Apple's Arguments Against Sideloading on iOS: All Your Questions Answered

[GtrDude]

This is one of the simplest arguments and goes right along side of why Apple keeps releasing one iOS update after another and there's hardly any difference whatsoever.
It's money.
Apple is all about money and they're not about to lose any opportunity to make money.
They hardly pay any dividends at all (0.59%) so they are one of many tech companies that are all about growth.
What does that mean?
They must give their shareholders and investors some incentive to keep buying shares in them, so they never lose a chance to make more money and of course they go on the media platforms and the reason is always somehow twisted into being beneficial for the user ONLY. As if they have no stake in it.
This is a very typical Apple move.

 

[dk001]

Again, someone speaking out of their rear-end that has little understanding of what Apple's proposed CSAM-scanning technology would do.

There are plenty of threads here and every single privacy and security group that has spoken up about it.
So are you sure you really want to have that conversation again?

 

[vipergts2207]

Seems like a lot of text that could by summed up with just one character:

$

 

[svenmany]

I would like Apple to put its money where its mouth is. They should split off the App Store to a separate profit center and run it at cost - no profit. Much of the motivation for side loading would go away.

I like the protection of the App Store, but I don't appreciate the financial abuse developers have to suffer when delivering apps through it.

 

[veena3]

We shouldn't care about the software developer. So any argument which relies on benefitting a developer is an argument I reject.

Apple would have to contractually have the right to audit all the developers. I mean if the developers don't care about money, why would they even care?

Sorry I misunderstood your comment. I thought you want sideloading and Apple having cut on the external payment processing.

 

[januarydrive7]

There are plenty of threads here and every single privacy and security group that has spoken up about it.
So are you sure you really want to have that conversation again?

I couldn't care less. I'll call out BS when I see it, whether it's been spoken about before or not is besides the point.

I'll get the ball rolling:

The major concern that has been proliferated has to do with what might happen if the database of CSAM hashes is untrustworthy. A lot fo that has to do with some derivative of this: https://www.macobserver.com/columns...ning-princeton-researchers-already-warned-us/

The researchers that started that line of thought refer to their work, where they developed something similar to Apple's proposed method, and say that it's a bad idea! Except, in their work, they describe that it actually would be possible if the database were trustworthy, and suggest a few examples of what might accomplish that. They are hesitant, but encourage further research into the area.

Just because they were incapable of thinking up a novel approach to ensuring the databases' trust doesn't mean that Apple's approach was unsound -- it seems that the researchers wanted their 15 minutes of fame, and boy have they got it. Too bad in order to get it, they contradict their own work, which suggests that if the database could be trusted through some means, then their concerns vanish.

 

[TundraKing]

Apple would not have nearly the pushback/outrage on this topic if all they did in approving apps is review for security issues.

.....Fact is they restrict countless functions on third party apps which have nothing to do with security.

Apple has only itself to blame for the bad press. It all boils down to control over the revenue stream ...... nothing else.

 

[CarlJ]

If all apps were made available from the app store as well as through other means, side-loading would introduce more choice. However, realistically users wold have to side-load many apps by companies that don’t like apple’s restrictions.

Point and case: I have to use zoom, but would never want to install a non-AppStore version. That’s why I zoom exclusively form my ipad instead of my mac. I they could, zoom would defiantly bypass the app store.

Very much this. People always claim, "but side-loading won't affect you if you don't turn it on (so stop complaining)", and they don't see to be able to comprehend that if other app stores are allowed, some existing popular apps (examples could be Zoom, FaceBook, Uber, etc.) will likely pull out of Apple's app store so they can get more money and/or do creepy things, and some new apps will eventually show up that lots of people want to use, that are only available on the other app stores. At which point, customers will lose out - they'll either be forced into sideloading, or they won't have those apps available.

The app store and review process as it is (flaws and all) enforces a certain set of behaviors/restrictions on all apps on iOS, which makes it much easier for users to trust that an app can't do creepy things.

