What really galls me, and I know I have ranted about this here before, is that you can't even really load an app ON YOUR OWN PHONE without paying for a developer account, not to mention that I can't side load something someone else made. I get that iPhones are nifty and all, but I don't see how people can spend that money on a device that locks the owner out of basic functionally.
Android is not perfect, but at least I am able to, you know, use my phone as I see fit.
I have my entire life in my phone: bank accounts, private keys/passwords/2fa/crypto, pictures/videos of personal life moments, messages between family/friends/business, etc. I want the "thing" that holds all this to be as closed and reliable as possible.
I know that I can just simply not side load, but the smallest attack surface the better.
You can have those things while still being given an opportunity to generate yourown executable signing key upon first boot of your device.
It's not increasing the surface area in terms of system complexity; the OS is already checking signatures to create this barrier to general purpose computing in the first place.
If you don't want the additional key, you skip the step, to be never asked again until you factory wipe+reset the device.
Your listed wants and the freedom to run your own software are not mutually exclusive.
Or how about accept a key associated with the iCloud account linked to the phone?
This basically prevents any user friendly third party app store, but also allows users to, you know, use the device like they own it.
But I thought there was some ability to load apps without a developer account? Am I wrong? I've always just purchased the account because I was getting paid and wanted to show some professionalism but I thought there was a workaround.
And that is precisely why you need control of your device, and not hand it over to some third-party, especially a corporate who has a vested interest to make as much money as possible from you, with the very data that you seek to protect! Would you really even be happy if some other third-party, like your government, took over this role of acting as your device's protectorate and let them decide on locking / controlling your device to "protect" you?
This argument of "it's for your own good, because people are stupid" is quite weak even if we ignore how this so called "high security" offered by locking down hasn't prevented new jailbreaking techniques to keep surfacing. If you understand security concepts and attack surfaces, then you do know there are technical ways to lock down a device and still give complete control over this to the user.
Apple today has the ability to remote delete and wipe out all your personal data and lock you out of your device. There are no laws or regulations to prevent this. How is that in any way acceptable?
Well now this is an argument for free (as in speech) software on the phone, not sure any closed source system will be able to satisfy what you're looking for (and that's a good thing, but it's a much stronger claim).
Unfortunately one of the reasons why active and passive advocates of right to privacy are losing this fight is because people don't intrinsically understand how important it is politically for them. The ignorant lightly mock us, asking what do you have to hide. Sure, it is easy to make them think about this by asking them to turn over their email / IM account credentials if they "don't have anything to hide", but it still doesn't really educate them.
People don't understand that our right to privacy protects us from becoming easy and vulnerable political targets. It is essential to provide us a sense of security that is essential for our mental well-being ("life, liberty and the pursuit of happiness" as the US constitution puts it very simply). You may be a minority - a gay person or ethnic / religious / linguistic etc - and even if you live in a healthy democracy, you can be subject to light prejudice. Can you really feel secure if a Google search or a facial recognition software reveals everything about your identity to a stranger or a person in authority who can politically abuse it? Obviously, No. And this is not just confined to minorities. Even the majority community does experience anxiety and insecurity in a foreign or multi-cultural environment (a popular political saying in India is that everyone becomes a minority when they step out of their community). That sense of personal security and belonging can only come if you have a right of privacy and are in control of how much of your personal identity you want to reveal to someone. Democracies exist to protect minority rights. And everyone of us, sometime feel like a vulnerable minority because of some part of our identity. Without a right to privacy, our democracy fails us.
1. There are OSes that are “open” and still reliable.
2. OP was talking about loading apps on his/her OWN phone. Apple could offer some “OS variant” or some settings for people like OP while the default is closed for people like you. This doesn’t seem mutually exclusive technically — it’s probably just not in apple business best interests.
As past threads on this topic have shown, iPhone users prefer Apple be the controller of the device than the device owner itself. It is somehow understandable, but it is position I've often seen espoused.
Interesting. I understand what’s in it for Apple; but I don’t understand what’s in it for users? People can have their cake and eat it (i.e: a closed ecosystem with strong security and reliability guarantees but we let you leave for more freedom, but we promise you very little)
Yes, exactly. I want a device that’s thoroughly locked down. For myself, and especially my parents and spouse, who I’ve taught never to access their bank accounts on the web, but only on their iPhones.
If I want a hackable pocket computer, I’ll buy a device specifically for that purpose. Or pay the rather minimal fee. (Edit: If needed.)
help me understand this better. you are afraid that someone may access your private content if Apple allows side loading of apps? How is it any different than what's on macOS today? you can run any apps (after clearing it in System preferences) on your laptop but suddenly it's a security risk on your phone?
Whether you believe it or not, most people have sensitive information on their phone and not their ‘computer’ (I guess a desktop thing,
if they have one!).
For most people, they couldn’t care what happens to their computer. Not everyone is the same, but it’s not an uncommon situation.
So security for the phone is more important for some people than computer security.
A bit of both. Some people I know, say sporty types, never got a computer ever in their life. Others were older and never got one either.
For a lot of humans, their phone is their ‘computer’. Especially for services like banks and government agencies. It’s important for them to be secure in a way that pcs have a hard time being
What people are paying all of their bills and looking through all of their statements on a phone? Maybe on a tablet, that accords more screen space. People can do a lot of things on phones these days but I am unconvinced that it is the optimal form factor. There are plenty of websites for boring necessary sensitive financial/legal/government/academic work that either has no mobile website or has very badly made mobile sites thus necessitating access by computer.
Except what you just said isn't true. Yes, Apple charges for developer accounts that lets you publish to the AppStore or even privately. But you can get a free version that lets you push to devices locally. So if you want to distribute your app not in the store you can do so as long as you release the source so other people can build it on their free account.
On top of that, apps installed this way expire after a number of days, possibly as few as 7 days? And there’s a limit to how many can be installed this way, might be as few as 5 apps.
Sure. As long as you don’t need Fonts, iCloud, NFC, VPN, Push Notifications, Sign in with Apple, Sign in with browser credentials in-app (useful to avoid typing your passwords in multiple times), time-sensitive notifications, Siri or Low Latency HLS, amongst other features.
And don’t mind re-installing the app every 7 days by connecting your phone to Xcode and installing again or it will expire and stop working… And yes there is wireless connectivity to Xcode, but it’s still extra work, especially if the app itself can deploy using JS in-app updates.
So yep, you can do it. Technically. But the first time my app “expired”, I went and bought the subscription again. It’s waaaay too annoying if you actually want to use an app to use the free edition. The free edition is for, like, class projects maybe. Not apps you actually want to build and use.
I have an app that I've now installed on 3 different cell phones as I've upgraded them over the years. It was given to me by the writer for feedback and comments, but then their professional life became such that they never finalized the app.
Thing is, I use the app a lot. It's very unique and has no competition because it fills an extremely narrow niche. Side loading it has worked for several years on several increasingly newer phones.
I'm not sure if that's exactly what your question is about, but I think it might be.
When we reach 128-bit architecture, that app will fail. But I don't expect that to happen any time soon.
Okay, I dug around, was actually a bit hard to find. They started allowing "free local provisioning" in 2015. You have to reload your app to the device every week though. So it's not exactly the side loading experience you get with Android.
my guess is simple because 99% of people have their needs met by the app store and / or have no interest in side loading because it's too technical for too little benefit
That’s not basic functionality for everyone. I’m a developer. I have an iPhone which contains personal photos, bank apps, etc. (basic functionality) I have another device with Android which I can run my custom http server on, or i.e compile some code on the plane for fun.
I don’t want to worry about what the app that I side loaded last month is now doing with my photos or or if the phone is spying on me for an ad company.
I believe I have a good balance. A free for all on one hand and a locked down device on the other. I personally like this balance and don’t see a compelling reason as to why I should change anything.
P.S. I know the iPhone and the review process won’t eliminate the risks all together. It just needs to improve my chances which it does for me effectively.
Android is not perfect, but at least I am able to, you know, use my phone as I see fit.