Apple's Craig Federighi: Mac Not Meeting the Bar for Customer Protection

[rafark]

Wow is willing to throw the Mac (and it’s reputation) under the bus the for the AppStore. I’m disappointed.

 

[Macadvn]

They say security, but all I hear is App Store revenue.

I think Apple deserves high revenue for what they bring to users for many reasons, not just security. and I haven't seen a another phone company as secure as Apple right now.

 

[rafark]

I will try my best to force developers hands by not downloading anything that is not on the Apple Store but as you mentioned, they are going to try to force you to use their store by not making it available on the Apple Store. If this ever goes through, it is going to be a total disaster. hundreds of stores to search for something, Hundreds of accounts that will want to store your CC#, hundreds of stores to keep checking for software updates. and then add the security ramifications to that and I smack myself in the head to end users who think this is a good idea.

Dude in what world do you live. Do you not buy anything from the internet?

 

[Bryan MacGuy]

i am *absolutely* fine and do not encounter some "unacceptable" amount of malware.

Written like someone who does not have to intervene with their 74-year-old mom on a monthly basis who insists on playing Facebook games and clicks on links to contests that’s she’s won but had never entered.

 

[Abazigal]

Dude in what world do you live. Do you not buy anything from the internet?

There’s a difference between doing so because you have to, vs doing so because you want to.

 

[IG88]

People don't seem to understand that macOS and iOS were designed with two different paradigms in mind.

That only serves as an argument for Apple not allowing other app stores.

It does not in any way explain or justify Apple's forced 30% take. And Apple will ban your app if you try to direct users to sign up for a service directly through the developer. That's not about security. It's purely about Apple making more $$.

 

[makitango]

Your sarcasm aside, why do you think users need Little Snitch installed in your Mac?

Could it be that Apple knows a lot more than you or I, or anybody else not involved in Apple's security framework, about their devices' security profile, and therefore worked towards improving security for them in small increments?

Little Snitch solved the problem of „who watches the watchmen“ system-wide, aka you also get to control and validate Apple processes.
Also, no matter the review process, nothing beats the control of the traffic an app has on iOS as you could with Little Snitch, even after ATT. Apps talk to different servers unrelated to cookies, and you can stop apps talking to, say, certain ad agency servers in secret while keeping it open to talk to their own servers, and keeping it functional.

 

[Bluetoot-]

As much as Phil’s words are marketing BS most of the time, I kind of agree with the whole “portability/mobility” argument. The iPhone is with you nonstop. That’s dangerous. The Mac less so; it’s either on a desk or closed when in transport. For that reason, I think a secure iPhone makes sense. A less secure Mac is up to you; you should be responsible for your own app choices in that regard.

 

[ipponrg]

But as a user I don't care. I want what's best for me, not the developers.

What’s best for you then is going to be releases outside of the App Store because the app will be more up to date with the latest features

 

[Sarkany]

Agreed, I can’t wait to install all that malware ASAP…

You don’t have to. Those who do should be able to though.

 

[quarkysg]

Little Snitch solved the problem of „who watches the watchmen“ system-wide, aka you also get to control and validate Apple processes.
Also, no matter the review process, nothing beats the control of the traffic an app has on iOS as you could with Little Snitch, even after ATT. Apps talk to different servers unrelated to cookies, and you can stop apps talking to, say, certain ad agency servers in secret while keeping it open to talk to their own servers, and keeping it functional.

I don't think you are getting my point.

I think many people don't realise or just want to pick one point to argue because they do not like Apple or their business practices. Security is never just one thing (e.g. the review process).

The fact that an end user felt the need to ensure that they have to monitor outgoing traffic so that they are secure, means that there's a problem. I think I can safely say that the majority of computer users (Windows or macOS) don't even know utilities like Little Snitch exists, and frankly they don't want to know. Most folks just want to use their devices to do what they want/need to do, and often fell prey to scams.

Apple thinks that they have to control the whole widget to ensure the security of iOS devices. Who am I to argue with them? I do not have any inside information that they have over the years of developing and securing their platform. That is why it is always a perpetual arms races between OS vendors and hackers. No single piece of the platform is more important then the other. It is always the sum of all parts to ensure good security. And no security is ever enough when you're online.

If I think Apple are doing a terrible job, I will not buy their products. So far I think they are doing OK.

 

[throAU]

And there it goes
macOS 12 : you can no longer install apps outside the Mac App Store

Sure you can, get the developer tools and compile (or at least code-sign) your own.

In the modern landscape, allowing end users to run (either accidentally, or via malicious exploit) pre-compiled, unsigned, un-vetted code from un-trusted third parties is a liability.

If you want to do that, you should be vetting and signing the code you want to run on your own machine with your own code signing cert.

If you can't do that or don't understand, figure it out. If you can't figure it out, you're exactly the user who needs the above protections because otherwise sooner or later you're going to get compromised. And even if you do understand it, you may still get compromised (if you sign and run malicious code on your own machines), but the bulk of end users who didn't learn to code sign their stuff for use on their own machine(s) are protected from it.

We aren't living in the 1980s any more, and there's a multi-billion dollar industry around exploiting end user machines for profit. You're dealing with professional criminals now, not some kid in their basement hacking stuff for lolz any more.