We currently have an ecosystem for smartphones with two branches: one is an open free-for-all, the other is a walled garden. And a small contingent of people for some reason are hell-bent on turning the walled garden into another free-for-all. Because wiping out the ability to choose between the two would make things slightly simpler for them, rather than having them switch to the open free-for-all.

It's like if there were two flavors of ice cream, chocolate and vanilla, and then a group came along and said, well, chocolate is a better flavor, so now you have to put chocolate flavoring into the vanilla ice cream and then everything will be better. Result: now there's no vanilla any more, if you wanted vanilla, too bad. Plus, why couldn't the chocolate lovers just, you know, have chocolate ice cream? Why did they have to force their preference on everyone else?

 

[Seend1983]

In other words, iOS users are dumb f*cks that can't be trusted to know what's best for themselves, according to Apple and Mr. Federighi. Thanks assh0les.

Let Daddy Apple decide what you can or can't download and only download from the App Store where the scary "malware" boogeyman can't get to you. Everything on the App Store is perfectly curated, checked, and verified by teams of reviewers.

I really feel bad for those poor Android and MacOS users, they really have the tough. Probably can't go a day without being plagued by some malware...

 

[boss.king]

Except they've explicitly said they won't, because macs have a different purpose.

And Apple has never gone back on something they’ve said, right?

I'm suggesting that Apple has the data on people who care about security, wether perceived or not. The Facebook's of the world have lost out on billions due to Apple's privacy initiatives, so there's at least some public-facing data about how many users care about security.

But they still used Facebook willingly before that. The change took no effort on their part, so do they really care that much? Those same users could just as easily not tap the button to allow sideloading and still be just as safe. Problem solved.

I'm using hyperbole to relate what many people will do when the treasure trove is opened. Don't need to ensure the problem exists --- it already does (look at Android). The fact that so much more commerce happens with iOS users means there's a lot more money to be made, and make no mistake that bad actors will do everything they can to get what they want.

There are always going to be bad actors. Even now, the App Store is riddled with scam apps and Apple seems to be doing very little to reign those in. Should we shut down the App Store entirely for everyone’s safety? If someone gets ahold of your phone, they can toss it in the microwave and nuke it. Should microwaves be banned? Or how about we stop selling iPhones to keep users safe from any possible iPhone-related problems.

Everything has a certain level of risk. Sideloading, if you don’t know what you’re doing and just blindly install things from the first pop up you see, can be dangerous. So can downloading sketchy apps from the supposedly safe App Store. So don’t do that and you’ll be fine. Put warnings on the sideloading toggle. Hell, let people choose when they set up their phone for the first time if they even want that toggle to exist. This isn’t an unsolvable problem.

 

[LinusR]

just like apple most of the malware and scams comes straight from the official app store

Genuinely interested: is there a source for this?

 

[CarlJ]

The arguments against sideloading on iOS/iPadOS are throughly unconvincing since we can already sideload apps on macOS.

Tell me you didn't read the article without telling me that you didn't read the article.

 

[Mockletoy]

Very much this. People always claim, "but side-loading won't affect you if you don't turn it on (so stop complaining)", and they don't see to be able to comprehend that if other app stores are allowed, some existing popular apps (examples could be Zoom, FaceBook, Uber, etc.) will likely pull out of Apple's app store so they can get more money and/or do creepy things, and some new apps will eventually show up that lots of people want to use, that are only available on the other app stores. At which point, customers will lose out - they'll either be forced into sideloading, or they won't have those apps available.

The app store and review process as it is (flaws and all) enforces a certain set of behaviors/restrictions on all apps on iOS, which makes it much easier for users to trust that an app can't do creepy things.

We currently have an ecosystem for smartphones with two branches: one is an open free-for-all, the other is a walled garden. And a small contingent of people for some reason are hell-bent on turning the walled garden into another free-for-all. Because wiping out the ability to choose between the two would make things slightly simpler for them, rather than having them switch to the open free-for-all.

It's like if there were two flavors of ice cream, chocolate and vanilla, and then a group came along and said, well, chocolate is a better flavor, so now you have to put chocolate flavoring into the vanilla ice cream and then everything will be better. Result: now there's no vanilla any more, if you wanted vanilla, too bad. Plus, why couldn't the chocolate lovers just, you know, have chocolate ice cream? Why did they have to force their preference on everyone else?

