Hacker News new | past | comments | ask | show | jobs | submit login
Epic, Spotify, and Tinder form advocacy group to push for app store changes (appfairness.org)
913 points by poorman 28 days ago | hide | past | favorite | 1013 comments



All the arguments about what company is most evil entirely miss the point.

You don't make a decision on a specific issue based on what company you like more, you base it on who is right on the specific issue.

From an ethical perspective that's what having a codified rule of laws is all about. Everyone get's the same rules no matter how much you like them. You don't arbitrarily punish people for doing things you don't like by denying them unrelated things that they are entitled to unless you go in front of a judge and get a judge to order that as a punishment for doing the thing you don't like.

From a entirely practical and short term perspective these decisions do not just impact the companies you don't like, they also impact everyone else because our legal system puts a very heavy weight on precedent.

I'm strongly reminded of the quote "Freedom of speech doesn't protect speech you like; it protects speech you don't like." (though obviously in this case it is applied to justice in general instead of speech in particular).


The question from a principle standpoint is - can a company create an area where trust / safety / security are prioritized. T

Developers no doubt disagree with this, they have created a web that is filled with crap. Let's be 100% clear about that.

Spam calls via voip, spam into email, ddos floods of every sort imaginable, impossible to unsubscribe, cramming and slamming on subscription renewals and the list goes on. They don't want root on your device to help you, but to screw you in enough cases that you shouldn't give them root. Trust / security / safety are low low low on the list of almost all startup and other developers "growth hacking" etc.

Apple wanted to create their own little world. Phones with updates that keep on getting updated, an app marketplace with much more transparent pricing (lot less fine print), and the list goes on.

You need to look at what apple is doing in context. The world on the net developers and hackers here on HN have created is terrible in many ways for many many people. At some point folks are just tied of the endless scams.

Now the same folks who trashed a lot of the rest of the web (do you answer your phone when an unkown number calls?) want into the walled apple garden.


To keep the continuity of discussion, I assume that this comment was posted here because my top level comment was in part a reply to your (temp667's) comment here: https://news.ycombinator.com/item?id=24579860

I appreciate the attempt to connect this to the anti-trust suit, but I don't see this as a good justification for why your original critique is relevant for a few reasons:

- Many of the practices in your original critique are allowed on (or not prevented by) Apple's app store. The argument you are making here only makes sense as pertaining to anti-trust to the extent that you are critiquing practices that Apple is preventing.

- It doesn't particularly matter whether the people trying to overturn Apple's practice are the bad actors, or third parties are, since the lawsuit affects all parties (third party or not) equally. So while you could make a consumer benefit argument based on bad actors (indeed, Apple has tried to in the lawsuit), it makes little to no sense to focus on the parties suing (and simultaneously falls into the trap of just arguing that people you don't like don't deserve justice).

On a separate note - I also find the argument for Apple's bundling of services here unconvincing. I have seen no argument for why Apple's curation service needs to be bundled with the phone - which is the prerequisite of the anti trust suit. Consider that apple could perfectly well sell the hardware and OS, and separately sell (or even offer for free) a software package that locks out third party app stores and third party payment providers. Doing so would practically destroy any argument that they are using their monopoly on IPhone hardware and IOs to acquire a monopoly on app distribution and payment services. To the extent that people find the lock in useful, I expect they would install that software package.


Apple does not have a “monopoly on iPhone hardware and iOS”. This is a fundamental misunderstand of the term. You cannot have a monopoly on your own product, because a monopoly is a state of a market and your own product is not a market.

Understanding this is fundamental to the actual legal issue at hand. First, the argument against Apple is not that they are bundling an App Store with their iPhone.

The argument against Apple is that they are restricting behavior that Apps may perform on their Store and also disallowing other stores. If their App Store was downloaded separately but then enforced the same restriction, you have exactly the same legal issue. Implementing the App Store to be a separate manual download, but keeping the same restrictions in place if it is installed, would be just as illegal as exactly what they are doing today.

They would have to at least allow installing multiple App Stores side by side, if not eliminate certain contractural provisions of being able to publish on the Apple App Store itself.

As for why Apple’s curation is bundled with the phone, it’s not a question of whether it “needs to be” that way, it’s a question of why Apple chose to do it that way. They chose that route for a myriad of very significant reasons relating to user experience, usability, privacy, security, safety, brand & reputation, performance, and accountability. From a financial standpoint they chose it because it ensure apps are profitable for both Apple and Developers, as well as consistent and predictable for end users. They also eliminate almost all software piracy on their platform with their model, which increases App Store revenue.

Their model enables HCI, Privacy, and Billing policies which they can enforce platform-wide, and which they can demand otherwise abusive apps to follow, simply because there is no other option if you want access to Apple’s customer base.


"They chose that route for a myriad of very significant reasons relating to user experience, usability, privacy, security, safety, brand & reputation, performance, and accountability."

This is incredibly naive.

They chose it to be this way for the purposes of profit.

Android is testament to the fact that high degree of quality and security and consistency can be maintained without any of the most iOS aggressive restrictions.

There is no material difference between security on either platform, they're both generally fine, apps are great on Android and people are not falling off the side of the earth because of 'scams or fallouts' regarding Android.

The existence and relative quality of the Android universe renders most of the arguments for iOS walled garden moot.

The term 'monopoly' may not apply perfect, but it's reasonable in the discussion, the anti-trust issues are obvious and have many historical parallels.


If andorid is great, then folks will pick android. That's fine and competition.

Things are a lot cheaper on android to, so they win on price.

The one android phone I ever purchased

1) Shipped with bloatware in the base install (!!!)

2) Shipped with an older android version.

3) The updates never came

4) The messaging story was CRAP (unsecured SMS / spam SMS)

Meanwhile I'm getting 4-5 years of updates on every iphone I have ever purchased. I've never gotten spam imessages I don't think. etc.

Apple choses these features because they think it will let them charge more for their stuff - which I think it does. Making a product people want by reducing scam behavior shouldn't be illegal, and people wanting your product and being willing to pay extra for it doesn't make you a monopoly. Def makes apple rich though!


> This is incredibly naive.

Maybe you stopped reading. I also said they did it for financial reasons.

To say they did it purely for profit is overly reductionist.

But in the sense that they believe the policies they have put in place make their device superior in the market, and make the App Store generate more dollars per user (both for Apple and for Developers), then you could say that profit is always an underlying motive. As it is and as it should be in capitalism.

Whether you believe Android is great or not is irrelevant. I personally think you are glossing over some very high profile failings and failures of Android, but it’s totally besides the point. Similarly totally irrelevant whether they could have made different technical and policy choices over the last 12 years which may or may not have obtained the same or similar outcomes.

Apple does not owe anyone the right to distribute their Apps on Apple’s own store, no more than any product can demand placement on their own terms in any store. Only if Apple holds a monopoly on smartphones could Apple’s right to enforce their own policies on their own phone be limited. That’s why the term monopoly is important.

The existence and relative quality of the Android universe renders disagreements over Apple App Store policy beyond the reach of an anti-trust act.


> Apple does not have a “monopoly on iPhone hardware and iOS”. This is a fundamental misunderstand of the term. You cannot have a monopoly on your own product, because a monopoly is a state of a market and your own product is not a market.

Precedent deeply disagrees with you on this. At the supreme court level see Eastman Kodak Co. v. Image Technical Services Inc. To quote the first paragraph of wikipedia out of laziness: https://en.wikipedia.org/wiki/Eastman_Kodak_Co._v._Image_Tec....

> Eastman Kodak Co. v. Image Technical Servs., Inc., 504 U.S. 451 (1992), is a 1992 Supreme Court decision in which the Court held that even though an equipment manufacturer lacked significant market power in the primary market for its equipment—copier-duplicators and other imaging equipment—nonetheless, it could have sufficient market power in the secondary aftermarket for repair parts to be liable under the antitrust laws for its exclusionary conduct in the aftermarket.[1] The reason was that it was possible that, once customers were committed to the particular brand by having purchased a unit, they were "locked in" and no longer had any realistic alternative to turn to for repair parts.

This has been held at the appeals court level to apply to products as well as repair services (because why wouldn't it). See newcal industries v. ikon office solution. Unfortunately since a large portion of the opinion focuses on this, it's hard to find a single quote that summarizes. Read the background and then search aftermarket in the opinion: https://www.leagle.com/decision/20081551513f3d103811540:

Here is my best attempt at picking out a relevant paragraph that explains the law:

> Taking these cases together, three relevant principles emerge. First, the law permits an antitrust claimant to restrict the relevant market to a single brand of the product at issue (as in Eastman Kodak). Second, the law prohibits an antitrust claimant from resting on market power that arises solely from contractual rights that consumers knowingly and voluntarily gave to the defendant (as in Queen City Pizza and Forsyth). Third, in determining whether the defendant's market power falls in the Queen City Pizza category of contractually-created market power or in the Eastman Kodak category of economic market power, the law permits an inquiry into whether a consumer's selection of a particular brand in the competitive market is the functional equivalent of a contractual commitment, giving that brand an agreed-upon right to monopolize its consumers in an aftermarket. The law. permits an inquiry into whether consumers entered into such "contracts" knowing that they were agreeing to such a commitment.

So I don't think it's a slamdunk whether or not Apple's secondary markets here are aftermarkets that anti trust can be applied to because of the third point in the above paragraph, but it's not a slamdunk the other way either, and your claim that you can't have a monopoly on IPhone apps because IPhone is apple's product is fundamentally flawed (rather, if it's true, it's because purchasing an IPhone is akin to signing a contract that you will only use IPhone apps distributed from Apple, and that you will only use Apple's payment system on those IPhone apps).


Note that Eastman Kodak is viewed in legal circles as the exception to the general rule of disallowing single-brand relevant markets, due to the particular circumstances of the case.

In Kodak, customers originally purchased Kodak copiers without any restrictions, and then several years later Kodak changed their policy and stopped selling repair parts to third-party servicers, which left customers locked into buying repair services from Kodak instead.

In Newcal, IKON amended their lease agreements with their customers without disclosing to the customers that the length of their service contracts would be extended as well, similarly leaving customers locked into buying services from IKON.

In both of those cases, there was an element of deception, and customers did not know that they would be restricted in the aftermarket when they made their original purchase. It's tough to argue that those circumstances apply here, since Apple's policies have been clear since the launch of the App Store and have never changed. In fact, some courts have interpreted Kodak to mean that absent a change in policy, Kodak does not apply.

Note that the paragraph you quoted specifically says: "the law permits an inquiry into whether a consumer's selection of a particular brand in the competitive market is the functional equivalent of a contractual commitment, giving that brand an agreed-upon right to monopolize its consumers in an aftermarket." I expect Apple will be able to successfully convince the court that this is indeed the case.


If I was epic I think I would be focusing on the fact that consumers generally don't have any idea about the restriction on payment providers, and that the terms of that restriction have changed over time.

But that gives up on half the case, so we'll see what they do.


That's true, but for Epic's tying claim they've argued that the tying product is iOS app distribution and the tied product is payment processing, which again relies on establishing that iOS app distribution is in fact a valid antitrust market.

If that fails, they might be able to amend their claim to argue that iPhones are the tying product, but then that opens up a different set of questions about how much market power Apple has in the overall smartphone market.

(They also need to establish that payment processing is actually a distinct product or service from app distribution, which is not necessarily obviously true and depends on a separate set of factors.)


> "Your claim that you can't have a monopoly on IPhone apps because IPhone is apple's product is fundamentally flawed".

I never claimed that at all.

It's a question for the courts to decide if it wants to allow Apple's current App Store contract to stand, and if not, what remedy they propose. But it wouldn't be because Apple has a "monopoly" on the iPhone or iOS, it would ride partly on the question of, from your own source, "whether consumers entered into such "contracts" knowing that they were agreeing to such a commitment", and I suppose partly on whether the contract is illegally anti-competitive even if it was entered into knowingly.

Further quoting from your own source, Newcal v Icon;

"First and foremost, the relevant market must be a product market. The consumers do not define the boundaries of the market; the products or producers do. Second, the market must encompass the product at issue as well as all economic substitutes for the product. As the Supreme Court has instructed, "The outer boundaries of a product market are determined by the reasonable interchangeability of use or the cross-elasticity of demand between the product itself and substitutes for it." As such, the relevant market must include "the group or groups of sellers or producers who have actual or potential ability to deprive each other of significant levels of business."

Further reading of that case (a great example by the way) involves discussion of an interesting case against Domino's pizza. Franchisees attempted to sue because they were contractually required to purchase ingredients from Domino's, and Domino's therefore held a monopoly on their ingredients. It's not that substitute ingredients didn't exist, they just weren't allowed by Domino's to buy them.

Similarly with the App Store, it's not that other apps don't exist, it's just that contracturally, iOS doesn't allow you to download them. There is a competitive market for apps (very clearly!) but yet the market for apps on an iPhone is contractually limited in a way which you might be tempted to call a monopoly. The Third Circuit ruled otherwise. As long as customers knowingly entered into this contract, the existence of the contract provision does not create a illegal monopoly.

> "The Third Circuit held that the contractually created difference among otherwise-substitutable products was insufficient to create an economically distinct antitrust submarket."

The counter argument is given as Kodak v. Image Technical Services. In this case, Kodak is monopolizing the market for repair parts and services. The Supreme Court rules that buyers of Kodak machines could not reasonably predict that such a purchase would lock them into buying overpriced Kodak parts and services down the line.

> The Court rejected that analogy on the ground that the consumers could not, at the time of purchase, reasonably discover that Kodak monopolized the service market and charged supracompetitive prices for its service. Id. Kodak's market power in parts and services, therefore, did not arise from a knowing contractual (or quasi-contractual), arrangement.

By comparison, no one who is buying an iPhone could reasonably be unaware that the App Store is the only way to install apps on it.

More importantly, Apple isn't being sued by consumers. It's being sued by App Developers, who did certainly quite knowingly enter into a contract with Apple to write apps for their platform.

I don't know of any statue that requires Apple to provide access to their own device to third party software developers. Third parties can write an app for iOS or not, but when they do so, developers enter into a contract with Apple that decidedly comes with some conditions.


If that first sentence isn't what you meant then I'm afraid I've totally missed your point, and continue to miss it.


Perhaps I don't know what you mean "monopoly on iPhone Apps". I said they don't have a monopoly on iPhone or iOS, because such a statement is nonsensical.

It seems to me that you moved the goalposts to talking about iPhone apps.

I mean, they obviously don't have a monopoly on iPhone apps either (probably 99.99% of all apps are not written by Apple). What they have is significant and costly contractual terms which they require developers to agree to before they let you publish an app on their device. Some argue that those terms may be illegally anti-competitive, but it wouldn't be because of a "monopoly".

The court case you referenced emphatically states that explicit contractual provisions cannot form the boundaries of an antitrust submarket.

Fundamentally consumers have a choice when they buy a smartphone. They can choose from several different manufacturers, and the market is highly competitive. The whole beauty of a capitalist market is that companies get to choose the features and experience their product provides to differentiate themselves, and as long as consumers have a choice between products, those products should live or die based on those features and experience.

Apple is clearly doing quite well in a highly competitive market making the product design choices they are making, because consumers are choosing that experience over the alternative.

To bring it back to the Kodak case, if we were to consider whether Apple has a monopoly on iPhone repair & service, I would say, "Hey gpm, that's entirely possible. I don't know if they do or don't, but it's important that they aren't anti-competitively dominating that market!" Repair and service of a brand is logically quite different from the brand itself.


> To the extent that people find the lock in useful, I expect they would install that software package.

Deep down I would guess that most people will still object on consequentialist grounds, because they know that not enough people will opt in unless forced, and so vendors will be able to ignore the walled garden. Apple sure as hell wouldn't be able to take 30% if there were other ways onto the iPhone, as big vendors would avoid it, thus requiring most users to give up the safe walled garden.

I still come out strongly against Apple on this one however as I am not a consequentialist.


Selling separately destroys the iPhone brand and business model. Far fewer would pay for a separate OS, iPhones would have to be more expensive if they didn’t bundle a services component, customers wouldn’t trust iPhone as much.

There is a simple solution, and it’s not misguided delusional antitrust talk. It’s buying the other type of smartphone that is 85% of unit sales world wide.


Two choices for something as complex as a smartphone does not make a free market.


It’s far more than two choices since their are hundreds of Android manufacturers, many whom add their own software to the stack. It’s more like dozens of differentiated competitors, of which Apple is rate largest but still only a small minority of the market.

There aren’t many freer markets. The automobile business was still a free market when Henry Ford refused to paint cars in your choice of color.


And how many of those phones don't run Google Play Services?

Right now your choices are "Google doesn't spy on me" or "I can sideload apps or use alternative stores".


You don't have to agree with apple, but they clearly think the halo effect of having just one reasonably fair app store on their platform increases their platform brand power and profits both. I think they are right.

Can I ask a question. When your elderly parents or kids ask for a phone (assuming they are not developers), does it give you no comfort that if its an apple from end to end including app store things will be a bit more reasonable?

And you do realize if things are unbundled, then EVERY phone company will dump their crap onto every users phone except for the folks who know enough to go uninstall / use the lockout thing you are talking about. And you don't think that will damage the overall apple brand?


> You don't have to agree with apple, but they clearly think the halo effect of having just one reasonably fair app store on their platform increases their platform brand power and profits both. I think they are right.

