Please read the document proposal and understand what a gatekeeper is.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Upcoming EU Sideloading Bill Would 'Cripple the Privacy and Security Protections' iPhone Users Expect, Says Apple
- Thread starter MacRumors
- Start date
- Sort by reaction score
So the government (including legislative bodies) doesn't have the ability to create rules which it sees fit?
Seems to be news to most countries out there...
Don’t be sad, accept the reality, once EU Digital Market Act and EU Digital Service Act becomes active, you’ll get the best iOS ever, if Apple introduce it worldwide, otherwise just the EU will have the best iOS ever. ?
I think a lot of people misunderstand how this will be abused. No one is forcing anyone to sideload, but as soon as it possible to do so people will be creating malicious apps with step-by-step tutorials on how to install malicious program X, Y, Z to earn cyrpto or whatever. People will do it, then blame Apple. Moreover, enabling sideloading will allow people to more easily see what iOS will and won't allow and find new attack vectors, some of which may then be used to attack other devices.
I think sideloading should be allowed much the way it is in macOS with respect to system extensions, but perhaps take it even a step further. If you want to enable sideloading you have to login to the bootloader, explicitly enable Reduced Security, turn off SIP and enable Permissive Security. Things like iCloud and ApplePay will probably be disabled and they should allow AppStore developers to choose if their software should run or update in an environment that isn't signed. Sideloading needs to be possible but difficult and extremely explicit about how you are reducing the security of your system. macOS does a pretty good job of this, so Apple does already have a model. I'd love to have an iOS device that I can really use for experimentation and testing.
Last edited:
Can’t argue with that.
I’m glad they paused, but wow did it seem like they didn’t have any idea what they were doing or how the public would react! It seemed very abnormal.
People will be people - in the UK, most banks implement some sort of MFA for addition of payees, and in some cases for the sending of payments. Banks tell customers not to share the authentication code with others, and they do... well you know what happens.
Back to your point, if Apple implements this with sandboxing and only allows the installation of signed apps, this shouldn't be a problem, of course an inclusion of a Security & Private "Allow apps downloaded from..." would be an interesting approach.
That said... iOS is so great that Pegasus had a ride.
Consumer have the exact same rights. This is about obligations when a company hits specific qualifications. Currently consumers have fewer rights when buying apple devices, and isn’t relevant to the legislation you obviously have zero clue about.
It is, if they can be classified as gatekeepers. And it’s not side loading, but just installing programs they haven’t approved.
Read the legislation before you talk about things you don’t understand
I’m sorry but a visa or MasterCard have zero of these functions. The payment terminal does all the calculations. The chip is just a glorified notepad but harder to read compared to a paper or magnetic strip
It could be an ice cream, the legislation doesn’t use computing as a criteria for core platforms
- Online search engines (ex: Google Search)
- Online intermediation services (ex:Google Play, App store)
- Social networks (ex: Facebook)
- video sharing platforms (ex: YouTube);
- communication platforms (ex: WhatsApp, Gmail);
- operating systems (ex: Google Android, iOS);
- Cloud services (ex: Google Cloud Platform)
- Advertising services (ex: Google Ads)
they understand it completely, I recommend you actually read the legislation. Console are not affected as they don’t fulfill the gatekeeper criteria and will be left alone.
If Apple implements sideloading with sandboxing then the goal post just moves and developers want more. And then the signing certificate inevitably becomes contentious because it ends up being the only mechanism of control.
It really needs to be all or nothing. This is the model that MacOS is transitioning to, so I don’t see any reason why iOS would go backwards. The “Allow apps downloaded from” is only going to be around for a few more releases.
And really I think this is the best solution because you have no halfway/obfuscated security solutions. It’s all very clear: You either run what the manufacturer approves and hold them liable if it fails, or you take control of the system and you are liable for its security. It would also give Macs and iPhones a life behind the manufacturer supported OS. One thing I hate about Apple right now is that I have thousands of dollars of devices that are no longer supported with software updates and it’s hard to repurpose them. It’s not impossible, but I’d love a clear option to turn off everything and just install some other OS that will still provide security updates that run on that hardware.
Apple has to address the e-waste issue at some point and I think a permissive or essentially “no security” option is a great way to do it. They could even make it an irreversible decision (at the hardware level) if necessary.
No, they don't. Countries like the United States are beholden to charters and constitutions that prevent the government from doing whatever the hell it wants. The rest of the world that doesn't have such sensible protection is ultimately ruled by tyrants.
Come on - I literally included a link to the specification!?
EMV cards with Dynamic Data Authentication are a thing today. They receive random values from the terminal, cryptographically sign them and return Signed Dynamic Application Data to the terminal. This does entail cryptographic computing capabilities.
Modern EMV payment cards are smart cards that do contain a microprocessor, memory, an operating system/firmware (e.g. Java Card) that can run applications. In short: they certainly are (albeit tiny) computing devices.
Last edited:
So what you’re saying is that they can, given compatibility…
In other words, government and legislative branches can create laws.
I disagree that the UK, Israel and New Zealand are rules by tyrants.
i hear ya, but thats not how politic works, only something that has gain tractions does the politician take a stance. should this be a blanket rule across the board for all devices? yeah it should, but will the gov't go chase down every niche devices across different market to make this happen? doubt it since they don't have the manpower to do that.
Or the workers at the ship yard actually buillding that damn thing. Id we strart clipping the mega yacht funds one by one there will be kess wirk fir the ship yatprcs so less work for the people working theere and allso their suppliers. Remember folks the trickle down economy works perfectly smoothly when it comes to negative effects it's just the trickling down of positive effects tha somehow works way less eficiently
The constitution itself is ultimately nothing more than a set of rules established by a given country. Constitutions can, have and will be modified by whatever process a given country has in place to enact such amendments.
Well that’s interesting, I guess government around the world have just governed wrongly. I wonder who will stop the government from being a government then.
I’m sorry but we are aware, but you are talking about adults being babied here. At some point personal responsibility must be a thing.
The people.
That’s not the point. As I said this is a prime example of why,imo, big tech might be no-tech for the EU.
They aren’t general computing device, they are designed for one thing specifically ?
They are, very much, general computing devices. Designed for many things, such as internet browsing, TV watching, music listening, movie watching and general media consumption.