We don't have to wonder what it would be like. There's been mass use of platforms that allow "side loading" (AKA, just regular installing) and "third-party app stores" (AKA, just regular buying software) for decades.
No, it hasn't always been pretty.
Yet it just hasn't been that bad either, and the benefits have proven to be very substantial. There are incredible amounts of great software available that doesn't fit in to Apple's idea of what ought to be allowed.
And it's not like you can download with confidence from the Apple App Store either. They play a cat-and-mouse game with malware constantly and there's been plenty of collateral damage.
I think there's no question third-party app stores, or just direct side-loading would lead to a lot of new great software, without a ton more risk. I think the weakness of this argument document show that.
This also applies to Apple's app store/lockdown:
One may object that it's government's fault, not Apple's, as they're the ones pressuring for this kind of censorship. But it is Apple that made these chains for their own benefit, knowingly exposing their users to this risk.
For the layperson (90+% of iPhone users) I find the argument unconvincing. They don't understand how to protect themselves. And what software is it that they would substantially benefit from if only it were not for a manufacturer-controlled app store monopoly?
Don't we all have memories of looking at a relatives computer and finding half a dozen browser toolbars and some mysterious impossible-to-uninstall programs running on startup?
I think this is by design. Stupid users make good consumers, so big tech has ignored improving, dumbed down, and removed the tools that would help users understand how to protect themselves.
Code signing and identity could be significantly better than it is, but no one wants to invest in improving that industry because it's much more profitable to convince people they need to rely on a huge tech company like Apple, Google, or Microsoft to be a curator.
The reality for me is that identity is worse on most of those systems and they end up being great for reputation laundering. App stores are basically the equivalent of 3rd party sellers on Amazon. Apple, Google, and Microsoft all lend credibility to bad actors when they allow them in their app stores.
Personally I don't even use the app stores for discovery. I look online for recommendations and a decent company presence. Basically I try to judge a company by how much money it looks like they spent on their brand. Using a dictionary word .com? That's reliable. Using supergameofthelegendsprohd.top? No thanks.
I find it ridiculous that to run a bit of iOS code I have to spend hours chasing down someone with access to authorize my signing keys. It's a fruit company laptop using a fruit company IDE and a fruit company mobile device, yet I still have to jump through all of these hoops to run my own code on devices that I own?
Look at all the software that is available for MacOS that is not available for iOS.
> Don't we all have memories of looking at a relatives computer and finding half a dozen browser toolbars and some mysterious impossible-to-uninstall programs running on startup?
No one is suggesting running Windows 98 and IE 6 on phones. It's weird, we literally have an apple-to-apple comparison with MacOS and iOS and instead we're dredging up a straw man of old software designed to be insecure.
If Facebook pulls its app from the Apple store and only releases it on a third-party store, those laypeople will follow. And much of the noise and content in the "sideloading" campaign for iOS comes from Facebook and similar companies with a monetary interest in getting around Apple's rules.
Facebook has spent millions on full-page newspaper ads this year attacking Apple's App Store anti-spying policies. It hasn't said peep one about Google.
The "fate of the PC" thing is funny because one might think that they're just throwing a jab at themselves, but they've campaigned very effectively for their customers to think that the Mac is not in the same category.
When iPhone was developed, PCs were the world’s primary computing tools, and they were riddled with viruses.
Okay, but Macs managed to buck that trend because of your superior engineering, right Apple? Right? Hello? I mean... that's what you've been telling us for decades, Apple.
Oh, you meant PCs not Macs in the above quote? That's a bit disingenuous isn't it? It's (ahem) Apples to Oranges isn't it? Are you selling oranges or apples?
Note: I'm a fan of Apple's products but am getting tired of their sleight-of-word bullsh*t. This outright deceiving behaviour is disgusting.
The incredibly public lawsuits Apple has found themselves in have only demonstrated how they fight tooth-and-nail to hide the most nascent of details. They fully intend to control their narrative from top to bottom, and it blows me away when I see politicians entertain this security theater.
Apple is a significant vendor of such platforms.
