Upcoming EU Sideloading Bill Would 'Cripple the Privacy and Security Protections' iPhone Users Expect, Says Apple

[VulchR]

Have you even visited the EU?

Up until Brexit I lived in the EU. And you?

 

[VulchR]

What is with the stupid analogies? ?

About the same as stupid commentaries, apparently.

 

[ct2k7]

Up until Brexit I lived in the EU. And you?

Given it is the UK,

Where have you experienced “Goes to McDonald's only to find EU has made them make space in their parking lot for a stand that sells KFC.”?

 

[VulchR]

Given it is the UK,

Where have you experienced “Goes to McDonald's only to find EU has made them make space in their parking lot for a stand that sells KFC.”?

OK - I think your sarcasm detector is a little rusty.

In any case, people vote with their wallets, and many people have chosen Apple specifically because the app store is curated (up to a point) and that companies selling apps must go through a vetting process. Side-loading endangers that if companies abandon the app store. If the EU actually wanted to enhance the user experience, they would make Apple provide guarantees about the security and safety of apps in the app store.

 

[Sophisticatednut]

Are you arguing for or against an unregulated AppStore? Are you also saying companies can re-brand the things as a “gaming system” and bypass these regulations?

If these regulations go through I imagine everyone(Amazon, Apple, etc) will just work around them. Amazon Kindle(and other Android tablets) might have it worse than Apple since Amazon has the added problem of supporting people on custom boot-loaders after this…

If this law only applies to devices with cellular connections I’m guessing Apple will start selling an iPod with an expansion slot. People in the EU will have to buy a “cellular module” to put in the iPod.

Haha, no this law uses a minimum amount of users over 3 years active in 3 or more EU states, And revenue as the minimum threshold. There is no loophole to use.

It’s not based on market share, or definition manufacturers use or profitability.

 

[JM]

I'm not sure why preventing sideloading and increases surveillance are always presented as two sides of the same coin.

Central distribution of software and central review is the absolute best thing that could happen to a surveillance state. Mandate the back door and mandate that the device manufacturer or App Store operator must ensure it's included, otherwise no dice.

Sideloading prevents that, to some degree, because users could still install applications from trusted sources not subject to those requirements.

I’m not sure I understand if you’re agreeing with me or not, or if you understood my argument, or if I’m just not smart enough to parse what you’re saying.

It seems like an interesting point you’re making, I just can’t understand it. Little help please?

 

[JM]

Would be interesting if Apple locked down certain APIs (like contacts, location, etc.) to only signed apps from the AppStore due to security. Then you could sideload boring apps like a calculator but they wouldn't be able to do much with the rest of the system. I doubt this would be allowed by the courts though.

Correct. that’s exactly the argument: it doesn’t seem like a good direction the EU is going, where the government can control and monitor your personal devices… and/or unknowingly create very insecure personal devices.

But disallowing core apps sideloading and disallowing full device access is an interesting solution!

 

[JM]

You do realise that Russia asked and Apple complied to that?

And this is a good thing you’re supporting?

 

[Piplodocus]

Just release a different version of iOS for EU and the secure version for everyone else. Apple already has a different iOS version for iCloud in China.
If Apple is worried that iPhone devices will get hacked by side loading just remove all connectivity to iMessage and iCloud in the EU version.
When you toggle side loading your device reboots and disables all Apple features like iMessage, FaceTime and iCloud.
If you toggle side loading off it reboots and deleted all apps that were side loaded and reenables Apple services.

? How come all of these Apple services work on my Mac then and I can sideload? Hilarious

 

[ArkSingularity]

OK - I think your sarcasm detector is a little rusty.

In any case, people vote with their wallets, and many people have chosen Apple specifically because the app store is curated (up to a point) and that companies selling apps must go through a vetting process. Side-loading endangers that if companies abandon the app store. If the EU actually wanted to enhance the user experience, they would make Apple provide guarantees about the security and safety of apps in the app store.

That argument could also be made for Android though. In fact, Android, by far, has a majority marketshare around the world. It's primarily in the US that iOS has become dominant.

 

[JM]

If you have to fear your government that much, I'm sure you would have other worse problems than sideloading.

Oh just let me have my slippery slope panic, will you? ?

Yes, of course there’s worse things to worry about than side loading, it’s just a worrisome development in the wrong direction, IMHO.

 

[laptech]

Apple in my opinion are doing what many other big companies do, they do not want to implement security checking because it will cost them money. Google (youtube) and Meta (formly facebook) put up and still put up heavy resistance to having to moderate their platforms. Ebay was another one to put up strong resistance as well. They all want to take the easy road.

Apple is slightly different here because they want to control the iphone, regardless of the fact that an iphone is bought and owned by the customer, Apple still insist that they be the ones to control what is done with it. Apple complain of security risks if sideloading went ahead. Simple, there are already iphone emulators out there. Design one that has secuirty controls built into it and get the many thousands of app store reviewers to run any new app through the emulator. If it flags up as a secuirty risk then dump it. It is something Apple can implement but they wont because it will cost them money so what easier way than to say 'but think of secuirty' as a way to avoid having to implement security checks.

 

[dk001]

At worst, the next step will be: Require Apple to allow governments to preload software on all phones sold in the region.

At best, the next step will be: Zero Day exploit that runs through contact lists and exploits everyone’s data because of just one person who sideloaded “Flappy Bird Returns!”(_V1rus H@x De@th Bl0w).

Awesome.

The goofy stuff some folks come up with forgetting if this was factual Android would be in this boat already.

 

[dk001]

I assume the same requirements will also apply to Xbox, Switch and PlayStation?

Why? I could see it eventually heading that direction but these types of equipment are in a whole different use ballpark.

