Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Illinois Floats Bill That Would Let Developers Skirt Apple's In-App Purchase Rules

rhett7660 said:
That is the problem we are talking about people. As we have seen from online forums or social media, the world is full of people who are not up to par when it comes to technology.

I am wondering if someone sideloads an app and it does something, likes takes money etc, if Apple will be on the hook or once you side load, it is all on the individual?
Click to expand...

Is Google responsible today if that happens on Android?
 
  • Like
Reactions: TheYayAreaLiving 🎗️
dk001 said:
That’s playing the “what if” game and assuming that side loading would be a big thing amongst the elderly. Something I personally doubt.
Click to expand...
You doubt that malicious actors would target iPhone users if sideloading was available? Well, someone has to be the optimist, I suppose.
 
  • Like
Reactions: strongy
Unregistered 4U said:
You doubt that malicious actors would target iPhone users if sideloading was available? Well, someone has to be the optimist, I suppose.
Click to expand...

Very different question.
There are actors who will try any avenue available.
The question here was if seniors/elderly would actually sideload and if that would lead to a big increase in scamming etc….
 
Unregistered 4U said:
Agreed! Which is why Apple requiring downloads from the App Store is preventing scams that are enabled by sideloading. If the avenue (sideloading) isn’t available, the scam can’t happen.
Click to expand...

Agree however that would be a very small part at best. That's my point. Bigger reason why I was trying to find some number on the Android side on who (numbers) sideloads. Personally I don't see the elderly doing much of this.
 
dk001 said:
Agree however that would be a very small part at best. That's my point. Bigger reason why I was trying to find some number on the Android side on who (numbers) sideloads. Personally I don't see the elderly doing much of this.
Click to expand...

True... I don't think the elderly will purposely go out and sideload something.

But if they are *tricked* into downloading a malicious app... that's the danger.

They could get a scam text message... with a link to a shady but convincing website... with the words "Click here to download XYZ app"

I'm not sure what kind of safeguards Apple would put in if they are forced to allow sideloading... but the possibility for abuse would be much higher than it is now.

Right now you can't download a scammy app from some random website. And I kinda like that.

:)
 
  • Like
Reactions: iOS Geek, strongy, Kierkegaarden and 2 others
dk001 said:
Agree however that would be a very small part at best. That's my point. Bigger reason why I was trying to find some number on the Android side on who (numbers) sideloads. Personally I don't see the elderly doing much of this.
Click to expand...
The number of people scammed would be very small at best? Well, I guess someone has to be the optimist.
 
Michael Scrip said:
True... I don't think the elderly will purposely go out and sideload something.

But if they are *tricked* into downloading a malicious app... that's the danger.

They could get a scam text message... with a link to a shady but convincing website... with the words "Click here to download XYZ app"

I'm not sure what kind of safeguards Apple would put in if they are forced to allow sideloading... but the possibility for abuse would be much higher than it is now.

Right now you can't download a scammy app from some random website. And I kinda like that.

:)
Click to expand...
Provided this sideloading is offered, I would hope Apple does at a minimum what Android has for sideloading security.
 
  • Like
Reactions: Michael Scrip
dk001 said:
Why do folks keep saying that? It isn't as simple as "closed (Apple) and open (Android)".
I don't want iOS like Android. I would however love to be able to have more app options and more places to buy from than just the controlled selection in the App Store. A more flexible app supply chain would be, IMO, a benefit.
Click to expand...
The thing you are forgetting is, "When you ask for rain you have to deal with the mud."
 