I agree, but "it makes us more money and gives us more power" has never been a defense against anti-trust law. Indeed if this was not true I imagine that anti-trust law would never have been necessary in the first place.

> Can I ask a question. When your elderly parents or kids ask for a phone (assuming they are not developers), does it give you no comfort that if its an apple from end to end including app store things will be a bit more reasonable?

First I have to point out that the unbundling solution solves this problem entirely. I just install the "lock this to the apple ecosystem" software before I give them the phone and I get all the current benefits as it pertains to children and elderly tech-dependents with none of the anti-trust issues.

I have to admit that I can only answer this question in theory. I have no kids (and don't plan on future kids) and my parents are more technically competent than average. The extent that I manage their technology is "this is good value for the price" and installing ublock origin everywhere.

The honest theoretical answer though is I don't think it would. There are a number of reasons for this.

- I really don't trust the app store to stop abusive behaviors in the first place.

- I could lock probably lock down an Android to the extent that I'm as happy as I would be with an apple (not very).

- I would (and do) worry a hell of a lot more about the internet than I would (do) about apps.

- I worry about the internet a hell of a lot more on IPhones than I do on androids, because I can't install a proper adblocker, because of Apples anti-competitive policies regarding browsers (the ad blocking api's in safari are gimped compared to firefox).

- At the point where I don't trust someone with a phone, I also wouldn't trust them with a credit card in general... at which point none of the payment stuff is problematic (But I acknowledge that the social reality w.r.t. the elderly and credit cards makes this a hard problem).

> And you do realize if things are unbundled, then EVERY phone company will dump their crap onto every users phone except for the folks who know enough to go uninstall / use the lockout thing you are talking about. And you don't think that will damage the overall apple brand?

This can be solved with apple only providing phones to sellers who agree not to do that easily enough. While I know epic has some issues with this strategy (as it pertains to Google and pre-installing fortnite) I do not.


> I worry about the internet a hell of a lot more on IPhones than I do on androids, because I can't install a proper adblocker, because of Apples anti-competitive policies regarding browsers (the ad blocking api's in safari are gimped compared to firefox).

This is silly. Who determines what a "proper adblocker" is? There are plenty of adblockers available for iOS. In fact, you can even use Firefox AS an adblocker.

This is a non-issue.


I am not surprised to see a downvote. It's sad to see that the Apple hatred from reddit has spilled over here as well. Was anything I said inaccurate?

No, it wasn't. OP there made a ridiculous complaint and demonstrated a lack of technical knowledge. Yet I get voted down for being correct?

I see.


On the ad-blocking side, Android fans are blowing this out of proportion.

First of all, Safari’s content blockers, while far less capable than uBO, are pretty adequate for the time being. In my experience, iOS Safari + Wipr is fine.

Also, and this point is underrated, content blockers work in most app web views. For example Twitter’s or Gmail’s. Not all web views of course. Facebook for example chooses to use a web view, for opening links, that doesn’t have support for ad blockers.

Moreover, alternative browsers, such as Firefox, or Edge, or Brave, or Vivaldi, could still implement ad blocking. Not via an extension, but built in. And they in fact do. Microsoft’s Edge included.

Firefox on iOS is a little weak of course. They are only blocking domains meant for tracking, and they use the Disconnect list. Which is rather short. But they do take care of common ad exchanges, when in strict mode.

Also, Safari itself blocks third party tracking by default. It doesn’t block the requests themselves, but it does block the cookies they set. So it doesn’t block a request to Google Analytics, but it does block its cookie. New in iOS 14 is that this capability became available to all web views. So including Firefox on iOS. Users have to opt-out if they don’t want it.

Also iOS 14 has disabled the advertising ID, by default. Users have to opt-in explicitly, screwing the plans of Facebook, whose SDK is used by a lot of apps to gather metrics.

I would love to have full Firefox on iOS, but truth is, this is a false narrative. Given Firefox’s popularity on Android, I can tell you that iOS users are in fact more protected from trackers and ads, out of the box.

And it’s not just about Firefox’s popularity btw, I’m a huge Firefox supporter, but on Android it sucked in terms of performance, behavior, and compatibility with the web. From simple things, like pinching to zoom, with the fonts getting all blurry. As a technical user, you might live with that, but you wouldn’t subject your parents to it.

You make it seem like on Android you have choices. Well, not really. Most people use Chrome, or Samsung’s browser. On iOS, did you know that the only browser without ad blocking capabilities is Chrome?

Not to mention that you can also do DNS-level blocking, via NextDNS, or Pi-hole.

And there’s another aspect. My son has an Android and a majority of games are ads-driven. Imagine a drawing app that forces kids to click for more ads in order to receive clues/rewards, without which they can’t advance in the game. Quite brilliant if you ask me. It also forces them to disable any ad blocking that their parents installed ;-)

Well, on iOS people actually spend money on apps. And Apple has a new subscription even, called Apple Arcade, which gives people access to a collection of games without any ads, or in-app purchases. Just pay a subscription, and the games can’t play tricks on you. This is what curation does.

Unfortunately my son wanted an Android for now. So I’ll have to wait about 2 years, until his Android tables becomes unsupported and obsolete. And in the meantime my iPad Pro from 2015 will still be upgradable to the latest iOS.

If you’re saying that you can’t trust iOS’s ecosystem more than Android, for you children, then you’re seriously unfamiliar with it, sorry.


> From simple things, like pinching to zoom, with the fonts getting all blurry.

This is an aside to your conversation, but just wanted say we're currently rolling out webrender to more devices in the new version of Firefox for android, and it fixes the blurriness when zooming.


That's awesome to hear, thanks!

Also I like the new version on Android, hopefully it will reach feature with the older version.


Sure Apple can create their area of trust/safety/security in their apple store allowing those who want that to stay there. They can't however do that on a device they've sold to customers.

The question from a principle standpoint is - can companies stop a customer from modifying a device they own when it only effects the customer.

Or more realistically there is more than one question and you have to make trade offs between the right answer to all of them (and what people believe the right answer to be).

My view is: Make it hard to install out of App store, warn people about all the security/trust/safety there losing each time they enable a fine grained permissions. It's a simple security rule; don't install anything not in the app store, yes pay the 30% premium for that security. Yes it's not perfect but the current situation definitely isn't either.


>Trust / security / safety are low low low on the list of almost all startup and other developers "growth hacking" etc.

Yeah I find this general argument that developers should be "trusted" with the "freedom" of an "open" ecosystem, with all those happy buzzwords, so off-putting. I mean, sure, I might perhaps trust the small indie developer working out of his basement to not screw me over, but by and large the software that end users are interacting with are coming out of faceless billion dollar behemoths looking to squeeze every dollar out of their users (and associated data) as possible. I have zero reason to trust them, particularly given the conduct of the Internet giants (ahem... Facebook).

Perhaps if these businesses had a more user-friendly business model, end users would've been comfortable using a less restrictive mobile software platforms, similar to what we used to have on desktop computers. Facebook et all have reaped what they sowed, and they get zero sympathy from me regarding their App Store situation. They're the reason that users (even on HN) generally celebrate when Apple imposes an ever growing list of privacy restrictions on their activities.


Apple can have their garden, nobody is complaining.

The issue is one of choice and consumers ability to go beyond the walled garden.

The issue of 'scams' is a canard: there are browsers on iPhones that allow users to be involved in any number of hustles.

"Now the same folks who trashed a lot of the rest of the web (do you answer your phone when an unkown number calls?) want into the walled apple garden."

This just doesn't make any sense, moreover, it has nothing to do with 30% margins.


> Apple wanted to create their own little world. Phones with updates that keep on getting updated, an app marketplace with much more transparent pricing (lot less fine print), and the list goes on.

Other than anti-trust and similar laws, there is nothing stopping Apple from eventually creeping it onto the web. It's "their" device after all.


The wider context around the specific issues can still be useful in deciding what's "best" (distinct from "right"). EG: look at the antitrust case Apple lost over eBook pricing. The rules said they should lose in order to ensure a fair market for eBooks, a minute's consideration of the wider context said that if they lost Amazon would suck up the entire market. Which it did. The net result, even if narrowly within the rules, was a loss for consumers and for competition


No, the rules say organizing a price fixing ring is illegal. The result of which was literally to simultaneously raise prices for consumers across all platforms.

It's particularly ironic in this case because the whole point of the exercise for Apple was to increase prices so they could still charge their extortionate 30%. Amazon wasn't remotely that greedy.


That’s the silliest perspective on this case you could have. Apple gave publishers the right to set their own prices, but in return required they don’t undercut those prices on other platforms.

Apple had only a a small market share at the time. Publishers could have said, nah, we are happy with Amazon, and refused to agree to Apple’s terms. This is about as clear a free market as one gets, that it became an antitrust issue shows how crazytown antitrust law has become.

This was attractive to Publishers because they were terrified of an Amazon monopoly. Amazon selling ebooks at cost did nothing for Publishers long term because it was killing other ebook competitors. This offered a viable competitor to be an ebook outlet.

Instead the misguided Justice department and a judge made Apple back down and what do we have now? Exactly what publishers feared, an Amazon monopoly.


"It's awful that a $2 trillion tech company's price fixing conspiracy flatlined and consumers in 2020 pay really low ebook prices. What is American justice coming to?"


Do we, though? I feel like most ebooks on Amazon are priced similarly to their paperback counterparts, or at least not significantly lower to the point that it reflects the fact that they don't have to manufacture a physical good or get someone to drive a truck to bring it to me.


I mean you’re tying value to cost which is weird for art (which is the majority of e-books, novels)

This is like complaining a painting is too expensive because the canvas and paint only cost 100 dollars.

The major value of a book, to a consumer, is the words it contains not the paper it’s printed on.


Forget art, they're a software developer working for a software company that produces software for other software developers. Zero physical items created. Sit around all day getting paid great money to produce nothing tangible and then thinks something dodgy must be happening for ebooks to be close to physical books in price. Very odd.


> The major value of a book, to a consumer, is the words it contains not the paper it’s printed on.

Yes, and that's exactly my point.

If a paperback book is priced at $10, and it costs $2 to manufacture, $1 to ship, and $3 to market (made-up numbers, but the values don't matter), with the rest going to the author/publisher, then we're saying that piece of art is worth $4. If the e-book edition costs $8, perhaps that $3 marketing cost is still there, but the marginal cost of storage and distribution is probably a few cents... so somehow now that piece of art is worth $7? That doesn't add up.

I mean, I get it: the price you pay for something is generally just the highest price that the market will bear, a price that maximizes profit... and the "intrinsic value" of something doesn't matter or maybe doesn't even exist. Even the cost to produce it may not matter, if the seller wants to use a particular item as a loss-leader.

What I object to is, back when e-books started being a thing, the big promise was that they'd be so much cheaper than physical books, because the marginal cost to "produce" and "ship" one is near-zero. But of course that promise never materialized; it was just marketing to get people to buy Kindles.


From the Department of Justices perspective value is tied to price. They wanted to stop Apple from asking for price parity with other outlets because it would drive prices up.

And what happened after their victory is that prices didn’t go down, they look like they went up.

Of course this has little to do with the artists, they typically don’t get to price their novels, and only get a royalty that’s not likely impacted much either way. Higher prices are higher royalties per unit, sure, but if they lead to lower unit sales it’s not likely better.


Price = value of art + distribution cost

The art itself hasn't changed, so it makes sense to demand that the price follows when the distribution cost approaches zero.

As for whether that would actually happen...


"This is about as clear a free market as one gets, that it became an antitrust issue shows how crazytown antitrust law has become."

It has nothing to do with platform prix fixing, it has to do with de-facto monopoly over a portion of US mobile devices, or rather, an oligarchy between Google and Apple.

The same issues existed with oil, electricity and telephone networks - there were claims of 'choice' but really there was not.


Royalties for self publishing an ebook on Amazon top out at 70%.

https://kdp.amazon.com/en_US/help/topic/G200644210


Are you suggesting someone other than Apple is making extortionate margins?

/s


"Best" for whom? Any action has the potential to be either good or bad, depending on who you ask. But if it has a positive impact on society as a whole - that's probably good enough. And striving to do the right thing, upholding important beliefs like fair access to justice and freedom of speech, these certainly fall in that category.

If a smaller company, or even one of us on HN had sued Apple would that suddenly make it okay? Apple's actions haven't changed, why should the identity of the plaintiff matter?

Regarding your specific example - if Amazon is doing something wrong, then an antitrust case should be brought against them too. But that doesn't (and shouldn't) give anyone the right to continue doing something unethical and illegal.


The ethics of speech protection and laws are a complicated subject - I strongly agree that being moral judgements into punishments is a dark road that has led to a lot of racism and other discrimination in the past... but justice isn't blind and unmoving, justice should evolve to reinforce changes in ethical thinking in society at large. There have been several prominent incidents recently that have shown that the portion of legal enforcement relying on societal norms in the US has been broken, I think due to our general acceptance that greed and money are good and having those things means you've succeeded in life.

Legal judgments that leave a bad taste in your mouth shouldn't be ignored but examined to see if the laws that we have actually fit the society we're trying to maintain - people shouldn't be arbitrarily persecuted for actions and ex post facto protections are very well intentioned and wisely put in place to protect against some really heinous abuses - but questioning whether the law should be changed to prevent future incidents isn't bad - it's how our legal system evolves.


I think the discussion and analysis of each company's prior behaviour is exactly on point--the question before humanity in the general case is "what are these companies really up to?"

Each (including Apple) has a hidden agenda. They can be both beneficial and harmful. They are not our friends! They deserve our scrutiny, suspicion and supervision.

A company is a system that was created to pursue an agenda. That agenda is nothing like the agenda of a typical human individual (except at absurd levels of abstraction) and is not necessarily net-beneficial to actual humans in the short or the long run.

It's an axiom of systems analysis that behaviour trumps speech when you are trying to figure out what a system is really up to. To say it another way, we would like to identify the actual operant utility functions of these companies, so we can predict what they are really working towards, and what their behaviour and impact might be in the future. Their prior behaviour is the best signal we have!

To force the discussion to revolve around "laws" and "right" is to pretend that current ethical positions and laws are optimal and can't be gamed. A superficial inspection will show these premises are false.

The ongoing work of governance is to try to figure out economic, social and legal rules that "work" for some consensus definition of "work". That requires a clear understanding of what is actually happening, and good scenario analysis for the range of possible outcomes (including unintended consequences). Maybe that's unrestricted free markets, maybe sometimes it isn't. Maybe it's the law as it currently stands, maybe it isn't.


The issue is 'anti competitiveness' not 'evil' and most arguments are pointed at that.


Things have improved since I posted this.

At the time I posted this the top comment and many other highly voted comments were just criticizing epic, spotify, and tinder. E.g. complaining that epic sells to kids, spotify doesn't pay artists enough, and that tinder sells sex and commits age discrimination.

Regardless of whether or not they are valid complaints, they aren't at all related to anti trust (or if they are, no one was bothering to make the connection).

This use to be the top comment, for reference: https://news.ycombinator.com/item?id=24579860

This was the comment that was the tipping point for me making the post, and was at the time ranked fairly highly (hence all the replies to it): https://news.ycombinator.com/item?id=24579479


Well said.


> All the arguments about what company is most evil entirely miss the point.

This!


> I'm strongly reminded of the quote "Freedom of speech doesn't protect speech you like; it protects speech you don't like...

Modern addendum is "You can have Freedom Of Speech but no guarantee for Freedom After speech."

Edit: Just to clarify, It is not my opinion. It is Social media warriors warning people "Free speech is not free of consequences"


"Free speech is not free of consequences"

This is absolutely true though? I fail to see your point.

You are free to say what you want, and other people are free to criticize you for it. If you don't support the right to criticize, you don't support free speech.


Depends on the consequences. Usually this is invoked to mean "it's fine for me burn down your business or destroy your life because I don't like you because consequences <grin>"

In general, the statement CANNOT be true, because the chilling effect explicitly suppresses free speech -- being a result of consequences. Ergo, consequence (of a particular type) is in fact suppression of free speech.


> Usually this is invoked to mean "it's fine for me burn down your business or destroy your life because I don't like you because consequences <grin>"

What a ridiculous hyperbole of what it "usually" means.


It is more of "free to criticize' vs 'free to destroy livelihood' thing. Some would say both are same or second is just an implementation detail of first.


Free speech is the right to not be arrested for speaking. It's not the right to not be punched in the face for saying stupid things (there is a separate law for face punching).


> Free speech is the right to not be arrested for speaking. It's not the right to not be punched in the face for saying stupid things (there is a separate law for face punching).

No, the 1st Amendment is the right to not be arrested for speaking (in the United States). Free Speech is a philosophy that would absolutely cover not committing physical violence against someone for what they say. Violence in response to speech is probably a good starting point for the definition of unfree speech.


This is spot on. In addition the first amendment is theoretically protection against punching you in the face not being prohibited because of something you said. The government could make face punching legal in general, but not legal only if the victim first makes an idiot out of themselves.


Yes, the reason we have laws against face punching people who say dumb things is partly to protect free speech in the philosophical sense (there are obviously other reasons too, such as that it hurts).

This still doesn’t mean that speech without consequences is possible. The grandparent comment mentioned the loss of a livelihood as an example (unsure exactly what it refers to but could be e.g boycotts).


