Sideloading Bill Would Allow 'Malware, Scams and Data-Exploitation to Proliferate,' Says Apple

[laptech]

Sideloading 'could' work only as long as those who host the apps do proper vetting of the apps they have on their server because this has been a problem with the digital tech industry for years, many refuse to implement vetting and security checks because it's very time consuming and very costly. Just look at how much fight back Google, Facebook, Twitter, Youtube, Ebay, Amazon have given to countries governments with the governments telling them they must have better checks and vetting in place. Youtube and Ebay specifically have fought back hard for years against having stronger vetting/checking processes because they know it will cost them financially to do so.

Yes security will be a problem with regards to sideloading but it will only be a problem if those involved in sideloading do not have strong vetting/checking procedures in place.

 

[So@So@So]

Sideloading and 3rd Party App Stores should be allowed.
Sandboxing and developer certificates should also apply to these apps so this apps should be save to use (and can be disabled by revoking the developer certificate, if something bad is detected – what is also the case for apps distributed through the App Store).

 

[thebrightsideoflife]

Hope the bill passes, but I doubt it
And even if it does they’re not gonna roll the change worldwide.

If Microsoft lets you install apps on your Xbox by paying 20 bucks to enable developer mode I’m pretty sure Apple can do it for their “app console”
Pretty sure Xbox users don’t get their data leaked every week

Then I will get back my remote play on MacOS and able to stream my XBox Series X games again for the moment it is only possible on iPad. Apple should lift their restrictions for the only purpose of control as it is using the security argument as a vehicle.

 

[AppliedMicro]

You can’t act like if all users are developers, tech savvy. I already can’t explain my mom how she is always getting those calendar malware in her iPhone, she says “I just clicked. It asked me to allow” Most of the people have no idea what is dangerous and what is not, most users have no idea what is firewall etc.. That’s why people buy iPhones. Because they are “dumb” and they basically have no time or will to deal with some exploits.

…and yet we have „helpful“ sugesstions and buttons that upload almost all of their personal data - including personal passwords - into the cloud (iCloud), most of which can be accessed by third parties (iCloud backup), scan their credit cards with the phone‘s camera, save their credit cards on the device (Apple Pay)…

 

[metapunk2077fail]

Sideloading and 3rd Party App Stores should be allowed.

Write down a list of everything that can and will go wrong.

Then see if your list of everything that is good actually still makes sense.

Crime is a thing. Mafias are a thing. Authoritarian leaders are a thing. They ally every time and they will 100% come after you and your children if you let them trick the public and bribe politicians to open up your personal devices and weaken your security.

They will come after every corner of your life, to extract money and data from everything you do and think. They will promise you freedom and wealth but in reality they will have all the freedom and wealth and you will have nothing. You will lose it all.

 

[AppliedMicro]

Big software companies will implement all of that, because they have the resources to do it and because they know that you, the user, cannot rebel against it, because ultimately you need/want their software

Big hardware companies will implement all kinds of restrictions, because they have the resources to do it and because they know that you, the user, cannot rebel against it, because ultimately you need/want their hardware

Also:

Big hardware companies will implement all kinds of restrictions, because they have the resources to do it and because they know that they, the developers, cannot rebel against it, because ultimately they need/want their platform to sell apps and services on.

 

[Sophisticatednut]

While I appreciate the government trying to do its job to keep companies like Apple honest…I fear sometimes that they are meddling in matters they don’t really understand. Things that will eventually come back to bite us in the rear.

I’m sorry but the truth is the floodgates have always been open, apple are just not honest about it as thy fundamentally lacks the ability to prevent malicious apps from entering the store. As well said in internal apple mail conversation they admitted to it being rampant.

Side-loading makes that scenario many multiples of a chance of happening than remaining locked down. That is the point.

And I honestly don't have faith that iOS is as secure as it "appears" due to the walled garden. I firmly believe that without the walled garden, it will be targeted heavily and expose some bad security issues.

Just like I don't believe macOS is even as secure as Windows, because neither iOS or macOS have been targeted and battle hardened as others have.

The sad part the walled garden is just security by obscurity. Sadly no data backs this assumption and sadly apples own internal mails show this from the epic vs apple mails

almost every tech adept person I know (Working as a software engineer in redmond) uses apple products, and they all hope this fails or at least has some extreme restrictions IE, sideloading on an iPhone should flag the device as permanently insecure. Especially if they are talking about the level of access required to run their own stores or write their own interface layer apis.

People who talk about the sandbox and it’s magic ability to protect have absolutely no clue how isolation or virtualization work.

