Hacker News new | past | comments | ask | show | jobs | submit login
Apple to allow outside app stores in overhaul spurred by EU laws (bloomberg.com)
696 points by MBCook on Dec 13, 2022 | hide | past | favorite | 767 comments




Honestly, Apple could simply do exactly what they do for macOS now. The two are close enough to a merge at the architectural level that it would not be difficult. macOS is one step away from removing the ability to install unsigned software by default.

If you want to run unsigned software or extensions you will have to boot into a recovery console and change the security model. The warning dialogs will be enough to discourage most use. Things like ApplePay and iCloud may be disabled depending how far you reduce security, but you'll be able to do whatever you want.

I think it be a great solution to have a more uniform solution across all devices and platforms. It would create a boom in the hacker community, while still keeping >99.99% of users running from sealed system snapshots.


What I'm worried about is if the next time we open WhatsApp we see a splash message that says "Instagram, Facebook, and WhatsApp are moving to the Meta Store! Please restart your phone and follow these easy steps to continue using these apps." App developers have a lot more influence on mobile devices than they do on desktop OSes. This change would shift even more power to those large developers.

You can say a lot of negative things about Apple, but their incentives lined up with the end users more often than companies like Meta and Google.


Yet another example of the Facebook boogeyman being trotted out in an effort to explain why lack of user freedom, lack of consumer choice and anticompetitive business practices are actually good for the customers that are being fleeced by them.

This didn't happen on Android, macOS, or Windows, despite all of them allowing alternative app stores.


>This didn't happen on Android, macOS, or Windows, despite all of them allowing alternative app stores.

I'm guessing you aren't a gamer. This absolutely happened on Android and PC. Fortnight is the most obvious example on Android and the various PC game stores are constantly battling over exclusives which has led to bizarre and annoying situations like this[1]

[1] - https://wccftech.com/goat-simulator-3-devs-tell-players-to-u...


And yet Facebook hasn't done this, and Epic hasn't done any of the scary things you're spooking yourself over in your OP. The fact that an app is distributed outside of the app store isn't proof that the sky is falling like you're saying will happen.

At the end of the day, if you're this afraid of Facebook, you're free to not use it. There's no reason other users should be restricted because you think that the spectre of Facebook might lurk in the shadows.


>At the end of the day, if you're this afraid of Facebook, you're free to not use it.

I guess that is the end of our discussion as there is no way to counter this type of logic other than saying that if you didn't agree with Apple's walled garden policy, you were free to not use Apple devices.


Facebook is not a duopoly service that is a significant factor of everyone's lives, controlling the parts not just in their social life but in the professional, financial, and other parts of life.

iOS is.


I think you are underrating the power of Meta. There are 3.84 billion Meta users[1] and 1.65 billion Apple users[2].

[1] - https://www.fool.com/investing/2022/05/03/incredible-meta-pl...

[2] - https://www.theverge.com/2021/1/27/22253162/iphone-users-tot...


Then it could be argued that if Meta forcibly takes away their apps away from the App Store (or from the Play Store for that matter) then either:

1. Regulators would make a beeline to inspect such a third party app store/the sideloadable binaries they present for irregularities, illicit tracking, data violations, etc.

2. Slap them with anti-competitive monopolistic behavior by engaging in the highly disruptive act of depriving the main App/Play Store users of their apps. Thus, they would be forced by regulator action to host their apps on both their stores and official stores.

Regulators aren't too keen on Meta these days, they're not too keen on Big Tech in general, this isn't a vendetta against Apple.


WhatsApp is 100% needed in countries like mine (Argentina). COVID-19 vaccine appointments came via WhatsApp in Buenos Aires, most people require it for professional reasons, school parent groups and similar happen in WhatsApp, social life requires WhatsApp. Now iOS or Android are interchangeable… nothing demands having one or the other.


> nothing demands having one or the other

That's equally bad though. What happens to people that don't use either?


It's safe to assume that, even in developing nations, everyone has a cheap beat-down Android or iPhone.

Having a smartphone has become as ubiquitous as having electricity or running water now that nobody questions living without one. It's pretty much a must have.

That's why the Apple/Google platform are starting to attract regulators, which is only a good thing.


No I don't think that's safe to assume.


The reality kind of contradicts you. Sure, there are people living without smartphones, the same way how there are people living without electricity or running water.

The thing is, in the developing world, smartphones and the various apps have really improved people's lives, mostly by getting ahead in speed and innovation of what the governments, public services and local companies could offer the traditional way.

So it's not like everyone is forced to get a smartphone, but everyone got a smartphone because it now allowed everyone to communicate better, organize better, and sell their services/goods easier.


What you are showing here is a very severe lack of empathy in my opinion. The fact (which you seem to recognize) is that there are people that do not have mobile phones.

You are also right that mobile apps make it easier for people that do have them to do all of those things. However the problem appears when it's so convenient to have a phone that when making decisions about how to provide access to things they think of only two options: Android or iOS. I have none and I don't like being a third class citizen when I want to connect to my bank, to my COVID appointment or, god forbid, interact with the government machine.


>What you are showing here is a very severe lack of empathy in my opinion

Where did I do that? I wasn't saying that smartphones should be the norm for everything , I was jusy saying how society usually sees smartphone ownership as a necessity in certain countries because they reduce the friction for many communication and organization task that would otherwise be much more difficult. I wasn't saying that's how I want it to be or that this is a good thing, I'm saying how things are in the real world and in which direction they are going.

Like for example in my country, parent-teacher communication regarding school and child matters is done via WhatsApp/Telegram. Is that good? No, obviously not. Ideally we'd have an internal school chat/meesaging system with logins for parents and teachers like how proably things are in Scandinavian countries I imagine. But since my country is poor and schools could never afford to pay market rate devs and sys-admins to implement and maintain such communication systems, the likes of Telegram and WhatsApp took over this role because they're free, convenient, frictionless and since "everyone already has a smartphone" they already know how to use these apps.

So there you go, that's how the likes of WahtsApp have such a huge market share in the lives of all people and businesses, especially in developing countries.

>I don't like being a third class citizen when I want to connect to my bank, to my COVID appointment or, god forbid, interact with the government machine.

I'd be curious where this is the case. There are enough "old-school" banks where you don't need a smartphone, and stuff like government interactions are usually regulated so that they can be accessible for people without smartphones and also for people with disabilities. Even in developing countries. Digitization of government serivices has been implemented to make things more efficient and reduce the need for paperwork, commuting and waiting in lines, not to completely replace the old systems.


Apple's not a monopoly of the cell phone market. Facebook is a monopoly of the social media market. If you you or your business boycot facebook you will probably fail.


> Facebook is a monopoly of the social media market. If you you or your business boycot facebook you will probably fail.

As someone who works with many business, I can tell you that this is false. There are many more ways to market services than via Facebook and other related Meta properties.


Then why is Facebook known to have vastly superior ad targeting than Goog and friends?


Ads are not the only way to market. In fact for most businesses I know, it is not even on their list of marketing strategies.


Given that you didn't go into details about this "list", there's not a lot of weight in your argument. Be it for privacy reasons or not, if your don't share at least some high level information about these alternative marketing strategies you are talking about, I can't really believe you.

Are your businesses local, allowing you to just use physical flyers or something?


Local:

- Google Maps optimization, asking or discounting for ratings

- Rewards and affiliate programs

- Physical flyers sometimes, yes

- Free samples at various stores if food related

Startups:

- SEO

- Content marketing

- Affiliate programs

- Cold emailing, DMing on other platforms

- Sponsorships with creators like on YouTube

- Gamification

- And of course, word of mouth and simply having a good product

Unless you're big or have lots of VC, ads usually don't work. The companies I've worked with, we tried many different ad models which cost a lot of money but ultimately didn't bring in the traffic commensutate to the cost.


Thanks, that's a very useful list.


If someone buy's an Apple phone, why do they have to pay Apple to install apps there?


There's a big difference between not using one out of fifty competing social media apps and not using the products from an illegal duopoly. The first is freedom of choice, the second is a lack of choice enabled by illegal business practices that prevent competition through violation of antitrust laws.

So you are literally free to choose to use Facebook or not, but if you want to participate in society, use banks, get a job, etc, you are not free to escape the Apple and Google duopoly, because their illegal anticompetitive actions have artificially limited consumer choice.


And now (soon) if you decide to, you'll be able to stop using Apple App Store without purchasing a new phone, and apps for the new phone. This encourages free movement between markets and encourages competition.

Just because someone has decided they like the Apple App Store now, doesn't mean opinions won't change over time, or that the product doesn't change. Therefore being able to easily change your options is good.


There seems to be a disconnect here as you missed the point of this comment. Previously people could choose between an open platform and a platform with a walled garden. In the future, the choice is likely between two open platforms. Someone who preferred the security, privacy, and simplicity of a walled garden is potentially losing that choice.