I struggled to read your comment, but it shouldn’t be ignored. What you are saying is correct.


Can we just link directly to the advocacy group's page (https://appfairness.org/)? I'm not certain the article is adding anything.

----

I'm generally supportive of at least some of Epic's arguments towards Apple, and I do believe that Apple (and multiple other FAANG companies) are engaged in anti-competitive behavior that's currently hurting the market. But a lot of the arguments I'm reading on the App Fairness site in particular seem really poorly phrased, almost to the point of being incoherent.

From their objection on "user freedom":

> Think about this a little differently: A box of Cheerios costs about $3.00 at Kroger, but sometimes Cheerios offers a coupon which lowers the price to $2.50 at any store that offers Cheerios. What Apple is doing is basically like Kroger telling Cheerios that they’re not allowed to offer coupons, and if they do, Cheerios is at risk of being kicked out of the cereal aisle. Consumers wouldn’t stand for this type of monopolistic behavior over their cereal, so why should they allow it for the apps used on their mobile devices?

I had to think really hard what they mean by this and how it actually relates to user freedom. Most resellers are allowed to choose their own prices for goods. I don't think this analogy corresponds at all to what Apple is doing. Apple is banning apps from telling consumers in app about other purchasing options. That's a totally different objection.

I'm pleased to see developers banding together, but if this is the result then I wish they'd spend more time making more reasonable, understandable arguments. If this site was my first introduction to the debate over app store policies, I think I'd probably be on Apple's side.


What I learned from past experiences is to never use analogies. They are almost always a source of distraction, people start to argue about the analogy itself instead of the topic at hand, which is almost always completely counter productive.

Also it often only makes sense in the mind of the author...


> They are almost always a source of distraction, people start to argue about the analogy itself instead of the topic at hand, which is almost always completely counter productive.

My experience is that this is very true among a certain group of people, particularly literal-minded software enngineer types. But it is much less true in the general population where a single good analogy can accomplish more than pages of prose.


My experience is analogies are erroneously as supporting arguments to jump from premise to conclusion of an unrelated topic. I saw them a lot at my family's various religious/cult gatherings when I was a kid. The preacher would state something and then "prove" it with an analogy.

Analogies don't accomplish anything in basically all of the uses I've seen. People want them to serve as proof, but it's a lazy way of getting out of showing the validity of a conclusion.


That's assuming a level of critical thinking that exists on HN and a few other forums but isn't really common to the general public.

Most people go into a new topic or new issue area with a basically neutral stance. They aren't looking to disprove the argument, nor do they even view it as an argument. Rather, they're thinking "OK, show me how this is relevant - tie it into my life and how it affects me, then I'll make up my mind based on my feelings afterwards" (in a far more subconscious way - basically nobody actually goes through these thoughts consciously). Analogies are your chance to do that. Get the right one and people associate your issue with something they already hold a positive position on. Get the wrong one and they just ignore you.


Or bad actors can use analogies to mislead people. Or a neutral actor erroneously uses them and the result is still misinformed people. My opinion is analogies do more harm than good, at best wasting people's time, and at worst, resulting in people coming to the wrong conclusions.


All language constructs can be abused. The problem is lying, not the rhetorical mechanism.


People should be educated the rhetorical mechanism they are using doesn't do what they think it does, though. It's part of developing critical thinking skills. It would help people not get taken advantage of, too.


In this case the problem is constructing poor models and using them to understand the world; it doesn't have to be used to intentionally mislead, people often can use analogies to explain things to themselves and get it wrong.

It's not without it's uses as a technique but you have to make sure the model the analogy constructs is, well, actually analogous to the situation you are modeling.


I'd like to try to change your mind on analogies, and even without analogies (although I _will_ use an example)!

Analogies are an attempt to generalize an argument. Say we are trying to prove that "It will rain" is a valid conclusion from "If it is cloudy it will rain and it is cloudy". We can generalize this to "A -> B" & "B" -> "B", which you will recognize as an application of modus ponens from formal logic. Analogies try to use this power on fuzzier topics.

A normative principle like "We should build a new post office" are so abstract that they cannot be tackled head on (try defining "should" in the comments section and having no one point out a flaw to see why this is difficult). Because of this, we try to make comparison to other, seemingly similar, cases in an attempt to draw out the underlying logical structure. Because of this, I think they are a powerful and useful argumentative strategy.


I agree that analogies are useful to illustrate (in some scenarios), but I would not use them to support my argument (outside of a discrete math course).

If I were to argue that Apple's app store policies were harmful, then I would do just that. I would define terms, define the parties involved, show the harm and to which parties, maybe provide some examples, show which laws it violates, and maybe suggest solutions.

But I don't see why involving Cheerios at a brick and mortar retail store would help clear anything up.


I think the main point against analogies is when they are used as proof for the situation they are being compared to.

I'm not versed in formal logic, but I believe it would be:

"A -> B", and I want to prove that "C -> D"

So I make the analogy that "A is similar to C, and B to D in some ways" thus then C -> D"

A lot of people will take this as a valid proof. But it has yet to be proven that A and C, and B and D are actually interchangeable.

Edit: To refer this back to the original argument, saying that the AppStore is like a brick and mortar store, and Cheerios is like Epic games is a nice analogy, but it can't possibly prove anything because they are just not the same thing.

What they may do though, is potentially align the reader's point of view with the writer's, but not necessarily towards the _right_ point of view, assuming there is one.


See: further down this thread where literal-minded software engineers all try to "fix" this analogy but can't agree on how.


> a single good analogy can accomplish more than pages of prose

I think that's where the danger lies. In the end we are not explaining much, just passing a vision of the issue in terms of good/bad/meh depending on the analogy we choose.

That's also how we convince people a lot of stuff is just "against freedom", or "big <xxxx> acting selfishly" etc.

As you say it accomplishes something, people take a position very quickly. But is it a good thing ? I'm torn.


I think what you're noting is that analogies are powerful tools. They can create a deep visceral association between A nd B that strongly affects how someone feels about B based on their existing feelings about A.

Like any powerful tool, it can be misused. But it can also do great good when used well. We live in a world surrounded by fiendishly complex systems with layers of abstractions and deep chains of emergent phenomena. Our primate brains aren't geared to process the consequences of our actions in a space that far removed from the forests where we evolved.

Analogies are one of the best tools I know to let us do that. But we do have to be careful about which analogies we choose to believe.


"It's like two bald men fighting over a comb"


> What I learned from past experiences is to never use analogies. They are almost always a source of distraction, people start to argue about the analogy itself instead of the topic at hand, which is almost always completely counter productive.

As other's have mentioned, perhaps this is only for literal minded thinkers. In Pre-suasion by Robert Cialdini metaphors are identified as the most effective persuasion device. Essentially, take something the audience understands well and use it explain something else.

An anecdote Cialdini provides is from a person who had many years of being the top life insurance salesman in the country. He used a metaphor of "when you check out, your life insurance checks in". The metaphor brought up feelings of abandonment and support in a way that people quickly understood and bought into.


That's exactly the problem with analogies. It fools people by falsely parading as a valid argument.

Edit: The use of a life insurance salesman as an example is hilariously appropriate given the scam that whole life insurance is and how many people are fooled into buying it.


Im curious, how is life insurance a scam? Yes investing the money is probably better, but insurance is a hedge against the risk of not having saved enough because of an early death. I'm not familiar with the life insurance industry though, so I'm maybe missing something!


Insurance is for minimizing losses you can't afford. Term life insurance is good if you have dependents and their life would be negatively impacted by the loss of your income. There is very little profit and commission in term life insurance, so life insurance salesmen will push whole life.

Whole life insurance is rarely necessary, and extremely expensive compared to the alternatives. See links below.

https://www.whitecoatinvestor.com/what-you-need-to-know-abou...

https://www.whitecoatinvestor.com/debunking-the-myths-of-who...

https://www.bogleheads.org/forum/viewtopic.php?f=2&t=57154


Also it's used as a part of a strategy to hide money from taxes in a term policy, where you can later "borrow" against your premiums to pull your money out later in a lower tax situation. That seems to be the main purpose of large life insurance policies I have seen among wealthy people.


That applies to so few people though. Most people who buy it are just wasting money. In my experience, immigrants with few assets who don't know better are targeted by immigrants of their own race (since they're presumed to be more trustworthy).

https://www.whitecoatinvestor.com/appropriate-uses-of-perman...


Every journalistic or popular science or economics book I’ve read recently seems to go to great lengths to come up with helpful analogies (sometimes dragging on for pages.) But there is a fundamental contradiction in that the topic of the book is supposedly interesting or remarkable because something about it is novel, otherwise the book wouldn’t need to exist. The analogy can give readers a fake feeling of following along, but whenever I study the topic in detail I find the analogy based understanding was incorrect.


Analogies can be powerful if told well. It just so happens that they're hard to tell well.

Source: Cheerios


I only find them useful for topics I do not understand because they are very complex and abstract. For example the explanation of linking voltage/current/watts to pipes with flowing water made sense to me because electrons moving through a conductor is too abstract but saying "Voltage is like water pressure, it makes the electricity move faster" makes sense.


I hate the water / electricity analogies because they don't make sense.

Voltage is not like water pressure. If you have a high water pressure, water will inexorably be pushed through the pipe to relieve the pressure. That's so regardless of whether the pipe is 1 inch or 1 yard in diameter.

Voltage on the other hand means nothing without current. A high voltage on its own - like static electricity - will not move many electrons through the conductor.


A high water pressure in a container will also not move. High pressure water moves to low pressure areas just like high voltage moves to low voltage when a path exists.

A larger pipe will push more water at a lower pressure like a low resistance wire will move more energy at a lower voltage.


> Voltage on the other hand means nothing without current

How do you propose you have voltage in a conductive medium (pipe) without current?

To me, it's not a bad analogy (nevermind you that electrons flow the opposite direction of current) - and I am well-versed in physics.


What does it mean for an analogy to be powerful? I typically see analogies used to support an argument, which analogies don't do. Hence you see the conversation break down into whether or not the analogy is accurate or not.

Analogies illustrate a concept. They don't establish reasoning or causation or proof.


They can certainly work as a proof, it's just one of the conditions on it being proof usually fail. Argument by metaphor says that A and B are isomorphic to one another and that since they are isomorphic, we can apply proofs from A to B (maybe with some modification). The problems come from either establishing the isomorphism or in mapping properties/predicates from one to the other.


I think they can be helpful for achieving that initial critical mass of understanding around a topic ("a is to b as x is to y... oh okay, I better understand the relationship between a and b"), but yeah, if you don't unwind the analogy afterward, then it can be a false understanding.

I found this kind of thing a struggle in engineering math courses, where you'd often move equations into transformed spaces (frequency domain, whatever), perform operations on them, and then un-transform them to pop out a result. It's like, yes, the transform is obviously an immensely powerful abstraction, but I didn't really trust what was going on in there unless I did at least a few of the exercises from first principles as well, in order to prove to myself that doing operations in the transformed space was "safe".


argument by analogy is something like A -> B, C is similar to A in all ways that matter, thus (A -> B) -> (C -> D). analogies are powerful when the other person already agrees that (A -> B) and doesn't notice any important differences between A and C. if you use an analogy where the other person doesn't agree that A -> B in the first place, you'll never get anywhere. if they are really stubborn, they will come up with an endless list of reasons why A isn't quite like C, but at least you have a chance of refuting these.

analogies are not very good in arguments where the other person is resisting the conclusion you want to draw. they can be great when you are trying to teach/explain something to someone who trusts you though.


> C is similar to A in all ways that matter

I have never seen this be determine-able in real life scenarios

>analogies are not very good in arguments where the other person is resisting the conclusion you want to draw. they can be great when you are trying to teach/explain something to someone who trusts you though.

This is a great statement to show why analogies are bad and how they are abused.


I wouldn't agree that analogies are bad, per se. as a sibling to my original comment pointed out, an analogy is essentially an informal isomorphism. this is a perfectly valid way of proving things in math, and it can often lead guide you to valid conclusions in mathematically grounded fields like physics.

>> C is similar to A in all ways that matter

> I have never seen this be determine-able in real life scenarios

this much I can agree on. when discussing human issues, analogies should be understood to be solely a rhetorical device, useful for persuading people, but not so much for getting to the truth of the matter.


> Analogies illustrate a concept

Effectively illustrating the right concept is, in my opinion, the hardest part of communication. Analogies are powerful because they're intuitive illustrations.

> I typically see analogies used to support an argument, which analogies don't do

Yes and no. Analogies communicate concepts, and concepts support arguments. Analogies neither support arguments nor fail to support arguments; the concepts they communicate do that.

They're hard to use because they can be distracting: if you choose the wrong analogy, you may illustrate an irrelevant concept, rather than the one you mean to. That's why people argue: you mean to illustrate [concept A], but what pops into the receiver's mind is [concept A] AND [concept B]. So now you're not on the same page about what was just said.

Look at the cheerios example: how may related-but-not-the-same examples have popped up in the comments? It's a bad analogy: it needs to be much more narrow and specific.


This distracting off-topic sub-thread about distracting analogies is wonderfully ironic.


Hofstadter would like to have a word with you.

Seriously though, there's good evidence that literally everything the human brain does is use analogies. The classic example being if I asked whether something is "in" your field of view. Without even thinking, you know how to conceptualize something that only exist in your mind as a physical container.


Analogies being bad? I think it depends where. Here on HN? Yeah, despite it's affinity for the straight and narrow threads go often the rails often enough. Sure, the discourse is civil. But it's still off on a pointless tangent.


I agree. Analogies are never perfect, and people always pick apart the bits of the analogy that aren't actually relevant.


Analogies are like regular expressions...


Agreed. Analogies are like trying to draw attention to traffic signage by decorating them with scantily-clad people.


This is a flawed analogy. The correct one would be Cheerios printing "If you buy me at Costco, I cost $1 less" on the outside of the box. No rational retailer that isn't Costco would carry that product.


Eh. A better analogy would be Cheerios sticking an insert inside their box of cereal that said, "save $1 at Costco". That kind of behavior is pretty common with physical retailers; most boxed products I buy will contain inserts that advertise replacement parts and other products from other sources.

Apple isn't just banning apps from mentioning competing stores in app descriptions, it's banning them from mentioning competing stores inside the app.


Serious question: what counts as "inside" the app, when the app itself is free?

The free-to-play model that Epic is relying on (and, with some variability, the other players are relying on, where the apps themselves are "free" with a paid service) somewhat breaks the conventions we're used to discussing, and there aren't really analogies.

The closest comparison I can make to these services are how PC MMORPGs (think World of Warcraft) used to be sold -- at retail, a user would make a single purchase that included a version of the game's client and a code that granted them some time in the game, so they'd be getting a "complete" product with the purchase. If Fortnite cost $5, but included whatever that'd convert to in VBucks, this discussion would be very, very different; same with if Spotify charged $10 for their app but included the first month free. In this case, Apple & Google, as retailers, would get their percentage (as non-recurring revenue), but Epic and Spotify would be free to continue booking 100% of revenue on an ongoing basis, but would need to invest a lot more in marketing, since free on-boarding is a massive driver for user adoption.


For me, the price of the app isn't really the distinguishing characteristic of whether you're 'inside' the app or not.

If I'm using a free app, and a bug causes it to break, would I report the bug to Apple or to the developer? If I saw something objectionable, or ugly, would I say that iOS is ugly, or would I blame the developer? I think that regardless of the price, when I'm using an app and I find myself in the state of attributing the experience to the developer instead of Apple, that means I'm playing in the developer's space, not Apple's. Getting past all of the analogies, what Apple is doing is saying that you're not allowed to mention competing storefronts even when you're inside your own space.

In contrast, if I went to a app store page and the app store crashed, or the app didn't download, I'd contact Apple, because I'm not in the developer's space there, I'm in Apple's.

There is some fuzziness there, and there's also some fuzziness around whether or not it's OK for Apple to decide what you can and can't do inside your own 'app space.' Different people can have different opinions on that, and ultimately the courts/Congress will probably end up deciding whether that is Ok.

But that's the non-analogy, purely app-centric explanation I would use -- Apple is dictating what you can say to customers when you're in your own space, and they're doing that to a degree that goes beyond protecting users from malware or fraud. I personally think it's very difficult to argue that keeping people from mentioning prices elsewhere is a restriction that's purely designed to protect users. It's not really the same as restricting phishing attacks or fraud inside of an app would be. So to me, that makes me feel less charitable about arguments that Apple should be able to have that kind of control about what happens in the developer's space, because I don't see a compelling reason for them to have that power.


This! Even better would be an insert in the box saying "buy future Cheerios from Cheerios.com at 30% off".


I frequently receive inserts like that from sellers on eBay, promoting their own direct-sales site.


And there is a reason the seller is mentioning while trying to hide mentioning that to you from Ebay.


No hiding required. Inserts are allowed according to eBay policy:

https://www.ebay.com/help/policies/payment-policies/offers-b...


It doesn't read to me that way.

>Buyers and sellers can't:

>In any communications with another eBay member, refer to or promote external websites that facilitate sales outside of eBay

I would count sending a "letter" along with your product to be a form of communication.

>Use contact information obtained through an eBay transaction to offer to buy or sell an item outside of eBay

This would prevent you from adding the insert to the package.

