Tim Cook Meets EU Antitrust Chief Ahead of iPhone App Sideloading Deadline

[1129846]

You are just constantly condescending towards anyone. You have repeatedly talked down to me in many topics. I have been a senior dev for 30 years. Cut the damn attitude of “you know very little of software development”

The review process is too quick to vet applications correctly. I have confirmed this from my own app. Therefore to make the gatekeeping process better the review process needs to be longer. Not abolish it entirely which means there is ZERO app vetting process. That won’t make malicious apps less common. An open iOS will make bad apps MORE common.

And yet you seem to think that they would do any real vetting and pay the real cost of security experts to do the deep dive and yet get around the problems. Yes you get talked down to on that.

Apple current vetting process is a glorified monkey that is pushing buttons.

The amount of true security it adds is very little if any no matter if it was 12 hours or months.

The real issues is in the OS and side loading does not make it worse. Side loading does not affect you if you choose not to do it.

Also if you are a senior dev with 30 years under your belt then you would understand the importance of being able to do a fast deployment and understanding that no amount of internal testing comes close to real world users which goes back to importance of fast deployments.

 

[makitango]

Stop conflating the EU and Europe. The two are not synonymous.

While that is true, the EU consists of Europeans, which does not negate my statement. We Europeans voted for this the same as some Europeans voted not to be in the EU. Most European countries want in the EU and I guess you just kinda forgot that, too, because it woule not have helped your case.

And you contributed nothing constructive to the convo, just deflecting.

What is visible here, however, is the fact that foreigners think they get a say in what gets to go on in our home. The audacity is glorious. In between some postings of Apple‘s social media squad, too.

 

[1129846]

What are a "lot of other features" that Apple offers over Android, aside from ecosystem?

My example could consider any combination of features, but we are discussing sideloading and the erroneous claims made that Apple enjoys a monopoly on the phone market (despite its EU market share only being c30%).

The onus is on the consumer to assess their subjective requirements and to purchase goods accordingly to meet these needs - the fact that there already exists on the market a smartphone OS utilised by many vendors (which caters those who want to sideload) renders the EU's decision to go after Apple puzzling to say the least.

If app devs do not like the terms and conditions of the App Store nobody is forcing them to use it.

You missed something EU did already go after the other vendors. Google and Microsoft was targeted as well. Big difference is both of them were willing to work with the EU while Apple more or less gave the middle finger. Also most people here only read Apple and falsely assume Android is not being looked at. Give you a hint Android got caught as well in gatekeeper static and also agreed and trying to work with the EU. Apple gave the middle finger.

 

[Ethosik]

And yet you seem to think that they would do any real vetting and pay the real cost of security experts to do the deep dive and yet get around the problems. Yes you get talked down to on that.

Apple current vetting process is a glorified monkey that is pushing buttons.

The amount of true security it adds is very little if any no matter if it was 12 hours or months.

The real issues is in the OS and side loading does not make it worse. Side loading does not affect you if you choose not to do it.

Also if you are a senior dev with 30 years under your belt then you would understand the importance of being able to do a fast deployment and understanding that no amount of internal testing comes close to real world users which goes back to importance of fast deployments.

That’s…..the solution? Improve the vetting process vs opening up iOS. HMMMMMM. Which one would be better at vetting apps? Better review process or ZERO review process?

Yes glorified monkeys pushing buttons is exactly the reason. So have the reviews take longer where they ARENT pushing buttons is the solution. The solution is NOT bypassing ANY REVIEW process altogether.

 

[Sebalto]

While that is true, the EU consists of Europeans, which does not negate my statement. We Europeans voted for this the same as some Europeans voted not to be in the EU. Most European countries want in the EU and I guess you just kinda forgot that, too, because it woule not have helped your case.

And you contributed nothing constructive to the convo, just deflecting.

What is visible here, however, is the fact that foreigners think they get a say in what gets to go on in our home. The audacity is glorious. In between some postings of Apple‘s social media squad, too.

Of course most economically underperforming European countries want in the EU - they make a net gain at the expense of the big 6. By the way, you vote for an MEP. What way they vote in "parliament" is down to them, not you.

I also have to highlight your less than savoury attitude towards "foreigners" as you put it. What do you have against non-Europeans? The EU is interconnected politically to the governments of other nations - their citizens should also have a right of reply.

 

[makitango]

You are just constantly condescending towards anyone. You have repeatedly talked down to me in many topics. I have been a senior dev for 30 years. Cut the damn attitude of “you know very little of software development”

The review process is too quick to vet applications correctly. I have confirmed this from my own app. Therefore to make the gatekeeping process better the review process needs to be longer. Not abolish it entirely which means there is ZERO app vetting process. That won’t make malicious apps less common. An open iOS will make bad apps MORE common.

