Tim Cook: Users Who Want to Sideload Apps Can Use Android, While the iPhone Experience Maximizes 'Security and Privacy'

[boss.king]

As you mentioned, people like us, on this forum are not typical users. We don’t have to babysit our devices. My parents? Not so much.

Do they know how to install software from unknown developers on a Mac? Because if not, it's still not an issue.

We’ll just have to agree to disagree on the PC analogy… I think it’s pretty spot on. Androids are much more like PCs, iPhones work like a console.

This has nothing to do with Android. It's a fundamental misunderstanding of the implications of allowing sideloading as an option. It

You think that’s really true? How many Mac apps aren’t in the Mac App Store?

Lots, but not for the reason you're implying. Apps that come through the App Store can be gimped in a lot of ways because Apple restricts the use of certain features. Even apps that are available both through the App Store and outside of it are often more fully-featured when installed from the web.

The Mac also predates the App Store by decades. It's not the way people have learned to get their software on the Mac.

None of those apply here, as Apple could still comletely sandbox software from outside of the App Store.

 

[KevinAPearson]

Sideloading won't affect the security of your phone, so no concerns there.

Side loading can in fact effect the security of a phone and you should be concerned. Side loading an app that hasn't been checked for malicious code is like playing Russian roulette with your phone. Unless you are 100% positive that the app has come from a safe source. That's why the App Store is a safer way to load apps.
I take your point about the way the Mac deals with this but I still only download from sites I 100% trust.

 

[jman240]

Side loading can in fact effect the security of a phone and you should be concerned. Side loading an app that hasn't been checked for malicious code is like playing Russian roulette with your phone. Unless you are 100% positive that the app has come from a safe source. That's why the App Store is a safer way to load apps.
I take your point about the way the Mac deals with this but I still only download from sites I 100% trust.

You missed the point. They're saying if you don't opt in to sideloading then it won't affect you. You already know how this works with your Mac experience. Go into gatekeeper and turn off everything but the app store. There, now you're using your mac like a default iPhone.

 

[boss.king]

Side loading can in fact effect the security of a phone and you should be concerned. Side loading an app that hasn't been checked for malicious code is like playing Russian roulette with your phone. Unless you are 100% positive that the app has come from a safe source. That's why the App Store is a safer way to load apps.
I take your point about the way the Mac deals with this but I still only download from sites I 100% trust.

Only if iOS sandboxing is complete and utter garbage, but I'm willing to bet that that's not the case.

And even then, the thing about downloading only from sites you trust—you can still do that.

 

[Shanghaichica]

He tells no lies.

 

[Psychicbob]

Where can I buy TimmyCoin?

 

[Nicole1980]

Objectively true. Some people view their phones like toys, some do real serious work on them and can't afford security risks. I don't care about the ability to side load, I care about the device that has so much of my highly sensitive info on it being as secure as possible. Forcing Apple to allow side loading removes that choice from the market.

Huh? Allowing sideloading "removes choice"?!?! What kind of upside down logic is that?
If you want the most security, then dont sideload. But allowing me to sideload doesnt compromise your security whatsoever.

 

[ninecows]

Apple says sideloading is the cybercriminal’s best friend.

Apple allows sideloading on the Mac.

Apple is the cybercriminal’s best friend.

By their own logic.

You got your own logic up side down.

I’m pretty sure that if the Mac was invented today sideloading would not be possible. It’s only possible because removing it would break with a +40 year old principle/right of being allowed to install whatever you want on your computer.

They have already nudged users far away from total freedom with appstore for Mac and warnings when you install something not signed by apple.

 

[KevinAPearson]

Why do all of you think its some sort of flood gate. On android its a toggle with lots of scary warnings. You have to OPT IN. It would be pretty much exactly as things are now. If you aren't already going around and installing the current sidload methods then nothing changes for you. You'd still have to go actually download and install a sidloaded app, they wont just appear on your device because apple now allows it. Why is this hard?

I agree, having the option to allow side loading in settings like on Android could be an option but I don't think Apple should be forced to do that. As you said people who want to side load are probably already jailbreaking their phones and doing that. I think it's easy to jump into it without knowing the dangers.

 

[antiprotest]

They probe all your stuff on device so you don't need to sideload.

 

[960design]

I predict, Apple will lose this argument in court and will have to change their stance on this within the next few years.

I predict Korean based developers will be charged a monthly fee for all apps ( even the free ones ) to offset the current hosting, advertising and storage model.

"Side-loading" apps is currently available as an offline (or online) Progressive Web App. PWAs can host their own storefront - check:https://app.starbucks.com/menu
Make purchase, no money goes to Apple. PWA can be "installed" on any mobile device natively ( or Mac -> through Chrome ).

Case dropped.

 

[jman240]

You got your own logic up side down.

I’m pretty sure that if the Mac was invented today sideloading would not be possible. It’s only possible because removing it would break with a +40 year old principle/right of being allowed to install whatever you want on your computer.

