Apple's Craig Federighi: Mac Not Meeting the Bar for Customer Protection

[brofkand]

LOL, you've clearly no clue if you think education is the answer.

iOS is locked down and people still get scammed and get malware on it, so what is the answer Nostradamus?

 

[dogslobber]

Looking forward to Eddy Cue being the star witness for the prosecution.

 

[genovelle]

I think Mac Rumors should have included more of the discussion from Craig Federighi, what's posted doesn't present his side well.

See Craig Federighi says the Mac has an ‘unacceptable’ malware problem 9to5Mac 5/19/21

Gotta love Apple ruining MacOS in order to protect their money from iOS. Greed

It’s really calling it like it is. They had to answer the claim made yesterday by an Epic expert that Mac OS and IOS security situations were the same. We all know better than that and the more Macs are sold the bigger target they are. He was clear in that the problem comes from outside stores and they can’t vet the Apps before they are a problem and can’t detect them until they are In The wild.

 

[zakarhino]

Federighi is talking nonsense.
Androids malware problems does not come from side-loading Apps anyway, it comes directly from Google Store Apps, which are also reviewed. Apples AppStore is also full of scamming Apps btw.

Based on Apples logic, we should shut the Internet completely off, because you can do shady things there.
They should do less business with authoritarian States like China, which is probably from where they get their "security by obscurity" ideas from, and get back to western core values.

Yeah I like how he doesn't mention some of the latest data which shows there are more exploits for iOS than Android, to the extent that the black market pays more for Android hacks than they do iOS.

 

[Wildkraut]

For iOS I get the walled garden; would it be convenient having Little Snitch and iStat Menus installed to see what happens? No, definitely not. But the Mac is a whole different kind of beast. If Apple wants to scare customers from buying M1 Macs they should definitely make these kind of statements.

Apple WILL have a hard time in the future, but current CEO and Managers won't care, their bank account is full already. Most devs dislike this Apple parenting way, they constantly needs to build weird workarounds extra for Apple platforms. It's the massive user base that keeps them developing for it, just like a vicious circle.
Anyway, Apple already scared many professionals away, they are just riding on enduser fashion victims waves, which is a quick lucrative business but not a stable future proof one. That's also one of the reasons why more and more companies are building up on cross platform frameworks instead of native ones.

 

[genovelle]

iOS is locked down and people still get scammed and get malware on it, so what is the answer Nostradamus?

The answer is it is manageable even with the massive attempts happening daily. The Android devices had 30 times more malware than iOS according to a report by Nokia as mentioned in court. That is the point. It like going to the park and having to swat a mosquito or two as compared to having a swarm of hundreds of mosquitoes trying to eat you alive.

 

[genovelle]

Yeah I like how he doesn't mention some of the latest data which shows there are more exploits for iOS than Android, to the extent that the black market pays more for Android hacks than they do iOS.

Please provide this data

 

[lolrepeatlol]

He literally threw MacOS under the bus to save iOS 😆

They're scrambling in this case and they know they're not winning.

"save iOS"

did you mean "save their biggest source of services revenue?" ios would still be fine without its insane restrictions.

 

[genovelle]

Outside of behemoths like Epic with Fortnite, who has an app so important that people are actually going to go into their phone's developer options and enable third party app installation to install it? These chicken little arguments are why I have little sympathy for Apple in this case.

Actually the reasons developers including these idiots prefer iOS is because they can’t make money on Android because of all of the counterfeit apps they are side loaded. Say what you want, but every time I’ve worked with Android advocates there was always the guy who showed everyone how to get the best apps on their phones for free. It’s a culture thing.

 

[Apple_Robert]

There’s actually a very, very simple solution to this problem that I’m surprised no one has brought up.
before, you could use X code on the Mac to put an application, even one that isn’t on the App Store, on your iPhone/iPad.
so just open it up to where, if someone has Xcode installed on their Mac, and epic is willing to provide the file, you can use X code to open the file and add the file to your iPhone as an app.
that way, for 99.999999999% of people, the iPhone stays exactly the same. You only have one App Store, you can’t download apps directly off of the Internet, but also epic has the option to provide their application outside of the App Store if they really, really want to.
it’s just that they will lose access to the majority of customers that don’t have a Mac, and they don’t have Xcode installed on that Mac.
so this would be an amazing compromise in my opinion. It would technically give customers another way to install applications outside of the App Store, while not actually opening up the iPhone.