  • Like
Reactions: iOS Geek, strongy and I7guy
dk001 said:
I agree it changes things. And yes, it is far from simple.
Click to expand...
I wish most would understand that. Many believe it's either already written/tested/working in some lab waiting for the day to be approved and "boom!" its in the next iOS update.
dk001 said:
On that aspect we differ. I don’t see Apple longer as creating that security/privacy leading system that has been marketed and alluded to.
Click to expand...
Again, never said it was perfect. It isn't. It's better by default due to it not having access by all these other means. You have to go to the store, one doorway in to the system (garden). The walls are high, but again nothing is perfect.
dk001 said:
In regards for supporting 3rd party stores … why would they?
Click to expand...
They wouldn't want to for sure. But, there could be laws that "force" them too.
dk001 said:
That would be the responsibility of the 3rd party. Just like most apps today, if it breaks on an OS update, it is the app creator who (in most cases) who has to come up with a fix. Not Apple.
Click to expand...
Most cases is not all. If Apple makes a mistake, its one thing. If Apple is found to have done something to break it, there will be lawsuits. This is a flip of a coin type situation. As in the gray space, Apple could be trying to fix a serious problem, and that solution breaks a 3rd party App Store. Or the apps from that store. A problem that didn't exist before is now an issue that regulators can deem on purpose by Apple to break 3rd-Party stuff. While claiming it is a critical update to prevent the next major wave of whateverWARE that comes. Whom do we believe is telling the truth?
dk001 said:
End of the day, if sideloading is forced on Apple, or if they adopt a version of it voluntarily, it is up to the user to use it or not. Most won’t. Some will.
Click to expand...
While on the surface this is the case. The reality is very different. Example. Say you purchase a firewall from company A. You only allow 443 traffic in and out and that's it. Everything else is blocked/off/disabled. As expected you're only vulnerable to what comes in on that port. And of course the vulnerabilities of the firewall. I.E the port is the AppStore, and firewall being iOS in this example.

Now, you are forced to open up port 80 (3rd party store access). You can wall it off to exactly the location you want, the server or workstation you want etc. You can even turn it off by default, and allow it when you want it with a simple toggle switch. Great, everything is fine. We can all live with our existing secure method of getting apps. And if "we" as an individual decide to go with this 3rd party store. We can toggle a switch and we are granted that access. Wonderful, solves all the issues right? Well, no.

Since the original firewall has vulnerabilities, as all computer things do in this world. You have to protect, and patch that firewall at all times (iOS). It's what's keeping out all the mess in the world from affecting your systems behind it. It's a task in and of itself to do well. However, you at least had a very limited way in when just 443 was open. You maybe vulnerable to exploits over port 80 as the device is vulnerable to it. BUT, you never had that port on to begin with. Basically, the feature of having port 80 "their" wasn't enabled. It did not exist in the code of iOS. To the firewall, the option isn't even there. Its like it doesn't even understand what port 80 is. It only knows what port 443 is. Nothing else existed. Now, you have something there, the firewall knows about port 80, and its vulnerable to an attack on port 80. Your iOS device maybe toggled off on 3rd party appstore/sideloading. But, the OS is accepting traffic on that port and is vulnerable to the right exploit. Maybe it takes one text message or email, or link to enable that toggle on your device. And until Apple is aware and fixes the vulnerability. You're exposed. Doesn't mean you will get hacked, it means you're more likely to. Even if you didn't want to turn that switch on in the first place. The OS you use now has another way in. Even off. Since no software is perfect either. And you can bet that the hackers of the world will want to be first to crack in. It's too big a target to not try.
dk001 said:
What I find disheartening, is your apparent understanding of the Android world.
Click to expand...
I'm ok with that.
dk001 said:
Superfragmented is not a result of sideloading or payment systems. Why you attempt to use this to support your argument makes that plain.
Click to expand...
I didn't realize I had. I didn't believe I stated that Superframentation is a result of side loading or payment systems. I believe I stated it as a reason for choice. You can choose from say a Pixel phone or a Samsung phone and get all the updates as they are released. Or you can pick some cheap-Bepo android OS phone and maybe not get those updates or patches in a timely manner. You have a choice. You can pay less and get less, you can pay more and get more. Or you can go closed off (by choice) to Apple. And I for one don't feel as those Apple should be forced to play in someone else's playground if they don't want to. They are free to try and survive in a walled garden so long as they are not breaking any rules to do so.
 
  • Like
Reactions: strongy
djphat2000 said:
I wish most would understand that. Many believe it's either already written/tested/working in some lab waiting for the day to be approved and "boom!" its in the next iOS update.

Again, never said it was perfect. It isn't. It's better by default due to it not having access by all these other means. You have to go to the store, one doorway in to the system (garden). The walls are high, but again nothing is perfect.

They wouldn't want to for sure. But, there could be laws that "force" them too.