That's a false dichotomy. Apple can offer everything you have now while also giving users the option to sideload. Nowhere is it written that they have to be mutually exclusive.


Sideloading sounds great to me and you, but it also opens up a great attack vector on less techy people: just convince the user to run an arbitrary binary to pwn the device.


Not in practice no. People don't sideload "arbitrary binaries" also on android they install other app stores and these app stores have vetting. The vetting guide lines there might have less censorship than apple, but this "attack vector" is just completely made up in reality.


Right. On Android, that's not possible without enabling Developer Mode in settings through a cryptic combo, then enabling the installation of third party packages. After that you still have to go through the process of installing the software.

It's not something you can bait Grandma into very easily. It's a useless attack vector when Safari comes preinstalled on every iPhone.


Oh that's not a problem, there are so many ways to make it seem innocuous. Let's start with the fact that 80% of legit devs will just never notarize if they can instead tell users "go through this flow to use my app, not my fault apple bad". Like on macOS, it becomes routine after 3rd time.

And if you believe exploiting evergreen Safari from JS to arbitrary execution is the same as directly running malicious instructions that came in sideloaded app then I have nothing more to say.


How many casual users are going to be downloading mobile apps from random indie devs who do that? How many casual users are going to be sideloading at all?


Like on macOS, probably lots. It's not casual users who are at most risk but semi-techies savvy enough to follow a tutorial on disabling SIP to do something benign but not savvy enough to know of the implications. There are more people like that in digital native generations, perhaps even more than actually "casual users" in the old sense.

I know such people who use alternative browsers. They are OK jumping through an extra hoop to use non-notarized enthusiast-made software. And don't underestimate how people like to reskin their OS GUI which on Apple hardware is not possible without full root and disabling various security measures.


I know I am missing the point here. Locking the cosmetic GUI is totally bonkers.


> Someone who preferred the security, privacy, and simplicity of a walled garden is potentially losing that choice.

That someone could still use Apple's app store and just ignore the alternatives, just like the large majority of Android users.


>and just ignore the alternatives

Unless apps are exclusive to the alternatives like this whole Meta/Facebook/Instagram/WhatsApp hypothetical.


Then why haven't Meta already removed their apps from the Apple App Store and only released them on the Meta Android Store? Make their apps exclusives to an alternative of iOS altogether. Do you think users would be forced to buy a Meta Phone in that case? Or would they be able to ignore it?

Or maybe Meta are forced to release on Apple iPhone because consumers have power. Well that same power can get them to release on the Apple App Store if there were alternatives. That's how supply and demand in the free market works.


Which would turn the eye of Sauron that is the European Commission onto Meta for their monopolistic behavior, especially if it's transparently and flagrantly for the purpose of cheap data collection.


The first time Epic tried to push Fortnite on Android they accidentally introduced a backdoor to every single device that installed their homebrew updater.

And we're not talking advanced memory safety exploit, breakout the ROPs "backdoor". They requested permission to install apps, then went on to silently install any apk that was put in a path with 0 verification.

It's the kind of lazy mistake that puts on full display the fact that at the end of the day, Epic doesn't care about anything as bold as freedom. They were so giddy to get around the Play Store cut that they couldn't put 5 seconds into thinking about anything besides "how quickly can we roll this thing out to people and get our cash cow back on track?"


Apple regularly ships backdoors and RCEs in their software. Safari is routinely exploited, and exploits in Safari put every iOS user at risk, because Apple prevents other browser engines from running on iOS. Even Firefox and Chrome on iOS are just reskinned Safari.

If users had the option of using a browser with better security and features, an exploit in Safari wouldn't be as big of a threat.

Here's a fun figure: exploits for iOS are cheaper than exploits for Android because exploits for iOS are more common than those for Android.

Consumers should have the choice of running whatever software they want on the devices they own, in part because that gives them the option to use more secure apps than the ones Apple forces all iOS users to use.


The idea that whataboutism is the only hallmark of a poorly conceived argument you need to look for picks up another case.

If we remove the part where you try and brush of Epic's negligence because "oh yeah?! Apple makes mistakes too!!!" and try to imply that Chrome isn't a massively more lucrative target than Safari... this is just fearmongering about security.

Alternative app stores on Android are either F Droid, or crap. And the crap ones vastly outnumber F Droid, and mostly push malware laced versions of the play store, like Aptoide. The ones that don't are bloatware like Samsung's half-baked attempt at an app store, or the Amazon App Store serving up outdated packages so you can enjoy last year's vulnerabilities today.

> Here's a fun figure: exploits for iOS are cheaper than exploits for Android because exploits for iOS are more common than those for Android.

For 12 of the 15 years they've both existed iOS exploits were more expensive, and unlike now the margin was entire orders of magnitude.

I've lead shipped Android products from datasheets. Would not bring up Android in any conversation about security: you don't need fresh backdoors with the culture SoC manufacturers have driven. A quarter of the platform is on versions that stopped getting security updates years ago.

That's why I'm perfectly happy with Android being the OS for psuedo-Stallmanists who say things like "Consumers should have the choice of running whatever software they want on the devices they own".

It's disappointing that Apple is going to let something that's proven itself to overwhelmingly be used for garbage onto the platform because non-technical people are getting lobbied by companies with an agenda under the guise of "freedom". Let Android be the containment zone for that stuff.


> you are free not to use it.

No, you are not because facebook is Big. So for instance restaurants, announcements, some news etc will only be on facebook. So this reads like "just don't use any electricity"... technically 'possible' but a completely useless argument.


It is trying to derail the conversation comparing Facebook to electricity. You are trying to shoehorn everyone into your chosen way of life as many people don't use Facebook and many avoid all social media like the plague. I don't have Facebook, WhatsApp, Snapchat, etc. and I have no use for it at all. If a restaurant only want customers from Facebook then just don't eat there. It is not like you'll starve if you don't. To me it is no bigger a decision to not use Facebook than what brand of toilet-paper to buy - which shows how biased you are.


> then just don't eat there

But all my local events are on it. So yes I can delete my account… but that amounts to becoming a social outcast.


They are big, but not that big... I haven't used any meta product for a couple years now and I'm only missing the seldom update from a couple of companies. Tbh, I don't miss it that much. However, I can understand some people are "hooked" on it and have stopped looking for alternatives.


Log into facebook.com if you're adamant about using Facebook despite being afraid of it.


What? With Epic you cannot just install the game on mac os. You need to install their Epic „store” that will try to run itself each time you start a computer and so on. Exactly the thing that people don’t want on iPhone.


Which you cannot do on an iPhone. You don't boot it like a PC and apps don't launch when you do restart it. It is another what-if that cannot happen, derailing the discussion.


It's because Facebook does not take user payments.

However I still agree it's a dying boogeyman.


Competition between marketplaces is good.

Epic is offering free games and discounts to lure players in all the time. this is excellent for consumers.

The problem with goat simulator is 100% on the developer and not some dark pattern imposed by steam. If you have an xbox or ps controller it will work out of the box without steam (provided you have installed the drivers). Steam has a gamepad emulation layer and that's why the dev recommended using it as a launcher for the non-steam game, because any controller will work with it.

> I'm guessing you aren't a gamer. > Fortnight

Seriously? it's Fortnite


Competition for competition’s sake isn’t always good. Netflix is by any standard I can think of a worse product than it used to be. It’s doubtful that the free games thing is sustainable long term; Epic is burning a ton of money to try and establish a toehold.


Steam is a special case because they set the bar incredibly high while having a monopoly on PC for almost two decades.

However, you can't rest easy with a monopoly, even with a BDFL. At some point, Gabe will step down, and Steam will either go sideways or get sold to Microsoft or Google, ending the love story.

That's why I buy some games on Epic, to keep Steam on their toes, even though they are still the best option out there. I tell everyone I know to do the same.


Well, for my part I’m not going to do that because it’s an inferior product I don’t like using.


To be honest, streaming is fraught with content restrictions and copyrights. If it was similar to the PC gaming case, then we would be able to watch any show on any platform, minus a few exclusives. That would actually lead to innovation and is good for the end consumer. This is decidedly not the case any more after all the major content owners came out with their own streaming service, and locked others out.


To me this shows the flaws of a narrow-minded focus on competition. There is little video streaming services can do to distinguish themselves without exclusive access to content (sure, UI tweaks and the like, but most of the time the UI is not even visible by design), so the anticipated result of more competition is the content splinters across a greater number of services.


The solution is for Congress to require FRAND (fair, reasonable and non-discriminatory) licensing on all digital media. Exclusive distribution is anticompetitive. Producers should be required to set a price and terms and any marketplace can carry the item if they pay the price and meet the terms.

https://en.wikipedia.org/wiki/Reasonable_and_non-discriminat...