 

[boss.king]

I think Apple deserves high revenue for what they bring to users for many reasons, not just security. and I haven't seen a another phone company as secure as Apple right now.

They already have high revenue. What they’re angling towards here is a cut of every transaction on the Mac, like they currently get on iOS. I doubt they’ll ever take it as far as iOS because a lot of users would leave, they’re surely going to lean in on pushing a little harder on the Mac App Store for more sales revenue.

 

[Zedcars]

He literally threw MacOS under the bus to save iOS 😆

They're scrambling in this case and they know they're not winning.

Literally? Wow. Was everyone on the bus ok?

 

[cuhulin]

Epic really needs to win this for our sake

Where is the "/s" at the end of that statement?

I use Apple devices precisely because they are more secure and private. Can you imagine what Facebook would be doing if it could get in through the Epic store?

 

[cuhulin]

Exactly, they're hiding the true argument behind smoke and mirrors.



Balderdash. Operating systems can be perfectly secure without limiting the user to only approved apps. One of the simplest ways to do it is to educate users to log in as standard users, only elevating to an Administrator as necessary.

If the App Store only declined apps if they were insecure, you may have an argument. But they reject apps for a multitude of reasons that have nothing to do with security.

Educating users is an approach that does not work in an era where reading the manual is exceedingly rare.

 

[cuhulin]

They say security, but all I hear is App Store revenue.

Time for hearing aids? Your desire Apple to become the next big business failure is causing you to hear what you want to hear, not what he said.

 

[throAU]

Balderdash. Operating systems can be perfectly secure without limiting the user to only approved apps. One of the simplest ways to do it is to educate users to log in as standard users, only elevating to an Administrator as necessary.

Please provide even a single example of said mythical secure operating system? They do not exist. Even DOS which is about as simple as you can get (and thus the easiest to validate as bug-free) was subject to trojans and boot sector viruses - and the software that ran on it with full privileges was rife with bugs.

Relying on end users to secure the OS is not operating system security. End users are not security experts and even if they were they do not have the time to inspect and approve every thing that may run on their machine before it is executed.

Restricting a user to non-admin doesn't help either - the data is the important thing and that's all in their user account. The machine can be replaced, their data can't be un-stolen or un-leaked to the internet.

Code signing isn't a silver bullet either, but it does at least add another level of control; the malware has to be code signed by SOMEONE (either apple via the app store, or the end user via their own code signing certificate that has been added to the system as trusted, if they want to run non-app store apps) before it will execute.

In the second case, the app will only be able to run on/infect the machines the end user has code-signing privilege on. So it won't escape into the wild and hit everyone else.

Of course, there's still the possibility of flaws in the code signature checking, but that's a far smaller amount of code to audit and fix than the entire operating system.

 

[poseidondev]

They already have high revenue. What they’re angling towards here is a cut of every transaction on the Mac, like they currently get on iOS. I doubt they’ll ever take it as far as iOS because a lot of users would leave, they’re surely going to lean in on pushing a little harder on the Mac App Store for more sales revenue.

I’d say they’re angling towards the contrary. Federighi made it very clear on the stand that they couldn’t make macOS as closed as iOS because the Mac was used for different purposes and that it would otherwise block, say, developers from being able to develop on the Mac.

Going as far as highlighting that people can run unsigned code on the Mac (something that is essential for development).

Where is the "/s" at the end of that statement?

I use Apple devices precisely because they are more secure and private. Can you imagine what Facebook would be doing if it could get in through the Epic store?

We don’t need to imagine. Facebook already abused their Enterprise Certificate to have users run all their iOS traffic through their VPN for analysis in exchange for pocket change.
Apple shut that down the moment they caught wind of it, but it gives a glimpse into what Facebook would do if they had free reign.

 

[throAU]

Educating users is an approach that does not work in an era where reading the manual is exceedingly rare.

As above, computers are tools to make our lives easier. Educating end users to be security experts when they have another job to do is a waste of time and a waste of brain space that is better used for actual productivity. Some elitist nerds think that "oh computers are easy, users are dumb".

But no one who has an actual job outside of computing to do cares. And they shouldn't have to. The have their own non-computing related job.

Fix the tools.

And for those who think its a dumb user problem - learning to code sign your own stuff to work with this shouldn't be an issue. Only dumb people need this protection and you're a genius, right? /s

 

[wigby]

Gotta love Apple ruining MacOS in order to protect their money from iOS. Greed

You can call it greed and I can call it protecting the vast majority of their users. We can both be right.

 

[mikethemartian]

When is the new Windows 10 ad featuring Craig Federighi coming out?

 

[OnawaAfrica]

Epic really needs to win this for our sake

epic needs to loose it. they are the one not playing by the rule. If u want ur app on a App Store u need to follow the roles of the appstore

 

[mikethemartian]

You are either being disingenuous or naive if you think any of us will still be able to use the apple store as is. When the apps we want are no longer on the Apple store how are we supposed to use it as is? How are we supposed to go one spot to search through all apps when they are scattered across hundreds of stores? How are we supposed to update our apps from one spot? To say things will be "as is" is a complete fallacy.

How is that different than it is now? You can go to the Mac App store to download an app or go directly to the developers website.

 

[Abazigal]

Gotta love Apple ruining MacOS in order to protect their money from iOS. Greed

You all started this when you wanted iOS to be open like macOS.