Most cases is not all. If Apple makes a mistake, its one thing. If Apple is found to have done something to break it, there will be lawsuits. This is a flip of a coin type situation. As in the gray space, Apple could be trying to fix a serious problem, and that solution breaks a 3rd party App Store. Or the apps from that store. A problem that didn't exist before is now an issue that regulators can deem on purpose by Apple to break 3rd-Party stuff. While claiming it is a critical update to prevent the next major wave of whateverWARE that comes. Whom do we believe is telling the truth?

While on the surface this is the case. The reality is very different. Example. Say you purchase a firewall from company A. You only allow 443 traffic in and out and that's it. Everything else is blocked/off/disabled. As expected you're only vulnerable to what comes in on that port. And of course the vulnerabilities of the firewall. I.E the port is the AppStore, and firewall being iOS in this example.

Now, you are forced to open up port 80 (3rd party store access). You can wall it off to exactly the location you want, the server or workstation you want etc. You can even turn it off by default, and allow it when you want it with a simple toggle switch. Great, everything is fine. We can all live with our existing secure method of getting apps. And if "we" as an individual decide to go with this 3rd party store. We can toggle a switch and we are granted that access. Wonderful, solves all the issues right? Well, no.

Since the original firewall has vulnerabilities, as all computer things do in this world. You have to protect, and patch that firewall at all times (iOS). It's what's keeping out all the mess in the world from affecting your systems behind it. It's a task in and of itself to do well. However, you at least had a very limited way in when just 443 was open. You maybe vulnerable to exploits over port 80 as the device is vulnerable to it. BUT, you never had that port on to begin with. Basically, the feature of having port 80 "their" wasn't enabled. It did not exist in the code of iOS. To the firewall, the option isn't even there. Its like it doesn't even understand what port 80 is. It only knows what port 443 is. Nothing else existed. Now, you have something there, the firewall knows about port 80, and its vulnerable to an attack on port 80. Your iOS device maybe toggled off on 3rd party appstore/sideloading. But, the OS is accepting traffic on that port and is vulnerable to the right exploit. Maybe it takes one text message or email, or link to enable that toggle on your device. And until Apple is aware and fixes the vulnerability. You're exposed. Doesn't mean you will get hacked, it means you're more likely to. Even if you didn't want to turn that switch on in the first place. The OS you use now has another way in. Even off. Since no software is perfect either. And you can bet that the hackers of the world will want to be first to crack in. It's too big a target to not try.

I'm ok with that.

I didn't realize I had. I didn't believe I stated that Superframentation is a result of side loading or payment systems. I believe I stated it as a reason for choice. You can choose from say a Pixel phone or a Samsung phone and get all the updates as they are released. Or you can pick some cheap-Bepo android OS phone and maybe not get those updates or patches in a timely manner. You have a choice. You can pay less and get less, you can pay more and get more. Or you can go closed off (by choice) to Apple. And I for one don't feel as those Apple should be forced to play in someone else's playground if they don't want to. They are free to try and survive in a walled garden so long as they are not breaking any rules to do so.
Click to expand...
Thanks for the replies :)

For privacy, I am not seeing anything that makes iOS 15 better from a security/privacy perspective than Android 12. I am not looking at OEM mods to Android.

If Apple is forced/required/volunteers to allow 3rd party (sideload), I would expect their solution to be at least on par with Android 12.
 
Michael Scrip said:
True... I don't think the elderly will purposely go out and sideload something.

But if they are *tricked* into downloading a malicious app... that's the danger.

They could get a scam text message... with a link to a shady but convincing website... with the words "Click here to download XYZ app"

I'm not sure what kind of safeguards Apple would put in if they are forced to allow sideloading... but the possibility for abuse would be much higher than it is now.

Right now you can't download a scammy app from some random website. And I kinda like that.

:)
Click to expand...
Exactly. Knowing that I have a wall around me to prevent this makes me more comfortable using iOS devices in general if I’m online.

If a hole is created in the wall to allow side loading, you essentially have no more wall.

Since security was one of the main focuses when the iPhone was created, how can a state demand that they remove this point of differentiation?
 
  • Like
  • Haha
Reactions: strongy and dk001
Kierkegaarden said:
Exactly. Knowing that I have a wall around me to prevent this makes me more comfortable using iOS devices in general if I’m online.