They have already nudged users far away from total freedom with appstore for Mac and warnings when you install something not signed by apple.

LOL. The Mac would be utterly useless for developers if that was the case.

 

[cnnyy20p]

What about Windows phone? Classic Apple ignoring the competition

I used Windows Phone before and just like Windows RT they do not allowed side loading apps. ?

 

[randfee2]

"Side-loading" apps is currently available as an offline (or online) Progressive Web App. PWAs can host their own storefront - check:https://app.starbucks.com/menu
Make purchase, no money goes to Apple. PWA can be "installed" on any mobile device natively ( or Mac -> through Chrome ).

Case dropped.

while some functionality can be offered like so, access to the phone's API is not supported like on native apps, or is it?? (I don't know!).

 

[januarydrive7]

I'm going by think first, then act.

You mean "good sense" --- I don't believe it's so common.

But where is that huge attack vector on macOS, Windows, Linux, Android or Android-based systems?
I'm not talking about 1990s Windows, but modern OS'. Most security related problems today are PEBKAC problems. Or is that the problem Apple is trying to solve when not allowing sideloading? Protecting the "idiots" in a similar way we need warnings that coffee is hot or not to put a hamster in a microwave?

There were lots of stats thrown around during the Epic v. Apple trial. The general consensus (amongst the research quoted and used for evidence) is that iOS, though it has its faults, is an objectively more secure system amongst mobile operating systems -- I don't recall an in-depth analysis on where the breakdown was, but Apple's stance, under oath, was that it was in large part due to the open nature of other systems.

As far as PEBKAC problem -- I don't disagree; I've mentioned several times you (and likely many reading here, though it's fairly obvious not all), are not the average user -- common sense isn't good sense.

Maybe, yes. If that's the case, let's call it that. ?

You gotta dumb it up a bit for the sake of PR

 

[dumastudetto]

Great answer from Tim.

Those who don't value their own security and privacy should always consider Android as an option.

 

[mox358]

Do they know how to install software from unknown developers on a Mac? Because if not, it's still not an issue.


This has nothing to do with Android. It's a fundamental misunderstanding of the implications of allowing sideloading as an option. It


Lots, but not for the reason you're implying. Apps that come through the App Store can be gimped in a lot of ways because Apple restricts the use of certain features. Even apps that are available both through the App Store and outside of it are often more fully-featured when installed from the web.

The Mac also predates the App Store by decades. It's not the way people have learned to get their software on the Mac.

None of those apply here, as Apple could still comletely sandbox software from outside of the App Store.

I think we can just agree to disagree on this one. It’s been an enjoyable conversation though. I appreciate your viewpoints.

 

[jman240]

Great answer from Tim.

Those who don't value their own security and privacy should always consider Android as an option.

Nah. Tim just trying to save his fiefdom. Follow the $$$. Apple's earning call shows how much they make from being the exclusive provider of apps. "According to a CNBC analysis, Apple's App Store had gross sales of around $64 billion last year"

 

[ninecows]

LOL. The Mac would be utterly useless for developers if that was the case.

Agreed. And probably for a lot of other users. That would break a long tradition and remove a large chunk of existing users, so probably not gonna happen.
But they actually pushed it far and there’s no doubt that they would push it even further if it could be done without loosing important users.

 

[spainbran]

Great answer from Tim.

Those who don't value their own security and privacy should always consider Android as an option.

Most of the time the vulnerable security vector is the user and not the OS or the apps.

 

[ninecows]

Most of the time the vulnerable security vector is the user and not the OS or the apps.

Hence the need for an OS that would protect the users from their own stupidity.

 

[spainbran]

The OS will not prevent you from giving your access codes to a scam mail, nor will an external app steal it from you.

 

[ninecows]

The OS will not prevent you from giving your access codes to a scam mail, nor will an external app steal it from you.

Neither does a seatbelt or airbag guarantee that you’ll not die in a car accident, but still better than nothing, right?

 

[d686546s]

You were doing ok until the insult in the last sentence, and says more about you.

What does it say about me then?

No insult was intended, btw, nor do I think it was actually given. So many people here seem absolutely hell bent on having a platform that does not give them an option to install software that doesn't comply with Apple policies -- and I'm not talking about security related stuff or prevention of crime stuff.

They do all of this in the name of security despite in no way being forced to actually use software that wasn't distributed through the App Store, so nothing would change for them.

And they do so despite the fact that they probably use "sideloaded" apps on their Macs or PCs every day, sometimes even to handle very sensitive information.

If Apple really believed all the things they are saying they should immediately lock down the Mac and advise all their customers to no longer use any app they didn't get through Apple directly. No more Office or Photoshop directly from the vendor because it's a security risk. Seems far fetched and over the top? There you go.

Isn't it curious that the only "secure" way to get software on your iPhone seems to be the one that makes Apple money?

Therefore going back to "nannied," which I assume was the word you took offence with. What would you call it?

 

[spainbran]

If you drive too fast, it's your problem not the car manufacturer and not the other drivers.