The way I read that article, people can just refuse to give out licenses.


Its a binary choice for content producers. If you sell to one distributor, you have to sell to everyone on the same terms


Woah, that is brilliant


I can get behind this.


>I'm guessing you aren't a gamer.

Followed by calling the game "Fortnight" gave me a bit of a chuckle.

Most people I know just don't buy anything that isn't on Steam. People only use the Epic store cause they give out free games all the time in a sad attempt to get people to use it more, but most people don't care and would rather stay with Steam (while occasionally redeeming some free games on Epic). As for something like GoG, they give you DRM-free portable installers, so obviously some people like that and occasionally use it instead of Steam.


Not really. There are a few examples, but ubisoft is coming back to steam, gog and humble bundle offer steam keys etc.. It is mostly just EA being EA.

And in any case a little inconvenience is a small price to prevent monopolies.


You're not wrong, but games are probably a unique space where that's the sort of thing that already regularly happens on PCs as well, witness the proliferation in publisher stores over the last few years. AAA studios are simply used to forcing that sort of extractive behavior from users, and users are all too willing to comply.

But I don't think there's that much threat for the gaming + mobile market, in the sense that Fortnite aside, I'm pretty sure EA/UbiSoft/Activision Blizzard/etc. don't really have "killer apps" for iOS that would entice a lot of users to use their third party app stores. For all other types of mobile games, Apple Arcade is hard to beat.

https://news.ycombinator.com/item?id=30204012

Though perhaps there is a concern if Chinese gacha game makers start making their own stores.


> AAA studios are simply used to forcing that sort of extractive behavior from users, and users are all too willing to comply.

How so? Steam is still alive and well, while publisher-exclusive stores are slowly disappearing. Sure, Epic Store still exists and has solid market share, but it's arguably more than just a publisher store.


I might be out of date now but aren't there EA Origin, Ubisoft store, Battle.net, and the Microsoft Store, at least? Those publishers carry a good chunk of titles between them. Is the pendulum swinging back against proliferation of game publisher stores?

What I just mean is a few years ago this trend started happening, Epic was but one of them trying to break into the prior Steam/GoG landscape.


> I might be out of date now but aren't there EA Origin, Ubisoft store, Battle.net, and the Microsoft Store, at least?

EA has started putting games back on Steam [0] and so has Ubisoft [1]. I've heard rumors of battle.net going the same way, but nothing seems to be confirmed as of now. Since nearly all of those stores have been inferior to Steam feature-wise with the exception of exclusives, I think it's mostly save to say that publishers have mostly given up on trying to force their users onto their own controlled store.

Epic is a different topic, since they seem to actually try to compete with it in terms of features and catalog and opened up the store for third party games, which most publishers did not.

As for Microsoft, this might be my bubble, but it seems to me that store isn't really considered a major player, similarly to GOG, itch.io and the likes.

[0] https://www.gamesindustry.biz/ea-puts-first-wave-of-games-ba...

[1] https://www.rockpapershotgun.com/ubisoft-games-are-coming-ba...


Those stores are all inferior to Steam. I don't believe the other stores aren’t worse than Steam. They all have a pretty crappy game selection.


Yeah, but it’s their first party exclusives that might lock people in if they’re trying to play Warzone or the latest Assassin’s Creed or any of the ‘crafts. No one really wants to have to deal with another store in addition to Valve and on occasion GoG for older titles, but they’re forced to for those AAA franchises.


Well, that does it. Some people can't play Goat Simulator 3. That definitely proves the whole model of having independent stores in un-viable. I mean, who needs those fancy picture boxes is you can't even play a goat simulator on it without "using steam"? It's just not worth it anymore.


“User freedom” doesn’t work in this argument. Apple’s restrictive App Store is a big reason of why I use iPhones and why I recommend them to most people who ask.

There are effectively only two smartphone platforms available to users, and destroying one of the only meaningful differences between the platforms in the name of “user choice” is nothing if not ironic.


What you're saying is that you like Apple's playpen, so everyone else should be forced to stay in that playpen, too.

If you want to stay in the playpen, that's fine, but there's no reason why users who want to use the full potential of their devices shouldn't be able to in order to keep you happy.

It's not a dichotomy. If you want to keep your options limited, stay in the playpen. Users who value freedom, competition, and efficiencies of markets can also enjoy those things, but they currently are prevented because Apple will pull no stops to protect their App Store moneyhose.


>Users who value freedom, competition, and efficiencies of markets can also enjoy those things, but they currently are prevented because Apple will pull no stops to protect their App Store moneyhose.

The counter is that these users do have a choice. They can buy an Android.

Allowing different stores might end up removing choice for the end user who like Apple's current approach as the large developers with power like Meta will likely force the different stores on us. This change is reducing Apple's power, but that power isn't all going to the end user. It is empowering Meta, Google, Amazon, and other big tech companies who are seemingly even less likely to act in the end user's best interest than Apple.


Google is part of the same duopoly that leverages their dominance in the mobile OS and hardware markets in order to dominate the mobile app distribution and mobile app payments markets.

The majority of the mobile OS market in the US is iOS, the rest is Android. Apple is responsible for 2x mobile app revenue than Google, but Apple and Google both make up more than 99% of all mobile app sales.

When talking about monopolies, the working definition from the FTC are firms that have significant and durable market power such that they can set prices and exclude competitors[1]. That describes the Apple and Google duopoly accurately. Such firms and their anticompetitive tactics are outlawed by antitrust legislation in the US.

[1] https://www.ftc.gov/tips-advice/competition-guidance/guide-a...


How is Apple's app store specifically anti-competitive with respect to other mobile OSs and devices?

I can, to some degree, understand people's gripe with Apple for DRM behaviors on hardware you own. But I don't see why forcing Apple to host multiple app stores will provide more user-choice in the mobile OS space.

It might make Apple's platform more compelling for some users. But it will do the opposite for other users and still doesn't solve the duopoly problem you're citing.

I also don't see what the FTC's definition of a monopoly brings to the discussion other than to boogey-man the big bad corporations.

It sounds like your issue is with the lack of OS choice in the mobile market. Forcing Apple to allow other app stores does nothing to solve this problem.


Microsoft went to court and lost to the FTC for less. Microsoft leveraged their dominance in the PC OS market to dominate the browser market, as well. The FTC successfully upheld antitrust legislation against Microsoft in that instance.

Apple and Google are doing the same with their dominance in the mobile OS market to dominate the mobile app distribution and mobile app payments markets.

If you don't see the significance of literal illegal anticompetitive business practices, I don't know what to tell you.


I would urge you to specifically read the complaint and identify which provisions would be applicable to Apple's ecosystem.

https://www.justice.gov/atr/complaint-us-v-microsoft-corp

Has Apple compelled asked companies that are using Android to dump Android and switch to iOS (for some money)? (P.17)

How about having 3rd party iPhone manufacturers be restricted to using iOS as a condition for licensing and distributing iOS? (P.18 - note, if you're making Android and requiring all of the 3rd party manufactures that use it to also have Google Play... that's ok)

Has Apple entered into exclusive contracts with all the top ISPs to brand their web pages to work with Safari but not Chrome? (P.28 - note, if you are making Chrome and make a site not work with... say Firefox, that's ok)

So yes, Microsoft and the DOJ went to court. But the thing was about Microsoft forcing its terms on other companies that excluded it's competitors. Is Apple going to other companies and enforcing terms that are excluding Android?


Have you even read the Microsoft case? It's not even close to the same thing [0]. Apple hasn't forced it's terms on other companies in nearly the same way. Apple has instead built a hardware and software platform that has a lot of users and is gatekeeping their OS, hardware, and user-base.

There are arguments for side-loading on Apple, but that doesn't have anything to do with breaking up the iOS-Android mobile OS duopoly, which seems to be the thing you're really mad about.

Android allows side-loading. Making iOS more like Android doesn't strike me as "increasing consumer choice".

>illegal anticompetitive business practices

None of what Apple has done is apparently illegal. In fact, this is a _new_ law that Apple is complying with.

[0] https://www.justice.gov/atr/complaint-us-v-microsoft-corp


It’s not like many others haven’t tried. Microsoft, Palm, maybe they can try again.

But for whatever reason that I can’t quite explain (especially on android, on iOS I think iMessage locks people in. Maybe on Android it’s the Google suite?), others haven’t made a dent.


> the large developers with power like Meta will likely force the different stores on us

I don't think so- they'll try, they might build their own stores, but I doubt they can force the customers to switch.

https://news.ycombinator.com/item?id=30808926


I'm certainly not as confident as you are. Why wouldn't essentially every large app with even a moderate amount of lock-in do this? I would be extremely surprised if any large social networks or online games wouldn't immediately do this.