>Offer catalogs or other items that are used to order items directly outside of eBay

An insert is effectively a mini catalog. So they pretty much explicitly banned inserts. If you aren't even allowed to sell them for a price then sellers clearly wouldn't be allowed to give them away for free.

Sending an insert along with a product breaks 3 policy points at once. Can you describe which part of the policy actually allows inserts? All I see is that Ebay wants to have complete control over communications between seller and buyer.


You're interpreting this in the way Apple would, not in the way eBay actually does.

>>In any communications with another eBay member, refer to or promote external websites that facilitate sales outside of eBay

>I would count sending a "letter" along with your product to be a form of communication.

This means one can't use eBay's messaging for promotion, but one can use one's own product. The way you're interpreting this would mean that no one selling in eBay could send letters (or even advertise) anywhere outside eBay because it might reach an eBay member.

>>Use contact information obtained through an eBay transaction to offer to buy or sell an item outside of eBay

>This would prevent you from adding the insert to the package.

This means one can't use the paypal address for direct mail for these purposes. However, you don't even have to know who the customer is to add an insert or to package your product such that it refers to your website.

>>Offer catalogs or other items that are used to order items directly outside of eBay

>An insert is effectively a mini catalog.

It's basically Google's rule on not promoting other App Stores in their Play Store.

Fact: Plenty of people do this in practice and eBay is not cracking down. Maybe it's not interpreted the way you think it is?


Indeed, it seems as though communication within the product, or its box, is ok. If you buy an Xbox on ebay, it's allowed to sell you games within the Xbox.


Yes, but remember that retailers can (and often do) promise to match the best price that you can find at their competitors. This is because retailers are in competition with each other for the same products.

This analogy does not apply to Apple, because it has no motivation to price match, because nobody is allowed to sell i-device apps except for Apple.

Edit: in addition, if we follow your analogy further, Costco could demand 30% from Apple on all purchases made through the App Store, for iPhones sold in Costco. Just like Apple demands a cut of all purchases after they sell a product in their store.


However the flaw in your analogy is that there is very little lock-in to particular retailers where is there is a huge lock-in to a phone you just bought.


And additionally there's dozens of supermarkets, thin margins and high competition. The mobile app market has exactly two companies with the exact same fees...


Your own change to the analogy isn't really all that accurate either: What you are saying would be closer to, saying "This game is cheaper in Android" in the Apple store's product description. I have no idea of what the courts will rule here, but if you are limiting this discussion to whether there's precedent to advertising a store the manufacturer themselves controls, there sure are examples.

This might not be all that popular a plan with Cheerios, but perfectly normal with all kinds of items available at retail stores: For instance, Simple Modern water bottles will come with a discount coupon for buying replacement caps at a discount on the manufacturer's online store. Some printers have, inside the box a leaflet for ink discounts. At least one major vacuum cleaners brand will point you to their website for replacement bags, with an online coupon. Or, back in software, if I buy a Nintendo Switch at GameStop, I will still get ads on menus for buying games online, even though my relationship with Nintendo started at GameStop.

All kinds of retailers carry the products I mentioned, even though there really is far more profit in habituating the customer to buying the consumables in your own store than in the original item. You could argue whether this is good or bad, legal or illegal, but the examples definitely exist.


Its not on the outside of the box, its on the inside. Apple forbids in-app discussion. I wonder what Apple would say if the app had a browser component that directs users to a web-page. These draconian rules are such a clusterF* hope these guys succeed.

BTW, all analogies are flawed in some manner or another. If you take away the abstraction, every single one breaks down. And then you end up talking about the intricacies of the thing you wanted to abstract away making it moot! :)


Their current position protects consumers from being defrauded. I'm all for it.


That is great, you can avoid using app stores you don't trust. Why prevent other users from using stores they trust? Apple isn't the only company that can run an online store. There are countless online web stores selling all kinds of things, and people trust them with their money. Apple is artificially preventing competition in iOS stores here because they can abuse their dominant position.


The biggest issue is that in a native app you can fake the entire display. There is no way to know if it is a store you trust. It could look just like your paypal login down to the last pixel and it instead be bad actors collecting your information.


Indeed, what is the cheerios example supposed to show? I don’t expect the discount coupon comes out of the store’s cut. Tinder or Epic are free to discount boosts or in game purchases, and spotify can give free months.

The cheerios example probably involves a fair bit of negotiation between manufacturer and retailer. Whereas apps can discount whenever they choose, without permission.


Right. I'm honestly having a hard time thinking of situations where a seller like Cheerios would be able to say, "no, everyone is going to offer our products at $2.50 for the next week." I'd be tempted to call that anticompetitive in the opposite direction, of course a seller should be allowed to set their own prices and decide for themselves whether they want to participate in a promotion.

It's not like there aren't at least somewhat better analogies they could have used. Imagine if you bought an Apple Phone from Best Buy and then that compiled version of iOS wasn't allowed to mention anywhere that you could get support from Genius Bars instead of Best Buy. Or imagine if you bought a vacuum cleaner from Walmart, and the manufacturer wasn't allowed to include any inserts inside of the box that linked to their own store for replacement parts.

But even with a better analogy, why is this argument being brought up in this specific section? I expected their user freedom section to talk more about sideloading, or right to repair, or emulation, and they just can't stop fixating on the 30% fee.

From the same section:

> Here’s an example of how this problem manifests itself: Epic produces once of the most popular video games of all time, Fortnite. If a Fortnite player were to buy an upgrade in the App Store, that individual might be charged $9.99. However, that same upgrade costs only $7.99 when purchased directly through Epic.

Cool argument, but that has nothing to do with user freedom; users are still perfectly free to buy upgrades from Epic directly.

It feels like they came up with one objection and then poorly pasted it into 3 sections.


> having a hard time thinking of situations where a seller like Cheerios would be able to say, "no, everyone is going to offer our products at $2.50 for the next week."

Because MRP (minimum resale price) is often illegal (bit it's complicated https://www.ftc.gov/tips-advice/competition-guidance/guide-a...)

MAP (minimum advertised price) is more permitted, which is why Amazon often makes you put items in your cart to see the discounted price.


> I don’t expect the discount coupon comes out of the store’s cut.

That's how it used to work at the grocery store I worked at. The flyers were prepared a couple weeks in advance, the sales matched up with every other store that ordered food from loblaws, it was ordered down from loblaws to the stores that carry the products they ship and sell what things would be on sale on any given week throughout all the stores.

This is why superstores, extra foods, the independent grocers and super valus all have the same stuff on sale the same weeks.

The only things the store decided to put on sale was clearance stuff getting close to the expiry date.


Those are loblaws sales. The argument was instead talking about those little coupons you can clip out of cardboard in the boxes.

So like you physically cut up the cheerios box and can get 50 cents off cheerios at participating retailers.


I'm guessing you don't have a CPG background. It's a horribly flawed analogy as retailer can and will demand special SKUs, kick brands off of aisle all the time, demand premiums for shelving units, etc.



There are 2 sides of analogies. I can also argue by saying Epic is analogous to a renter who doesn’t want to pay rent. It’s mostly because they can’t find any other point but to find something similar.


There is 10e6 times more diverse supply in the rental market than for app stores, even though renting housing is a regulated market with high transaction cost.


Website's broken on my Firefox, won't scroll.


Probably the cookie popup blocked by UBO preventing scrolling. Irony: you can't read the cookie policy without accepting it first.


Exactly. Which for me is a reason - no matter how much I hate Apple's tactics- to dismiss also this counter action. All of these entities just don't care for the users one way or the other


Yes, I was thinking of joining, but the fact that the site didn't work without turning off my ad blocker was a turnoff. Why do they even need cookies? Terrible first impression.


The amount of blindness I'm seeing from companies on both sides of this fight about how to handle their optics is kind of staggering.

One of Apple's core arguments for why they need this kind of control is privacy. If someone is launching what is essentially a PR campaign against Apple, one of the first things to do is to make sure the website doesn't have any appearance of violating people's privacy.

Make it work without JS, make it work without cookies. Be conscious of the target audience. Requiring cookies is a really tone-deaf decision for them to make.


This. The problem is regardless of it being either side of Hanlon's razor, malice or stupidity, I have built trust with Apple and prefer the centralized Apple (over the decentralized dev-houses of the world) to do its best to ensure neither malice nor stupidity in the product I use most throughout the day.


> I have built trust with Apple and prefer the centralized Apple (over the decentralized dev-houses of the world)

IMO this is a false dichotomy. Epic and Spotify are not the size of Apple, but they're still giants compared to little indie developers.

I trust indie devs way more than any of the BigCos. It's just natural: the fewer customers you have, and the less market power you have, the more you care, the more you have to care, about your individual customers.


I appreciate this sentiment, but I've lived through too many of these transitions to agree. e.g. Blizzard, Google, YouTube, Curse, Sun Microsystems, Zynga, Minecraft, Occulus.

Indie developers / startups either become the size of Epic and Spotify, or get bought by companies the size of Epic, Spotify and Apple.

Find me the indie developers / startups that cannot be "corrupted" (converted?) and I'll invest as soon as they IPO.

Meanwhile, there are some companies that make it their business model to build trust at scale. Apple, Valve, Nintendo, Microsoft (exclusively for enterprise clients) are a few great examples.


> Find me the indie developers / startups that cannot be "corrupted" (converted?) and I'll invest as soon as they IPO.

A couple years ago I would have said Bay 12 Games, but they recently sold out to Valve, despite almost (more than?) two decades as independent.

Trust no one, trust nothing.


Why do you conflate indie developers with startups? They're entirely different.


For me they are both: Small groups of people passionately working towards a unique vision, typically under-funded to address a niche that is under-represented / under-invested by "the incumbents".

I'd be happy to view them differently. I just haven't been educated on the differences.


The "Cookie Policy" text on that element links to it.


Yes, and then the page has the exact same overlay and scroll prevention, preventing reading the full policy (and obscuring the top of the page).


Works fine on 3 different versions of Firefox.


Same problem on Edge chromium.


If you're not auto-accepting cookies, then the site won't let you scroll/do anything until you accept them.


Wow that site was disappointing.

It focused mostly on the 30% apple charges, which is both common and reasonable. It mentions the anti competitive behavior but mostly how it inflates prices, which is exactly how apple is trying to frame the debate.

Also they have cookies on an entirely static site and disable scrolling until you press accept in the cookie dick bar (something you should probably never do, certainly not on a static site.) The thing is only readable in w3m/elinks.

In my (unpopular) opinion almost all of these "apps" should really be sites anyway. App store curation doesn't provide any reall security (especially since the apps are never instrumented) so someone so incapable of measuring the safety of software that they need that level of infantilesation should really only trust software to the same degree a browser does (that is, not at all.)


Common and reasonable according to which standards? One of the arguments of Epic in court is that Apple set the standard and other stores are simply following it.


That's a pretty silly argument considering Steam launched with a 30% fee a full 5 years before the App Store was even a thing.


I can also buy games from other places than Steam. I cannot install iPhone apps I download online. That little detail changes the situation entirely.

I don't care what Apple charges if I can install a binary without dealing with their store.


Apple's counter argument is that it's possible to sideload apps.

You just have to use a mac to do it and need to reinstall them every 7 days.



A better argument about user freedom would be:

* The social media companies that had to deal with having their apps blocked because of Apple's puritanical stance on nudity.

* The recent rule change banning vaping and tobacco related apps.

* The inability for FOSS projects to easily distribute to users without paying a $100/year fee for something they want to give away. Users can only acquire it through the app store, or compile themselves and go through an inconvenient signing process to load it on. And I believe that's very temporary.

It's pretty offensive that a company thinks they can dictate what sort of software you run on your own device.


The original analogy is pretty disingenuous and conveniently ignores a crucial detail: in the cereal example Kroger (presumably) still gets paid when the discounted box of cereal is sold. Whereas what they're asking for is the equivalent of Cheerios demanding to be placed on Kroger's shelves while cutting Kroger out of the transaction entirely. Why would Kroger ever agree to that?


When someone offers a coupon, that company pays the store the difference. I don't think they are asking to do that.


Normal people run on stories and analogies.

Epic doesn't need the tiny number of technical people to win their case. Epic needs the vast number of users to be on their side in order to win their case.

HN is not the target of that "manifesto".


There's no way to deny or even read their cookie policy without accepting it.


Your cereal aisle analogy is a bad one, for two reasons.

For one, everything about the merchandising of a particular product in a big box store is agreed upon in advance between the retailer and the manufacturer before the product is placed in the store: the product placement on the shelves; what kind of manufacturer incentives (e.g. coupons) the retailer will honor for the product and how renumerations will be made from the manufacturer to the retailer for them; what kind of sales volume is required to trigger volume discounts, etc. These agreements are highly bespoke in a way that couldn't be scaled with the sort of volume that's on app stores.

Second - physical retailers are compensated by the manufacturer when they accept a manufacturer's coupon. The transactions are logged, summarized, and traditionally the physical coupons were collected and sent to the manufacturer. Barring a pre-negotiated agreement to accept less than face value in exchange for a coupon, the retailer isn't losing revenue on the deal. However, when an app publisher offers a means to circumvent the app store payment system, Apple/Google DO in fact face a loss of revenue.


It's not my cereal analogy, it's theirs. I brought it up specifically to showcase that a lot of the arguments I'm reading on their site don't map the current situation.


Device freedom is a must. Any device should be completely controllable by the end user. There's two parts to this to me: app stores and the data collected by the devices. Users should have the freedom to install any software on their devices, period. Users should also have the freedom to stop all data collection by these devices. This applies to all electronics--video game consoles, TVs, printers, who knows what else in the future.

If we keep letting manufacturers create these "walled gardens", we're not only creating a ton of trash because they will stop supporting them eventually, we're also stopping innovation and integration across platforms. Give me government mandated open protocols, open firmware, and let me install linux on my printer if I want. As devices get smarter, we should all reap the benefits of it through our own ingenuity and hacking.


> Device freedom is a must. Any device should be completely controllable by the end user.

I have the choice of buying a completely controllable android device if I want to install mystery apps willy-nilly. I'm not interested in that, and there are millions like me. I want a locked-down device that keeps developers in check.

This situation is much like the browser nightmares of the past, where Firefox users complained that the browser was slow. People didn't really take into account that the slowness wasn't fault of Firefox, but of the zillion janky browser extensions people freely installed. Chrome came along, and people were wowed by how fast it was, not realizing it was 'fast' because they hadn't installed 47 browser extensions yet. Apple doesn't want to be Firefox, and I don't blame them.

I want my phone to be like a Nintendo, I don't really care about the freedom to install any random code I download (even though I really could if I wanted to install something I built locally with XCode). First and foremost I want developers to be terrified of getting their publishing privileges yanked if they step out of line.


So, let’s apply this same logic to accessibility. Let’s say the government says “devices must have voice over functionality”. Ok, great. Apple puts that as an option, and we’re done.

The same applies for if the government said “you have a right to install apps of your choice”. Apple adds a setting in the settings menu. You still get your locked down device by default, and much like blind people, people who care about controlling their device are given that option, too.

What you’re arguing is akin to saying, “I’m not blind, so Apple shouldn’t ever even have a Voice Over option, because it’s not my preference, even if it’s just in the settings”.

There’s a false dichotomy - Apple can still keep it locked down by default. You still get your device just as safe and sound. And much like accessibility settings, most people wouldn’t bother to find the setting, and if they did, they would have a big warning (and of course Apple could have another big warning on every install, as well as keep all their sand boxing and permissions access rules active).

There’s no loser here. If grandma digs deep into the settings and ignores multiple warnings, it seems she is proficient enough to take on the risk. Forcing blind people to not have any voice over because grandma may accidentally turn it on and have a bad outcome is a weak argument.


> The same applies for if the government said “you have a right to install apps of your choice”.

I don't like the idea that the government can force you to build things you don't want to build. If I don't want to build a general purpose computing device, why should the government be able to force me to?

There's a compelling argument for requiring building in handicapped-accessible features, but that is relevant to the equal protection clause of the constitution. There's no implied constitutional right to general-purpose computing.


> I don't like the idea that the government can force you to build things you don't want to build.

Oh but you do. Otherwise you'd choose to live in a country without a food code or electrical code or engineering standards for roads and bridges.


Public Heath and safety standards are irrelevant to product features, which is what we're taking about here.


How are health and safety standards irrelevant to product features?


Better question: how are they at all relevant? The health and safety regulations are proscriptive: you must not harm consumers. On the other hand, product features are creative expression. It would be like the government telling you that your novel must include at least three references to other writers' works.


Anti-trust is about anti-competitive practices and consumer benefit. Carterfone and Microsoft are possibly the most relevant examples. Google and Apple are a duopoly in the phone market, and Apple's (and Google's in the case of Epic) behaviour towards these companies could be seen as anti-competitive.

If you want to run a platform business, you'll need to be mindful of anti-trust law more than anything else. The Apple platform is perfectly capable of anti-competitive behaviour given it's market share, and doubly so given Apple and Google control 99% of the phone market.


Our justice system is good at drawing squiggly lines. It’s luckily based on intent and outcome and not exact wording.

There’s no reason the law couldn’t carve out a class of devices as “general purpose computing devices” which would exclude fine homemade / artisanal / hyper-focused kindles, gaming consoles, etc. of course these lines get moved around and tested in many ways. Much like how assault weapons are hard to define, and yet regulated in many places.

