Apple's Craig Federighi: Mac Not Meeting the Bar for Customer Protection

[SDJim]

Outside of behemoths like Epic with Fortnite, who has an app so important that people are actually going to go into their phone's developer options and enable third party app installation to install it? These chicken little arguments are why I have little sympathy for Apple in this case.

You seem unaware of how things work on Mac... Companies will simply not post their apps to the App Store, as on Mac, and the first time you try to download an app on the internet, you will get a popup to change that setting, you will change it, and then never think of it again. If anyone is Chicken Little-ing, it's you inventing these imaginary barriers to entry.

 

[Darth-Kylie]

Yet another reason to install anti-virus and anti-malware software on your devices!

I don't know if I have been lucky or what, but I have not encountered any viruses or malware on my macs since I started using them in the 90s. Same on Windows for that matter... maybe it is more user error? Rather than the OS manufacturer error?

Yeah, you’ve just been very lucky. At one point in the XP days, an unpatched installation could be infected by the Blaster worm just by being online.

 

[bousozoku]

Of course, one crucial difference is that no-one wants to run anti-virus or malware software on their iPhone, but most sensible people do run some kind of anti-virus or malware on their Mac with very little consequence other than reducing the risk of malware even more than by having MacOS alone.

I run Malwarebytes on Mac, Windows, and Android, but not iOS.

I'd hate to think that we'd be stuck with malware problems, considering how fragile Safari is, and that I'd have to slow down my iPhone to run a malware scanner, if Apple would even allow it.

 

[saudor]

Just hide it in some developer settings that are hidden unless you do a certain combo of your buttons and I bet you 80% of iOS users will never even bother. The other 20% „smart / interested enough“ should be aware that what they are doing is done on their own risk. Hell, integrate 2 warning pop ups before enabling it even

The problem is that sites like macrumors will post the instructions, get shared and then those people will try it. The hackintosh forums are a good example. It's full of people who shouldn't be hackintoshing but got interested in the idea of a "cheap mac" and end up using sketchy distros that phone home (instead of setting one up the vanilla way through opencore, etc)

Still way better than nothing though

 

[gaximus]

So it shouldn't concern any of you as you will still be able to use the apple store as is.
I mean why you have issue with people using other store for apps while you can still use the one from apple?

I didn't say I was concerned, I was just saying the reason they aren't fighting to process their own payments, is because they want their own AppStore

 

[Rogifan]

The 9to5Mac article included this helpful quote from Federighi:

Nah it’s just the iOS App Store is a cash cow. Apple isn’t ever going to give that up.

 

[cmaier]

There was malware on iOS before there was even an App Store.

So? Last year there were 150 different malware apps detected on macos, and 3 on iOS. You think numbers don’t matter?

 

[[AUT] Thomas]

Under some circumstances eventually something could, probably, happen.

By that logic iOS should not come with a browser and browser apps should not be supported. Because eventually someone clicks on a link that leads to a website that exploits one of the apparently not so rare webkit vulnerabilities. Perhaps we should route all traffic through Apple Servers to scan it. Just to be sure... "for our security"

Also, once again, 95% of the security is provided by the very tight sandboxing of iOS not the App-Store Review.

 

[mihirdelirious]

That is about the best storytelling i ever heard. When was this great glorious time when consumers and professionals revered the mac in greater numbers than today? The mac has always been in the minority. The only thing you didnt include in the dastardly deeds was the abandonment if the most glorius ADB connection.

Considering the entire Mac line, 2005 to 2015 would be a really good period.
The core audience for the Mac for a long time was audio-video professionals & hobbyists. You’d always find Mac Pro in recording studios, iMacs & cinéma/thunderbolt displays in film production, in architecture & design studios etc.
The Mac Pro got neutered in 2013 (“can’t innovate anymore my arse”) only to be revived in 2019 starting at $5000.
The Thunderbolt Display neutered around 2013, same story. Now starting at $5000. Aperture (Apple’s professional photo editing software) abandoned around 2014. Xserve servers? Abandoned around 2011/12.
I could go on, but I think you see the pattern.
l‘ve been a pro Mac user for over a decade. I admired these products. They were durable, reliable, upgradeable, repairable & serviceable. Apple was very friendly towards repairs & upgrades too.
Today Mac is designed for a different audience (iOS users & influencer) while these products don‘t bring any of the qualities & features that the Macs from the past did. The Mac has unfortunately turned into a luxury brand where you’d buy one just for the status, not for the passion.
Obviously, it’s Apple’s choice how they want the Mac to be. I just feel that they’ve alienated their core audience. They could have done things much better

 

[Benjamin Nabulsi]

That's not JAMF's fault, that's your system administrator's fault.

It's Apple's fault for allowing solutions like Jamf to override the user permissions. Bad Admins are enabled by bad soultions.

 

[Salsa_Lover]

The security argument is not valid on this case,

I can subscribe to online services on my Mac and use them on a browser, be it safari, chrome or others.

Services like Spotify, Netflix, Disney+ and many many others, without exposing my mac to risks, and without having to pay 30% of that money to apple.

The whole amount for the subscription, I pay go to the rightful service provider.

I can use the same service when logged in another kind of computer or device running windows, linux, solaris, android or any other, still not having to pay a cut to Microsoft or Oracle etc.

That includes Apps on iOS on my iPad and iPhone, that are validated ( and hence "safe" ) by the AppStore, and I still didn't had to pay anything to apple because I didn't use In-App Purchases to subscribe to the service.