The entire risk here is using elevated permissions and an exploit to cross into the “secure” part of the device and read its memory and cache and such.

Say whatever you want, but sideloading is an attack vector. And it has more implications than just letting you pick your App Store.

It for example makes it extremely easy for someone to install software on another persons device that is absolutely malicious and would never be on the App Store with ease. Unless apple makes it super obvious when a side loaded app has been installed, it would be super easy to miss, especially with the App Library and the way you no longer need to have every app visible.

For example sideloading a tracking app could end up being as simple as scanning a QR code, and that is terrifying.

Are there downsides to closed systems and walled gardens? Absolutely, but for me and the people i know, it’s totally worth it. Also, people keep acting like iOS is a product like Windows. Please show me where you are buying iOS. At the end of the day it is not a product but part of a product, iPhones. Since when do we design products for companies? They can’t have monopolies on them, and are under no obligation to let ANYONE run apps on them.

The thing is as stated above, it’s already insecure by anything more sophisticated than an obvious scam. Apple have admitted this internally as big problem.
And apple can simply just display a warning print every time an app outside the apple store wants to be installed

If apple wanted, they could just remove the App Store. And partner with the companies they chose to for first party pre installed apps.

And iOS would die that day, and apple knows it.

They can‘t just declare closed operating systems as illegal because a minority wanna use iPhones like android phones. Are we gonna require cars to support app stores and sideloading? Thermostats? Printers? Fridges?

where is the line?

The line is extraordinary easy to draw. iOS provides a market place for competing third part apps to be bought. Cars, printers thermostats etc don’t provide this. And you already can instal custom parts in your car or fridge etc

It’s a question of closed market not closed Operating system.

 

[one more]

I am just wondering about the whole sideloading appeal? I also agree with the others saying that the simplest solution for Apple, if forced, would be making it similar to how it currently works on macOS - the user will have a warning screen, asking them to confirm the install and will need to give their permission for the installation to go ahead.

 

[Starscape]

Since Mac owners can install any software they want, I guess Apple does not feel the same security concerns for them right?

 

[Sophisticatednut]

Out of 2.5 billion android users 50,000 of them downloaded a scam app that's roughly that's 0.002% risk . Apple is closing their system for 0.002% risk. What's an acceptable risk threshold 1%? it's still low.

I agree with you Apple is playing the fear card because they'd lose a lot of money mainly on subscriptions that infested the AppStore. Meanwhile great devs that want to make great FOSS apps for iOS have to pay for an Apple dev account + and a mac computer + time to code.

No no. Apple had a scam app affecting 200 million iOS users in 2015? publicly they said it wa a only a few. Close to 20million in USA was affiliated

 

[Michael Scrip]

Maybe lawmakers should write a "fix the App Store" bill instead of a "forced sideloading" bill.

Though we may be surprised at how quickly Apple cleans up their act if these kinds of changes are required...

In the end we'll all win, right?

 

[Sophisticatednut]

Enlighten me.

How does enabling unknown code not create an attack vector? Most of the work of a hacker or pentester is simply to get code running on a machine, then getting it running in an elevated context, and/or then finding a way to inject or extract data from memory to monitor or modify other running code.

So sure, you might be running in a sandbox, but that doesn’t change how the hardware works, you may be limited in sectors/blocks/registers you may read or write to, but not everything must be done directly. You can use things like buffer overflow to push protected data into unprotected sectors or vice versa, you can manipulate the threading and context switching to potentially prevent the buffers from clearing before you read them, you can find trusted code that can move the data if you can’t.

Software is not infallible, and when it comes to secure computing, and unless you are air-gapped you always have some degree of risk (and when it comes down to it, there are even ways to compromise air-gapped devices though it’s certainly an order or a few magnitudes more difficult). Any time you add a new way to run code on a machine, you add an avenue for exploit. Why do you think so many exploits target javascript or flash back in the day? Because it is the easiest code to get running on the targets machine.

Could they add protections to scenarios like a QR code to sideload an app? Absolutely, but that’s just more engineering costs being pushed on to apple for no reason.

All it takes is a single way to push or pull data across the boundaries or elevate your access, just 1 exploit, and until it’s caught by security researchers and patched, every single device is at risk. There is a reason things like shielded VMs exist. But expecting a phone to have the hardware and performance overhead to run things like shielded vms seems a bit excessive.