But laws like this exist all over, and many do great good for the common cause. Accessibility is one example.

If unlocking general purpose computing devices drove trillions in GDP and innovation, didn’t harm anyone, and generally improved consumers lives, I don’t see why we need a direct precedent. We have laws on return policies, lemons, telephone usage, and all sorts of consumer driven things. There’s plenty of indirect precedent.


> If unlocking general purpose computing devices drove trillions in GDP and innovation, didn’t harm anyone, and generally improved consumers lives, I don’t see why we need a direct precedent.

If this was really such a boon, wouldn't the devices where you can already do this have a huge market advantage? If so then why are we talking about forcing it on consumers and manufacturers?


Well Android has 80% market share, but there’s too many confounding factors to know why.

I’m certain there would be a new generation of startups especially focused on selling digital goods.

Further, you need to look at incentives. Apple would almost certainly respond by lowering their fees as a move to stay competitive. That extra cash trickling downstream would enrich many more people, who then would go on to create new things.

Not sure you have an argument that it would already have happened if it was so much better.


> Well Android has 80% market share, but there’s too many confounding factors to know why.

If the vast majority of devices already have this capability, what difference is it really going to make forcing it on the remaining 20%? Why hasn't Apple already been forced to lower their fees if they are the underdog in terms of market share? For that matter, why hasn't Google been forced to, given how easy it is to sideload?


I think you've moved the goalposts quite a bit in this thread and I've engaged just to refute the sub-points, but the main points stand.

Apple has dominance in many markets, like the US. In fact you could say the reason Android has such global market-share is because they commoditized their OS, ie, allowing for competition to drive down prices. So you're claiming the same forces wouldn't affect software? Android apps are generally cheaper, as well, though it's hard to pin why. The general principle of competition = lower prices applies here.

I'd rather debate on what's right for consumers not whether some technical definition of a monopoly applies or anything like that. But to be honest there's not much more to be said - if you are against the legislation, then fine, it's a perfectly valid opinion. I think legislating allowing more freedom on personal general computing devices would be a good thing with many benefits to society as I've enumerated already.


> I think legislating allowing more freedom on personal general computing devices would be a good thing with many benefits to society as I've enumerated already.

This seems on the surface to be the libertarian position, but imho it's subtly authoritarian - you weren't able to convince most people to use the freely available unlocked hardware you're advocating for, so instead you'd like to use the full force of the law to make all product designers create what you want them to create. If the benefits of unlocked hardware were so evident, surely the consumers would already be reaping the rewards on the unlocked hardware they can buy right now?


That’s not how lock-in works, and you’re trying to go back to free market libertarian philosophy. Handicap elevators , building codes, emissions standards are “authoritarian”.

Libertarian philosophy is maybe the least compelling of them all in my opinion.


> Handicap elevators , building codes, emissions standards are “authoritarian”

Safety and accessibility are human needs, and regulating markets to address those needs is a completely reasonable requirement.

Forcing product designers by legislative fiat to add a cool feature you want, on the other hand, is pretty authoritarian. Nothing is stopping you from buying a general purpose computing device right now, or building one and selling it.


Two of the top 10 biggest companies in america captured 99% of the market, there’s something pretty big stopping me.

You’d have been pro Bell I guess back in the day. “What’s stopping you from building a competing telephone service?” Oh only not having capital > all VC investments made in any given year.


> Two of the top 10 biggest companies in america captured 99% of the market, there’s something pretty big stopping me.

Correct - and Google's very popular, but not dominant OS will already let you sideload whatever code you like, which is a big part of why you'd have a hard time competing. I'm sorry, running arbitrary code on your daily driver phone is just not the game-changing feature you're making it out to be.


I may be mistaken, but I'm pretty sure it is relevant to the Americans with Disabilities Act, not the Constitution.


I think that was an analogy where Apple was the government


Apps will simply require users to enable this "unlock device" setting.

And people just do whatever the app says since they assume Apple has vetted it.


Then epic games, netflix, spotify and several other apps will have a tutorial on how to remove the lock, so that they can install the app or alternative appstores. And if apple makes it incredibly difficult to remove the lock, then company like Epic will sue again for making it so difficult to install 3rd party app stores (eg: Google play store)


> if the government said “you have a right to install apps of your choice”. Apple adds a setting in the settings menu. You still get your locked down device by default,

Users will just flip it off for the first evil app they told to install by friends. Think about 95% of all users.


It’s still sandboxed. What evil thing would it be doing?


Do you need the outside app to have access to bluetooth, location, storage etc? And if apple restricts the storage, then a company will sue apple again for the restrictions saying that the iOS photos app have unrestricted access to photos, whereas an outside app doesn't.


Apple sandboxes each thing granularly. Even with photos you can choose to only let the app see just the photo you pick.


Isn’t one of the points Epic is suing Google for because Google has a ton of warnings when side loading? I’m curious if there is a middle ground where grandma is protected but developers don’t feel they are described as potential malware.


Except that DRM is legal, and Apple devices are consoles / appliances: "What's a computer?"


you cannot apply the same logic to something entirely different


> This situation is much like the browser nightmares of the past, where Firefox users complained that the browser was slow. People didn't really take into account that the slowness wasn't fault of Firefox, but of the zillion janky browser extensions people freely installed. Chrome came along, and people were wowed by how fast it was, not realizing it was 'fast' because they hadn't installed 47 browser extensions yet.

Not really relevant to your point, but Chrome was legitimately faster than Firefox for a long time. It wasn't just extension bloat, V8 was a huge leap in JS speed and Chrome optimized the hell out of rendering. Firefox wasn't able to bridge that gap until their recent Quantum initiative.


> I want a locked-down device that keeps developers in check.

That's fine but how does from that statement follow that it's a good idea to let Apple do it to everyone? You don't want things, that's fine, don't get them. Nobody is asking to add anything to the things you already like, ruining them for you. People are asking for freedom of choice.

It's like saying you want to live under permanent surveillance, which you can do, you can have a security company install a camera in every room of your house, but why does that need to apply to the entire city block?

How are you worse off if Apple is required to say, allow third party app stores, which you don't need to touch? In the same vein, why was Firefox ruined for you by addons if you didn't need to install any?


> I have the choice

A lot of people don't or aren't even aware of the dangers of walled gardens. Like it or not goverments job is to regulate and protect people and the economy: be it monopolies, user data or anti-competitive practices.

Libertarians aren't ios target, it's average casual tech ignorant people who'll blindly trusts the system because they don't care.


The logical conclusion then is that the only device that should be allowed to be manufactured is a personal computer.

Companies producing specialized hardware/software couplings does not preclude another company developing open options.

I usually choose an open option for most of what I do but when it comes to some mindless gaming or my phone that I use for some sensitive matters I want them limited in their scope in a big way.

I don't understand this all-or-nothing argument that seems to be made when it doesn't reflect the reality of the situation.


> does not preclude another company developing open options.

Agreed. But they don't. I think this the point of government intervention to require or provide incentive to do something which benefits society even if it doesn't benefit the company.

Automobile safety and emissions limits comes to mind for me.


Perhaps they would if they didn’t think they could prevail through antitrust legislation.


> The logical conclusion then is that the only device that should be allowed to be manufactured is a personal computer.

Nah, the capabilities can be limited, just not artificially so. I understand there is a bunch of nuance in that statement that we can get lost in discussing, but the brief salient point is "if the manufacturer can do something to my device, then they should not add restrictions for me to try to do it also". We don't need to get lost in the what-ifs that such freedom discussions often devolve into.


> The logical conclusion then is that the only device that should be allowed to be manufactured is a personal computer.

I would be comfortable with a high quality legal encoding of the Your Device principle:

"To the extent a device, or part of a device, behaves like a general purpose computer or could easily and reasonably be made to behave that way if not for artificial restrictions placed upon it by a vendor, the effective owner(s) of the device or part shall have the right to use and control the general purpose computer aspects as they deem appropriate."

"Effective owner means those using the device as if they own it, so where a device is technically rented or licensed from a vendor, the renter or licensee is deemed the effective owner for application of this principle".

Details of what that means in practice for non-obvious edge cases would be fleshed out by precedent and the courts I guess.

It would not limit what devices can be manufactured, but it would place a requirement of access and control on some kinds of devices.


Genuinely curious, how would you give users "the freedom to stop all data collection by these devices" without some kind of walled garden. Is the solution something like flatpack for all apps? but then how do you make sure all apps don't just refuse to work without permission to collect data or manage to collect information without users knowing? You can't force developers to be honest about what their app does without having a means to prevent it from being installed. Specifically for apps, I can't think of a solution that has no restrictions of software installations, but wouldn't be trivially turned into an incredibly user hostile environment.


You can monitor what calls an app makes. LittleSnitch on Mac is an example example of this.

There are going to be nefarious actors who still manage to bypass it, and there are going to be risks outside of a walled garden - and that's a meaningful choice we can provide users.

"Hey, you can stay inside the app store and get these promises, or you can install what you want and risk X, Y and Z."

Android does this.. decently well. There are issues with the google framework, but otherwise it's functional - my elderly family doesn't need me to reset their phones every month, yet I can sideload all my games and FOSS apps.


This isn't good enough. Sure you can monitor it if you have a load of time, but then what do you do when you find out its doing something evil? What do you do when you find out every app is doing something evil? You either opt out of proprietary software entirely or you let apple use their weight to force apps to stop being evil.


> I can't think of a solution

because you're only thinking of technical solutions. A comprehensive privacy framework that requires explicit user consent to data collection and gives user transparent controls accomplishes just that, without having to resort to user-hostile or complicated tech.


As a developer, a huge reason I don’t mind walled gardens is the massive reduction in piracy. I’m glad people want to download & pirate the apps I poured blood, sweat, and tears into... but I’m not down with theft. Each dollar I earn represents the time I’ve spent away from friends & family.

I’ve worked on games that have been copied outright. All assets and artwork, but a new name and “publisher” being sold elsewhere. It eats into profits.

When the walls come down, developers will be knocked off. This will hurt indys far more than larger companies, as “developers” opportunistically exploit the work of others.

Apple & Google are great at reducing and shutting down this kind of activity. If people can install the Pirate Bay store and install anything for free, many folks will.

If users can be coaxed into privileging an app, malware will control the majority of phones. People are still falling for the Nigerian prince scam.


All games on computer are piratable. On mobile they are not as easy to pirate as you noticed. Do you think the gaming environment is better on mobile? Are dev better paid on mobile? From what I have seen I could answer no to both, and would even say the walled garden is really really not helping indie devs break through on mobile.

I see actually many ways in which devs are impacted : - discovery is basically null, both on Android and Apple. You need to just pay ads if you want people finding your game. Steam is much MUCH better at it. - you can't really have a good mod environment or a hackable game, which is very important for a lot of indie games - you cannot do some kinds of game. Right now that include gore and sexual games (see kawaii killer for instance) but also some other things like a weed growing simulator. Who knows what it will be tomorrow - as Google is going into gaming, and who knows maybe Apple at some point, you are basically on the hands of a competitor many times your size with no alternative


Are devs better paid on Xbox than PC?

That's a closer analogy.


If users didn’t want these things, users wouldn’t buy them.

For the vast majority of people, and iPhone is way, way better than a computer that can run any app, precisely because it can’t run any app they click on.

I’m a hacker, so I would love to be able to install any software I want on my iPhone, and introspect it in other ways.

Most users, however, would have a way worse experience using their phone if they were given this option, because a non-trivial percentage of them would follow the tutorials online provided to them by malware authors to install their malware.

This is precisely what happened to desktop computers. Has everyone forgotten about Bonsai Buddy?

People who want a general purpose, configurable device that can run any code they want on it have options. They’re big, clunky, out of date phones.

Apple is being punished for their success here. They happen to make the best phone hardware at the moment, and they bundle the best phone hardware with cryptographically-enforced editorial decisions about the best software that runs on it.

I think the real danger here is that of censorship: if the state commands Apple to delete (or actively remote-disable) certain apps, a huge problem exists. Today it’s WeChat or TikTok. What if tomorrow it’s Signal? iMessage’s encryption has already been backdoored for the feds in the default configuration via iCloud Backup (which is not end to end encrypted and backs up the entirety of chat history from the device to Apple each night). The state could literally command Apple to prohibit any type of secure communication from the device via this method and they’d have to comply, and iPhone-owners would have no recourse due to the DRM. That’s the real danger.

There’s a real argument to not allowing Apple to do this, but I don’t think “consumer choice” is it. Consumer choice chose the walled garden over the anarchy of Desktop Computer Malware.


I have this discussion nearly daily when talking with Android users. The iPhone is not a modular unit that can be tampered with at all, but despite even being a software developer, I do not actually care about my phone being modular. I want it to work and I want it to work well across the entire platform. Not only does iOS severely limit your options for changing your phone's UX, something a lot of people lament about quite often, but they also have rigorous design-guides that push every developer in the eco-system to have it look the same way. Something as simple as the date/timepickers that Apple removed in iOS 14 can't be changed by the user, but Apple does their hardest to make sure everyone makes it look the way they've set it up, and for my purposes I legitimately prefer that over deciding it myself but having the apps on the platform ultimately use either or willy-nilly.

There definitely are issues with Apple, but the user not having full access to changing their device isn't really one, and that's coming from someone who most definitely has the know how to do pretty much anything and still remain safe, I'd dread to see users be stuck having full root access to their phones without even knowing what the fuck that means.

There absolutely needs to be options for those that want to be able to hack away at their phone to their hearts content, but it doesn't need to be every phone, and Apple aren't criminals just because they don't offer that possibility and users happen to want their phones anyway.

Please don't give me root access to my iPhone, I do not care about it, I have no need for it, and I do not want it.


> The iPhone is not a modular unit that can be tampered with at all, but despite even being a software developer, I do not actually care about my phone being modular. I want it to work and I want it to work well across the entire platform.

I'm precisely in this boat. I enjoy playing with electronics, but I want my microwave to just work. I also enjoy fiddling around with PCs with total freedom, but I want my phone to just work.


I am also a developer, I love tinkering, but my router and especially my phone, I want it to just work. I need my phone, if I could tinker with my phone it would be broken half the time!


Haha yes, I used to do all the WRT54G stuff and tended to have bugs and an overheated router. I also used to tinker a bunch with jailbroken iPhones and rooted Android phones. I'll never have anything against that, but now I personally want an option that just works!


I love tinkering, too. I found the solution!

https://youtu.be/oiY_iKSpWLM

I actually have 3, two iPhones and one Android, and 3 iPads.

Once I gave up on private cross-device sync on iOS without iCloud (a bummer, to be sure), I started using the iPads as single-purpose devices instead of wanting every file on every screen all of the time. One is just for hacking (editors/ssh/browser), one is loaded with books and maps, one is for a special project.

The phones are split between primary/production, emergency backup (n+1), and hacking/testing/fun. I’ll probably end up with a fourth phone at some point (hacking * two platforms).


> Please don't give me root access to my iPhone, I do not care about it, I have no need for it, and I do not want it

Then don't turn on root mode?

Nobody will force you to do anything, if I am given the option of easilu turning on root mode, and you can simply choose to not turn that on.


I’m all for people wanting rootmode, I just don’t want more freedom and choice on my device, I see no need for it and I like the way Apple can streamline everything by forcing everyone to interact with their device on their terms.

And obviously I realize that this doesn’t go for everyone, and that’s completely okay. I just don’t think Apple should be forced to make their phones into full-on computers just because some people say they want the choice, when you could just as easily get a phone. If most customers really wanted to root iPhones Apple would probably have implemented it by now. I don’t believe for a second that Apple’s desire to unilateraly control their ecosystem trumps shareholder greed, why would it?

Not all phones are for everyone and I think that’s OK. More options and more modular devices means everyone will setup and use their device differently, like with a computer, this is fine for many, but I think it would adversly affect the streamlined nature of iOS (even if it is ‘just an option’), so I’m still against it.


in a vacuum, there's really nothing wrong with apple's choices regarding iOS. as far as I can tell, most iOS users really do appreciate how the whole system is locked down, or at least don't understand why they should care.

what sucks is that in the big picture, there's really no viable option for someone who cares about security/privacy and is willing to pay for a premium device, but wants full access to their phone occasionally. the security update situation on android is still a mess except for the pixel line (which usually has subpar hardware) and a handful of other flagship devices. even if you're willing to pony up, you're still buying into an ecosystem that's designed to exfiltrate data from your device. it's frustrating because the iphone is so close to having everything I want from a device. if I could just have the ability to temporarily elevate privileges, even from some obnoxiously buried menu deep in the settings (or bootloader), I would buy one in a heartbeat.


> I just don’t want more freedom and choice on my device

Then don't turn on root mode? Is that really such a large infringement on you? The fact that there might be an option in your phone, to turn on root mode, and the mere fact that this switch exists somehow mind controls you and makes you turn it on?

If an easy switch in the phone exists that says "Allow competing app stores to be installed", why can't you simply not switch that on?


> Nobody will force you to do anything

My previous bank forced installation of a rootkit in Windows and Mac, and required full permissions in Android just to open. Their website didn't even work in Linux because they didn't make a Rootkit.

I didn't really have an option at the time: this was before my government made a law allowing you to use any bank, so I needed the bank to access my salary.

