argument is still convincing because even with all the protections in Mac (that far exceed windows BTW) there are still too many malware issues. Just facts
 

topdrawer

macrumors 65816
Oct 1, 2012
1,159
1,787
Even if you did read the article, you ought to know this is disingenuous. Simply not side loading doesn't change the fact that opening up the OS to be able to run unsigned code effectively reduces its security.


that's a disingenuous argument too. it doesn't have to be able to run unsigned code to run code from outside the app store. it could still require notary from apple like on mac.
 

veena3

macrumors regular
Sep 18, 2021
111
44
As an Apple customer I don't need to install app to my iPhone from outside of app store as long as Apple negotiate with software developers fair price that my favorite apps could be included in app store.
 
  • Like
Reactions: amartinez1660

Bandaman

Cancelled
Aug 28, 2019
2,005
4,091
  • "Mobile antivirus software, which some users may need to download to protect against sideloaded apps, cost consumers over $3.4 billion"
but iOS has a lot of antivirus software
The anti-virus companies that offer "anti-virus" apps use the other features of their apps like locating your phone or scanning for robot calls. They have absolutely nothing to do with scanning the phone for viruses.
 

toobravetosave

Suspended
Sep 23, 2021
1,017
2,532
Even if you did read the article, you ought to know this is disingenuous. Simply not side loading doesn't change the fact that opening up the OS to be able to run unsigned code effectively reduces its security.

For users who want to sideload perhaps, otherwise just like on MacOS you can toggle what level of applications can be installed in the first place not reducing security for people with no desire to sideload
 

boss.king

macrumors 603
Apr 8, 2009
6,346
7,550
Apple says that Gatekeeper on macOS "ensures that all apps from the internet have already been checked by Apple for known malicious code — before you run them the first time." If malicious code is found, Apple can automatically disable installations of that app and update its database to reflect that specific piece of software as dangerous to users. Apple also utilizes notarization on macOS, where scanned apps free of harmful code are presented to users without warning.
Federighi notably admitted that macOS has a "malware problem" and that Apple finds the level of malware on macOS "unacceptable."

So which one is it? Either Gatekeeper ensures apps don't contain malicious code or it doesn't, it can't be both.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.