I have had senior devs (assumed that I say the truth) above me with the same year counter, and it does say zero about your experience or skill as it did say zero about theirs. In fact, the older the senior devs were, the least valuable they were to us devs.
If you look at hacks and leaks worldwide and who was identified for it, try to count the amount of hackers who are young vs the ones who are old, and tell us again how your self-declared 30 years should mean anything of value to us.
Now, if you want to tell us you‘re a QA engineer at Apple, best not to mention that I guess.

Let‘s get back to topic, shall we? The vetting process has proven to not include the screening of actual code, so there is zero dollar I wish to throw at Apple and instead give it the devs directly. The only ingredient Apple adds here is curation.

That‘s like being told by your supermarket that you are only allowed to buy Nutella if you don‘t have butter in your basket, or not being allowed to buy alcohol even if you‘re an adult, but they only sell to 45+.

If you are in fact what you say you are and a dev of your own app (you‘re running solo?), then you are just one dev and you don‘t represent all the devs who can use the App Store (and those who won‘t or can‘t). It is in direct contrast to people like me who are part of the EU and who are already represented by the EU commission, who spoke in our name,

 

[I7guy]

You say that you are one, but that doesn‘t make you one. If I bully someone and get to be the one deciding if I were a bully, would I say so?

Truth is, us Europeans voted for this through our representatives, and it is what we want. Doesn‘t matter what someone from another market thinks.

Every market is regulated.

It takes little knowledge to understand how to secure an operating system. It is not by curating a monopolistic storefront, it is by fixing the OS. Let‘s see how well Apple fared in that arena.

His is micro-regulation. For the common good society has to have laws. These nanny regulations aimed at discretionary purchases of consumer electronic devised are far and away above what society “needs”.

 

[Sebalto]

You missed something EU did already go after the other vendors. Google and Microsoft was targeted as well. Big difference is both of them were willing to work with the EU while Apple more or less gave the middle finger. Also most people here only read Apple and falsely assume Android is not being looked at. Give you a hint Android got caught as well in gatekeeper static and also agreed and trying to work with the EU. Apple gave the middle finger.

No I've not missed that.

I presume your referring to the EU fining Google for £2.42bn for breaching EU antitrust rules by abusing its market dominance as a search engine by giving an illegal advantage to another Google product, its comparison shopping service.

The key point here "market dominance". Apple dont have that.

As for Microsoft, MS Office also market dominance, so bundling Teams with MS Office could be viewed as anti competitive.

 

[makitango]

The review process is too quick to vet applications correctly. I have confirmed this from my own app. Therefore to make the gatekeeping process better the review process needs to be longer. Not abolish it entirely which means there is ZERO app vetting process. That won’t make malicious apps less common. An open iOS will make bad apps MORE common.

If you have 0 and improve it by 35%, what do you have after? A lot of people see 0 value in there and this is just one aspect of what this is about.

That’s…..the solution? Improve the vetting process vs opening up iOS. HMMMMMM. Which one would be better at vetting apps? Better review process or ZERO review process?

Yes glorified monkeys pushing buttons is exactly the reason. So have the reviews take longer where they ARENT pushing buttons is the solution. The solution is NOT bypassing ANY REVIEW process altogether.

If you sell wares in a country and they come from elsewhere, you cannot trust in the (in)competence of a merchant. You create customs. That‘s how it went with covid as well, you were tested or vaccinated, and then you enter a public or private space with a certificate by an entity which was certified to do so. There‘s no need to be scanned by aunt Dolores again who may or may not know what she‘s doing.
Apple provides zero proof that they are actually scanning code more than what their OS already scans on its own.
If you look at their track record of how well they are capable to handle their own code, you can guess how well they perform with the code of others. If I had to bet my life on their review process, it would be gone within hours.

Of course most economically underperforming European countries want in the EU - they make a net gain at the expense of the big 6. By the way, you vote for an MEP. What way they vote in "parliament" is down to them, not you.

I also have to highlight your less than savoury attitude towards "foreigners" as you put it. What do you have against non-Europeans? The EU is interconnected politically to the governments of other nations - their citizens should also have a right of reply.

I have zero against foreigners, I literally host refugees in my home. That doesn‘t change the fact that Americans don’t get to choose what is going on here even if we hold relations with them/you.
There is also the issue that Apple‘s social media squad is deployed here and it‘s hard to identify someone who actually simply represents themselves. Anyone tryig to deflect an obvious issue which caused legal action throughout a whole group of democratic countries and going victim reverse is a strong candidate for that.