I'm all for freedom of fully owning your own device, but the reality is that software developers and software companies will abuse this freedom.


Once root mode is an option it will be exploited. The weakest link in software systems is often a human.


Follow this tutorial for awesome new wallpapers!

Step 1: Open settings > Tap 'enable root mode'


You're not wrong. I also understand the viewpoint stemming from that truth that having the option is not worth the extra features. I still think the trade off is worth it.

Just like while we have people tricked into buying apple gift cards for scammers we still don't decide to ban those cards because they do offer utility.


The number of steps and warnings required to unlock the bootloader on an Android device is so large that I have never heard of anybody being tricked into it. On the other hand, iOS is so rife with rootable vulnerabilities that it's becoming too cheap to meter.


Replace tricked with lured. Try searching 'free vbucks apk android 6' on youtube then go to page 3 of results or click recently uploaded.


You cannot unlock your bootloader with an APK. This is the process for unlocking the bootloader: https://www.androidjungles.com/unlock-bootloader-using-fastb...

No amount of luring is going to make somebody go through that only to have their device data completely wiped as the warning clearly says.


I really think we should rename "root mode" to "DANGER 90000 VOLTS AHEAD" or something similar.

Root mode _is_ that dangerous. You wouldn't want to allow astronauts "root access" to their starship launcher; you don't want car drivers to have "root access" to tinker with the brakes in their car. You don't want patients on ventilators to have "root access". You don't want non-doctors to access their health data without a doctor's to walk them through it. Certain pieces of data left to mere mortals can have devastating consequences.

It's not a question of "don't turn on root mode". Or saying "don't re-jigger the brakes".

People (tech experts or otherwise) should not be allowed to mess with systems that can literally end their life by exploding in their pockets! That's how dangerous it is!

Sure, some of the consequences are that you can't tinker with your UI. But honestly, that's a reasonable price to pay because the software that controls the behavior of these systems can cause real-world damage, if not configured properly.

Heck, we've seen this in the recent 40 years. The whole freaking Metric vs Imperial system disagreement has caused unintentional rocketship explosions. Imagine, if some inane argument between a couple of high-schoolers or teenagers led to the same type of bug killing them because their phone exploded. All because someone with root access misconfigures a constants plist file to prove a point!


> should not be allowed to mess with systems that can literally end their life by exploding in their pockets!

This is non-sense fearmongering.

Giving people the ability to install fortnite, on an official fortnite app store, is not going to cause people to die from phone explosion

It is just not going to happen. Fortnite is not going to blow you up.

The reason why I know this to be the case, is that half the US smartphone market, allows people to side load APKs, and install fortnite that way, and people aren't being blown up because they had fortnite on their phone.


>> should not be allowed to mess with systems that can literally end their life by exploding in their pockets!

> This is non-sense fearmongering.

I was referring to "Root access"; not the ability to install Fortnite. There's a difference.

People have the ability to install Fortnite. Do it through the Apple App Store.


> People have the ability to install Fortnite.

They do not have the ability to install it through a competing Epic Games app store.

Allowing people to install fortnite, through an Epic Games app store, that is not approved by Apple, is not going to cause people's phone to blow up.

> not the ability to install Fortnite

In my post, I specifically said "on an official fortnite app store", but it seems like you ignored that for some reason.

That is what I am referring to. If you agree with me, that:

"Giving people the ability to install fortnite, on an official fortnite app store, is not going to cause people to die from phone explosion"

Is the case, then cool. You agree that there is not going to be a blowing up phone problem, if Epic Games, has an app store on people phones, that is run by Epic Games, and not Apple.


Your style of thinking cannot be popular on HN, but we all know why this is good for the consumer - in this day and age, businesses will completely rip apart the consumer in every which way. They'll not miss a chance to fuck the consumer's privacy, financial state, psychology, innocence and addiction.

HN crowd wants something they can run sudo on. But people here have not got a slighest idea of how to run a device for close to a billion+ people.


> Your style of thinking cannot be popular on HN, but we all know why this is good for the consumer - in this day and age, businesses will completely rip apart the consumer in every which way. They'll not miss a chance to fuck the consumer's privacy, financial state, psychology, innocence and addiction.

Apple is among the worst offenders here, too. They expressly permit all sorts of embedded spyware in almost every single app in their App Store, and their view is that you agreed and consented to it when you accepted the iOS/App Store Terms of Service.

They could build platform security features like Little Snitch into the OS to allow users to prevent it, but they don't.

They could make App Store rules to keep apps from spying on you when you use them, but they don't.

They could end to end encrypt device backups, so the US military and FBI couldn't read all of your iMessage history whenever they want without a warrant or probable cause, but they don't. (In fact, they were going to, but then specifically stopped.[1])

The "Apple respects user privacy" story is just brand marketing, not reality.

[1]: https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...


Thanks for providing the source about encrypted backups, that's chilling.

Can you provide sources for other claims in your comments? I want to read up more on what sorts things these apps do.

Apple is by far the best when it comes to privacy relative to the others. Would you trust Microsoft, Google, or literally any other company (even Canonical Ubuntu) more than Apple?


Microsoft, Google, and Apple are all participants in the PRISM program, which provides data to the US federal government without a warrant (FBI and military intelligence) under the authority they claim via FISA Amendments Act Section 702. Edward Snowden is the reason we know about this.

https://www.eff.org/702-spying

Any data you provide to any of those companies (or any others that have been added in the time since, which presumably includes Dropbox and AWS) that is not end to end encrypted should be considered compromised by the state, or able to be compromised by the state at any time the moment they want to look. (PRISM is not mass surveillance, they specify the accounts they want data for.)

As far as the other apps go, you can watch it yourself. Install the iOS app called Charles Proxy, and you can see all of the hidden connections that apps are making.

Alternately, install NextDNS, and make sure your custom configuration settings (on their setup portal) is set to retain logs for a few hours. You’ll be able to see all of the different hostnames to which your phone connects.

I have stopped using iCloud, and only use Google for YouTube (or corporate/work stuff, for which I have no special desire for privacy from the state). I give my clients the option, though, if they wish to use a different method of collaboration.


The spying thing is a problem with US gov. Why are you dinging Apple for that? In fact, Apple refused to unlock the phone when FBI requested for the famous shooting case (I forgot). Others do the same - Google, Facebook, Microsoft, etc. Apple is complying to the law.

Also, Apple is putting encryption in hardware to prevent this sort of a thing. They don't have keys to the device.


Google implemented end-to-end encrypted backups for Android devices, which prevents the government from getting anything useful when they pull the device’s backed up data from Google.

Apple does not implement end-to-end encryption for their backups, which is why I’m “dinging” them. The iCloud device backups that happen each night on the device are backed up with Apple keys, which means that Apple can decrypt your entire message history for the device, without the device. iCloud Backup is on by default for every iPhone and iPad, which it is not inaccurate to describe as an effective cryptographic backdoor in iMessage’s end-to-end encryption, because it escrows the iMessage keys (as well as the complete message history) to Apple with Apple keys, each and every day. They don’t need any “keys to the device”.

This is well documented in Apple’s KB article about iCloud encryption: https://support.apple.com/en-us/HT202303

Apple’s on-device hardware encryption has nothing to do with this problem. This is a software design issue that Apple chose. Google chose a better, safer way to do it.

The fact that it’s a problem with the US government is a red herring. There are still good and bad choices in cryptographic system design.

Please do read the linked URL. Apple was on track to fix this glaring issue, and then, according to Reuters, Apple Legal shut down the project. Whether it was done specifically on FBI request, or proactively by Apple to butter up the FBI, is irrelevant: the FBI has no legal basis to command Apple to drop this project, so the decision not to safeguard user data from government snoops rests solely with Apple.

https://www.reuters.com/article/us-apple-fbi-icloud-exclusiv...

Additionally, the phone that Apple famously refused to unlock is irrelevant: Apple had already provided all of the related account’s iCloud data (presumably including a full device backup) to the FBI. It’s not in Apple or the FBI’s interest to draw attention to this detail.

I wonder if perhaps the news story about how “Apple vs FBI for user privacy” was an FBI reciprocation to aid Apple’s privacy brand narrative in exchange for Apple not encrypting backups (so Apple can always provide all of the device data to the FBI without the phone).


Wrong. Completely.

The vast majority of people you're talking about don't realise they're having their prices jacked up with taxes or their options curtailed by Apple. They just assume the App Store is where you get the apps because it's been programmed into them over the last 12 years.

Allowing third party app stores doesn't change the API or permissions system already baked into the OS. If Epic wants to start an App Store with lax policies then if you and Apple are right about the value of their policies then that'll become apparent quickly enough and will still be a selling point of the App Store.

This is nothing like what happened with desktop computers, where the security model had to be welded on after the horse had already bolted. Windows (just as an example) wouldn't allow blanket admin permissions to software if there was a way to stuff the legacy software genie back in it's bottle. Unfortunately fixing permissions retrospectively would break a multitude of legacy software that hasn't been updated in years, in some cases decades.

Apple is not being punished for success, and you don't understand the problem or the legal case, which is entirely not at all related to Apple protecting or not protecting their users from pop-up ads.

Consumer choice didn't chose anything. Most phone users don't even understand that they are in a walled garden.

tldr; This isn't The Beach, it's The Truman Show.


> Allowing third party app stores doesn't change the API or permissions system already baked into the OS.

It does precisely that. Apple invests huge amounts of money into people and infrastructure to ensure that exploit code (that can subvert platform security) never makes it into the store or gets signed by Apple. If it does, they can immediately revoke it.

Third parties providing app downloads would not invest the anywhere near same level of care, for the most part. Platform security can only do so much if you can run any code you want to try to attack it.


But you cant run any code you want. You’re still in a restrictive sandbox, and you still need to explicitly request the limited expansions to the permissions scope that the OS allows the user to grant you - neither of which is dependent on the App Store.


I don't believe you understood my comment. Third party app stores with more lax, less resourced app review procedures would result in arbitrary attacker code being run on end-user devices, that, given enough time, would escape the sandbox. It's a layered defense: signing/developer identity account, app store review, sandboxing, specific user-approved permissions.

No one part of it is bulletproof, as we saw with CVE-2020-3883.


>Most users, however, would have a way worse experience using their phone if they were given this option, because a non-trivial percentage of them would follow the tutorials online provided to them by malware authors to install their malware.

I think Apple fans exagerrate when they say that most users are so "inexperienced" to get taken advantage off.

- this number of completly inexperienced user is not proven to be as large, if you look at Android or OSX you don't see 51% of users having malware on their machine

- with the amount of money Apple has they could afford to improve the security by adding more sand boxing and making unlocking of the phone by "tricked incompetent users almost impossible"

- I assume apps and websites can use your microphone and camera on your phone, it is under soem popup/permission prompt, why do you trust the "inexperienced users" with the camera permissions some bad person could trick them.

- "protecting" an unknown small number of users by limiting the rest makes no sense, what makes more sense is MONEY, Apple makes more money by locking things down and getting 30% from apps, subscrip[tions and the much hated lootboxes


> this number of completly inexperienced user is not proven to be as large, if you look at Android or OSX you don't see 51% of users having malware on their machine

> "protecting" an unknown small number of users by limiting the rest makes no sense, what makes more sense is MONEY

For creating policies 51% is a bad measure. Its inherently biased to be regressive. Setting policies at 51% disproportionately hurts the bottom 1%, 10% and 25% of the populations that need our help the most. This is true of all policies and especially laws.

Meanwhile, if you've ever helped your grandma or parents with their computers, you'll realize just how much malware they have already downloaded. I also remember what I was like on Limewire and Kazaa as a kid. There is/was an entire industry built around it for Anti-virus and Malware protection.

iOS doesn't require anti-virus or malware protection because Apple builds protection and privacy into the product as a core feature. Sadly, built into Android is malware but even Android is less susceptible to malware from unknown entities.


I understand your point but we don't even know if the number of this users that need protecting is even 10%. This imaginary group of people must have this properties:

- they are gullible , so bad people can trick them to ignore OS security warnings,create some extra account or security key to unlock the device (Apple can do it hard enough it must not be just 1 click)

- at the same time this users are not that gullible to paste their credit card in random websites or on Apple approved chat messages

- at the same time this users can be trusted with the app permissions for files,contacts, camera, location

For me if I intersect all this sets of users I get void and your argument should be that everything should be locked down, no permissions allowed for this users, there should only Apple approved websites, apple approved contacts, Apple should scan your messages not to send your card details or do stupid things. This people should use an iOS version made for children and adults could use the unlocked version.


> they are gullible , so bad people can trick them to ignore OS security warnings > For me if I intersect all this sets of users I get void

I work at a pretty big company, where we are trusted to make a lot of important decisions but as I understand it even small companies have trainings to identify "phishing, clickbait, social engineering, etc". Every relatively big company also pre-approves devices that can connected and access the internal network. Installing software needs to be pre-approved. Even my browser Firefox or Chrome settings are pre-selected to ensure no compromising behavior can occur.

I know from past-experience, friends and colleagues that my current company is not unique. Because all humans (even the smartest sets) are gullible, it just depends how time constrained, sleep deprived or drunk they are.

Additionally, preventative protections on devices are used often even in personal contexts. When I help my mom set up her computer I pre-install everything and she doesn't have the admin password. This is the general recommendation for and by anyone helping someone under-educated about technology and abuse vectors. I've asked if she would rather me teach her and she just prefers using the computer without worry. Neither her, not this situation is unique.

That said, I have previously and do agree, Apple should make it easier to boot non-iOS iPhones. However, Apple should only provide that to the registered adult owner of the device, in person at an Apple store after delivering the caveats that the device will no longer be supported by Apple (regardless of resale) and any warranty is void.


The issues you describe are happening on computers where by default there is no sandbox, so an evil game or a bad application can do a lot of damage. But in an OS with strong sandbox and a good permission model the fact you add a dude to review your app does not add some extra security, from what I see this review people will check to make sure you follow the GUI /UX guidelines and also make sure you don't give the users information Apple won't like (like you could buy this cheaper from this webpage)


I agree, with a strong enough sandbox I am very happy to use sideloading. Fortunately, iOS provides Safari for such a sandbox.

According to screen time on iOS, I use Safari 2x more than all my other native applications combined. Including to play games. Especially with "Login with Apple", and "Apple Pay" I find that most websites are as easy to use as native applications.


I absolutely resent the implication that protecting the bottom n% of gullible users is mutually exclusive with giving power users the access they desire. they seem to do a decent job of it on their OSX machines, so why not iOS?


You're right! I disagree that the perfectly balanced system is OSX but overall I agree iPhones should have better "hack-ability".

As I've posted elsewhere:

I agree, Apple should make it easier to boot non-iOS iPhones. Even provide some tools to write custom OSes for the iPhone hardware. However, Apple should only provide that service to the registered adult owner of the device, in person at an Apple store after delivering the caveats that the device will no longer be supported by Apple (regardless of resale) and any warranty is void.


> I agree, Apple should make it easier to boot non-iOS iPhones. Even provide some tools to write custom OSes for the iPhone hardware. However, Apple should only provide that service to the registered adult owner of the device, in person at an Apple store after delivering the caveats that the device will no longer be supported by Apple (regardless of resale) and any warranty is void.

this kinda misses the point. I don't want to write my own OS for the phone or run ubuntu or someone else's jailbroken iOS image. I just want to run normal iOS, get updates, and also have the ability to escalate privileges from time to time. why is there not an amount of money I can pay for this?

also, does apple distribute any third party drivers in iOS? if so, they might not be able to make non-iOS iphones possible, even if they wanted to. not as familiar with the apple world but IIRC, this has been a longstanding issue for true alternative OSes on android phones.


I think I'm onboard as long as the procedure is cumbersome enough, and the registered adult owner of the device confirms that they understand and agree the warranty and support is void.

If you want to keep iOS as well... at that point, I do feel Apple is also in its right to remove all trademarked content from the phone running an iOS-like OS. AppStore, applications, remove all reference to words like "iPhone". So it would be a very bare-bones iOS-like.

Because otherwise it could negatively impact their brand. Their brand is built on the premise they build amazing products for customers who want those products. If someone looks at your "modified, uncurated iPhone" and thinks it "feels janky" or "poor UX" or "bad battery life" or ..."" that could result in that person not buying/recommending an iPhone.

Apple clearly values its brand highly and I can see why they would want their brand to be distanced from the type of device you would like.


Can you think of what a bad application can do to a user when side loading but is impossible to do when Apple reviews it, If I am a bad actor I can submit an app for review and activate an evil mode after the application is approved.

Maybe we can stop pretending that the lock is in place to protect the users, most Android users do not root their devices or install random evil applications and then complain to Google about it, can't we just be sincere and say , "yeah is the way Apple keeps control on things for financial reason" . we could focus on the correct stuff then like how we can protect the small set of very gullible users from bad apps(that can be in the store) or bad webpages or evil messages.


> If I am a bad actor I can submit an app for review and activate an evil mode after the application is approved.

While this is of course still possible, the store model allows you to disable the app and remove the store listing to prevent further distribution of the bad app. You would be giving this up ability if you allowed third-party distribution. The fact that review is necessary in the first place also serves as a deterrent, and if a bad actor is caught their developer account can be banned to prevent them from submitting any more apps.