That's the nature of competition, which is why Apple is so eager to avoid it at all costs.

See, they want developers to have to use the App Store because they have no other choice in the matter, not because Apple has had to actually compete and make the App Store a place developers want to be.

That way leads stagnation.

 

[Mockletoy]

Genuinely interested: is there a source for this?

Apple’s tightly controlled App Store is teeming with scams

Apple claims its App Store is carefully curated so that only the best apps get through. The truth is, the App Store is littered with scams and "fleeceware," which uses fake user ratings to trick customers into paying for something they don't want.

www.washingtonpost.com

Nearly 2 percent of Apple’s top-grossing apps on one day were scams — and they have cost people $48 million​

 

[Ries]

Side loading will be a ********, but Apple put themselves into that corner, by trying to milk everyone with ridiculous harsh rules on the monetary side on the App Store and anti competitive pricing. Hey pay us 15% of your income and don't even try to go around apple subscriptions or else! btw we're launching a competing streaming service!

 

[sunny5]

Even without side loading for Mac, the support is very poor on App Store. That's why there arent many iOS/iPadOS apps optimized for macOS. Popular apps aren't even available too. If this situation keeps going on, then side loading will be the only choice.

Look at Windows 11, it works just fine with Android apps and they have more popular apps.

 

[Mockletoy]

Side loading will be a ********, but Apple put themselves into that corner, by trying to milk everyone with ridiculous harsh rules on the monetary side on the App Store and anti competitive pricing.

And all their weird, arbitrary rules about what is and is not allowed on the App Store. How they think they're "protecting" me by not allowing me to stream something (a game) to my iPad, even though they're perfectly okay with me streaming something (a video) to my iPad is quite a mystery to me.

The game streaming app is providing identical functionality to the video streaming app, but, nope, Apple says it's totally different, and that that difference is in no way related to how much money they make selling hundreds of crapware pay-to-win pseudo-games on the App Store.

 

[januarydrive7]

And Apple has never gone back on something they’ve said, right?

I'd wager that if Apple goes back on this, it will be because the data says they'd make more money by increasing the security of macOS in this way. I don't believe that will ever happen.

But they still used Facebook willingly before that. The change took no effort on their part, so do they really care that much?

There are a lot of technically illiterate people out there; I won't deny that.

Those same users could just as easily not tap the button to allow sideloading and still be just as safe. Problem solved.

Except I've explained numerous times that the button to allow sideloading merely existing changes the security of the OS; you and I have had this back-and-forth already, and yet you still choose to be as ignorant as those who I try to tell to not download potentially harmful applications on their desktop OS machines. You can't educate someone who refuses to listen.

There are always going to be bad actors. Even now, the App Store is riddled with scam apps and Apple seems to be doing very little to reign those in. Should we shut down the App Store entirely for everyone’s safety?

I agree there is a problem with the App Store. Apple should both pay their app store reviewers more and increase the review team.

If someone gets ahold of your phone, they can toss it in the microwave and nuke it. Should microwaves be banned? Or how about we stop selling iPhones to keep users safe from any possible iPhone-related problems.

Ahh, the old straw-man approach. Just because what I'm saying is valid doesn't mean you need to prop up something weak to attack. A better approach would be to address what I'm saying directly, to either learn or perhaps educate.

Everything has a certain level of risk. Sideloading, if you don’t know what you’re doing and just blindly install things from the first pop up you see, can be dangerous. So can downloading sketchy apps from the supposedly safe App Store. So don’t do that and you’ll be fine. Put warnings on the sideloading toggle. Hell, let people choose when they set up their phone for the first time if they even want that toggle to exist. This isn’t an unsolvable problem.

Please, go take an introductory OS and software security class. This isn't difficult to understand: making the infrastructure less secure makes the whole thing less secure.

 

[januarydrive7]

Genuinely interested: is there a source for this?