They have an A/B experiment running on the Mac. I prefer to buy directly to send more money to the developer, but I suspect most people prefer the (confusing) store.
In other words: what chaos?
Kind of, in terms of sideloading restrictions; not at all in terms of software library, business model, and incentives.
Most (70%+) of Apple's iOS App Store revenue is from games (largely in-app purchases since mobile games tend to be "free to play.") In fact Apple's profits from iOS gaming are larger than the gaming profits of Sony, Nintendo, Microsoft, and Activision combined.
You can ask any poor Mac gamer about the state of the Mac game business... it isn't great, and it certainly isn't Apple's bread and butter like iOS gaming.
From the perspective of Apple's business and profits, the iPhone is largely a walled-garden game system, much closer to the PlayStation, Switch or Xbox than to the Mac.
Apple isn't wrong about potential security and privacy threats, but the threats to Apple's business and profits are most likely the driving issue.
The primary purpose of sideloading apps is to get the app downloaded and play it for free. This in turn creates a security problem when you allow for anyone to side load apps.
We can see this in Windows and macOS where people who have full access to a computer generally get malware onto their computers.
What macOS and even Windows is moving torward is a containerized system for programs to run. This is going to be the best solution eventually. This is at the cost of performance (especially Windows which sees a 30 percent drop in gaming performance ).
I think to allow external app stores would be a vetting service and also Apple would have to create a sandbox for the apps and also possibly some analysis to make sure that the side loaded apps aren’t just someone’s else’s stolen video game. Unfortunately until some kind of law is done Apple has no incentive to actually allow this to occur.
I don't believe this is true. This is demonstrated by open source software on many platforms installed directly by end users without a curated store.
Maybe you mean people only side load apps on iOS for piracy purposes? I'm interested in learning more about this assertion.
It may sound counter-intuitive, but the whole issue here is that Apple is using their store for anti-competitive things (e.g. blocking/slowing competitors, requiring the use of Apple's payment infrastructure, Apple's ads, etc).
If third party stores could exist, you wouldn't need side loading, and security isn't completely compromised as hopefully the third party store provides some level of assurance (Vs. essentially none with side loading).
This of course won't happen because it is absolutely about control. Apple may one day allow side loading but will make the process incredibly unpleasant citing For Security Reasons™ as their justification.
Security checks are fine, choosing who gets to enter is not.
Facebook would start a store, data gathering would be built into every app that store sold. Apple would not be able to reject the store itself because Facebook would sue them for anti-competitive behavior.
1. All apps are reviewed and hosted by Apple.
2. Third party app stores act as a layer on top. They pay a commission to Apple on sales (lets say 5-8%) to cover their review and hosting costs plus provide some profit.
3. The app stores set (and compete with) their own prices and services on top of that.
4. Apple maintains its own App store as well.
Here are the key bits:
A. Apple must review Apps for security and privacy issues. They can choose not to sell it in their store if they find it morally objectionable but they cannot restrict other App stores in what they sell (assuming its legal, and passes security/privacy checks).
B. Third party stores can sell whatever they want from the list of apps having been security reviewed by Apple. You'd end up with some cool niche app stores (imagine one with impartial game reviews, or one that only lists non-subscription apps, or one that serves [insert your favorite niche here]).
1. For users who like Apple's current model, nothing changes. However, they benefit from increased competition and (likely) better pricing.
2. Apple cannot block apps from being available in third party stores just because it doesn't like them, but it doesn't have to sell apps on its own store that it doesn't want to. Win/win.
1. Who will handle refunds/complaints/etc? A: I'm not sure, I'd have to give that more thought.
2. How would the fees work exactly? A: Again, I'm not sure... it might require a fee per app review instead of the current model. (Otherwise Apple would be flooded with Apps to review that have no intention of appearing on Apple's store).
In summary: The security threat model is unchanged, users enjoy better selection of Apps and better pricing (and other innovative features) from stores.
Yes, it's a half baked idea but there could be the basis for a really good compromise in this sort of arrangement. One that ultimately benefits consumers first.