Your idea would promote more pirating, in my opinion. Unless someone has a Developer account, self-signing would only last 7 days (I believe).

I also don't see any better protection for the Mac with your idea.

I do see Apple getting sued by many people with this idea, because it opens them up for more Malware and lost / corrupt files / phishing attacks, social hacking and other wonderful user nightmares. And even though there is personal responsibility involved, that won't stop people from pointing a finger at Apple.

 

[brofkand]

Actually the reasons developers including these idiots prefer iOS is because they can’t make money on Android because of all of the counterfeit apps they are side loaded. Say what you want, but every time I’ve worked with Android advocates there was always the guy who showed everyone how to get the best apps on their phones for free. It’s a culture thing.

I am talking about the average user, the kind of people that can get malware on macOS (apparently, the Federighi family). Not Android advocates that routinely side-load applications or iOS advocates that jailbreak their devices.

 

[genovelle]

This is why I like the iOS App Store. If I wanted everything to be wide open I would have bought an Android device.

Right I don’t want to have to focus so heavily on security on a device a use constantly and take everywhere

 

[Jason111001]

Yet another reason to install anti-virus and anti-malware software on your devices!

I don't know if I have been lucky or what, but I have not encountered any viruses or malware on my macs since I started using them in the 90s. Same on Windows for that matter... maybe it is more user error? Rather than the OS manufacturer error?

Most people don’t know their computers are infected with malware. That’s intentional so that the malware goes unrecognized and does it’s thing for longer periods of time.
Second point, most antivirus software companies are scum, mining your data and selling info. Most are bloated software that do nothing more than slow your computer.

 

[thedocbwarren]

View attachment 1777382

Straight from the horse's mouth . Toys go with iOS (& iPadOS..)

I would have said like public transit, but the children argument is good too. Given it's not public, it's like Salesforce Transit, etc.

 

[fhall1]

There's a simple solution to this. Separate the app vetting mechanism from the App Store. Here's how this would work:
1. App developers would still pay Apple $99/year for developer access. Apple uses this money for the app review process etc.
2. All apps MUST be reviewed by Apple to be available for sale. Period! The review standard should be "Is this malware?" if not, it passes review. Ideally, this should be done by an independent board, but having Apple doing it isn't too bad as long as the standard is "Is this malware?" and nothing more.
3. Developers can choose to offer Apps on the Apple iOS App Store. To be on the store it would need to fit other Apple criteria for their app store e.g. "Is this app good or terrible, Apple doesn't need to include terrible apps". "Great" apps would be featured by Apple as they are today. If offered on the App Store they would be subject to Apple's revenue split (70/30 (or 85/15 for small-time devs))
4. Developers can also choose to offer the app via alternative iOS App Store. The other app stores would decide whether to take the app or not i.e. They can have their own vetting, but they CAN'T offer apps that didn't pass #2. Apps offered in these stores would be subject to the revenue split of these stores.
5. Developers could offer the iOS app on their own website (as long as the build passes #2). They could offer whatever web payment mechanism they wanted (PayPal, ApplePay, AmazonPay, etc.), or offer the apps for free.

This solution KEEPS USER'S SAFE, ALLOWS DEVELOPER'S CHOICE, and crucially GIVES THE APP STORE COMPETITION on iOS. The App Store desperately needs competition on iOS, Apple is not properly incentivized to improve the App Store. It is very hard to make a living on the store because Apple caters to a very small handful of its favorites. Here's where the App Store fails:
1. Search isn't great (a direct name search for an app often doesn't result in the app on the first page of results, e.g. try searching for "Simile" you'll get "Smule" and its competitors, not the painting app by that name)
2. The dev rev split isn't great (85% is better than it was, but competition would help)
3. There is 1 app store for all apps, it can't possibly serve everyone equally well. It might be nice to have an app store curated by people that you resonate with. e.g. An app store run by single Latino moms might have a different selection of favorites than Apple would pick.