Apple’s tightly controlled App Store is teeming with scams

Apple claims its App Store is carefully curated so that only the best apps get through. The truth is, the App Store is littered with scams and "fleeceware," which uses fake user ratings to trick customers into paying for something they don't want.

www.washingtonpost.com

It's possible they were looking for a source for what the poster was actually saying: that google's malware problem was limited to their app store. They haven't been able to give a source for that, yet.

I don't think anyone here has been confused about the fact that Apple has malware issue on its own app store that it need to address (even though they malware issue is relatively tame compared to elsewhere).

 

[boss.king]

I'd wager that if Apple goes back on this, it will be because the data says they'd make more money by increasing the security of macOS in this way. I don't believe that will ever happen.

That's one thing we agree on. But regulation might not leave this as Apple's choice to make.

Except I've explained numerous times that the button to allow sideloading merely existing changes the security of the OS; you and I have had this back-and-forth already, and yet you still choose to be as ignorant as those who I try to tell to not download potentially harmful applications on their desktop OS machines. You can't educate someone who refuses to listen.

And I'm still not buying that explanation, no matter how many times you repeat it. I'm happy to listen, I just won't mindlessly accept it as fact.

I agree there is a problem with the App Store. Apple should both pay their app store reviewers more and increase the review team.

Agreed.

Ahh, the old straw-man approach. Just because what I'm saying is valid doesn't mean you need to prop up something weak to attack. A better approach would be to address what I'm saying directly, to either learn or perhaps educate.

It's hyperbole. You did it, why can't I?

 

[Biro]

If side loading were possible:
1. Nothing forces you to download from elsewhere.
2. Nothing forces you to download from less than reputable sources if you choose to download from elsewhere.

Why is that so complicated to understand? Nothing happens to YOU personally, or your device, as a user, unless you were to make poor choices.

I don't understand why people make this argument. This is a non-argument. Even Apple tries to make this argument, and they know as well as anyone that it is flawed.

Apple simply can't say the truth, which is that it is 10,000% about not losing App Store revenue, period.

I think you're the one that doesn't quite get it. Criminals and bad guys are fundamentally lazy. One reason they don't target iOS so much is becuase getting in isn't easy. Once Apple is forced to provide them with a way in via those who sideload, the sheer amount of malware for iOS with grow exponentially. And it will find its way inside. It always does. And once it happens, it won't be fixable. Why is that so complicated to understand?

 

[MacAddict1978]

"the question is why the security features in place on macOS that protect against malicious code from software downloaded from the internet can't run on iOS"

The answer is 30% cut of revenue. IOS and MacOS aren't that different. Or... Apple is saying that IOS so sooo different from MacOS, that's is security is terribly unsafe which doesn't say much about IOS.

To date, no scandals on Android that has 80% MarketShare and allows sideloading... All the crap that's been from evil Apps have been apps Apple and Google circulated in their walled garden app stores.

 

[Mockletoy]

I think you're the one that doesn't quite get it. Criminals and bad guys are fundamentally lazy. One reason they don't target iOS so much is becuase getting in isn't easy. Once Apple is forced to provide them with a way in via those who sideload, the sheer amount of malware for iOS with grow exponentially. And it will find its way inside. It always does. And once it happens, it won't be fixable. Why is that so complicated to understand?

And yet Android appears to be doing okay.

Maybe Google is just that much better at programming and stuff than Apple is? That's kinda sad.

 

[Rocko99991]

Reason 1-99 "Apple can not profit from sideloading'

 

[januarydrive7]

That's one thing we agree on. But regulation might not leave this as Apple's choice to make.

You think regulators would force apple to lock down macOS?

And I'm still not buying that explanation, no matter how many times you repeat it. I'm happy to listen, I just won't mindlessly accept it as fact.

Please, don't mindlessness accept it. Do a bit of research and come to an informed understanding of how an operating system works, or how networked security works.

It's hyperbole. You did it, why can't I?

You're free to hyperbole (or, straw-man arguments, for that matter --- this is a public forum). But, to address your statement: I wasn't using hyperbole as a straw-man.