To solve those?
(We all know this isn't true, but this is their argument).
So, they allow alternate storefronts. Assumedly, these storefronts are allowed to enforce different rules, right?
Are the storefronts allowed to distribute porn? This literally came up in the Epic v Apple case, when Apple argued that Epic's distribution of the Itch.io game store was tantamount to Epic's implicit approval of everything Itch.io distributed, including some pretty graphic pornography. Epic argued that this wasn't the case, and they only approved of Itch.io's governance process, not all of the content.
In other words, Apple has already argued in court that there's a transitive nature to approved policies of stores-within-stores. I agree with Apple on this one! A situation with Apple approving stores-within-stores would only lead to one of two outcomes: Either these stores have to abide by the same policies the app store enforces, so there's no buff to user/developer freedom but a big debuff to user UX, or, they're allowed to make their own policies, in which case Apple is transitively forced to distribute porn (and violent content, and third party payment processors, and video game streaming services, and everything else in the area between "legal" and "Apple refuses to distribute" today).
This doesn't seem fair either, does it? To some degree, to me, it feels like forcing Disney to produce NC-17 gorey horror movies.
But, the situation is not identical, because Disney is not the only producer of movies for half of the US population. The better solution is not to force this through the App Store, and instead force what Android does; distribution over the internet (of either individual applications or entire stores, both should be allowed).
This is fundamentally less secure, but its also how every other general purpose computing platform works. Apple shouldn't be forced to carry and distribute any and all kinds of applications, but iOS itself should be open to run any and all kinds of applications. Let the open internet handle the distribution.
Side-loading should be permitted. I am okay with it not being allowed by default but it should be something a user can override.
Apple is happy as can be to let enterprise (and schools/gov/etc) force users to install apps.
They just fight tooth and fucking nail to hang onto their rent-seeking in the app store.
As a customer, you're getting fucked twice.
The enterprises are "forcing" the installation of apps on the hardware they themselves own. Corp A cannot force the installation of apps on Corp B's devices, or even on the personal devices of Corp A's employees.
I have an iPhone for work and my personal iPhone, and my work has no access to the latter.
I don't think there's any technical reason why you couldn't set up a MDM system for your own personal phones and have the same capabilities as an 'enterprise'.
And yes - I can set up an MDM system, but that doesn't provide the same utility as a store.
Nor does it work around the profile limitations built into iOS (again, I'm out of date, but previously you could only have a single provisioning profile installed on the device - this was actually the recommended way to prevent this type of attack: pre-install your own profile).
Okay, then why can't I do the same thing with devices that I own?
App Store apps can be deployed via MDM for free, but not ones you write.
Last I checked - you can distribute private & proprietary apps using an enterprise deployment provisioning profile.
It requires that the signing entity (usually an enterprise) is registered with Apple (and pays a $300 fee), but it does not require store review.
Not true - the company can push whatever they like to their managed devices making that whole line of argument moot
I guess it didn't work that well since they went on the Play Store anyways and then sued Google for making their life so hard.
> Even users who decide they don’t want to sideload, and prefer to download apps
only from the App Store, would end up being harmed. They could be forced to
sideload an app they need for work, for school, or for social inclusion if it is not made
available on the App Store. Furthermore, cybercriminals and hackers may trick users
into unknowingly sideloading an app by mimicking the appearance of the App Store,
or by touting free or expanded access to services or exclusive features.
TLDR there could be a safer store alternative.
A monopoly is an easy way to do it, then inconsistent review and bad security scanners are irrelevant, you need to add some PR team to try to defend all the bad stuff and misdirect.
This reminds me of the NSO and Apple's history of failing to cooperate with security researchers.
If sideloading "were possible" and "forced upon users by schools and jobs" then I'd find it interesting that Android users by far haven't complained about this. I used to use an Android device and never had anyone force or tell me to sideload an app that I didn't want to use myself.
I've actually had to install more apps through the Play and App Store for my education and work.
All this said - my current iPhone 6s will be derelict soon and replaced by a de-googled Android device in the future.