Facebook has spent an immense amount of effort on being installed-by-default on most platforms. They also have massive user retention problems right now, with competiting platforms taking app a lot of market share from basically all of their owned platforms, not to mention their image issues. I'm willing to bet that going for a scarcity tactic with their own appstore would be major mistake.

Not to mention that it's not much use for most social media platforms, assuming this doesn't allow them to bypass privacy restrictions. The only apps eho would immediately benefit from such a move would be the ones handling payments.


They would try, but they would likely fail because, as I mentioned above- do you have any responses to the points I bring up? To enumerate some of them-

1. Consumers are already sick and tired of having to do account management already and having to deal with Meta or Google forcing them to do more of that will lead to backlash.

2. I'm unconvinced that Meta and Google have the product capability wherewithal to force a great migration, judging by their attempts at new products in recent years, let alone what basically amounts to a new platform. The Facebook Home launcher went nowhere and I'm pretty sure Android Instant Apps didn't either. They don't really fare very well outside of their home turf, and iOS is definitely not theirs.

3. Regulators, particularly in the EU, would not sit idly by while Big Tech lures customers to shady third party app stores; if anything, these stores would present opportunities for greater scrutiny and more crackdowns.

4. I'm not even sure if Meta can get away with pulling a crucial app such as WhatsApp away from the main App Store. That seems like monopolistic behavior, and disruptive to the lives of tens of millions of people who use it for basic communications. The EU would probably mandate them host it on their third party app store AND on the official App Store.

5. I do have a carve out exception for games, because publishers regularly engage in extractive abusive behavior and gamers just take it or pirate:

https://news.ycombinator.com/item?id=30204012

I do think the possibility of a Bytedance app store/sideloaded .ipa is a wildcard, as TikTok seems to be the current killer app on mobile.


It would definitely depend on how difficult it was to sideload and whether there were negative side effects (like Apple disabling certain features if you enable sideloading). Your older comment seems to imply that it would be quite difficult, and other than that I don't see much of an argument for why it wouldn't happen overnight.

My main point is that it's not about actually creating an app store ecosystem to compete with Apple's. I agree that that would be difficult (although existing ecosystems like Steam would almost certainly go for it, as you seem to concede). My main point is that they would just immediately make you sideload to use Facebook, Fortnite, etc.


Steam might go for it, but I think Epic would be the big one, mostly because I don't believe Valve has any mobile games that would entice users to join their app store. Well, I guess being able to buy Steam games without going through the App Store cut would be a factor, but then it would just be a standalone storefront app for purchasing PC games, not really a shady app store with questionable binaries full of user tracking.

> My main point is that they would just immediately make you sideload to use Facebook

What about my points about the regulators? Meta does not exist within a vacuum. They are under as much scrutiny, probably more, than Apple. Sideloaded binaries will end up combed through by regulators, government watchdogs, security firms, Brian Krebs, etc., to check for Meta malfeasance. Plus, the point about forced migrations being potentially monopolistic behavior.

And again, they can try to make users sideload, but a not-insignificant minority would not comply. Forcing them to jump through new hoops while presenting no new benefits would not be a good user experience. Plenty would take to social media to complain. Many would read up about Meta's dastardly data policies. It would be a PR nightmare. The mea culpas and reversals would come quicker than you can say "Senate hearing."

This is also all overlooking the fact that Meta as a company is in a pivotal business situation right now- DAU was falling a few quarters ago, they just spent a ton of money on the metaverse with no results other than avatar legs to show for it, and so on. Trying to do something as disruptive as forcing their customers to get their apps from a new source could be highly detrimental to them.


>If you want to stay in the playpen, that's fine, but there's no reason why users who want to use the full potential of their devices shouldn't be able to in order to keep you happy.

This is just flat out not true with networked devices. I want my tech illiterate mother on a platform with no malware. That includes no malware on other devices that can contact hers and trick her into installing the same malware on her device. Apple’s iOS is the only computing platform that she has ever used on which she has avoided being tricked into malware installation. I’m skeptical that that will continue with third party app stores becoming a thing.


Multimillion dollar scams flourish on the App Store[1]:

> That man’s name is Kosta Eleftheriou, and over the past few months, he’s made a convincing case that Apple is either uninterested or incompetent at stopping multimillion-dollar scams in its own App Store. He’s repeatedly found scam apps that prey on ordinary iPhone and iPad owners by luring them into a “free trial” of an app with seemingly thousands of fake 5-star reviews, only to charge them outrageous sums of money for a recurring subscription that many don’t understand how to cancel. “It’s a situation that most communities are blind to because of how Apple is essentially brainwashing people into believing the App Store is a trusted place,” he tells The Verge.

Apple is also responsible for distributing 500 million copies of Xcodeghost to users via the App Store[2].

The App Store model is about profits, and security is an afterthought that makes for good PR.

[1] https://www.theverge.com/2021/4/21/22385859/apple-app-store-...

[2] https://www.vice.com/en/article/n7bbmz/the-fortnite-trial-is...


Just tell her not to enable developer mode. This is FUD: Apple would clearly have the right to determine the side-loading process as they see fit, and they can put in all sorts of protections to prevent novice users from accessing it easily. Think parental mode type protections. Apple is the master of UX; surely they can figure out a way to keep things secure for users who need it to be?


>Just tell her not to enable developer mode

She doesn’t know what that is. She won’t remember what I said 5 minutes after I leave. She will blindly follow the instructions of any official-looking website or any scam caller that instructs her to disable these protections in order to “watch a video” (actually sideload an executable).

> Apple is the master of UX; surely they can figure out a way to keep things secure for users who need it to be?

She got around all of the modern permissions and signing protections on macOS and installed a malicious phony video player that nuked her device and stole her banking credentials. It doesn’t matter what you tell her: she WILL get tricked unless it’s impossible to be tricked.


That's both unfortunate, and sort of amazing. So she's not technically literate to know if she's being scammed, yet obviously competent enough to follow directions to get hacked.


That's most people who are given reasonably-written instructions that seem to be written by trustworthy people.


> She will blindly follow the instructions of any official-looking website or any scam caller

You probably shouldn't let her use the internet unsupervised, if this is true.


You’re talking about 80% of people who are on the internet.

If not more.


My guess is that the actual numbers are much lower, like orders of magnitude lower. The U.S. may be dominated by Apple devices, but the rest of the world runs on Windows and Android. 80% of the world population isn't being scammed out of their savings nor are their phones infested with keyloggers and other malware.


And if cases are that bad their loved ones would probably install parental controls or an MDM to protect them against themselves.


> Just tell her not to enable developer mode.

If we're just telling people to do things then why not just tell app developers to publish through the App Store.


Most developers will continue to do that even after iOS allows third party app stores, just as most Android apps publish through the Play Store (even if better alternatives such as F-Droid exist).


> I want my tech illiterate mother on a platform with no malware.

Well you should probably get her off iOS then, don't want her getting Pegasus by accident.


No, I'm saying that Apple's restrictions on third-party developers are one of the most significant distinguishing characteristics of their smartphones versus their competitors, and that if you wanted an alternative you could easily and almost certainly already have decided to use a competitor's product instead.


They're also totally arbitrary. It should be the user's choice if they want to impose those restrictions, because the user bought the hardware. In any just world, the consumer deserves the final say over what software runs on the hardware they own.


The purchase of the hardware is the users choosing those restrictions.

You are advocating for your own preferences and dressing it up as a noble pursuit of some general user choice, when the users have already chosen. You simply want to subvert their choice.


How am I subverting their choice by adding an option? I don't understand.


How many times does someone have to make a choice before other people will stop saying “that person should be able to choose”?


There are people who prefer using iOS or Apple hardware but do not want Apple's anticompetitive App Store restrictions imposed on the Apple devices they own. Those are the people whose user choice is being suppressed, and those are the people you are sidelining because you wish to impress your own preferences onto them. People content with the status quo, including you, can continue to exclusively use the App Store on iOS on Apple devices.


> There are people who prefer using iOS or Apple hardware but do not want Apple's anticompetitive App Store restrictions imposed on the Apple devices they own.

Okay, but surely there has to be some reasonable bound on what we mean by "user choice," otherwise given any finite set of products we can say there is suppression of choice of every customer who wants any of the infinite set of products that does not exist. Of course there are endless combinations of features that I might want to exist in a product, but the fact that not every conceivable product exists is not (in my view) sufficient to show that customer choice is being suppressed.

Maybe I want a Playstation 5, but in the enclosure of an Xbox Series X because I prefer the look of the latter. Is Sony suppressing customer choice by only offering the Playstation 5 in one enclosure?

Maybe I want a folding phone, but I want it to by an iPhone. Is Apple suppressing customer choice by not offering any folding phones?

My answer to both of those examples is "No." If you want a gaming console that looks exactly like an Xbox Series X, it's reasonable to that have to buy an Xbox. I think if you want a folding phone it's totally reasonable that you have to go to manufacturers that offer them. It's not reasonable to desire some specific set of requirements and require that one particular manufacturer provide you with a product that fulfills them.