> Maybe we can stop pretending that the lock is in place to protect the users

Not sure why you think this is a pretense. In 2019, Android devices were responsible for 47.15% of malware infections compared to 0.85% of iPhones (https://onestore.nokia.com/asset/205835). There is a clear security benefit to the locked-down store model.


>the store model allows you to disable the app and remove the store listing to prevent further distribution

You do not need a store to blacklist a known bad application, you can have the OS do what OSX is doing now(I read on HN about this, I don't run any newer OSX versions) check an app when it starts against a blacklist.

I agree that a review will catch low level effort of malware and I am not advocating for no official store if is possible users should use applications from the sore or on Linux from the official repositories but if some application is not in the store/repo (maybe you live in one of those countries that ban apps) you can have the option to side load the application.

The statistics for malware on iOS vs Android could be problematic if you don't compare equal user groups, Like a rich kid will buy the games from Steam or Apple store, some poor kid will try to get some free games so IMO we should compare similar population.


Blacklisting may be an appropriate solution for malware but doesn't help with privacy issues because apps distributed outside the App Store by definition won't be subject to the App Store privacy rules.

> The statistics for malware on iOS vs Android could be problematic if you don't compare equal user groups, Like a rich kid will buy the games from Steam or Apple store, some poor kid will try to get some free games so IMO we should compare similar population.

Even within the Android platform Google has reported an 8x difference in malware between devices that use side-loading compared to devices that use only the Google Play Store (https://source.android.com/security/reports/Google_Android_S...). In other words, it is specifically side-loading and third-party app stores that cause the biggest problem.

We've already seen this same story play out on Windows. Why would we expect it to be any different here?


> because apps distributed outside the App Store by definition won't be subject to the App Store privacy rules.

Can you explain? Side loading apps won't disable the sandbox so the app won't have access to your files, sensors or peripherals without permissions. The OS could be even more privacy focused by allowing power users to enable an option to fake private data like contacts,photos,location etc for apps that would refuse to run without this permissions.

Second thing, what extra privacy a manual review of a guy would add to an app that can't be done better on the device by sandboxing and code?

Side loading would be used by power users most of the time or people in countries with censorship. We will not repeat the Windows story , we would repeat the Linux story where we always had trusted apps on trusted repos and only power users would "side load" stuff, on Windows the story wad different, you needed something you used google and run the first thing you find.


Consider, for example, an app that might initially request access to your contacts for a legitimate purpose (like messaging your friends), but secretly scrapes your contacts and sells it to third parties. This is a privacy abuse that is not prevented by sandboxing since the user explicitly granted those permissions. The problem is the user has no control what the developer actually does with the data after the permission is granted.

At least with an app review policy you can say this type of behavior is not acceptable and you will be banned if you abuse it. I'm not saying that will perfectly catch all abuses but at least it serves as a powerful deterrent that otherwise would not exist if all apps were directly distributed with no oversight.

> Side loading would be used by power users most of the time or people in countries with censorship.

Not sure why you think this but it simply doesn't match existing statistics. Side-loading and third-party stores are quite common in certain countries and it leads to large numbers of regular people getting infected by malware. For example, Kaspersky reports that 60% of mobile users in Iran and 38% of mobile users in India have been attacked by mobile malware. (https://securelist.com/mobile-malware-evolution-2019/96280/)


Those poor people will never buy an iPhone or expensive phone, you should compare how many Samsung Galaxy or Pixel users in US vs iPhone users in US that have same financial situation get infected, otherwise you could compare iOS users in US with XP users in China it is "lying with statistics".

The guy that reviews the Apple Store has no idea if the developer sells the data to a third party, the chances that somehow Apple finds this out in time to help you is minimal, it would help if Apple would let you give this people fake data or more granular data (like I want to give them a first name, 1 picture, and a city location but not much more details). Many existing apps are using FB SDKs, other advertising related library in the apps, loot boxes and other dark patterns and Apple is not blocking this because they have a financial interest.


I don't understand your point. Are you actually suggesting that poor people don't count?

If you consider the US alone you're still looking at ~17 million malware infections last year on Android devices.

> The guy that reviews the Apple Store has no idea if the developer sells the data to a third party, the chances that somehow Apple finds this out in time to help you is minimal

The fact that they can ban these developers serves as a deterrent. What you're suggesting is the equivalent of saying there's no point in having laws against stealing because some people will steal anyway. What you should be considering is the net effect of the rules against the overall frequency of the problem, not whether it prevents them 100% of the time (which is impossible anyway).

> Many existing apps are using FB SDKs, other advertising related library in the apps, loot boxes and other dark patterns and Apple is not blocking this because they have a financial interest.

Now imagine how much worse it would be if Facebook (and every other app) was directly distributed and had zero oversight whatsoever.


My stats point is this, let me show a simple example. Say in my small poor country nobody has the latest BMW and most people use some 20 years Renaults. Then you can create some stats to show BMW is perfect and Renault is crap. Where would be fair to compare cars that are in the same price category, same age, same driver category etc.

Is the same statistics shit Apple fanboys use when they want to show that Apple can't be a monopoly/duopoly the use a world wide stat(where in fact in US Apple and Google are around equal (iOS appears on top on this source but who knows how credible it is https://gs.statcounter.com/os-market-share/mobile/united-sta...)

About laws, it is more like because someone is getting hurt with his power tools then we ban power tools and we allow only children friendly tools. This is not how it is sone, we can ask for safer tools but if someone injures himself with his power tools it is his fault. (and now I expect the argument about "Apple branding needs to be protected" dude Apple shipped bad keyboards and refuse to aknowledge the issue until a a lawsuit, Apple fucked witht eh battery behind the users back and a lawsuit had to happen for this to be shown, Apple branding is not something as a user you need to care about because it promotes antiuser behavious.


Sounds like you're reaching for excuses to dismiss the obvious malware problem on Android.

No one is advocating banning power tools. There are plenty of power tools (Android devices) out there for people who want to buy them. What you're advocating is that Apple shouldn't be allowed to sell their own, safer, tools to people who want to buy those instead.


My main point is that:

- if Apple wins vs Epic then Google and Microsoft have precedent and they can lock down their platforms , previous legal precedent was with IE bundling

- because Linux exists that does not mean the Microsoft can do whatever they want, similar because at this moment Android devices exists and some power users can side load and an even small umber of users can root them does not mean that others can lock things down.

Your statistics are misleading and you are avoiding to compare apples to apples. Show me how much malware is on OSX because that platform was not as much locked,


> - if Apple wins vs Epic then Google and Microsoft have precedent and they can lock down their platforms , previous legal precedent was with IE bundling

Bundling IE with Windows was never established to be illegal in the United States, the issue was overturned by the appeals court and precedent was never set. What was found to be illegal was forcing other companies (like OEMs) to include IE on computers they manufactured as a condition of obtaining Windows licenses.

> - because Linux exists that does not mean the Microsoft can do whatever they want, similar because at this moment Android devices exists and some power users can side load and an even small umber of users can root them does not mean that others can lock things down.

The difference is Microsoft had 95% of the market during their antitrust case. If they had 5% of the market the outcome would have been very different.

> Your statistics are misleading and you are avoiding to compare apples to apples. Show me how much malware is on OSX because that platform was not as much locked,

Are you unaware that Mac malware is a growing problem?

https://www.macrumors.com/2020/02/11/malwarebytes-mac-malwar...

30 million adware detections on Mac last year kind of puts a hole in your theory that only poor people get malware, doesn't it?


It is my expectation that Apple verifies the identity of developers submitting to the AppStore. It is my expectation that if the initial review doesn't catch the abuse, and my contacts list is scraped and sold that Apple will eventually find out and ban the app from the store.

It is also my expectation that Apple will file a suit for damages, and help a legal firm file a class action suit against the developer on behalf of the victims.

If you are right and this isn't happening yet, I hope Apple starts doing it.


Yes Apple will terminate a dev account for not respecting the terms but I am not aware of Apple or Google trying to bring to justice developers that sold private data, at least in US there is a big resistance against having a GDPR like law so you could use the courts to punish some developers. Also we know that Apple (like Amazon and others) used contractors to have them listen to private recordings of users without asking consent (like hey user , I do not understand this can I send it to the cloud so strangers can listen and do stuff with it ?) , so for Apple privacy is a tool for making money, it aligns with your interest until a point (but as with Siri example you can see it is not 100% aligned with your interests)


Sure totally!

With sideloading allowed, an application/appstore that is actually a trojan horse could request permissions once to "download X" where X is innocuous. Later the trojan auto-downloads other applications to your phone to mine bitcoin, run a bot net, etc. Basically selling your hardware, bandwidth and battery life to the highest bidder.

With sideloading, alternate APIs could be scraped together into a "new std lib". These APIs would just be some C/asm lib that is a part of any application and accesses hardware without any permission management. At that point every possible bad thing can happen. "Sandbox it!" sure... but that is what Apple is currently doing... its just also auditing source code to ensure no one is maliciously trying to break out of the sandbox. With enough time, people will break the sandbox or people will complain the sandbox is too limiting and not "true sideloading".

All this said, is Apple's auditing system a 100% guarantee? No. But at least I know once the bug/issue is found Apple will close the hole. Meanwhile, its in a company like FB or GOOG's best interest to force ever more tracking onto users, and they know people will continue to use their services regardless of the complaints (like what happens today).

You might argue, "this is where government should step in". I agree! The problem is that the government isn't doing a good enough job protecting users from digital abuse (arguably might make it worse with weaker encryption). So in the meanwhile, I'm happy that at least Apple currently is trying to protect users.


Apple is not reviewing the source code, they probably looking at what system calls you use and maybe they do what anti-virus software do on Windows, check for signatures or something like that. From my limited knowledge you can have your executable very obfuscated and make it impossible for someone to easily understand what is happening.

The thing is nobody would force the normal users to side load things, the number of applications for Android that are not in the store is small and I think only Fortnite was one with popularity and the number of people sideloading it was not that big.


> if you look at Android or OSX you don't see 51% of users having malware on their machine

Have you actually looked up the statistics? According to Kaspersky (https://securelist.com/mobile-malware-evolution-2019/96280/) mobile malware attacks in 2019 affected: 60.64% of users in Iran, 44.43% in Pakistan, 43.17% in Bangladesh, 40.20% in Algeria, 37.98% in India, 35.12% in Indonesia, etc. These are not small numbers.

> - with the amount of money Apple has they could afford to improve the security by adding more sand boxing and making unlocking of the phone by "tricked incompetent users almost impossible"

Sandboxing can protect against system vulnerabilities but does not help protect privacy in the same way App Store review guidelines do. (For example, by disallowing user tracking in games designed for children.)

> - I assume apps and websites can use your microphone and camera on your phone, it is under soem popup/permission prompt, why do you trust the "inexperienced users" with the camera permissions some bad person could trick them.

Temporary access to a microphone or camera is nowhere the same level of security risk as allowing third-party applications to install other applications on your phone.

> - "protecting" an unknown small number of users by limiting the rest makes no sense

Again, these are not small numbers of users, nor are they unknown. Android malware routinely infects millions of devices:

https://www.zdnet.com/article/this-android-malware-has-infec...

https://www.theverge.com/2019/7/10/20688885/agent-smith-andr...


> If users didn’t want these things, users wouldn’t buy them.

doesn't follow. people buying a thing despite flaw X just means don't consider X a dealbreaker, not that they actually want X


..What? If X isn't a dealbreaker, then obviously customers are fine with X.

If they weren't, it would be a dealbreaker.


There is a vast gulf of nuance between “fine” and “dealbreaker”.


And that gulf is different for everyone. You can’t dictate it to others.


If it’s a “””dealbreaker””” then you’re not okay with it.

If it’s not a dealbreaker then you’re okay with it.

How many different ways do you want to twist this?

If any of this mattered to anyone outside this echo chamber then Apple wouldn’t constantly come at #1 in customer surveys.


Everyone should keep in mind your points when thinking about improving the situation. The current setup does have advantages for both consumers and developers.

Did the majority of the app revenue end up flowing through the Apple by chance or did the rules that setup facilitate that system? As you said, consumers who spend money have largely chosen the Apple walled garden.


Apple's advertising is built on security and privacy — allowing other App Stores on their system would only open up users to invasive tracking & attacks. I want my desktop system to be open as can be; I'm perfectly happy with my phone being (somewhat) locked down. That said, Apple could allow users to choose to install other App Stores on their devices, but at the cost of their devices being considered hopelessly compromised and no longer eligible for support from Apple. Let the market decide: a wider variety of games/apps, or a (fairly) secure system with attached privacy promises.


Isn't this what's the Jailbreak is about?

You can jailbreak device, Apple still will have to respect the guarantee but they don't have to support you whatsoever.

Sure, Apple patch it, but then those are true vulnerabilities that are used to jailbreak it. Maybe they should just have a switch somewhere that would go "enable unsupported mode" that'd show a lot of angry texts at you before allowing you to do that.

That'd solve most of the coalition claims probably. Epic can always put their software on Cydia...


Except Apple is obsessed with taking responsibility for the entire user experience. Also, as people experience the subpar user experience w other app stores, they will still bring it to Apple for support. And probably blame apple - “it’s their logo on the cover”.

Consumer behavior is not intelligent.


Yes, it is intelligent. In aggregate the market is intelligent.


How do you define the heuristic to tell? I can't do it without resorting to a tautology or circular logic.


> Apple's advertising is built on security and privacy — allowing other App Stores on their system would only open up users to invasive tracking & attacks.

But why? If sideloading requires explicit user action and acknowledgment of danger, why would this affect their brand of safety and privacy in any way? The users who want a safe controlled environment can easily choose to stay in that environment. I just do not understand this argument.


Because these users, regardless of what they previously clicked, will expect Apple to support it. And end to end support is kind of one of the big deals about the iPhone.


(supporting this point)

You can see this sort of thing in an old post by Joel on https://www.joelonsoftware.com/2004/06/13/how-microsoft-lost...

This references an even older blog post (that has been lost to time) which was quoted:

> Look at the scenario from the customer’s standpoint. You bought programs X, Y and Z. You then upgraded to Windows XP. Your computer now crashes randomly, and program Z doesn’t work at all. You’re going to tell your friends, “Don’t upgrade to Windows XP. It crashes randomly, and it’s not compatible with program Z.” Are you going to debug your system to determine that program X is causing the crashes, and that program Z doesn’t work because it is using undocumented window messages? Of course not. You’re going to return the Windows XP box for a refund. (You bought programs X, Y, and Z some months ago. The 30-day return policy no longer applies to them. The only thing you can return is Windows XP.)

This is the same sort of thing that Apple faces with iOS. If an application breaks when the system is upgraded, it is the system's fault - not the application (at least in the minds of many consumers) and it is also considered to be the responsibility of the operating system vendor to fix the problem.

(This is part of why the Catalina upgrade was such a big deal because it was known that they'd break a lot of things in doing that)

If someone gets an app from a hypothetical 3rd party vendor store, and it breaks on an update of the operating system (or allows you to download an app that doesn't run) - its seen as company that wrote the OS's fault even though there is nothing that the company that wrote the OS can do about it - they can't even refund the app.


I appreciate the dialog. I'm still struggling with it though and I'm wondering if we have different premises. This seems like it assumes that users are complete buffoons, and aren't capable of understanding a simple message like, "if you enable this feature, you open yourself up to possible security holes. Apple also makes no guarantees that software installed in this way will work, either now or in the future."

At a minimum it seems like the system is designed around the lowest common denominator of user at the expense of more power users.


I used to work tech support at a big tech company. I have little faith in the technical literacy of people outside of those who have specifically studied the issue and done an informed risk analysis on what they want to do.

I feel (especially in today's world) that people are too willing to accept risks that put themselves and others in danger without being informed of the implications or that they maintain a "yea, it will never happen to me" attitude.

That willingness to take risks is especially prevalent in younger demographics. With respect to fortnight when Epic was doing a "disable this check and load from another site" there were numerous copies of the software with malware installed because people were ignoring the risk and looking at what they have. https://www.theguardian.com/games/2018/aug/10/fortnite-on-an...

If you are a power user, and want those features, jailbreaking the phone and doing whatever you want to it is an option. Or maybe, not using an iDevice and going with something that is more open.

There are a lot more people out there that want the training wheels on their technology experience than there are power users.

Personally, after having a linux system that I built myself and compiled kernel patches for back in the day - I'm glad I have the experience and I'm quite happy to let Apple do that now and not have to spend time on that level of verification of software and administration of my own devices.

On the phone itself - I've got lots of personal information, credit cards tied into NFC, email, and IoT controls. And while I'm not going to take risky actions with my phone, I am confident that others will take those risks. As part of Apple's brand identity is privacy and security - allowing people to take those risks works against that brand identity.

One of the frequent comments on HN in the past is "HN may not be the targeted demographic."


> One of the frequent comments on HN in the past is "HN may not be the targeted demographic."

I saw a similar comment here before that made sense to me: "The more Apple distanced itself from power users, the more money they made".


But it's not just users that have this behavior. There was major outcry from some developers about Apple removing Carbon even after 12 years of deprecation and no updates. There was a lot of support from developer-centric community like HN. An example: [1]

Considering that even developers are not too understanding, it's no wonder people assume non-tech people will react the same way.