What you're linking to are entitlements. The APIs for these entitlements are very much public but will not yield a valid result if the entitlement is missing or the user hasn't provided access. Private APIs, on the other hand, will return valid results each time. However, they are often hidden behind actual public APIs. For example, take these two stack frames:
9 UIKitCore -[UITableView _reuseTableViewCell:withIndexPath:didEndDisplaying:] + 268
10 UIKitCore __25-[UITableView reloadData]_block_invoke + 184
The reloadData call is a valid, public API call. Internally, it then calls the function in frame 9. Calling the function in frame 9 directly from within app code would be a private API violation. The Objective-C runtime makes it pretty easy to call private APIs through use of target/selectors and msgSend. I don't believe checking at runtime if a private API call is made is practical. For one, I'm not sure how technically feasible it would be but worse, there would be a performance penalty accrued with every private API. More importantly, though, the app would already be out in the wild. Compile-time and app review is really the only time to check. To the best of my knowledge, I'm not sure there's a way to force a private API call within Swift, particularly for classes that don't inherit from NSObject or are functions not tagged with @objc.
Contrary to all the apps on the proprietary stores of smartphone manufacturers that never spy on people.
Information extraction is a security issue, plain and simple. Smartphones are extremely bad here compared to platforms that allow sideloaded apps. Being dependent on one manufacturer is also a security issue.
So I don't understand the security argument. Apps on shops probably don't contain malware, many of them exploit you legally. The software landscape outside of stores is far less prone to exploitation.
At no time did Apple state that there are zero apps in its store that violate its guidelines and spy on people. You're taking one side of an argument that doesn't exist.
Too often in this debate, people think that pointing out that Apple isn't perfect somehow negates all of its legitimate arguments. It doesn't. Not even remotely.
Sure, most here would know not to do it, but it’s abundantly clear that the general public cannot manage technology.
And this is what these companies were doing publicly. Imagine if they had unrestricted access through other app stores? Data is the modern day gold rush, and it seems like every company has gold fever. They just can’t help themselves in being as intrusive as humanly possible. It’s nice to have some kind of control over it.
I would be open to alternate app stores if and only if they were unable to circumvent MDM restrictions. At least that way you could protect company assets.
Remind me again how Apple has transcended beyond "the general public".
As with most things in security, it's a trade-off between competing goals and principles.
I don't think it is safe for every user to do the same I did, but I'm glad I could do it.
I think a reasonable solution would be something like a hardware seal that unlocked the bootloader once broken. If the vendor worries about how this may affect them, breaking the seal could also void device warranty.
I'd gladly buy a second hand still powerful device, void its warranty and install whatever I wanted on it.
Instead of a gub'mint telling Apple "OK, you have to let there be an app store free-for-all right now" and Apple watching its work descend into chaos overnight, there could be a middle ground: "OK, you have to let there be an app store free-for-all in five years." That could give Apple a good amount of time (and it already has the money) to harden iOS as much as it can.
(I'm only half-way through reading the Apple document, so maybe this is addressed later.)
I'm fine with giving Apple a bit of a lead time here, but ultimately people should have the right to do whatever they want on their own personal computing devices.
Every 7 days!! if you only have a free developer account, otherwise every year and only for a limited amount of apps.
If we could compile and install apps without any limitations, we'd already have a competing app store that automates this for people.
Understand I am fairly alone in this perspective.
You can be alone in this in the tech bubbles where developers suggest mums use Kubernetes to run their knitting blogs and complain why they can’t run Docker on their iPads.
Outside of this, while Apple has a financial incentive for the status quo, they also care about customer experience (we know Apple is laser focused about this even in the pre App Store years and decades). And on the whole, sideloading will do more harm than good.
Surely Apple is confident in its app sandbox security model and can properly enforce those boundaries, right?
I find Apple’s most convincing argument to be that schools and businesses might force you to sideload their craptacular app that didn’t pass review.
Ultimately, if Apple keeps insisting on digging in their heels on the supracompetitive 30% commission, then governments will have to act with a broad brush and allow sideloading as a way to force competition.