If a hole is created in the wall to allow side loading, you essentially have no more wall.

Since security was one of the main focuses when the iPhone was created, how can a state demand that they remove this point of differentiation?
Click to expand...

Leave the App Stores out of things and you will find that when it comes to privacy and security iOS and Android are neck and neck (OEM fiddling can mod that). Sideloading on Android is locked UNLESS the user deliberately opens it.
Still have your walled garden as long as you leave the door locked.

Then again you could just jailbreak …
 
dk001 said:
It has relevance when scamming, phishing, etc, are alluded to being the biggest threat if sideloading was allowed. It would be a minor blip if that.
Click to expand...
Apparently you are unfamiliar with the android platform which is so prevalent with that very issue that most new android phones ship with preinstalled antivirus software, so no it would not be a minor blip and we have years of historical data from the android side to know that.
 
  • Like
Reactions: strongy
Aeryn2020 said:
Apparently you are unfamiliar with the android platform which is so prevalent with that very issue that most new android phones ship with preinstalled antivirus software, so no it would not be a minor blip and we have years of historical data from the android side to know that.
Click to expand...

Might want trot this out filtering for Android 11 and 12 excluding OEM installed non-default-Android apps.
I am very familiar with Android. Thx.

btw - what does that have to do with sideloading?
 
dk001 said:
Thanks for the replies :)
Click to expand...
No problem. I enjoy the discussions.
dk001 said:
For privacy, I am not seeing anything that makes iOS 15 better from a security/privacy perspective than Android 12. I am not looking at OEM mods to Android.

If Apple is forced/required/volunteers to allow 3rd party (sideload), I would expect their solution to be at least on par with Android 12.
Click to expand...
Again, Apple isn't Google, and on par will not be there stated goal. They expect and can provide "better" than that. Which is what we currently have. Moving to a more open standard (Best way I can state that). Is not the most secure option.
 
jonblatho said:
That’s too bad. Lock up the people doing the scamming, of course, and hopefully some form of restitution can be provided to the victims, but failure to have the modicum of common sense necessary to protect oneself can have very real consequences.

And again, there’s absolutely nothing stopping these scams from being perpetrated today in a web browser. I’d argue it’s significantly easier to execute these scams over the web. No one wants to write an entire app to scam people — it’s much easier to email people a link that shows them a fake login form or whatever.

Of course, Apple itself has repeatedly shown that it’s happy to approve scam apps in the App Store charging $50/mo to use a calculator as long as they get their cut of the revenue, so.
Click to expand...
They are in foreign countries and claim to be Microsoft most of the time, or they are x law enforcement agency and their computer is being used to scam other people, so if they can just go to X site and give them control they can clean them up. Other scams say they are due rebates but by mistake they sent too much.....
 
  • Like
Reactions: Unregistered 4U
DaRev said:
They are in foreign countries and claim to be Microsoft most of the time, or they are x law enforcement agency and their computer is being used to scam other people, so if they can just go to X site and give them control they can clean them up. Other scams say they are due rebates but by mistake they sent too much.....
Click to expand...
You’re not telling me anything I don’t already know. The problem is that I have the basic literacy to know that none of that ********* they ask people to do makes any sense and therefore to hang up immediately, if I answer in the first place given that I ignore unrecognized/unknown numbers.

All this mostly about a generation that loves to whine about younger ones not having enough personal responsibility when they can’t even do their due diligence to make sure that they’re not getting scammed before running to CVS to try to buy $4,000 in Amazon gift cards.
 
jonblatho said:
You’re not telling me anything I don’t already know. The problem is that I have the basic literacy to know that none of that ********* they ask people to do makes any sense and therefore to hang up immediately, if I answer in the first place given that I ignore unrecognized/unknown numbers.

All this mostly about a generation that loves to whine about younger ones not having enough personal responsibility when they can’t even do their due diligence to make sure that they’re not getting scammed before running to CVS to try to buy $4,000 in Amazon gift cards.
Click to expand...
They put up an unstoppable pop up with a scary warning, and old people in there 70’s don’t know better. So good for you but you are the minority
 
  • Like
Reactions: dk001
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back