Regardless, there has been more than one occasion where hypervisor, ones that were fully implementing hardware virtualization like sr-iov and vt-x/d, etc, were exploitable. VMware, Hyper-V, Xen, etc, all have had security issues at one point or another. We even have seen straight hardware level exploits like specter and meltdown which could read protected data straight out of the cpu cache. And just being honest but I’m pretty confident that any full hypervisor is more secure than your average app sandbox, especially if that sandbox needs pretty deep access to your device (running an app store is not some lightweight activity, since you are also the installer, also don’t forget, the App Store app itself could be the compromised thing, and then every app it installs would in turn potentially be compromised as well).

Ironically Forbes of all people posted a pretty good 5 laws of Cybersecurity, there are lots of versions and variations, but I think this covers the important bits.

1. If there is a vulnerability, it WILL be exploited.
2. There is always a vulnerability. Everything is always vulnerable in some way.
3. Humans trust even when they shouldn‘t.
4. With innovation (and change) comes opportunity for exploitation.
5. If you believe your app/os/device is completely secure, see 1, 2, 3 and 4.

Anything that is going to let you run untrusted code on an iOS device is a brand new avenue for exploits. Yes, right now you can as a developer trust apps you publish, but it’s against the terms of use to use those mechanisms as a means to distribute apps openly, and they do actually shut down developers that openly share their profiles to like beta apps or w/e, so no one has ever really actively done pen-testing through apps that would never pass through the approval process. Because who cares about exploits that can’t be used. It doesn’t matter if you can make an app that can exploit the iPhone because Apple won’t (or at least so far hasn’t) publish it in the app Store. But sideloading changes the game. Suddenly you no longer are bound by what apple will publish, only what you can trick idiots into installing and for that, refer up to 3.

Also, to be clear, I am not saying every device is going to magically get cracked or compromised, just that it’s totally going to increase the attack surface which means it IS going to increase the number of compromised device. All the new potential exploits would either require physical access or tricking the user by embedding it in something they will download, but how many people read security prompts? How many actually listen to them?

Instead of being a strawman, let’s hear the knowledge drop? Please, enlighten me.

I would like to present apple own opinion on the matter that they themselves admit can’t prevent apps using exploits to slip through the review process.

Quote:

Friedman​

Regarding review processes: please don’t ever believe that they accomplish anything that would deter a sophisticated attacker. I consider them a wetware rate limiting service and nothing more.

Side loading changes nothing because the App Store doesn’t prevent the kind of attacks that would benefit the most of it, in the store users already trust the security and have their hard down

 

[michaelprescott]

You’re completely misunderstood everything. iOS have a market for third party developers. MRI and car systems doesn’t. And there is a separate bill right to repair that aims to force John dear or an MRI or ice cream maker to provide tools and guidelines for the owner or third party provider to repair the product they own instead of being forced to use a service technician to unlock what the error codes mean or to run simply diagnostics

Hmm yes I do actually by our lovely Microsoft and Epic have their fee at 10% as well. And compared to what apple provide compared to steam/Microsoft it’s a robbery. Steam allows you to develop any game you want and they make sure it works and a legitimate game before sale. Same with Microsoft allow you to develop any game except adult 18+ material. And apple acts like saint Mary with their mysterious ways.
View attachment 1953562

And tell me how it’s consumers and developers fault that apple don’t hire more people and develop software to better screen the apps instead of putting the money in a pile and cheap out?

No, I haven't misunderstood anything, and am aware of right to repair initiatives as well, but I see it as the same thing. Legislating that businesses find a new way to make money, open up their platforms and devices, and spend the additional time, resources, and money to make the hardware more open.

Whether it is side-loading (providing a way to circumvent the App Store/market, install, run, and access the hardware in a less fettered, less checked, less managed way) or creating the protocols and interfaces for 3rd parties to interact with hardware at a level not previously open to them, it's essentially same ruling. It's not just saying, "let us run our own store". The ability to do this must be built.

We're talking about legislating that companies must spend the effort, time, and resources to open up those systems. Systems that were well planned and intentionally designed to not just generate a profit through a market place, but also provide better security and generally a controlled user experience and thus a particular level of quality, which apparently has been quite profitable, and desirable by most of their users.

We're talking about legislating more open systems. The issue with this is that part of Apple's business plan or Nintendo's business plan or Sony's business plan OR even John Deere's business plan before they invested in these devices and platforms, methods of delivery, and maintenance, was/is to require usage of their services. Epic and other competitors on the software side of this have chosen not to invest in and develop the hardware or infrastructure side of it, but they want all of the benefits of that development. So, they're trying to by-pass their original agreements by having legislators demand more open systems. This will of course require engineers to actually open up those systems while on the business side of this, the companies will need to find new ways to make money since their competitors can now avoid their market or other prior constraints built into the platforms.

