Apple's Craig Federighi: Mac Not Meeting the Bar for Customer Protection

[brofkand]

If your security model relies on users being knowledgeable and careful, it is going to fail a lot of times.

Why do companies restrict Windows computers instead of educating users?

Companies with good IT Policies do both. They educate their users and restrict the most likely vector of attack. And they restrict their macOS and iOS devices too with MDM solutions like JAMF.

But companies, especially big companies, have a lot at risk that your average consumer that just wants to play Fortnite or stream their Xbox games doesn't have to worry about.

 

[DummyFool]

It's an admirable logic. Because we want to make something idiot proof we cannot let anybody in our walled garden and therefore our Monopoly is justified. That is Apple's logic and there is some logic to it.

To my knowledge there never has been a case like this. I think whatever the outcome of it there will be an appeal and a long legal struggle. Unless maybe Apple win and then kiss up a little to Epic to make it go away.

 

[brofkand]

Basically, yes that is what they try to achieve.

iOS should be safe out of the box for a 3-year old and an 80 year old. It should be safe for people who can't grasp the difference between "Safari" and a "browser" even though they have been using PCs or Mac for 30 years. It should be safe for my mother who has never used a PC. It should be safe for anyone who doesn't understand what a file system is.

Well it's not, all it takes is an 80 year old to get a phone call from "Amazon technical support" on their locked down and safe iPhone.

 

[ipponrg]

The main reason why so many of us download software outside the Mac App Store is because the software isn't in the store. I would love to have every Mac application in the Mac App Store.

I have never published a Mac app, but I have heard it’s on the very painful side of things to keep the apps updated. It’s much easier to have an out of band channel

 

[hans1972]

The point is, you can build a secure OS without locking it down to an appliance level. Apple has done it, as has Microsoft. It's not like you plug in a Mac to the internet today and it's basically immediately infected like Windows 98 used to be capable of.

And yet, iOS is much more secure for regular users than both Windows and Mac.

The Mac suffered 130 unique malware attacks in the last year. Ransomware for the Mac, almost non-existent a few years ago, is on the rise.

iOS has avoided ransomware and has had only one big malware attack in its history which didn't really do anything nefarious.

 

[1258186]

Craig Federighi has just admitted that macOS is a bag of sh*t. You are in charge of macOS Craig so surely you should consider resigning if things are so bad.

 

[hans1972]

I have never published a Mac app, but I have heard it’s on the very painful side of things to keep the apps updated. It’s much easier to have an out of band channel

But as a user I don't care. I want what's best for me, not the developers.

 

[1258186]

Can you imagine what Steve Jobs would have done if he was still here. He would have blown a gasket at all these revelations and fired everyone.

 

[hans1972]

So it shouldn't concern any of you as you will still be able to use the apple store as is.
I mean why you have issue with people using other store for apps while you can still use the one from apple?

Some developers will remove their app from the App Store. This will make me have to choose between dealing with an additional store or forego the app.

Back in 2015 there were already 1500 app stores for Android. In China, if you want a good distribution for your app, you as a developer needs to publish your app in 15-30 app stores.

I don't want anything related to such fragmentation. Just one store for everything.

 

[quarkysg]

There is evidence that there may be more vulnerabilities in iOS despite it being less open than Android: https://onezero.medium.com/is-android-getting-safer-than-ios-4a2ca6f359d3

Obviously this is difficult to say for certain, but there is something to be said for the more open nature of Android making it easier to discover vulnerabilities. It's a major part of the FLOSS movement.

Security is always a moving target and is extremely hard to get right. And even the 'getting right' part is also a moving target. Organisations spend millions hardening their IT environment and they still get hacked, and those are mostly static IT equipments. So it's always an arms race between the provider and the attacker. The aim is always to reduce the attack surface.

Btw, the darwin kernel used by iOS and macOS is open sourced.

 

[hans1972]

Why 'Zero Day' Android Hacking Now Costs More Than iOS Attacks

Brokers of so-called zero day exploits are paying out more for Android than iOS—which would have been unthinkable until recently.

www.wired.com

Google's security measures on Android have slowly been getting better and better over the years, one of the big reasons why is that Android's core is open source and thus a greater number of developers have had an opportunity to find bugs and zero days.

You have to take into account the demand for exploits also. Android are in many countries a better target than iOS.

If you look at the "price list" you will see iOS exploits generally pay just a little more.

 

[germinator]

If Apple loses, it will be the end of a secure platform. Various companies, game publishers and banks will begin to force you to install applications from their stores. there will be 100 different stores and a total mess.

Ridiculous. Completely unfounded statements. Apple troll.

 

[hans1972]

You’re right, this is a helpful quote! It turns out iOS devices are children’s toys. Well, I don’t appreciate Federighi insisting that I, an adult, need kid-gloves to use my iPhone. I guess I bought the wrong kind of product?

Did you miss the whole post-PC devices Steve Jobs talked about? Personal computers were trucks for specialised use. The iPad and iPhone were computing devices for regular people.

Apple has almost always in its entire history prioritised the normal users without special skills over the expert.

 

[cmaier]

I would prefer if they would allow others stores even on IOS but with each apps/store within their own secure enclave (to my undestaning ARMv9/M2 makes it easy to implement)

No, that’s not at all what ARMv9 enables.

 

[thislsmadness]

Ridiculous. Completely unfounded statements. Apple troll.

Not necessarily.. The Epic's expert witness holds up Android in China as the "ideal" market for app store competition -- there are 400 app stores there.

 

[hans1972]

So iOS users are stupid? I just despair at the lengths people will go to defend this thing.

