Apple's Craig Federighi Says Sideloading on iPhone Would Open the Floodgates to Malware

[cult hero]

As I’m sure many have noted, he’s not wrong.

Somehow though, Macs continue to function. People who override security settings come in two forms:

1. People who know what they’re doing.

2. People who can’t be bothered to consider consequences.

What’s the problem exactly? My experience with ”average” users is that they really don’t want to break things. If you have to dig through 3 menus and deal with a big red warning, the vast majority of the population will be like. “Nah.”

He’s technically correct, but the reality is this just the window dressing for control and profit. My parents are never going to side load. Ever.

 

[Naraxus]

Yeah because you have proof of that right? Of course you do not !
Android is full of malware and dodgy apps, your hypocrisy is so stinky I can smell it from back here!

Do YOU have proof of what you're claiming?

 

[nitramluap]

The Mac doesn’t have these issues. Sure android has malware from time to time, but are the floodgates really open? Nope. Give the users the choice and if they side load and their phone craps out, limit warranty or something.

The scale is just a little smaller for the Mac….

 

[Mockletoy]

As I’m sure many have noted, he’s not wrong.

Somehow though, Macs continue to function. People who override security settings come in two forms:

1. People who know what they’re doing.

2. People who can’t be bothered to consider consequences.

What’s the problem exactly? My experience with ”average” users is that they really don’t want to break things. If you have to dig through 3 menus and deal with a big red warning, the vast majority of the population will be like. “Nah.”

He’s technically correct, but the reality is this just the window dressing for control and profit. My parents are never going to side load. Ever.

Saying they are keeping me or you from loading up a DOS emulator to play old games and fiddle with old software for fun is for our own good, for our security, is about like saying, "Why on earth would you be against protecting little children??" to anyone who is against on-device CSAM. It's total BS.

 

[dwaltwhit]

But why can't that app be available on the App Store?

If it's an app that does something funky to your phone via the use of private APIs, then there's a reason it isn't on the App Store. Apple restrict the use of private APIs because either they aren't fully functional yet, or they're unsupported and might change in future, rendering existing apps inoperable. That's a terrible experience for the consumer.

I agree with you. I would not be a sideloader, but in an effort to appease sideloaders as well as people that just think the ability should be there, be it citizens or government agencies, could this be a solution?

 

[Naraxus]

Because it is not YOUR software !
Also I have proven my point so accept it and move on.

So far all you've proven is ignoring posts calling on you to back up your claims. You have stated repeatedly that Android is full of malware/scam apps etc but have provided nothing more than "Search Google" for your sources. Quick tip, but that's not a source. A source would be The Verge, Anandtech etc.

So once again I'll ask, can you provide a reputable source that backs up your claims of rampant malware/scam apps on Android?

One more tip, it's not up to us to prove or disprove your claims. That's for you to do since you're the one making them.

 

[techwhiz]

No, see my other posts. Side loading is wrong as what you basically mea is that you wish to free load and are too greedy to get your wallet out and pay for things!

So you presume that all that want to side load are thieves.

 

[mox358]

I just installed a little open source utility on my MBP yesterday that changes the way fonts are displayed on non-Retina external monitors. It's free, just something some guy made to ease a pain point he, I, and many others have come up against. It's not signed, because, as he put it, "I'm not going to pay Apple $100 a year to be able to give this away to people."

I don't blame him.

That’s fair, but how often are you hooking up external monitors to your iPhone? These are different devices meant for different purposes and while this is legit, it’s also so much of an edge case. We’re dealing with giant companies and billions of dollars. OSS developers giving away system utilities is probably never going to happen on iPhone.

Also, if you screw up your iPhone downloading a utility that changes the text rendering, is Apple going to fix it? Is Epic if you get it from them? You’re smart enough to fix it yourself, most iPhone users cannot.

 

[Mr.PT]

Maybe nonsense to you because you don’t understand. An opening is an opening, no matter how large. I don’t think most people were opposed to the idea of stopping the spread of child pornography — it was the idea that scanning would have created the potential for problems by needing an opening to accomplish it.

Side loading would require an opening in the OS, and this has the potential for creating problems.

If you oppose CSAM scanning, you should automatically oppose side loading of apps.

Exactly why Apple can’t seriously implement CSAM. It’s a conceptual aberration.

 

[Mr.PT]

Freedom of choice? I don’t know anyone forced to buy an iPhone or iPad.
If you want to tweak and mood your hardware and software you really have to look elsewhere. It’s simple and can’t see the problem. Don’t like the rules? Fine, you have plenty alternatives.
That said, real issue to Apple is this would kill appstore. The contradictory CSAM scanning proposal was a huge shot in it’s inner conceptual core…can’t understand

 

[Mockletoy]

Freedom of choice? I don’t know anyone forced to buy an iPhone or iPad.
If you want to tweak and mood your hardware and software you really have to look elsewhere. It’s simple and can’t see the problem. Don’t like the rules? Fine, you have plenty alternatives.
That said, real issue to Apple is this would kill appstore. The contradictory CSAM scanning proposal was a huge shot in it’s inner conceptual core…can’t understand

If sideloading would kill the App Store, then how does the Google Play store still exist after all these years?

 

[Wildkraut]

Sounds like Craig Federighi is getting old and senile, it’s about time to retire, his gray hair speaks for it.

 

[mr_user1]

A) no one is forced to sideboard
B) just make it an opt in toggle hidden in some developer settings that no average user is ever going to bother even opening and maybe add like two ARE YOU REALLY SURE YOU WANT TO ENABLE IT pop ups.

Social engineering attacks are a hell of a thing. “Regular” people will do some crazy things just because someone else tells them to.