I guess the part I don't understand is if a consumer or a developer does not want to be constrained to using the company's platform the way it was designed, why don't they just use another phone or tractor or gaming console. No one is forcing me to buy an iPhone. I buy it because I like the quality and experience, and am certain that a large part of that is attributable to how it is designed and how they manage how apps and services operate on the platform.

Simultaneously, I don't want a tractor that I can't fix myself or drive down to my local shade-tree mechanic and have him fix it.

So, how this all plays out is going to be interesting. Will they try to make a law, a ruling to apply to just Apple or will they say that all companies must make this type of investment and open up their devices and platforms... and markets.

 

[Wildkraut]

Why tho? Because apple has a monopoly on apple devices and thus a defacto monopoly on all the software that they run?

iOS isn’t windows. It isn’t licensed to OEMs. It is only available as part of apple products. Why should anyone but apple be deciding what can and can’t run on apples hardware using apples software?

And it’s not like they are gonna give up the apple APIs. No one is gonna accept sideloading if they can’t for example, call any metal apis. But apple spent a TON of money developing metal api and drivers and ultimately hardware, and it is 100% their IP. So why should someone be able to use it in a sideloaded app?

If apple sold or licensed any of its arm chips or software, then I might understand. But it’s all sold as one monolithic product. The situation is completely different than pretty much every other OS of note. There is a reason apple stopped selling macOS and it’s updates. They started playing this game a long time ago.

Yep, Apple has multiple monopolies and duopolies, simply as that.

Who needs Apple APIs there are tons of third-party APIs and Frameworks that could be ported without hassle. I would be one of the firsts to help developing alternatives, count me in.
OpenGL, Vulkan and more to come, once it’s open and they block it, nothing to fear here.

Anyway, if they block essential stuff, more lawsuits would fire their ass. Really, Metal is nothing special, it’s just another way to gatekeep on iOS.

 

[sracer]

Leave this glorious walled garden be! It is one of a kind, don't like it, go somewhere else!

I agree. For those who want more control over their devices, there's an alternative. Let the market decide. If there is a sufficient exodus from iOS/iPad OS devices because of a lack of ability to sideload apps, then Apple will respond to that.

I've had enough iOS apps that I've paid for that were later removed from the App Store and can no longer re-install that I decided to cut my losses in any additional investing in the Apple app ecosystem. I didn't do it to "make a statement" but as a prudent personal financial decision.

I know that many have a sense of comfort in the walled garden. I don't want that taken away from them.

 

[laptech]

The post from the member that talks about his mother 'just clicking on it' is why the discussion about popup warning notices and other types of warning notices will not work because many in society just do not know of the potential dangers that exists with regards to their iphone.

Many things in life we are tought to be careful over, the forever dangers we face in our day to day life and what steps we need to take to protect ourselves. For example, we know about the security risks that surrounds our houses, our cars, our jewelry, our children, our money and what steps to take to protect all of that. This learning comes from our parents, our grandparents, our teachers and our workplace bosses and work collegues and this taken place for decades, it's now ingrained into society thus we know what to look for when things are not right. This cannot be said for todays digital society because there are far to many people who just do not understand it or are not willing to understand it and as a result they will blindly click on things to something they have no clue as to what it is or the security risk it poses to them.

I remember when as a child there used to be public service announcments that would run persistantly on television, topics on not talking to strangers, how to cross the road safely, how to ask for help when required, how to use a phone to call one of the emergency services, what to do incase of a fire in your home, what to do if you choke on some food, things like that and seeing that on television it was drummed into me and others of what we should do when certain situation arises. They were good informational programmes which is something I do not see today.

Two good examples of todays society not understanding or not bothering to understand the dangers they face is banking scams and dating scams where they ask you to send them money to help them with a medical problem. Time and time again we see on television, hear it on the radio, get emails about it, see it on the internet about what not to do when faced with one of these scams and time and time again, even when faced with all this information about what to look out for and how to protect yourself, people still fall for it.

It therefore stands to reason that when faced with popup warning messages about the risks of installing a sideloading app, there will be many who will just ignore the warning and install the app. Now the question is, should we allow companies to take the responsibility of protecting us from ourselves, just like what Apple is doing with the app store?

 

[Sophisticatednut]

Lets all keep in mind, all this “malware in disguise” still asked for all the permissions it abused, it was not actively exploiting anything. There is a lot of code that apple would would simply never approve, and so it’s not an attack vector that people actively research currently.