And Apple can do all this for $99/year per developer and not lose money???

 

[Wildkraut]

Actually the reasons developers including these idiots prefer iOS is because they can’t make money on Android because of all of the counterfeit apps they are side loaded. Say what you want, but every time I’ve worked with Android advocates there was always the guy who showed everyone how to get the best apps on their phones for free. It’s a culture thing.

Decent Apps will always make money, decent Apps is also nothing you develop quickly, the 1000th calculator or Asteroid Game surely won't make them rich. There are many ways to avoid piracy(a buzzword i hate), the ones who pirate will do it anyway, that's something the whole software industry ignore.

If I get the idea of downloading illegal software from the internet, I'll get it anyway.
Doesn't matter if it's protected by AppStore, DRM, Anti-Tamper tech like Denuvo, Software Dongles like FlexLM, or License Keys. What's screwed together can also be screwed apart, and the ones who wants it, gets it.

Better build up a natural protection based on active server side content, or build up a loyal customer community.
Piracy will always exist, the ones who pirate wouldn't pay for this piece of software anyway.

 

[maternidad]

Gotta love Apple ruining MacOS in order to protect their money from iOS. Greed

??? When was this done?

 

[C3PO]

And Apple can do all this for $99/year per developer and not lose money???

The pricing is not the point, but since you asked:
1. Most apps (> 99%) in the app store don't make any money (many don't even charge any money). So Apple is already doing it for those folks for $99/year.
2. Even if they had to charge more per year (which I don't think they do), i would still prefer this model. Heck, Apple could still take a percentage (though that makes distribution a bit more complicated), just as long as other app stores have some margin to work with. Another way to handle is to have devs pay per review. Apps that have a lot of churn would pay more.

 

[cmaier]

So it shouldn't concern any of you as you will still be able to use the apple store as is.
I mean why you have issue with people using other store for apps while you can still use the one from apple?

Because allowing apps to run even if not signed by apple’s servers destroys the iOS security model and introduces an easy attack vector for drive-by app installation?

 

[ThAtCaRGuY]

Apples basically turning macOS into iOS

 

[brofkand]

Because allowing apps to run even if not signed by apple’s servers destroys the iOS security model and introduces an easy attack vector for drive-by app installation?

Maybe it's time for the iOS Security model to change?

 

[DaveP]

iOS is locked down and people still get scammed and get malware on it, so what is the answer Nostradamus?

The answer is that much like essentially every problem in life, there is no perfect solution. You try to weight pros and cons and come up with something that works reasonably well. And not everyone will agree and they will hopefully not spend too much time arguing on forums.

 

[Darmok N Jalad]

And there it goes
macOS 12 : you can no longer install apps outside the Mac App Store

I don't care if they want to make this the default option (it practically is already), so long as they allow users to disable the protections and take responsibility for their actions (unheard of these days, I know). As it is today, you can boot into Options on the M1 Macs and allow certain software that is normally blocked. Protect those that wouldn't notice a difference, while offering freedom for those that would. Of course, the MacOS platform has always allowed more freedom versus iOS/iPadOS. I don't know how Apple could implement a similar scheme on their mobile platforms.

 

[brofkand]

The answer is that much like essentially every problem in life, there is no perfect solution. You try to weight pros and cons and come up with something that works reasonably well. And not everyone will agree and they will hopefully not spend too much time arguing on forums.

LOL fat chance on your last sentence!

 

[zakarhino]

Please provide this data

Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks

Brokers of so-called zero day exploits are paying out more for Android than iOS—which would have been unthinkable until recently.

www.wired.com

Google's security measures on Android have slowly been getting better and better over the years, one of the big reasons why is that Android's core is open source and thus a greater number of developers have had an opportunity to find bugs and zero days.