Your two examples are completely irrelevant because they do not concern anticompetitive behavior. The form factors of Apple's phones and the appearance of Sony's consoles have nothing to do with anticompetitive behavior and are not regulated by antitrust law.

What we are actually discussing is Apple's anticompetitive restrictions against third-party app stores and sideloading. These restrictions harm user choice especially in light of iOS being part of a duopoly. Apple's anticompetitive restrictions are what the EU's Digital Markets Act is addressing to increase user choice.


> This didn't happen on Android, macOS, or Windows, despite all of them allowing alternative app stores.

EA and Epic have entered the chat. This has absolutely happened on Windows. Source: the PC attached to my TV where my kid plays games, just this week.

I would posit that there are two possibilities for why it hasn't happened on Android:

1. The UX for alternative app stores is so terrible that they may as well not be allowed.

2. Not enough people want to pay for software on Anrdoid for this to be worthwhile.


Android, macOS, and Windows aren't being blamed by Facebook public for a $10 million drop in ad revenue due to a change in iOS policies, so it's not quite the same fruit.


Billion.


That didn't happen on Android because while Android allows alternative app stores, it doesn't go out of its way to encourage users to them. So Google still has a lot of power via Play store user count.

Sometimes, we get a good outcome because titanic companies' competing interests are balanced... but that doesn't mean we should forget that if that balance were upset the winner would screw over users in a nanosecond.


I keep hearing this – what exactly is the freedom or lack of consumer choice that's being stifled here?


Apple, and only Apple, gets to decide what is allowed to run on the devices consumers own.

Similarly, Google is converging on the same anticompetitive practices with the Play Store.

This duopoly quite literally prevents competition in the mobile app distribution and mobile app payments markets.


So if I make a competitor called the Avocado company, and my Avocado phone can only run third-party software I vet myself, and my entire marketing pitch is "this vetting process protects your security and privacy", would the same argument apply?


Is your company a firm that has significant and durable market power such that they can set prices and exclude competitors[1], like the Apple and Google duopoly can and does?

[1] https://www.ftc.gov/tips-advice/competition-guidance/guide-a...


So "you can only have security if you're using an inferior device that nobody would purchase unless they <only> care about security".


You can have security without the App Store, it isn't a dichotomy. Apple doesn't have the best track record with "security" on the App Store, either, considering multimillion dollar scams flourish on the platform, and the fact that Apple is responsible for distributing a half billion copies of just one type of malware to iOS users via the App Store.

Thankfully, there are more responsible parties and more capable security paradigms than the one Apple forces down users' throats via the App Store, and users should have the choice to use them on the devices they own.

Maybe if Apple actually faced competition when it came to the App Store, they would take the security of users, and not just their profit margins, more seriously and wouldn't let fraud and malware affect hundreds of millions of their own customers.


Yes, but no one is likely to care unless your Avocado phone ends up controlling half of the mobile market share.


> Similarly, Google is converging on the same anticompetitive practices with the Play Store.

What do you mean? Google has been making things easier for third-party app stores over time, not converging to Apple's model. (Most recently in adding the auto-update permission in Android 12.)


You can't distribute apps on the Play Store without using Google's mobile payments platform, giving them the 15%-30% cut that Apple takes. They're preventing competition in the mobile app payments market by leveraging their dominance in the mobile OS and mobile app distribution markets, just like Apple does.


Small but meaningful correction: Apple decides what is allowed on _Apple_ devices consumers own.

So again, how does this hurt choice? You can choose a dozen other phones. Your ability to participate in the smartphone revolution isn’t hindered in any meaningful way.

To be clear, I HATE the App Store review process as it stands. But that’s not because I don’t have a choice and somehow magically think other app stores will fix everything. It’s because it is objectively badly run as a business process. They don’t respond for weeks. The communication is entirely arbitrary. The application of rules is wholly inconsistent.

I’m not sure a second App Store will help with that.

I can still only see mostly downsides by creating confusion for consumers like others have said will happen.


> Apple decides what is allowed on _Apple_ devices consumers own.

It doesn't matter, the consumer still bought the device. It's their hardware, they own the iPhone. They deserve the last say over what runs on their computer. A system like the current M1 Macs (unlocked bootloader, OS with overrides) would completely shut everyone up over Apple's abuse here. This legislation is a step in the right direction.

> I’m not sure a second App Store will help with that.

If nothing else, it gives Apple an incentive to compete. Something I'd argue is sorely needed on iOS.

> I can still only see mostly downsides by creating confusion for consumers like others have said will happen.

Well, it didn't really cause any confusions when Android did it, or even when Microsoft added sideloading to Xbox. Very little evidence supports the claim that everything will fall to pandemonium when third-party stores hit iOS.


> still bought the device. It's their hardware, they own the iPhone.

Consumers own the hardware NOT the software. Apple, Google, etc are expected maintain the software over a long period of time. The content on the device is owned and manage by developers, Apple, Google, etc. You only rent access to the software. It's not yours. You can buy a TV but you still have a cable bill. The TV is yours, the channels are not!


Does the Epic Games Store ring a bell?


> What I'm worried about is if the next time we open WhatsApp we see a splash message that says "Instagram, Facebook, and WhatsApp are moving to the Meta Store! Please restart your phone and follow these easy steps to continue using these apps."

Why do people continue to tout this as some sort of gotcha? Android has multiple app stores yet this doesn't occur.

However, what I do like is that if I want to download some other client for Instagram from F-Droid for example, I can, unlike in the Apple App Store. Currently I use one that blocks apps, enhances image quality on upload and download, etc. Not really possible on iOS.


> Why do people continue to tout this as some sort of gotcha? Android has multiple app stores yet this doesn't occur.

It is very possible that this hasn't ocurred because google has not enforced the same level of privacy-related restrictions that apple has (which reportedly costed facebook ~10 billion dollars [1]).

I'm a strong supporter of device owners being able to do what they please with their devices, but the risks are there and are very real.

[1] https://www.forbes.com/sites/kateoflahertyuk/2021/11/06/appl...


>Why do people continue to tout this as some sort of gotcha? Android has multiple app stores yet this doesn't occur.

Maybe not yet specifically with Meta, but it absolutely does happen. Fortnite is the most obvious example.


Honestly, that's fine by me. Epic made the game, they process the payments, they're not using the Google Play Store's services and storefront at all (not to be confused with Google Play Services), so why would they pay 30% simply to be on a store they don't use?

Same as on a computer, I use Windows, but it'd be absurd for me to download software only through the Microsoft Store app.


Couldn't Meta follow the same path as Epic? Doesn't that have potential to create a situation that is worse off for consumers because their device theoretically would be less protected in terms of both security and privacy?


They could, but I argue that Meta requiring users to use a third party app store would likely be self-defeating for them. It could conceivably alienate a lot of users who don't want to deal with managing yet another account, let alone subject themselves to an environment run by Meta.

https://news.ycombinator.com/item?id=30808926


> let alone subject themselves to an environment run by Meta.

Why would EU Lawmakers be satisfies with some crazy process that requires rebooting the device or going through 10+ steps to enable sideloading? These EU laws will likely require low-friction alternate app stores, which means actually installing Facebook via an alternate method might mean something as low-friction as meta.com/store -> "trust Meta store" -> open and install Facebook.


1. I don't think EU lawmakers would be opposed to sensible user flows from Apple that properly disclose the risks and provide disclaimers about the potential dangers of side loading.

2. The current Settings menu in iOS is already a jumbled mess as it is, thanks to years of layers upon layers of options added into it. Even simply getting into developer mode would cause some friction.

3. Even on Android, it's somewhat out of the way:

https://www.lifewire.com/how-to-enable-developer-mode-on-and...

4. I'm talking about the existence of alternate app stores themselves adding friction. Meta forcing users to use their store would be adding an additional wrinkle as it is. Think about the current streaming space. Many many users are already forced to deal with multiple services and managing their accounts just to get into content. And now they're going to be doing it on their iPhones? It's quite likely that a substantial amount would just forego dealing with a Meta app store and just start using the the mobile website - or just abandon Facebook on their phones altogether, which is even worse than Meta.

5. A point I mention in the link but not above: EU lawmakers, who are already suspicious of Meta, will likely scrutinize any third party app stores launched by them or other big tech companies anyway. So it's not as if it would be unpoliced for privacy violations and the like.

If anything, such app stores would be a treasure trove for regulators to inspect.


So we have a technological solution to cross-app tracking, and we'd downgrade to a regulatory process that hopefully fines companies enough to actually cause a difference. Oh, and you'd better hope those companies are actually located withing the EU or US, because if you PII gets siphoned to China you won't get any remediation whatsoever (at least for as long as they remain the world's manufacturing capital).