 

[makitango]

His is micro-regulation. For the common good society has to have laws. These nanny regulations aimed at discretionary purchases of consumer electronic devised are far and away above what society “needs”.

You don‘t get to be the judge for laws to be designated as nanny or un-needed, you don‘t represent anyone on our continent or in the EU.

I know it stings having someone from said area who enjoys that law and sees the value for himself and others, for consumers and developers, and competition alike.

 

[InvertedGoldfish]

You don‘t get to be the judge for laws to be designated as nanny or un-needed, you don‘t represent anyone on our continent or in the EU.

I know it stings having someone from said area who enjoys that law and sees the value for himself and others, for consumers and developers, and competition alike.

Do they have jury nullification in the EU?

If so he very much may become the judge of such matters

In the US for example, if a law is unconstitutional or reprehensible, even if the state proves someone is guilty of it, the jury make find them not guilty

 

[makitango]

Do they have jury nullification in the EU?

If so he very much may become the judge of such matters

In the US for example, if a law is unconstitutional or reprehensible, even if the state proves someone is guilty of it, the jury make find them not guilty

As a European, he could be in scope for that. As the defendent or raising the issue, no matter the nationality, obviously not.

 

[1129846]

That’s…..the solution? Improve the vetting process vs opening up iOS. HMMMMMM. Which one would be better at vetting apps? Better review process or ZERO review process?

Yes glorified monkeys pushing buttons is exactly the reason. So have the reviews take longer where they ARENT pushing buttons is the solution. The solution is NOT bypassing ANY REVIEW process altogether.

And allowing side loading does not change anything. The App Store can have their glorified monkeys. You and other users can simplely keep going with it.

They could increase their vetting process and do real security looking at it. Even when the App Store review times were nearly 2 weeks it was glorified monkey button pushers. Longer review process and still offer next to no extra protection. To do it right would require a huge shift and even then still would not catch much more as again would be super easy to get around everything with remote configuration. Apple does not get the source code nor should them get it. Even then still would not catch much as again easy to hide everything.

 

[I7guy]

You don‘t get to be the judge for laws to be designated as nanny or un-needed, you don‘t represent anyone on our continent or in the EU.

I know it stings having someone from said area who enjoys that law and sees the value for himself and others, for consumers and developers, and competition alike.

I definitely get to make an opinion on the content that is reported on MacRumors. I know it's tough to see dissenting opinions, but that's the way these discussion forums work.

 

[Ethosik]

And allowing side loading does not change anything. The App Store can have their glorified monkeys. You and other users can simplely keep going with it.

They could increase their vetting process and do real security looking at it. Even when the App Store review times were nearly 2 weeks it was glorified monkey button pushers. Longer review process and still offer next to no extra protection. To do it right would require a huge shift and even then still would not catch much more as again would be super easy to get around everything with remote configuration. Apple does not get the source code nor should them get it. Even then still would not catch much as again easy to hide everything.

Side loading means zero form of vetting at all.

 

[I7guy]

And allowing side loading does not change anything. The App Store can have their glorified monkeys. You and other users can simplely keep going with it.

No it, imo, will ultimately devalue the ecosystem.

They could increase their vetting process and do real security looking at it.

Or the opposite can happen and malware, phishware and scamware apps can be a permanent part of the landscape making finding legitmate apps much harder to find.

Even when the App Store review times were nearly 2 weeks it was glorified monkey button pushers.

That's throwing the baby out with the bathwater logic.

Longer review process and still offer next to no extra protection.

Disagree.

To do it right would require a huge shift and even then still would not catch much more as again would be super easy to get around everything with remote configuration. Apple does not get the source code nor should them get it. Even then still would not catch much as again easy to hide everything.

Again, throwing the baby out with the bath water.

 

[makitango]

And allowing side loading does not change anything. The App Store can have their glorified monkeys. You and other users can simplely keep going with it.

They could increase their vetting process and do real security looking at it. Even when the App Store review times were nearly 2 weeks it was glorified monkey button pushers. Longer review process and still offer next to no extra protection. To do it right would require a huge shift and even then still would not catch much more as again would be super easy to get around everything with remote configuration. Apple does not get the source code nor should them get it. Even then still would not catch much as again easy to hide everything.

Added to that, most devs know that even with a senior dev who is appointed to the same project and is supposed to be "in the know" of things, things slip code review left and right. It has become SO hard to maintain clean and good code with added complexity, and Apple simply isn't able to pull a Snow Leopard (particularly 10.6.7/8) or Mojave anymore these days (and even Mojave was not on the level that Snow Leopard was).
If I look at what consumers want vs where they invest, it already shows me if I want to reward them with the 30% cut they take from devs.

As both a dev and consumer, I would see added value in knowing that they would ban frameworks like Unity off the App Store, and only allowed truly natively coded apps. I remember very well the days when lazy devs published a sequel with little to no drastic value and the app size jumped from 50 MB to 800, for the added value of overheating and more crashes, just because of using unity and no longer coding natively.
If they were to require that and thus promising me quality code, I would gladly reward them.

 

[Ethosik]

I have had senior devs (assumed that I say the truth) above me with the same year counter, and it does say zero about your experience or skill as it did say zero about theirs. In fact, the older the senior devs were, the least valuable they were to us devs.
If you look at hacks and leaks worldwide and who was identified for it, try to count the amount of hackers who are young vs the ones who are old, and tell us again how your self-declared 30 years should mean anything of value to us.
Now, if you want to tell us you‘re a QA engineer at Apple, best not to mention that I guess.

Let‘s get back to topic, shall we? The vetting process has proven to not include the screening of actual code, so there is zero dollar I wish to throw at Apple and instead give it the devs directly. The only ingredient Apple adds here is curation.

That‘s like being told by your supermarket that you are only allowed to buy Nutella if you don‘t have butter in your basket, or not being allowed to buy alcohol even if you‘re an adult, but they only sell to 45+.

If you are in fact what you say you are and a dev of your own app (you‘re running solo?), then you are just one dev and you don‘t represent all the devs who can use the App Store (and those who won‘t or can‘t). It is in direct contrast to people like me who are part of the EU and who are already represented by the EU commission, who spoke in our name,

I love how this mindset puts my skills in question when the opposite doesn’t make any sense at all.

So you instead do NOT want to improve a poor process (App vetting) and instead want to move iOS open so other stores could potentially have ZERO vetting process. And you just bash on my skillsets and knowledge?

Instead of bashing my knowledge and skillsets, explain how forcing iOS to be open IMPROVES this core issue you all have with the App Store? Is there proof Joe’s App Store will have a better review process? No. It will make things worse. So INSTEAD, let’s force Apple to tighten up the App review process instead of turning iOS into the Wild West.

How about you all stop bashing my skillsets so we can have civil conversations please? My goodness why does everything turn into an attack these days. If you can explain how avoiding Apple’s review entirely will solve this issue, please say so. Instead of targeting my knowledge or expertise.

 

[makitango]

Side loading means zero form of vetting at all.

The operating system is the vetting entity, plus there are certificates issued by Apple to developers, and software is still signed. Uncountable companies including Apple sideload their apps onto their devices because they want to do more than what the App Store allows but what the OS can provide. And yet, they all have to follow the security framework as defined by the OS.
That's how security on every other OS works.

No it, imo, will ultimately devalue the ecosystem.

Or the opposite can happen and malware, phishware and scamware apps can be a permanent part of the landscape making finding legitmate apps much harder to find.

That's throwing the baby out with the bathwater logic.

Disagree.

Again, throwing the baby out with the bath water.

You say disagree and "devalue the eco-system" but offer neither points nor proof for that.
You think any of your "ware" will either get or get to uphold a verified developer certificate which will 100% be required to install apps? And that they can bypass the OS' own design of aps needing user permission to access data? If that is what you want to project here, then you're just repeating the Apple PR. We already know what side-loaded apps can do and it is nothing of the sort.

 

[I7guy]

The operating system is the vetting entity, plus there are certificates issued by Apple to developers, and software is still signed. Uncountable companies including Apple sideload their apps onto their devices because they want to do more than what the App Store allows but what the OS can provide. And yet, they all have to follow the security framework as defined by the OS.
That's how security on every other OS works.

You say disagree and "devalue the eco-system" but offer neither points nor proof for that.
You think any of your "ware" will either get or get to uphold a verified developer certificate which will 100% be required to install apps? And that they can bypass the OS' own design of aps needing user permission to access data? If that is what you want to project here, then you're just repeating the Apple PR. We already know what side-loaded apps can do and it is nothing of the sort.

Yes, I was pretty clear in my verbiage this is my opinion, which I do not have to offer any proof of. Common sense seems to say (again an opinion) that opening up the app store to third parties with no independent verification, can potentially lead to a downward spiral of the ecosystem.