Yes, they are when it comes to handling security and good behaviour. They are not experts, they are just users.

I am an imbecile when it comes to plumbing. I use a plumber to make all my plumbing decisions. In fact, I don't even want to be involved. I just say: do whatever you think is best.

Creating a great computing experience with little friction and very good security is just like that. Apple you are the expert: do whatever you think is best.

 

[techfreak23]

During questioning, Federighi was asked why app stores on iOS shouldn't work like the Mac, where apps can be installed via the Mac App Store or from third-party sources.

People don't seem to understand that macOS and iOS were designed with two different paradigms in mind. macOS also has had to over its lifetime compete with other desktop/laptop OSs like DOS, Windows, Linux, etc., so limiting the ability to install anything did not make sense. Not saying that's exactly why, but likely a factor. They probably didn't even have an idea of an App Store back then. They didn't even have the App Store when the iPhone first launched. Steve Jobs thought the future would be web apps through Safari, so we're even lucky to have an App Store at all. They released the App Store about a year or so later after the iPhone. Apple had no obligation at that time to open up their product at all, and they still have no obligation to do so today. If they licensed iOS to other hardware vendors like Google does with Android, there would definitely be more of a case here, but that's not the case. The only license is to the end user that purchases the device.

 

[hans1972]

I wonder why that is? The dystopian nightmare of a locked down Mac is a truly terrible thought and will drive many users onto Windows.

Developers don't want to pay 30% (or 15%) to Apple. This is a case where developers choose what's best for them and they are allowed so by Apple.

I don't care about developers and would like for them to pay whatever Apple demands so their application is in the Mac App Store.

 

[hans1972]

Well it's not, all it takes is an 80 year old to get a phone call from "Amazon technical support" on their locked down and safe iPhone.

Safe doesn't mean foolproof protection from social engineering.

But those people on the other side can't get the 80 year old to install an app which lets them take full control of the iOS device as they could on a Mac, Windows or Android device.

Also calling people doesn't scale easily with a low costs as a rogue app does.

 

[MartyvH]

Unlike many here on MR, I grew up on Windows and my professional background is Windows. For the love of god, let's keep at least one platform where malware is not allowed to take hold. The malware situation on Windows has always been horrible and there is much more personal data on a phone.

Please!

 

[techfreak23]

He's telling the court that, if they could've built the Macintosh ecosystem from the ground up again (like they did with iOS in the mid-2000s), they'd have done it the way they did with iOS.

Computers are legacy tech and come with consumer expectations (installing your own software, willingly making your machine more vulnerable to malware, spyware, ransomware, etc.) that are simply outdated for the purposes of modern cybersecurity.

It isn't a "dig" at MacOS -- it's an acknowledgement that it's really hard to build a computer that's secure.

You said it much better than I did, but YES. People don't understand the fundamental differences between a computer and your phone or tablet. How could one expect a device that was invented decades after the first personal computers became popular and about 15 years after the internet to be the same or similar? Lessons have been learned in that time that they were able to work into iOS from the ground up. Apple has tried to bring some parity regarding security (obviously design elements too) between the two systems over the last 5 years, but I don't believe they'll ever lock it down like iOS.

 

[techfreak23]

There’s actually a very, very simple solution to this problem that I’m surprised no one has brought up.
before, you could use X code on the Mac to put an application, even one that isn’t on the App Store, on your iPhone/iPad.
so just open it up to where, if someone has Xcode installed on their Mac, and epic is willing to provide the file, you can use X code to open the file and add the file to your iPhone as an app.
that way, for 99.999999999% of people, the iPhone stays exactly the same. You only have one App Store, you can’t download apps directly off of the Internet, but also epic has the option to provide their application outside of the App Store if they really, really want to.
it’s just that they will lose access to the majority of customers that don’t have a Mac, and they don’t have Xcode installed on that Mac.
so this would be an amazing compromise in my opinion. It would technically give customers another way to install applications outside of the App Store, while not actually opening up the iPhone.

You can already do this... it's called having a Developer account...

 

[hans1972]

How many of those 130 malware attacks were intercepted by your security software? What about all the exploits we keep reading about that have been secretly sitting in iOS for years unfixed until someone goes public with their findings.

Also you are ignoring all the scam apps where people have lost thousands of dollars downloading apps in the AppStore.

The biggest one infected 300 000 Macs.

There were 130 different kinds of malware who probably tried to attack millions of Macs.
How many where stopped before they infected we don't know.

Also most of the malware are almost impossible to discover for security software since they are installed willingly by the user and they behave like normal programs.

The number of scam apps on iOS are low compared to the number of apps which exist. Also the App Store-model allows Apple to render those apps un-launchable after the fact which they wouldn't be allowed to do if they had been downloaded from another store.

 

[hans1972]

Companies with good IT Policies do both. They educate their users and restrict the most likely vector of attack. And they restrict their macOS and iOS devices too with MDM solutions like JAMF.

But companies, especially big companies, have a lot at risk that your average consumer that just wants to play Fortnite or stream their Xbox games doesn't have to worry about.

Most companies just lock down their hardware and do very little mandatory computer security training.

I would argue that iOS users have at least the same risk as enterprise users if not more.

Federighi argued the high risk for iOS users. They are very attractive users as a class and an exploit can reach tens of millions or even hundreds of millions.

“iPhones are very attractive targets. They are very personal devices that are with you all of the time. They have some of your most personal information: your contacts, your photos, but also other things” “They have cameras on them, microphones’ and they are capable of knowing your location.”

 

[MacBookGamer]

I’ve never gotten a Mac virus.