 

[dk001]

Developers will require sideloading if you want their app. If you need the app (your job requires it for example), you're pretty much forced to sideload.

​

Once again ... why is this an issue?
My employer already has a separate corporate iOS/iPadOS store I get my work apps from. To quote a previous post of mine "The goofy stuff some folks come up with forgetting if this was factual Android would be in this boat already."

@jiminycricket - the same can be said for your concerns. Not seeing this on Android. Why would it be an iOS only issue?

 

[dk001]

Apple in my opinion are doing what many other big companies do, they do not want to implement security checking because it will cost them money. Google (youtube) and Meta (formly facebook) put up and still put up heavy resistance to having to moderate their platforms. Ebay was another one to put up strong resistance as well. They all want to take the easy road.

Apple is slightly different here because they want to control the iphone, regardless of the fact that an iphone is bought and owned by the customer, Apple still insist that they be the ones to control what is done with it. Apple complain of security risks if sideloading went ahead. Simple, there are already iphone emulators out there. Design one that has secuirty controls built into it and get the many thousands of app store reviewers to run any new app through the emulator. If it flags up as a secuirty risk then dump it. It is something Apple can implement but they wont because it will cost them money so what easier way than to say 'but think of secuirty' as a way to avoid having to implement security checks.

So true. The rhetoric by Apple is on the level of "won't someone think of the children!".

 

[PC_tech]

Wait until all the developers find out they still will have to pay Apple to put their product on an Apple device. It will end up being cheaper to stay in Apple’s App Store. smh

They pay already to put it on ?

 

[I7guy]

Apple in my opinion are doing what many other big companies do, they do not want to implement security checking because it will cost them money. Google (youtube) and Meta (formly facebook) put up and still put up heavy resistance to having to moderate their platforms. Ebay was another one to put up strong resistance as well. They all want to take the easy road.

Incorrect. Apple does not want to destroy the iOS ecosystem.

Apple is slightly different here because they want to control the iphone, regardless of the fact that an iphone is bought and owned by the customer, Apple still insist that they be the ones to control what is done with it.

No you can do what you want with the iPhone. Apple is not obligated to help you. It’s like buying a Honda Civic and having the government mandate that any other car manufacturers engine should fit in a civic.

Apple complain of security risks if sideloading went ahead. Simple, there are already iphone emulators out there. Design one that has secuirty controls built into it and get the many thousands of app store reviewers to run any new app through the emulator. If it flags up as a secuirty risk then dump it. It is something Apple can implement but they wont because it will cost them money so what easier way than to say 'but think of secuirty' as a way to avoid having to implement security checks.

Yup. It’s easy to fix because an anonymous Internet poster said so.

 

[I7guy]

​

Once again ... why is this an issue?
My employer already has a separate corporate iOS/iPadOS store I get my work apps from. To quote a previous post of mine "The goofy stuff some folks come up with forgetting if this was factual Android would be in this boat already."

@jiminycricket - the same can be said for your concerns. Not seeing this on Android. Why would it be an iOS only issue?

Your corporate store is regulated. Sideloading, alternative app stores are unregulated as the Wild West were.

 

[ArkSingularity]

​

Once again ... why is this an issue?
My employer already has a separate corporate iOS/iPadOS store I get my work apps from. To quote a previous post of mine "The goofy stuff some folks come up with forgetting if this was factual Android would be in this boat already."

@jiminycricket - the same can be said for your concerns. Not seeing this on Android. Why would it be an iOS only issue?

I'm a professional mobile application developer for a living. Trust me, Apple's tools are quite a bit more painful in terms of getting applications onto an actual device during development. There are a lot of hoops to jump through and it's caused problems at my company on more than one occasion.

 

[d686546s]

No you can do what you want with the iPhone. Apple is not obligated to help you.

Unless of course such an obligation is established in law, which is what the EU is trying to do in this case.

 

[d686546s]

I’m not sure I understand if you’re agreeing with me or not, or if you understood my argument, or if I’m just not smart enough to parse what you’re saying.

It seems like an interesting point you’re making, I just can’t understand it. Little help please?

Let's say a government I really really wants to be able to read your abs everyone else's messages, but end-to-end encrypted messengers make this really difficult, or stop you from using an app to organise protests or whatever.

If your only path to get software is through your country's official App Store, that's likely almost every iOS user, it becomes the single point of failure. Let's say this government makes it an offence to distribute e2ee messengers, Apple could not put them on the App Store and you wouldn't be able to use them.

Alternatively, you could mandate that every software has to include certain official ways to access information and Apple, as the official gatekeeper of the App Store, could be made responsible to only make software available on its platform that meets all these requirements.

Game over basically, really clunky web-based solutions notwithstanding probably.

An Android user, or even you on a Mac, might still be able to download and install from elsewhere.

How likely any of this is I don't know, probably more in some jurisdictions than others, but in this sense tgd App Store really is the choke point.

 

[Lihp8270]

I'm a professional mobile application developer for a living. Trust me, Apple's tools are quite a bit more painful in terms of getting applications onto an actual device during development. There are a lot of hoops to jump through and it's caused problems at my company on more than one occasion.

I found it fairly straightforward to put apps onto actual devices. The most complex hoop was the tax paperwork for apple.

 

[I7guy]

Unless of course such an obligation is established in law, which is what the EU is trying to do in this case.

Sure, but just in general there may be things that you want to do on the iPhone that you are in your own on.

 

[Ethosik]

I guess you’re not an average user… and that’s fine, and consider yourself lucky.

But the average person does NOT know and care which sites they are using…

I am always VERY NERVOUS downloading tools on my computers. Need to make sure the place I get DDU or FFMPEG is the correct one for example.