Why can't we have the same freedom for other service or software providers on iOS ?

 

[Wildkraut]

I run Malwarebytes on Mac, Windows, and Android, but not iOS.

I'd hate to think that we'd be stuck with malware problems, considering how fragile Safari is, and that I'd have to slow down my iPhone to run a malware scanner, if Apple would even allow it.

macOS has a kind of malware scanner build in, and they could simply extend it, in case they really care for their customers. M1 is powerful enough to handle a few quick checks on newly installed apps, thats nothing that drives the performance down.

Anyway, macOS security builds up on the core Unix philosophy, which is a non-system wide access.
While Windows Users had Admin rights for many many years by default, with full system access.
This is why Windows had so many malware issues in the past, this calmed down now.

 

[brofkand]

You seem unaware of how things work on Mac... Companies will simply not post their apps to the App Store, as on Mac, and the first time you try to download an app on the internet, you will get a popup to change that setting, you will change it, and then never think of it again. If anyone is Chicken Little-ing, it's you inventing these imaginary barriers to entry.

The difference is the PC has a 30 year history of not needing a centralized repository of approved applications. So PC users are not trained from experience to go to the app store to find and install apps.

Android has enabled sideloading for it's entire existence, and there are three mainstream app stores that I am familiar with. Epic's, Amazon's, and Google's. Certainly not the hundreds that the person I was replying to suggested. Like I said people aren't going to go to the effort of downloading and installing apps outside of the app store on a mobile platform.

The point is they should be able to if they want to.

 

[Altivec88]

So it shouldn't concern any of you as you will still be able to use the apple store as is.
I mean why you have issue with people using other store for apps while you can still use the one from apple?

You are either being disingenuous or naive if you think any of us will still be able to use the apple store as is. When the apps we want are no longer on the Apple store how are we supposed to use it as is? How are we supposed to go one spot to search through all apps when they are scattered across hundreds of stores? How are we supposed to update our apps from one spot? To say things will be "as is" is a complete fallacy.

 

[brofkand]

It's Apple's fault for allowing solutions like Jamf to override the user permissions. Bad Admins are enabled by bad soultions.

In an MDM enterprise example, the user is the enterprise that owns the machine and the JAMF instance I would say.

 

[ArPe]

If Google and Microsoft made condoms 🍆

You would still get an STD 🩸

Because they would be full of holes 🧀

 

[brofkand]

So? Last year there were 150 different malware apps detected on macos, and 3 on iOS. You think numbers don’t matter?

Nope, the fact that there are any negates the argument in my mind.

 

[IBeenMacSince19]

He literally threw MacOS under the bus to save iOS 😆

They're scrambling in this case and they know they're not winning.

I guess you're not watching the case very closely. Most legal analysts disagree. By the way, I did see MacOS literally thrown under a bus once, and it destroyed the computer.

 

[thejadedmonkey]

I'd just like to point out that Microsoft has managed to create sandboxed apps that can be installed from outside of the app store. It's not that you can't do it, it's that Apple chooses not to.

 

[nvmls]

I think Mac Rumors should have included more of the discussion from Craig Federighi, what's posted doesn't present his side well.

See Craig Federighi says the Mac has an ‘unacceptable’ malware problem 9to5Mac 5/19/21

Straight from the horse's mouth . Toys go with iOS (& iPadOS..)

 

[Apleeseed84]

The Mac was once the epitome of general purpose computing, revered by professionals & laymen alike. But now, since most Mac users make purchases outside the Mac App Store bypassing Apple’s Censor board & 30% Extortion booth, Apple is willing to throw the Mac under the bus. Anything to justify the App Store cash cow.
They’ve abandoned a lot of Mac hardware and software recently: Aperture, Xserve, Airport, Thunderbolt Display, target display mode, iMac Pro, an entry-priced Mac Pro, nvidia GPUs etc. Out of resentment, Apple also priced the professional Mac Pro & XDR display beyond $5000.

Don’t forget IPad Pro pricing that costs more than the average Entry level MacBooks

 

[Bokito]

For iOS I get the walled garden; would it be convenient having Little Snitch and iStat Menus installed to see what happens? No, definitely not. But the Mac is a whole different kind of beast. If Apple wants to scare customers from buying M1 Macs they should definitely make these kind of statements.

 

[netslacker]

Balderdash. Operating systems can be perfectly secure without limiting the user to only approved apps. One of the simplest ways to do it is to educate users to log in as standard users, only elevating to an Administrator as necessary.

LOL, you've clearly no clue if you think education is the answer.

 

[tann]

People crying out thinking it's the end of the world if there are other app stores, it won't be.

Apple has trained users for a decade that iPhone = App store for apps.

To change the consumer mindset around that just won't happen, it won't. We only have to look at Android where there are other app stores, yet they're barely used. I don't think we will see a meaningful change to those apps solely distributing via these other stores, and even the ones that do may just distribute two versions, one with payment inbuilt on App store B, while on the iOS app store it'll be as it always is.

 

[now i see it]

App Store doesn't have to go away for side-loading apps to be available.
Wanna download an app from the AppStore? Fine, go ahead as usual. Wanna download a side loaded app? Go ahead - at your own risk.
Don't fool yourself into thinking Apple cares about its customers. It doesn't care all. What it cares about is its platform and the money it makes from its customers.