> we'd downgrade to a regulatory process that hopefully fines companies enough to actually cause a difference

It is not a downgrade, because for those who live in democracies, such regulations are decided by we, the people, and thus we should ultimately place our faith in the democratic system, not in any private corporation, no matter how benevolent-seeming.

> because if you PII gets siphoned to China you won't get any remediation whatsoever

Evidence that this isn't already happening anyway? Whither current iOS users in China?

> at least for as long as they remain the world's manufacturing capital

Don't worry, Apple is hard at work shifting their supply chain to India and Vietnam. Right? Right?


> Evidence that this isn't already happening anyway? Whither current iOS users in China?

I'm taking about a situation where a government, say a fictional United States, implements privacy regulations. For any legitimate company, they must follow these to operate in the United States.

In this scenario, the Government has no way to protect vulnerable citizens who search "free clash of clans gems ios", download a third-party app store provided by some data company in China, and have their PII beamed to servers in China (bonus points if it uses a zero-day to do something like purchase a bunch of product from Amazon or otherwise use the person's phone as a zombie in a botnet or money-laundering scheme). This is currently impossible on iOS without the data firm having something like a hacked Apple Enterprise account it's using to distribute software outside of the App Store, where it's checked to ensure IDFA compliance and levels of static/dynamic behavior analysis & preventing JIT code compilation or most things that could run unaudited code.


Then Apple will have to harden iOS's security model further. Do you doubt that they can? They've been able to, so far. For one thing, they'll likely be able to force notarization by default for all apps, regardless of origin.


Most of Apple's security model is inherit to the human auditing and binary analysis that happens during app store submission; the inherit nature of computer software is to have unintended behavior due to unforeseen input and state. As Craig said, "Today, we have a level of malware on the Mac that we don’t find acceptable and that is much worse than iOS" https://www.cnbc.com/2021/05/19/apples-head-of-software-says...


Ah, well I stand corrected on that point. My other points also stand.

I've also speculated elsewhere that perhaps Apple could open source binary analysis tools, or at least present some sort of public-facing service to scan binaries. They could manage the semi-opening of their platform themselves, if they wanted to.

https://news.ycombinator.com/item?id=32170848


Exactly. Regulators are not stupid, they will do such regulation in a sensible way, not simply allow Meta to load whatever garbage they want onto iOS.


> it'd be absurd for me to download software only through the Microsoft Store

It'd be absurd for me to download software through the Microsoft Store


> so why would they pay 30% simply to be on a store they don't use?

The argument for this on Apple's side is that you're not paying just for the payment processing, but you pay it as a fee for benefiting from the user base that Apple attracts via their investment into their R&D from the hardware, to the UI design, to the APIs that enable your app itself to run.


Imagine any other manufacturer or OS charging you for allowing you to write software for their systems. This is simply a post hoc rationalization.

The 30% is simply a money making endeavor, it's not at all related to their R&D, hardware design etc.


I don't need a lot of imagination, I just happen to know a company named Nintendo.

Actually it's not even an isolated case, it's the dominant business model for gaming console.


It's time to open gaming consoles up, too.


> Imagine any other manufacturer or OS charging you for allowing you to write software for their systems.

Back in the day computer vendors didn’t let anyone else write software for their systems. If you wanted software you had to pay the vendor an arm and two legs to write it.


Literally every mainstream gaming console and handheld ever.


Even better, let's remove restrictions from them too.


Paying 1400$ for a phone is more than enough to recoup R&D, UI Design and API costs


So, let's say Apple drops the cost of the 14 Pro Max down to $506[0]. Does it suddenly become legal? What if it's a more reasonable profit margin of $100 perhaps - at what point is it "you cannot make money off your software on the backend"? and, importantly, what makes consoles any different now that they also (A) sell either close-to-cost or at a loss, (B) tend to contain a web browser, and (C) charge a large percentage fee on third-party titles bought for the console?

0: https://www.notebookcheck.net/iPhone-14-Pro-Max-production-i...


You were the one who brought up the idea of "but you pay [it for] their R&D from the hardware, to the UI design, to the APIs".

If you want to back to take back that argument, great.

So, the whole idea of "Well you are paying for all this other stuff" is completely off the table, and you can't use it, because people pay 1400$ for the phone.

So lets all just completely ignore that idea, and lets stop pretending like Apple is "owed" anything for the phone that belongs to the user.

The phone belongs to the user, and they paid a fair price for it, so no Apple is not owed money for any of other stuff.

> at what point is it "you cannot make money off your software on the backend"?

Apple can keep doing that if they want. By competing in the free market.

They just can't force people onto that anymore. They will have to actually make a better product, and hope users go to that store, instead of alternatives.


> You were the one who brought up the idea

I don't see how this answers my question. It's literally just "does making money on the hardware justify allowing other developers to benefit from your software updates and APIs without paying you?" Because if Apple turns their phone into a console by dropping the price (or even just adding $600 worth of carbon nanotubes to the package) it sounds like you'd still prefer if any developer could make their own app store to get around their 30% fee on purchases.


> "does making money on the hardware justify allowing other developers to benefit from your software updates and APIs without paying you?"

Well the phone belongs to the user. So yes the user should be able to do whatever they want with their own device, including installing other app stores.

So anything at all, that you were talking about, about Apple being "owed" anything, just doesnt matter. Lets just ignore Apple being owed anything, because they sold the device and it now belongs to the user.

> turns their phone into a console

We can worry about the console market once it is a 2 company duopoly, worth trillions of dollars.

It is perfectly fine to care more about the phone market, simply because it is larger, more pervasive, and more market centralized.

Also, thats whataboutism. Maybe there are problems with the console industry. But regardless of that, it should not stop us from taking action on the much larger phone industry.

We can prioritize our actions, to the markets that are the most important, even if you think that other, smaller markets have issues.


> Fortnite is the most obvious example.

And? There are plenty of apps that are exclusive to F-Droid, as well, and the sky still hasn't fallen.

Meanwhile, two companies have kept a stranglehold on all mobile app sales and mobile app payments, ensuring that businesses can't exist that can't afford a 30% cut into their margins.

It's been over a decade of this insane profiteering on behalf of Apple, and in some respects Google, it's about time that the mobile app distribution market and mobile app payments market are allowed to compete and flourish.


This will absolutely occur on iOS there's too much money on the line for it to not happen. On Android it doesn't matter because Facebook can largely do what they want.


It will not because it's the sort of underhanded tactic that will just bring regulators to Meta's door. Right now it's open season on all of Big Tech, not just Apple.


This WILL happen with https://store.epicgames.com


Apple is blamed by Facebook publicly for a $10 million drop in ad revenue due to a change in iOS policies. Google is not.


Would this change though if they were out of reach of the apple App Store? The "ask app not to track" feature is a component of the OS. The only difference is then that Facebook would be allowed to violate the user's consent with impunity, which they can already practically do given the App Store's relative inability to stop malicious software


Just a nit-pick, but I think you meant USD10 BILLION.


> You can say a lot of negative things about Apple, but their incentives lined up with the end users more often than companies like Meta and Google.

I would say this is one, and by far the most important case, where Apple's incentives aggressively oppose those of the end users'.

Whether this is enough to tip the balance of which company is 'worse' is a value judgment, but I cannot fathom how people argue in good faith for this blatantly anti-consumer and anti-fundamental-freedom vertical monopoly that is enforced with strong crypto. Crypto should be working for the user, not against them to secure Apple's ability to rent seek on all economic activity that passes through the user's device. And no, the two are not fundamentally coupled, as Apple will have you believe.


When Apple talks about security, they aren't talking about user security, but the security of their App Store profit margins.


I think the disabling of "secure" features will be enough of an inconvenience that people won't do this, and so mainstream apps would never bother. Some might be willing to give up ApplePay. But they could disabled FaceID as well. Or even iMessage. Whether this is "justified" or not would be a separate issue, but I can definitely see them doing it. I can see them going a step further and letting developers decide if they want to allow their software to be run on systems based on security model. Banks, for example, could simply set a flag in their app such that it will not run if the system is set to a reduced or permissive security setting.


Nobody cares about iMessage in Europe, everybody uses WhatsApp or Signal. A Apple-only messenger doesn't fly in a market where apple has <20% market share


Honestly surprising to me that any application owned by Meta is even allowed in Europe at this point.


Europe is basically a U.S. vassal state, so it shouldn't surprise you.


If this is the case, why is the EU demanding Apple open up iOS? Apple doesn't need EU. The do well enough in China and Japan to cover any meager loss the EU could generate.


Not sure what Europe you're part of but it's way closer than that. And in some European markets, iOS has 60-65% share (like Scandinavia).


Europe as a whole has a 35% market share of iPhones, Sweden has 55%, tbh that was a surprise to me, but Germany on the other hand is 75% Android...