I really don't see a good solution for that. Even if Apple open sourced Carbon, I doubt Carbon users would be able pick up the slack, since they had 12 years to update but couldn't (or 20 if you consider Carbon was always marketed as a stopgap/compatibility solution).

[1] https://news.ycombinator.com/item?id=21164005


Its a lot simpler than users wanting a device that 'cant run any app they click on'.

The vast vast majority of users don't consider anything except the marketing. And apple is good at marketing. So people want iOS devices.


Marketing only works for the first generation of purchases. Apple has the highest consumer satisfaction ratings year after year so when a new product comes out, consumers know they will get a product they will be really happy with. That is not the case with many other companies.


> The vast vast majority of users don't consider anything except the marketing.

If marketing was all that mattered, and Apple's products were actually disappointing, they would not have repeat customers or high satisfaction after the purchase:

https://www.macrumors.com/2020/09/22/apple-tops-customer-sat...

and please, stop speaking for a "vast vast majority" of people, as if you're an authority on why other people do what they do.


Yes, this is partly about Apple being "punished" for its success. That is a good thing. Entities that are too successful become too powerful and should be "punished" for it.


This!

Which is why I absolutely reject Epic et al’s position.

They want to be part of a small exclusive group of store owners who get to share in the benefits of Apple’s investments.

Very different from the device freedom you are calling for.

It must also be said that device freedom cannot come at the cost of security and trust.

I and presumably you, have the capability to make good decisions about what software to trust.

Most people must delegate this to a trusted third party.

I would support a legal requirement for iOS devices to have a bootcamp equivalent.

That way Epic and whoever else wants to build their own platform would be free to do so.


> They want to be part of a small exclusive group of store owners who get to share in the benefits of Apple’s investments.

Exclusive? Why can't I write an app store?


For the same reason you can’t build a phone.

You’ll be competing with multi-billion dollar corporations who have exclusive content and nobody will bother with your store.


> You’ll be competing with multi-billion dollar corporations who have exclusive content and nobody will bother with your store.

What does me building a store have anything to do with its adoption? I build lots of low/no-adoption software for fun or for small/personal use. This line of thinking, that if you can't be a top-level player in a competitive market, you can't build anything is foolish. You shouldn't confuse the building and marketing concepts, especially not to support disallowing the former.


But that's not anti-competitive.

All manner of well-funded corporations would be able to start app stores on mobile, and several (Epic, Valve/Steam, Microsoft) would start app stores the second they were able to.

They'd also be competing for software - as there's a lot of fat that can be trimmed in those 30% margins.

The competition, which would be fierce, is more than enough to solve the issue of price fixing.


Any fat trimmed in the margins (which is less than you think) would not accrue to developers because they’d have to deal with multiple stores and multiple rules sets.

They also wouldn’t have to offer the same terms to every developer. All they would need to do would be to lock in some exclusive popular apps. ‘Competing for developers’ doesn’t mean making things better for all developers. It just means securing enough exclusives that people can’t ignore your store.


On Android there is the F-Droid software repository, and there is no issue of competition with the Play Store. Would things be different on Apple phones?


Developers can safely ignore the F-Droid store because it represents no significant market share.

This will not be true of the stores that Epic, Facebook, and Google, and Amazon et al would start up on iOS.


F-Droid does not offer any form of payment, anyway. All the apps offered by F-Droid are open source and the majority of them ad-free, and it's honestly a fantastic resource for me. It actually has quite a lot of apps, including games, productivity tools, utilities, and other things. Something like this wouldn't be possible at all on Apple's platform.


> As of June 2017, the Google Play store hit 3 million apps by 968,000 developers, trumping the Apple App Store. In comparison, the Amazon App Store only has around 600,000 apps by 75,000 publishers, as of Spring 2016.

https://www.businessofapps.com/news/amazon-app-store-vs-goog...

Interestingly, there appears to be more revenue made per user on the Amazon store than on Google Play:

https://www.mobilemarketer.com/ex/mobilemarketer/cms/news/re...


I think this confirms my point.

Note that as per Epic’s other lawsuit, the Amazon App Store is working at a severe disadvantage to Google Play.


It refutes your claim that developers will end up having to support alternate app stores or risk losing on market share. Despite the potential for greater revenue on the Amazon Appstore, developers don't seem to be flocking to it.

People seem to be buying into Epic's own claims of self-importance. They may be the ones to have finally advanced grievances against the App Store to the lawsuit, but they do not- nor should they- have the ability to frame the entire discussion. Their standards for openness are debatable.


It doesn’t really refute my claim. For one thing for most developer, Android is an afterthought in terms of profitability because of iOS, and for another, secondary app stores don’t function on an equal footing with the play store, which is why Epic is also suing Google.

Android just isn’t a model for what would happen on iOS. Obvious really, because Android has never had anything like the same success in app sales.


Android also have a lot of malware issues. I’ve had to help factory reset Android phones quite a few times because friends and family ended up getting spammed with sex notifications and had their search engine hijacked. Windows and OSX suffers from the same problems. The reason these platforms suffer from malware, while iOS does not, is because they allow third-party installations.


From what I've seen, the majority of Android malware either comes from Google's Play Store, or gets included on the phones by certain OEMs. F-droid in particular, due to its open source requirement, hasn't ended up hosting any malware so far.


This is incorrect. Google's own statistics (https://source.android.com/security/reports/Google_Android_S...) indicate that devices that use side-loading have an 8x relative higher incidence of malware compared to devices that only install apps from the Google Play Store.

(Note: I believe Google's absolute numbers are significantly underestimated due to the poor performance of Google Play Protect compared to other malware detection tools, but so far they are the only source I have found that publishes relative numbers between the Play Store vs side-loading.)

As some high profile examples:

- HummingBad infected 85 million devices primarily via direct-download on malicious adult websites. (https://www.zdnet.com/article/this-android-malware-has-infec...)

- Agent Smith infected 25 million devices primarily via a third-party app store. (https://www.theverge.com/2019/7/10/20688885/agent-smith-andr...)


F-Droid is even more locked down than the App Store, and even if they turned it into the default app store then Android would still be riddled with malware.

As to how the Android users keep acquiring malware, I have no idea whether it’s from the Play Store, or if they download free apk files of paid apps, or if they download it through ads or from emails or whatever. I just know I have to help fix them regularly, and if iOS is forced to open up then iPhones will suffer from the same malware issues that you see with OSX/Windows/Android.


IMHO there would be a large market for local stores that promote local apps. It would usher in an era of local discovery and decentralization. I think it would be a huge win for everyone except companies abusing the monopoly like characteristics of demand aggregation.


> Which is why I absolutely reject Epic et al’s position.

> They want to be part of a small exclusive group of store owners who get to share in the benefits of Apple’s investments.

Can you clarify what you mean by this?



I don't see how that's relevant. Epic isn't suing Apple so that they can have exclusive rights to open a second app store, they're suing to allow third-party app stores in general. If Epic wins, they aren't going to be part of a small group of store owners; anyone would be able to open their own competing store.


Almost no stores will be able to compete with Facebook, Google, Amazon, etc, who already have giant reach and network effects,

Consumers will have to deal with them all, as will developers.

There will be a small group of store owners.


> Almost no stores will be able to compete with Facebook, Google, Amazon, etc, who already have giant reach and network effects,

First of all, that is not true at all.

And second, even if it were true, it'd be a far better situation for developers than the current status quo.


We have already been through the multiple "app stores" model and it was fucking awful. Back before the iPhone and Android there were dozens of different stores for PalmOS, Symbian, and PocketPC/Windows Mobile, even boxed software sold on CDs.

There were no guarantees with any of the stores. Many didn't even host stuff they sold. So you'd buy from the "App Store", download from the developer's site, and then deal with whatever license system the developer used. Since there was no standard way to work with the store there was no standard mechanism of distributing licenses. Signing was also a joke as there was no good way to let end users validate, in a usable way, the signatures of apps or even that the signing entity was who they claimed to be.

Piracy was rampant because stores sucked, prices were onerous, and cracking the software or just sharing licenses was too easy. The current App Store model developed as a response to a broken market for mobile apps.

Hate on the App Store model all you want but it solved significant problems that plagued the industry for years.


Having to deal with multiple stores would be strictly worse for developers than the current situation.


And worse for consumers. No way I'm dealing with entering my CC again and again. The current situation is not perfect, but it does have advantages for both consumers and developers.


Really?

Microsoft, Amazon, Google, and Apple already have my CC number. If I could buy all my apps through (ex:) the Microsoft store that exists on PC, Android, and iOS I could delete my CC info from Google and Apple. That's a win in my book.

Maybe the competition would force all of them to innovate a bit. Wouldn't it be nice if you could give your CC number, but set a hard limit on in-app purchases? Ex: Here's my CC, but you're not allowed to charge more than $50 / month to it. I bet there are a lot of people that have gotten multi thousand dollar IAP bills that wouldn't mind a better system for some of that stuff.


So if Apple had entertained the original pre-lawsuit request, would epic have fought until Apple allowed app stores other than Epic and Apple existing?


What does it matter? They're fighting for something that benefits everybody (except Apple) now.


There is no evidence that what they are fighting for would benefit anyone other than a small group of already rich companies.


There is plenty of evidence from Android that it would benefit both users and developers.


Android is not a model for this. Stores on Android simply don’t have equal footing with the play store.

Epic is suing Google too over this.


Epic is suing Google for pressuring OEMs against preinstalling its app store on devices, not for preventing users from installing its app store themselves. It's true that app stores not signed with the system key can't automatically update apps, and users would benefit even more if they could, but users already benefit from being able to install apps outside of the official app store at all.


You just confirmed my point.

Android app stores other than google play aren’t remotely on a level playing field with the Play store.


I never disputed your point (though it is technicall bwrong because some phones have other app stores installed on the system partition) because as I already pointed out, your point is irrelevant. The fact that users can install apps from other sources at all has massive benefit, as Android has already shown. There would be even more benefit if other apps could do automatic updates, but there is already benefit with what is available.


"They want to be part of a small exclusive group of store owners who get to share in the benefits of Apple’s investments"

False.

Epic made very clear, early on, IN THEIR COURT FILING that their case was an attempt to legally force Apple and Google to allow for third party app stores to exist equitably on iOS and Android.

Does that benefit Epic substantially? Of course it does. They want a mobile Epic Games Store on both platforms. But it would also break the stranglehold duopoly that Google and Apple have over the mobile software marketplace.

Example to prove the point: Nothing in Epic's proposals or court filing would prevent Steam Mobile or the Microsoft App Store from launching on iOS and Android on the same terms that Epic prevailed on in court. That's about as far away from anti-competitive behaviour as this court case could possibly hope to be.


Nothing I said is false. Third party stores will not exist equitably on iOS and Android because there don’t exist equitably anywhere else.

I said a small group, not just Epic. That group would be made up of the usual suspects - Epic, Amazon, Google, Facebook, various other TenCent properties etc.

Nothing about it would make it either developer friendly, nor consumer friendly.


> Nothing about it would make it either developer friendly, nor consumer friendly.

That doesn't sound too bad to me from either side TBH. As a developer, it would be useful to have a choice between multiple publishers with the advantage of only needing to deal with one at a time instead of three. I also think competition in app stores would spur a bunch of innovation.

As a consumer with an Android phone, a Windows PC, and an iPad as a tablet, the idea of buying all my stuff from one company's app store and having the licensing work across all 3 devices is extremely appealing.

I think one of the biggest fears of Apple, Google, etc. is that it's very possible someone will come along and build a better app store with better policies for both developers and consumers.

Here's a concrete example of "better". Judging by this [1] apps in iOS 14 can specify a DoH resolver to use for DNS.

> Apps will be able to specify a DoH resolver that will override the DNS resolver set by DHCP or RA for queries made from their app.

Guess what that means? Apple is going to let developers override MY choice as a network admin and DoH is going to be used for un-blockable ads. Why should they be able to do that? I would absolutely buy into an app store that forbid that behavior and forced apps to observe DHCP settings over app settings.

I'd also be fine with an app store that didn't force the use of sign in with Apple or Apple Pay. And that's where the problem is for Apple. Forcing developers to use Apple technologies isn't benefitting anyone but Apple. You might argue that it's better for consumers, but if those are features wanted by developers' customers, developers will add them without being forced to.


I don’t see what would allow developers to only deal with one publisher at a time.

If each one commands a significant percentage of user attention, you’ll have to deal with them all.


Android is already both more developer friendly and more consumer friendly than iOS despite not having full automatic update support for third party app stores. If that were in place, it would be even better.


This is clearly not true. If it were, developers and consumers would prioritize Android.


As a developer and a user, I do prioritize Android.

People don't buy luxury jeans because they are better jeans than Levi's. People buy luxury jeans because of marketing. The same applies here. Consider how many people in the HN comments say they like iPhone because of privacy even though it is so clearly worse for privacy (can't install an app on your device without telling Apple, can't get your GPS location without telling Apple, etc.).


Privacy is better on iOS because it’s not about what goes to Apple - it’s about what goes to 3rd parties.

Also you seem to be just wrong. iOS doesn’t inform Apple when apps make GPS location requests.


Android allows the user to prevent data from going to third parties as well. The difference is it also allows the user to prevent data from from going to the OS manufacturer. This is strictly greater privacy.

You are wrong about GPS location requests:

"By enabling Location Services for your devices, you agree and consent to the transmission, collection, maintenance, processing, and use of your location data and location search queries by Apple and its partners and licensees to provide and improve location-based and road traffic-based products and services."

It will also send your location to Apple when no app is requesting your location:

"If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations."

Unlike on Android, you cannot get your location without sending this data to Apple:

"To use features such as these, you must enable Location Services on your iPhone"

https://support.apple.com/en-us/HT20705


I’m not wrong. Your quote supports my assertion.

You seem to be ignoring these important words:

“...in an anonymous and encrypted form”

Apple doesn’t end up knowing where you are.

Even though colloquially we can say they ‘send your location’, they don’t actually learn where you are.

This invalidates support for your claim about how iOS privacy is worse than Android.


> “...in an anonymous and encrypted form”

This is not so hard to reverse given that Apple also has your location tied to your identity from other Apple services you use. Once you match that location to the encrypted user, who is often seen requesting their location data from work or home, you get the encrypted user's location data identified.

Compare to Android, where you don't have to send your location data anywhere to get your GPS location. iOS location privacy is strictly worse.

You also ignored the fact that every app install gets reported to Apple tied to your identity, which is arguably even more egregious.


> can't get your GPS location without telling Apple, etc.).

I'd rather an iOS app have location listed as a capability in the manifest than have Android send my location to Google for the purpose of selling advertising based on store visits.


Me too. Luckily, on Android, apps must also request the location permission, and you don't have to send your location to anybody. This is unlike iOS, where Apple gets your location no matter what.


In what way do consumers not prioritize Android devices? Android has about 75% market share.


Consumers do not prioritize Android devices as a market for buying apps. Android has 75% market share but iOS users have spent twice as much in total on apps.


The common misconception of HN crowd: assumption that everyone are like them and actually want complete control. There is a nontrivial cost to having that control and not many actually want it. They want something that works and is useable.


I don't mind if people want to pay for someone to curate their apps, but I don't see any reason developers shouldn't be able to charge those people +43% for buying through the curated app store. If there's really as much value as everyone claims then users won't have a problem paying extra, right?

I also think it's crazy that IAPs are viewed as anything more than a simple payment that would incur normal payment processing fees. You'd never find anyone willing to argue that VISA or Mastercard should be able to charge 30% for payment processing because of the infrastructure they provide for merchants.


Framing the 30% as "payment processing" is a fundamentally flawed comparison. Apple builds the entire ecosystem and suite of tools that developers use to actually make apps for the iPhone.

Visa and Mastercard only provide payment processing, they don't provide the equivalent of the iOS SDKs, Xcode, the App Store, etc., to their merchants.


I think there's some value in that tooling for building the apps, but for IAPs Apple's not doing anything more than payment processing. There's nothing special or difficult about processing an IAP and there would be a line of competitors around the block to do it for <5% if they were allowed to.


You're not going to get open firmware. Cell phones are radio transceivers in the hands of millions of unlicensed users. The only reason any of the cellular infrastructure works is all the devices run tested and certified firmware.

For most cellular basebands the PHY is more powerful and capable than the regulations would normally allow. They only get certified for consumer use because the firmware bounds the operation to the regulated envelopes.

No devices would ever be allowed to be sold on the consumer market if end users could go tweak the firmware or run uncertified firmwares. They shouldn't be allowed to be sold. The difference between a transmitter and jammer is a pretty fine line.


True, but anyone mildly determined can get a two year old device, 0day the baseband, and have full access. I remember old iOS exploits that gave access to the full baseband as well.


That's nothing at all like a consumer device being offered for sale with an intentionally tweakable baseband firmware. Getting a device certified by the FCC (and equivalents) doesn't require that the baseband firmware be 100% free or 0-day exploits. You can hack certified devices in all sorts of ways but you're then breaking the law (wrt to the radio portion) and doing so completely outside a relationship with the equipment manufacturer.


You can buy various SDR devices without any license, it's not hard to make jammer if you want to.


It's not hard to make a jammer if you're setting out to build one. The problem is when you inadvertently turn your phone into a jamming device because you tweaked some firmware settings.


Is a car considered a "device"? Would you ride with or let your kids, family or friends get in a taxi that has been "modified" by the driver?


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: