Tim Cook: Users Who Want to Sideload Apps Can Use Android, While the iPhone Experience Maximizes 'Security and Privacy'

[januarydrive7]

No! For example I can't install a firewall on the iPhone or can't block an app from calling home and sending whatever data to the dev. On the Mac I can do that and even more.

What you're describing is what a user can do to protect themselves. I don't disagree that we have more options on macOS.

What I'm talking about is what the OS does for you, without any additional steps by the user. The vast majority of tech users (including iOS installed base) are tech-illiterate, and aren't going to be searching for FOSS or installing firewalls or routing all traffic through their pi-holes at home. iOS assumes this as the threat model

 

[topdrawer]

Apple says sideloading is the cybercriminal’s best friend.

Apple allows sideloading on the Mac.

Apple is the cybercriminal’s best friend.

By their own logic.

cryptocurrency is the crminials best friend. tim cook supports crypto

 

[k1121j]

Amen Tim

 

[boss.king]

Objectively true. Some people view their phones like toys, some do real serious work on them and can't afford security risks. I don't care about the ability to side load, I care about the device that has so much of my highly sensitive info on it being as secure as possible. Forcing Apple to allow side loading removes that choice from the market.

You know you can also completely ignore features you don't want to use, right? On MacOS today, Apple makes you check boxes in system preferences and jump through a bunch of hoops if you want to install (read: sideload) something from the internet, or you can simply choose to stick with the App Store.

Saying that this feature being available to others makes your experience any less secure is at best a complete misunderstanding of how it could (should) work and at worst a straight-up lie.

 

[840quadra]

I don't look at my Pixel 6 and feel I have a phone that is open for the world to violate. Just because it is easier to side load on Android, doesn't mean all or many users do so.

Apple acts as though there hasn't been security issues on any iOS app that gets through their vetting process too.

 

[JRobinsonJr]

Objectively true. Some people view their phones like toys, some do real serious work on them and can't afford security risks. I don't care about the ability to side load, I care about the device that has so much of my highly sensitive info on it being as secure as possible. Forcing Apple to allow side loading removes that choice from the market.

Agreed. However, if sideloading is permitted it is possible that "real work" apps will bail from the AppStore and force users to sideload.

 

[klasma]

Say side loading becomes a thing. Maybe Microsoft decides to pull their apps from from the store and only distribute them via side loaded App Store.

That’s very unlikely to happen; it hasn’t happened on Android. Vendors would lose purchases from users who stick to the official app store (Play store on Android). Vendors have an incentive to provide known-safe versions via the official store, as otherwise their reputation would suffer.

Sideloading is not a major security issue on Android. I wouldn’t expect it to be on iOS.

 

[nebojsak]

Privacy seems to be Tim Cook’s favorite subject.

Average Joe/consumer worldwide is prone to fearmongering. Be it Chinese, Russians, Americans, reptilians or evil hackers.

 

[topdrawer]

You do realize that won’t be an option for people. Apps will leave the store if this is allowed. Why are you so excited to sacrifice your security to make giant companies like Microsoft, Epic, Facebook, Spotify, etc.. more money? Aren’t they rich enough? Unless you are a major shareholder in these companies it doesn’t add up.

apple will still slap the alarming warnings like they do on mac apps not downloaded from the store and kill certificates whenever they like.

currently on the mac my apps get the "this app was downloaded from the internet and can harm your computer and kill your mom" and that's only after bypassing quarantine

you can't easily distribute apps on mac without having them reviewed by apple, at least the common person won't know how to run it. i don't see why this is any different for iphone

 

[Mockletoy]

I can’t wait until Amazon takes a page out of Apple’s playbook and starts selling refrigerators that will refuse to run the compressor if there’s any food inside it that didn’t come from Whole Foods or Amazon Pantry.

 

[now i see it]

Control freak companies don’t like losing control

 

[firewood]

Customers who want to sideload apps can get a Mac, enroll in the $99/annum Apple Developer program, download Xcode, and learn to code (or learn to find source code on GitHub for) any apps that they want to sideload on any of their iOS devices.

Problem solved.

 

[sunny5]

Lack of properly supported iOS/iPadOS apps on Mac is such a huge problem. Before they even say use Android, they better support mobile apps on Mac properly.

 

[Cosmosent]

Have you noticed that Tim will never agree to do an Interview by someone who is knowledgeable & who might ask him tough questions ?

For example, NO mention of Apple's Complete & Total Stranglehold on App Discovery.

Apple has NO competition in App Discovery !

That's how they are able to both suppress certain apps, AND, Control the Narrative !

"Basic Common Sense" would define it a Monopoly !

It's just a matter of time, the App Store will be Broken Up !

It will start first outside the States, most-likely in the EU, & work its way back here.

There is NO transparency in the App Store !

Apple has been able to do mostly whatever they want.

I'm NOT a BIG fan of side loading, but I'm 100% for it unless/until Apple gets their act together !

It's the ONLY thing that will force them to compromise !

Otherwise the Control Freaks will continue to do what they've done in the past

The App Store is just a Marketing Arm of Apple, nothing more, nothing less.

Why else would Apple two NON-technical individuals, Phil & Matt, running the show ?

For those of you who are AAPL investors, the NON-Game App portion of the App Store ONLY did well in the very early years of the App Store.

If it had a chance to blossom now, it would generate significant Revenue for Apple, NOT from Apps, but from a surge in iPhone Unit Sales, AFTER chip shortages subside, of course.

By my guess, over the past five years, Apple has lost out on tens of Billions of Dollars (in higher-end iPhone revenue) !

They've simply had the wrong strategy & the wrong guys running the App Store !

But, it's probably too late now, the EU will move first, followed by South Korea & Japan, & eventually, back here in the States !

 

[Mockletoy]

That’s very unlikely to happen; it hasn’t happened on Android. Vendors would lose purchases from users who stick to the official app store (Play store on Android). Vendors have an interest to provide known-safe versions via the official store, as otherwise their reputation would suffer.

Sideloading is not a major security problem on Android. I wouldn’t expect it to be on iOS.

That’s what tickles me about all the hysteria around the topic of sideloading.

Every time it comes up here you have Apple doing what they do (lying to protect their profits/monopoly position) and a whole bunch of people spinning all these fanciful scenarios (one dude up the thread explained how sideloading could literally leave people to die, stranded on the side of the road, no joke).

And it’s like, “So, what you’re telling me is that if iOS worked the way Android has always worked, then the planet would fly off its axis, the heavens would fall, and it would be the literal end of all things … even though Android is used every day by far more people than iOS is?”

Something is kinda funky in that math, huh?

 

[Darth Tulhu]

Because Apple used to be the outlier, the scrappy underdog. The things it did didn’t have much impact beyond its relatively tiny customer base.

Now it’s the 800-lb gorilla.

Being the biggest means you have to play by different rules.

Apparently not.

Good luck waiting on Apple to backpedal on this.

You'll be changing your name to Mr./Mrs. Van Winkle by the time they do.

 

[jon9091]

Let them sideload all they want. And if they do…warranty voided. Problem solved.

 

[MarkC426]

Speaking generally on privacy, Cook was questioned on recent reporting revealing that Facebook, Google, Snapchat, and others have lost almost $10 billion in revenue this year due to Apple's App Tracking Transparency prompt, which requires developers to ask for a user's consent before tracking them.

Oooohhhh Boo Hoo Facebook etc.....?
I don't want your annoying tracking thanks....?

 

[januarydrive7]

Not following... what does that have to do with sideloading apps? I don't take my iPhone with me to the bathroom or gym either. I would primarily be worried about anyone accessing data on my phone. And if they do that while it's in a bathroom or in my office doesn't matter. In the end, someone is accessing my data if an exploit happens. And again, iOS is full of security bugs that allow for these things to happen.

Some might argue that location data is incredibly important and sensitive information. I agree that iOS has security bugs, what OS doesn't? The issue with side loading is that is intentionally opening a vector to give more people access to the phone, and they wouldn't even be considered security bugs, but features. I don't understand how you can be concerned about security bugs (i.e., something that is on the dev's radar to fix) while arguing for something that would amount to something worse than those security bugs.

I take photos with my mirrorless camera, occasionally with my iPhone. But anything I take with my iPhone, ends up on my Mac as well. So I don't see the difference there.

OK. So you're not an average user.

 

[canadianreader]

cryptocurrency is the crminials best friend. tim cook supports crypto

Most criminals use the dollar I think we should ban the dollar

 

[boss.king]

You do realize that won’t be an option for people. Apps will leave the store if this is allowed. Why are you so excited to sacrifice your security to make giant companies like Microsoft, Epic, Facebook, Spotify, etc.. more money? Aren’t they rich enough? Unless you are a major shareholder in these companies it doesn’t add up.

Epic literally already tried this with Fortnite on Android and had to put it back on the Play Store because they were losing too many players. Businesses aren't dumb, they know that sacrificing half their user base to to get an extra 30% from what would remain of their customers is a bad business move.

 

[Mockletoy]

Apparently not.

Good luck waiting on Apple to backpedal on this.

You'll be changing your name to Mr./Mrs. Van Winkle by the time they do.

Oh, I’m sure it will take government oversight to make it happen. That’s the only way monopolists are ever brought to heel.

All the things that made Apple fantastic when it was small and fighting for survival are turning it into a monster now that it’s become a titan.

 

[Cosmosent]

Customers who want to sideload apps can get a Mac, enroll in the $99/annum Apple Developer program, download Xcode, and learn to code (or learn to find source code on GitHub for) any apps that they want to sideload on any of their iOS devices.

Problem solved.

Nope, the main problem is that most of Apple's consumers are NON techies !

So, you're approach won't work, & side loading won't work, as they could be easily tricked into doing something they shouldn't be doing (i..e, installing the wrong app).

Apple's notary service is probably the best middle-ground option.

I use it for my one macOS app.

 

[TheMountainLife]

If sideloading isn't going to be a thing at least offer an option to revert app updates. I'm sure all of us have experienced some issue where dev team updates an app and breaks everything. (I'm experiencing this with Duo)

We're pretty much half way there with how apps can be pushed via installed profiles. My old job had the ability to remotely install/rollback apps that wasn't searchable in the App Store to the public.

 

[superberg]

This isn’t a security issue. Apple just doesn’t want to give up any money-making potential left in the App Store.

All the safeguards needed for side loading are already in place. It’s how devs test apps. Apple just doesn’t want to deploy it to regular users. There is a security aspect, yes, but the existing method of needing to approve a developer certificate is pretty safe and isn’t doing much to stop side loading as-is. The only real kicker is the seven-day renewal limit.

It’s about control, not safety. Safety is just the easy PR answer.

I’ve been a Mac user since 1993, and I find their stagnation over the last decade frustrating. The iPad Pro has an M1 processor and I can’t do much IT professional work without sending things off to be processed elsewhere. It’s powerful enough to manage multiple 4k video streams, but heaven forbid you want to do something INTENSE like reformat a drive or get the MAC addresses of devices on your network. The potential of the iPad Pro is so wasted by the arbitrary nonsense tied to the App Store.