I am not sure, what is there to worry about? So, FB is going to independently distribute their own apps. You present it as it is an obvious evil, but tbh I fail to see what's evil about it? Yes, a little power would be shifted from all-powerful-now Apple to FB. Both probably not to be trusted, but at least it would be more federated now.


If there are other app stores, does that mean they'll be able to have different privacy rules? Or would that be blocked at the OS level? It seems like some stuff (giving the app access to your location, contacts, etc.) would be subject to OS-level control, but the recent change to opt-in personalized ads would be easily reversible by any new app store.


Expecting Apple to fight your fights isn't going to solve anything. Apple only cares about money, and they're going to obediently abide by local laws (as they do in China). We need to take the power away from Apple and put it in an entity that we en-masse have influence with - such as a democratically elected government.


I'm in the fortunate position of not needing any of those apps. I have never once in the US heard anyone mention WhatsApp as a potential form of communication, and I'm way better off without FB or Instagram on my phone.

And as a side note, Amazon tried this on Android (requiring it for e.g. Prime Video), but gave up at some point.


WhatsApp is exceptionally popular outside of the US, especially in Europe. There are more people outside the US than in it.

PayPal sends me MFA-ish verification codes via WhatsApp.


> What I'm worried about is if the next time we open WhatsApp we see a splash message that says "Instagram, Facebook, and WhatsApp are moving to the Meta Store! Please restart your phone and follow these easy steps to continue using these apps."

If they were going to do that, why wouldn't they have done it already on Android?

> You can say a lot of negative things about Apple, but their incentives lined up with the end users more often than companies like Meta and Google

This sounds like even more of an argument that your fear is unfounded. If Google doesn't care about users as much as Apple but still has managed to make it unappealing enough to have a separate Facebook app store, why wouldn't Apple be able to do the same?


That’s not what we see on Android though where this has always been an option. Amazon tried to push their store hard at a time.


Not at all. The monolithic App Store has been terrible for users. They even impose censorship on social media apps. Having alternative stores by Meta et al is excellent. More choice, more competition, less rentseeking, more innovation.


Someone who’s so tied to Meta products already has Meta apps installed on their phone. All Meta would have done through this step is added more friction to the process of installing their apps.

What am I missing here? What’s the problem?


The market will decide that. You aren't alone. Why would an app move exclusively to some alternate pain in the ass store if the users don't want it?

They'll probably just be on both with some perk incentivising a switch.


>Why would an app move exclusively to some alternate pain in the ass store if the users don't want it?

Moving from one store that takes a 30% cut to a store you own makes a lot of sense if you can carry over at least 70% of your paying customers.


May not even need to be 70% of your customers if you have costs that scale with the number of customers. 30% is a fraction of revenue, not profits.


Is it worth losing the user entirely? What about putting the app on both?


A perk? The app on its own store will cost 70, the app on the Apple store will cost 100. The app will be on both stores, people will decide where to buy from.


Exactly. One perk could be to pass the savings on to the user.


> App developers have a lot more influence on mobile devices than they do on desktop OSes

Interesting. Hadn't thought about this before. Why?

Is it the app store that makes their influence possible?


The Meta store would still run under privileges set by the user (through Apple's controls).

At least, that's how I expect it would work.


I mean, if you're already using WhatsApp...


>If you want to run unsigned software or extensions you will have to boot into a recovery console and change the security model. The warning dialogs will be enough to discourage most use. Th

I think all of this is implying that Apple can be the only company that iOS users trust to sign software. Its a false choice.

Making things look "scary" to discourage users from trusting others is simply FUD.


Agreed. As it stands, macOS will treat un-Notarized apps as if they're radioactive, and the OS actively tricks the user into thinking such apps either don't work or are malicious. You have to pay the $100/year tax if you want your macOS app to compete on fair terms with other apps.


Yep. I'm fine with my parents never venturing beyond the bounds of the app store, but if I want to run some dev tools on the iPad that don't fit into the app store model I should be able to choose an option where I can install signed software.

I think this sort of relief valve will also breed interesting system utilities and user interface ideas for Apple's mobile OSes, provided that software using private APIs can still pass the signing process. Maybe they could have avoided some of the Stage Manager fiasco if they had years of third party experimentation to observe on their own platforms.


I think, for me, the best example is actually the ACE (Audio Capture Engine) plugin by Rogue Amoeba, which is used by a lot of 3rd party apps. It's quite popular, and it requires Reduced Security to install. I actually HATE that there is no (good) alternative to this software yet that can run within the bounds of the Full Security model. But I like that it's still possible to run this software. It feels like the warnings are adequate.


Here’s the deal, ship one of each: Mac, Mac AppStore, iOS AppStore, SMS chat bot, WebApp, Windows, cross platform with Electron, cp with Tauri, with varying degrees of dynamic libraries, concurrency, mono-server and containerized APIs - then say something productive about each. (On your own, no help but you and and your online friend Eskimo)

The ease of everything in iOS is 100% worth a 30% cut once you’re established (speaking to the small business program) - AND everyone forgets, Apple’s cut 15% after the first year of subscriptions, no matter how much you make.

The reason the Mac “side load” exists is because of AppKit - and the hoops one must jump through to get things to run halfway decent with gatekeeper is maddening to the nth degree. Fine, let people side load and deal with that on their own - but do not act like it’s “a weekend” worth of development time to get right.

Everyone is winging because they won’t (or know they can’t) make something damn good - take the time perfecting the craft and finding the targets no one can see rather than throwing stones.


If Apple's value add is as great as you're saying, then they should have absolutely no problem competing on fair terms with other companies instead of dictating what users are allowed to do, and what competitors are allowed to exist, on their own hardware.


Yes, a fair competition, I have no issue with.

But here’s the rub - those competitor apps must use the “universal” apis. They don’t get to use UIKit, CoreData, Foundation (the full one), CoreBluetooth, CoreMotion, ML, etc … they need the open source community (as AshiLinux has done) to build the APIs apple is not paid to make. Then have those reviewed and dealt with in a Gatekeeper like fashion - absolute pain awaits.

Writing Swift in Linux is both beautiful and humbling - there are horrible rough edges, you have to go lower more often than you’d like.

My issue is everyone has it pretty good - and a loud voice is going to make the experience less great overall, at the expense of us all being more equal.


This just seems spiteful, considering developers already pay $100 a year to develop and distribute apps for iOS.


Now that may be a completely fair, and potentially shared, view.

I can only recount from my direct experience, and the style of software that is driving this campaign literally wants to make loot boxes more profitable. They cannot enjoy the natural consequences of making something truly valuable in a subscription form to get the fee down to 15%; and they’re upset. So maybe I’m spiteful, but it feels justified.


Well, considering Apple's goal isn't to ban lootboxes outright (just profit from them) it's hard to argue that they're being any more altruistic by letting Genshin Impact be installed on iOS devices.


Fair, too.

One can at least see the incentive structure towards things of value - i.e. you’re stuck in 30% land if all you want to do is coin transactions, get the benefits of Apple Pay if you’re e-commerce / delivery, or provide long term value in sub form and get the steep discounts.


Well, then hopefully you can understand why developers don't want to pay the largest company in the world for restricting their freedom.


Yes, I understand where they are coming from. This balance between the 'normal, everyday person end user' and people who stare down command lines and make their own frameworks used by millions will always be tough - but there is a primary person in both arenas Apple is making things for, and sometimes it isn't 'us - and that's ok!

And in some ways, we are arguing over a dead corpse. It's possible that VR/AR will hit an inflection point - not by glasses - but by people actually making the 'real malleable world' like DynamicLand and Humane. Those paradigms may very well leave Apple in the dust - because the way Apple has approached this argument to me feels hollow, they don't own their beliefs in the rhetoric, and even I have felt at times they've been coasting and rent seeking. Potentially I'm just misguided in thinking in the ideal.


> developers already pay $100 a year

I have bad news for you about how much software licensing costs. If your company was to license software comparable to Apple's SDKs on the open market you would be paying minimum hundreds a month for the lowest tier plans and if you get big all of them become contact us pricing.


How much do Microsoft and Google charge for their OS platform SDKs?


The services provided, which go beyond SDK access:

https://developer.apple.com/programs/whats-included/


The OP is talking about SDKs.


Unsigned apps don't run by default. You have to control-click and then select Open to run them. https://support.apple.com/guide/mac-help/open-a-mac-app-from...


Which is why Apple's plan is likely to move it to the MacOS model, ie. notarization and code signing is required. Honestly this is such a great middle ground despite the level of malware that exists and is targeted to small groups of users.


I don't think it's "one step". I do development on a mac, which means running unsigned software pretty much daily hundreds of times. Doesn't require any special steps. I probably don't need that capability on the phone though (that said, I don't use iOS either...)