Introducing sideloading changes that.

I’m sorry, but we have numerous examples of iOS apps exploiting the system by running code not permitted, injecting Trojans, running one code when revised and another when users download it.
Angry bird and thousands of apps was infect and spread code on the store

 

[Sophisticatednut]

nah they cant since apple reviews the apps code. also i edit pictures on my mac not my phone

If only apple actually did that you might have had a point.

 

[ruka.snow]

The truth about this Apple knows the products will be sold for less else where and they will lose their sweet sweet 30% cut.

No. You’ll be charged the same price regardless of where you buy. We don’t charge you more to buy a game from Epic than Steam, even though we get more profit from Steam. How it ends up is the cheeper distributions like Steam and the AppStore end up subsidising the more expensive distributions like Epic and direct from our site.

 

[Unit43]

If I could just leave sideloading disabled and go about my day, I wouldn’t care either way. But one would be naive not to expect a bunch of apps to be removed from the App Store and made available only through sideloading so they can circumvent iOS’s privacy restrictions. And in many cases one has to install these apps whether they like it or not for school or work.

That's where privacy controls come in.

Android has had it for years. Apps on Android cannot randomly access my contacts, location, microphone or camera without me giving them permission to do so. Permissions I can only give once or deny at any time.
Some Android phones even allow you to send an empty contact list when apps ask for your contacts.

 

[Sophisticatednut]

I am not in for any surprise. Amazingly you can research things before posting and even develop for both platforms. It still stands that if Apple loses its main competitive advantage you might as well force iPhone users to install android on them.

I would bet the AppStore being closed is NOT on of its competitive advantages, but their ecosystem and seamless integration of hardware and software such as the A15 chips

 

[Ethosik]

If Apple is forced to allow sideloading... my suggestion is for Apple to put up enough roadblocks to make the sideloading experience not worth it.

Just like Google.

Sideloading has been available on Android for years... but even a giant corporation like Epic, with the most popular game in the world, Fortnite, couldn't get people to sideload it.

Google made sideloading seem scary. And thus... hardly anyone sideloads on Android.

I predict Apple will do the same if they are forced to allow sideloading.

Or... and this is my biggest hope... Apple will succumb to the pressure and finally drop ALL commissions to 12% or something.

Make the App Store terms friendly enough that developers will want to stay in the App Store. They won't have to setup their own websites, servers, and payment gateways to avoid Apple's fees.

That's what started all this, right? Apple's fees?

There are millions of developers who LOVE that they can reach a billion users in the App Store. And how easy it is for people to buy apps since their credit card is already saved in the App Store. It's just so easy to click "Buy Now"

But developers hate the fees.

Fix the fees... and that mostly fixes the major problems developers have with the App Store.

Mostly. I'm sure there will still be other problems to fix. But fees are a big one.

But don’t forget Epic is also suing Google because it’s too difficult to side load on Android.

 

[I7guy]

I’m sorry, but we have numerous examples of iOS apps exploiting the system by running code not permitted, injecting Trojans, running one code when revised and another when users download it.
Angry bird and thousands of apps was infect and spread code on the store

So throwing the baby out with the bathwater is a good idea?

 

[Ethosik]

Isn’t that like the entire argument you’re making with the App Store’s security. When it’s pointed out that the App Store isn’t 100% secure; you say that it’s unavoidable that some holes will exist in Apple’s ability to secure it. So it’s somehow fine that the App Store has holes, but god forbid there’s a hole in sandboxing.

Yes. But opening up iOS is the solution to App Store holes helps how exactly?

 

[I7guy]

Few care about gaming companies in what sense? I care about their actions, like Microsoft (I realize they’re not just a gaming company, but it’s a very important business to them) buying up Activision. I’m completely against that move and further consolidation in the gaming market. I think you’re conflating people not taking the bait of your whataboutism with people not caring about anti-trust issues in gaming. We’re on an Apple-focused news site and forum, we’re generally here to talk about Apple, not Sony or civil asset forfeiture laws. If you want to discuss gaming and anti-trust laws with people, I’m sure there are other places you can go where the people there would love to do so. But don’t get upset or indignant just because folks on this site are (unsurprisingly) talking about Apple.

Well... we're generally here to discuss issues Apple and issues Apple are facing and the markets they are facing them in, and the competition and the issues they are facing and the markets they are facing them in. And our opinions of those issues are we try as hard as possible to be factual so others can see where are opinions are originating from.

Other than the above, I agree with your post.