 

[Ethosik]

The operating system is the vetting entity, plus there are certificates issued by Apple to developers, and software is still signed. Uncountable companies including Apple sideload their apps onto their devices because they want to do more than what the App Store allows but what the OS can provide. And yet, they all have to follow the security framework as defined by the OS.
That's how security on every other OS works.

Doesn’t iOS cover it now? But iOS App Store is horrible at vetting applications?

 

[makitango]

I love how this mindset puts my skills in question when the opposite doesn’t make any sense at all.

So you instead do NOT want to improve a poor process (App vetting) and instead want to move iOS open so other stores could potentially have ZERO vetting process. And you just bash on my skillsets and knowledge?

Instead of bashing my knowledge and skillsets, explain how forcing iOS to be open IMPROVES this core issue you all have with the App Store? Is there proof Joe’s App Store will have a better review process? No. It will make things worse. So INSTEAD, let’s force Apple to tighten up the App review process instead of turning iOS into the Wild West.

How about you all stop bashing my skillsets so we can have civil conversations please? My goodness why does everything turn into an attack these days. If you can explain how avoiding Apple’s review entirely will solve this issue, please say so. Instead of targeting my knowledge or expertise.

I question your skillset because I don't know you and I don't believe you because I don't trust you, and any sane entity would do the same.

I also said multiple times, as many others did, that we don't want to move anything anywhere. We just simply state that until now we have seen zero proof (and enough evidence of the opposite) that the process has nothing to do with security, and Apple, if you follow their shareholder meetings and actions, has zero interest in investing there, not to mention in actual code review.
The only way to tackle security efficiently is at the OS level. As a senior dev, you should know that. You don't let a random nobody from outside with no track record whatsoever get to judge your code, added that what their process is is unknown and unvetted by itself. Again, that is a huge f***ing red flag and I wouldn't even have been bold enough to suggest such things as a junior dev. It's just basic common sense.

Joe's App Store's review process is as irrelevant as Apple's, the only thing that is relevant is how the OS operates, and if Apple is capable of handling their certificates. The way they deal with bug reports, however, I suppose not and media exposure is the way their debugging process goes by.

iOS will not be the wild west the same as Android isn't. Has Spotify left the Google Play Store, huh? If I make a Spotify clone today, will I still be able to publish it in the evening? We all know the answer.

 

[makitango]

Yes, I was pretty clear in my verbiage this is my opinion, which I do not have to offer any proof of. Common sense seems to say (again an opinion) that opening up the app store to third parties with no independent verification, can potentially lead to a downward spiral of the ecosystem.

Where does common sense say that, and why? I'm sure you can add points as to why you have said opinion.

Doesn’t iOS cover it now? But iOS App Store is horrible at vetting applications?

iOS is not the App Store. Very different people with very different qualifications and salaries work at each.

 

[Ethosik]

I question your skillset because I don't know you and I don't believe you because I don't trust you, and any sane entity would do the same.

I also said multiple times, as many others did, that we don't want to move anything anywhere. We just simply state that until now we have seen zero proof (and enough evidence of the opposite) that the process has nothing to do with security, and Apple, if you follow their shareholder meetings and actions, has zero interest in investing there, not to mention in actual code review.
The only way to tackle security efficiently is at the OS level. As a senior dev, you should know that. You don't let a random nobody from outside with no track record whatsoever get to judge your code, added that what their process is is unknown and unvetted by itself. Again, that is a huge f***ing red flag and I wouldn't even have been bold enough to suggest such things as a junior dev. It's just basic common sense.

Joe's App Store's review process is as irrelevant as Apple's, the only thing that is relevant is how the OS operates, and if Apple is capable of handling their certificates. The way they deal with bug reports, however, I suppose not and media exposure is the way their debugging process goes by.

iOS will not be the wild west the same as Android isn't. Has Spotify left the Google Play Store, huh? If I make a Spotify clone today, will I still be able to publish it in the evening? We all know the answer.

Point me to where I said Apple needs to review the actual source code of the app? All I said was they need to make their review process more thorough. Then you all just jumped on the bashing train when this logically makes the most sense to improve iOS safety.

There are hundreds of ways Apple can improve their review process that does NOT involve “reading source code”. Otherwise Apple review process is the best it can get and you cannot bash Apple for it.

Heck a long duration alone will cut out apps purely targeting scams and malicious

 

[Ethosik]

iOS is not the App Store. Very different people with very different qualifications and salaries work at each.

You just said the operating system will become the vetting authority. It does that now and it’s not good enough on a closed system. How the hell will opening up iOS improve things?