 

[Juraj22]

Put down the shovel. You clearly have no understanding of the current state of OS security.

Current security in Android, iOS, Windows is good, but not perfect. Every other day you can find some CVE reports in each system. This is what we get when most of the software is based on C languages. But that is not the point. Even if OS is bulletproof, this is not a barrier for scam apps. They are on iOS, much more on Android, windows does not have mobile OS anymore, so lucky Microsoft. Security is not a replacement to trust.

Also from developer point of view, side loading is a nightmare. Door open to piracy. How many apps on android are just repackaged and signed again and posted to store again. Many. That is a big problem. So far, this problem is a lot smaller on iOS. Nowadays not many users jailbreak. It is console like platform. Developers like that. Each platform owner wants to have a control over the apps installed on system, because primary reason is to make profit from it. This is why companies exists. To make profit.

 

[jaysapple]

Europe is really annoying. Like just let companies be

 

[Craigwilliam]

I think if you made a Mac OS style check box then you would allow a choice. You also have the whole "trusted developers" thing, however that works.
I think they could take steps towards doing this safely, or safe enough. Besides anyone who would be able to or want to sideload the iPhone with apps probably understands the risks.

 

[Admiralbison]

He is 100% right. Sideload destroy iOS.

No, it doesn’t. I use to side load all the time.

Sideload destroys Apple’s 30% App Store cut.

 

[mrochester]

Fundamentally the libertarians in here want to be able to sideload on iOS and to hell with any potential consequences for others.

 

[TheToolGuide]

Apple's software engineering chief Craig Federighi today expressed his opposition to a provision in Europe's proposed Digital Markets Act that would require the iPhone to allow sideloading of apps outside of the App Store.

Speaking at the Web Summit conference in Portugal, Federighi said sideloading would result in the "floodgates" opening to malware.

Federighi said that while the Digital Markets Act has an "admirable mission" to promote competition and ensure that users have choice, he believes that the provision requiring sideloading would be a "step backwards" that takes away a user's choice of a "more secure platform" in iOS compared to Android.

"As an engineer who wants iPhone to stay as secure as possible for our users, there is one part I worry about, and that's the provision that would require iPhone to allow sideloading," said Federighi. "In the name of giving users more choice, that one provision would take away user's choice of a more secure platform."

Federighi addressed a common suggestion that Apple should at least give users an option to allow sideloading, arguing that even if users have no intention of sideloading, they could be "routinely coerced or tricked into doing it."

Many of Federighi's talking points were ones that Apple previously touched on in an in-depth document shared last month.

A replay of Federighi's appearance is available on LinkedIn.

Article Link: Apple's Craig Federighi Says Sideloading on iPhone Would Open the Floodgates

Yep, this is exactly why you can't side load in macO—erm…

Craig has already addressed this and has gone on record stating that macOS has way more issues with malware and privacy issues that don’t exist on iOS.

 

[Wildkraut]

Craig is purely speaking for own profit, monopoly, anticompetition and nothing else.

As i said multiple times, my now nearly 80ys old parents with zero computer knowledge never got Android malware. Apples AppStore itself is full of shady apps, fooling users with security through obscurity and false safety. I’m sure the EU and other countries will continue to recognize the BS Apple lemmings keeps preaching.

What’s next Apple? Gonna start to misuse iCloud Private Relay and limit what people can browse on the web? For security reasons of course! I bet this is part of their long term plans, too. With their Browser Engine restrictions and iCloud Private Relay they are very close to it.

 

[TheToolGuide]

It’s a fair point, but the option should be given to the people who purchase the hardware.

If they want to implement limitations on warranty coverage or support, that’s their perogative.

Nope, if you want a piece of hardware that you can sideload there are android phones that will do it just fine.

Crying that you want an iPhone and all its perks but refused to acknowledge its stable because of their strict rules and then refusing to just buy and android is your problem.

If sideloading is so great you can do that now. If you think Apples doing it because they want their 30% cut then vote with your wallet and buy an Android.

 

[Wildkraut]

Nope, if you want a piece of hardware that you can sideload there are android phones that will do it just fine.

Crying that you want an iPhone and all its perks but refused to acknowledge its stable because of their strict rules and then refusing to just buy and android is your problem.

If sideloading is so great you can do that now. If you think Apples doing it because they want their 30% cut then vote with your wallet and buy an Android.

We don’t need to vote, worldwide competition rules and laws with take care of this soon.

 

[mrochester]

Craig is purely speaking for own profit, monopoly, anticompetition and nothing else.

As i said multiple times, my now nearly 80ys old parents with zero computer knowledge never got Android malware. Apples AppStore itself is full of shady apps, fooling users with security through obscurity and false safety. I’m sure the EU and other countries will continue to recognize the BS Apple lemmings keeps preaching.

What’s next Apple? Gonna start to misuse iCloud Private Relay and limit what people can browse on the web? For security reasons of course! I bet this is part of their long term plans, too. With their Browser Engine restrictions and iCloud Private Relay they are very close to it.

If Apple allow sideloading on iOS and there follows an increase in malware and fraud, then what?

 

[Realityck]

Some of us have enough sense not to visit a bunch of shady websites and "run any random program" we find on the internet.

Its more fitting to put the blame on search engines that don't verify questionable sites like google search. Change your search engine so to reduce chances of going to a shady website.

 

[ACHD]

Apple's system isn't perfect, but for the most part, it works. Keep the loop closed!

Okay….. but you can just not use the side load feature.

Keeping your loop closed.


What someone else installs doesn’t exactly affect you. If someone else wants to open their device up. They can.

You can choose to not side load anything.