> If you want to run unsigned software or extensions you will have to boot into a recovery console and change the security model.

I don't think you need to do this unless the application requires you to disable SIP which is extremely rare and I would do cautiously anyway.


The main problem with this is that it's still hugely anti-competitive. European regulators enforce the spirit of the law, not the letter of the law.


I could potentially see why Apple Pay might be disabled but why would iCloud? the only risk there is your own data files.


I'm fan of the Apple's AppStore model, I like it and think it works great and Apple's commission is a nonissue for the most use cases(it's issue only in low margin trades), however I'm afraid that Apple's control over the device risks governments making Apple their police. Apple limiting AirDrop in China is a very bad sign of what might happen if the rest of the world follows China's totalitarian path. Even in the US, which was supposed to be the land of the free, there are talks about banning apps.

That's the primary reason I want side-loading.


I for one believe in the principle that I paid to own the device and that entails loading whatever I damn well please on to it from whichever front, side, or backside I see fit!


> I for one believe in the principle that I paid to own the device […]

I paid for an iPhone for my mom so that she could not load whatever she damn well pleases, because if she does I have to deal with the mess afterwards.

Some folks are okay with walled gardens for specific purposes. If that's not you, that's fine. Perhaps Apple iDevices are then not for you.


This is a very bad argument.

There are several, very easy to imagine mechanisms that both provide user freedom and security/idiot-resistance at the same time.

For instance, extending the "parental control" feature to have a toggle for sideloading - then, you just turn on parental control, toggle that off, and keep the PIN. Done.

The idea that the features of the product should completely unnecessarily be restricted for all users for the dubious benefit of a tiny subset of them is laughable. The only logically consistent motive to advocate for this is profit.


Uniformity and convention over configuration and customization is why people feel why iOS is more stable and secure than the Android ecosystem as a whole.

If you don’t like it, don’t buy it.


> If you don’t like it, don’t buy it.

Very, very bad and consumer-hostile sentiment that is inconsistent both with good ethics and with the way that the regulatory system works currently.

Regulations on goods sold exist for a purpose - to allow the user to generally buy things while having some guarantees about their lifetime/security/safety/consistency with marketing/etc.

"If you don't like it, don't buy it" implies that companies should be able to sell goods made with toxic substances, not honor their warranties, lie on their marketing, and steal and sell your personal medical information. This is bad.

If I buy a product, I expect to be able to do whatever I want with it, and to not have arbitrary limitations on how I use that product that exist purely for the sake of making the seller more rich, and this is consistent with the way that consumer protection regulations work in general.

> Uniformity and convention over configuration and customization is why people feel why iOS is more stable and secure than the Android ecosystem as a whole.

False. The vast majority of people have no opinions of whether Android or iOS is more secure. Slightly more, but very few, of them have any opinions on their relative stability, and you can attribute exactly all of that instability to a mix between (1) manufacturers making terrible drivers and support packages for their hardware and (2) Google being generally bad at designing software. It has nothing to do with "uniformity" or "convention over configuration" at all.


We have a free market.

No one is forcing you to buy products you don’t like. You’re confusing government sanctioned duopolies (created from bad regulation) like Comcast, Verizon, and AT&T for Apple. You are free to buy alternative products from other companies.

> It has nothing to do with "uniformity" or "convention over configuration" at all.

Actually it does. The hardware is uniform and consistent, and therefore so are the drivers. There is a price to choice. Google is also one of the best software companies in the world.


About that free market - it might be free but lobbying culture in the US starts early, at school where Apple pushes products to influence future choices of students. Not choosing something which is used by everyone around is probably more difficult psychologically than standing up to the status quo and choosing alternatives whatever they are.

There are choices made for use - having a phone on which everyone around communicates, having an internet connection from the only provider in the area.

Uniformity is a choice if the alternative is a viable choice and this is a complex matter.


With the price of smartphones these days I'm betting a lot more people use work-provided devices privately than before. You don't always have a choice between Android and iOS in those instances.


> We have a free market.

With regulations. That people generally accept and agree are necessary to some extent...

> No one is forcing you to buy products you don’t like.

...even for goods that you have the option of not purchasing. It literally doesn't matter how many baby bottle manufacturers there are in the US - it is illegal for all of them to put BPA in their baby bottle products, regardless of whether their competitors don't.

> You’re confusing government sanctioned duopolies

No, I'm not. The US has boatloads of laws making it illegal to sell various things in markets where there's absolutely no monopolies/duopolies/oligopolies and buyers have ample choices, such as the above.

> Actually it does. The hardware is uniform and consistent, and therefore so are the drivers.

You're intentionally changing the use of "uniformity" from being about high-level OS user-facing design ("the features of the product should completely unnecessarily be restricted for all users for the dubious benefit of a tiny subset of them" + "Uniformity and convention over configuration" = talking about OS design) to implementation, which is a completely separate issue that's unrelated to the current discussion about user freedom. This is an admittedly clever slight of hand, but makes your point no less invalid.

> There is a price to choice.

Sure - but you haven't shown what the price is to allowing users to use whatever app store they want, you've just brought in completely irrelevant examples like phone hardware choice.

> Google is also one of the best software companies in the world.

Regardless of the truth of this statement, it doesn't change the fact that they're generally bad (note that "bad" is absolute, "best" is relative) at designing software, per my lived experience with dozen of bugs in dozens of Google products across browsers and operating systems over years of use.


> We have a free market.

And look where it got us.


Goalposts are racing across your comments. You claim both "freedom is good even if it means exposing users to attacks" (because rest assured if there is an "allow unsafe" button then black hats will find a way to convince your grandma tap it) and "freedom is good but not when it is bad for the user", whatever is more convenient for you at the time.

Apple's freedom is to make their devices as they see fit. User's freedom is to vote with her wallet. Feel free to buy whatever device you like if you want to have the ability to shoot yourself in the foot and get pwned, I like to have it in some circumstances but it's not what I would recommend to all of my non-tech contacts. I appreciate most EU privacy laws but not where it comes close to taking people's choice to voluntarily give up some freedoms for security, it's the opposite of empowering them.

> The vast majority of people have no opinions of whether Android or iOS is more secure.

This is just some random unsubstantiated claim. Apple buys entire billboards in city centers that basically promote privacy. You are saying you know better than their entire marketing department.

Even laypeople pay attention and notice that it's their Android owning friends' bank accounts get hijacked but not iPhone owning friends, etc.

> you can attribute exactly all of that instability to

Whatever you attribute this to, potato, potato, the end result is one has been more stable, more secure, supported for longer, more profitable for indie app developers etc than the other.

So much misinformation


You make your trade offs or you get another vendor to copy the features you like and not the ones you don’t. Forcing everything to be homogenous is something you’re meant to grow out of when you’re eight, once you see that ruining things for other people because you’re jealous is a bad personality trait.


> Forcing everything to be homogenous is something you’re meant to grow out of when you’re eight, once you see that ruining things for other people because you’re jealous is a bad personality trait.

No one is forcing “everything to be homogenous”. If you don’t like homogeneity, then avoid it. It’s not hard to understand. My choices are none of your business just like I’m not going to criticize you for wanting more freedom to customize your device at the expense of security and stability.


Ultimate Security in the form of preventing extremely sophisticated physical access/evil maid attacks[0] benefits people even if they don't think they need this security.

Maybe purchase a different product that more closely aligns with your needs.

0: ie. someone watches you enter your apple id and passcode and later swipes your phone, only to sideload spyware that hides itself from the UI, then re-plants your phone without you knowing


> Ultimate Security in the form of preventing extremely sophisticated physical access/evil maid attacks[0] benefits people even if they don't think they need this security.

This is a strange red herring. Attacks of this form are protected from by the OS, not the App Store. You can't do attacks like this by sideloading apps onto your own phone in developer mode because iOS itself protects against this - and we're discussing specifically allowing users to choose what App Store they use, not relaxing any of the security restrictions of the OS. Someone familiar with the basics of OS design would be aware of this distinction.


> Ultimate Security in the form of preventing extremely sophisticated physical access/evil maid attacks[0] benefits people even if they don't think they need this security.

Yet, it's up to me to decide whether I want that security or whether I want to trade security for freedom/flexibility. Not you, or any other authoritarians seeking to exert control over others.

> Maybe purchase a different product that more closely aligns with your needs.

This is an incredibly toxic and user-hostile sentiment that also is completely inconsistent with the way that consumer protection laws work in general[1].

[1] https://news.ycombinator.com/item?id=33978141


I still don't understand how you can't manifest that choice by simply purchasing a device from a different manufacturer. It's pretty disingenuous to suggest that Apple is some kind of authoritarian power that you have no choice but to purchase from. To quote your linked comment, I wouldn't expect you nor any other sane consumer to purchase goods that are "made with toxic substances, not honor their warranties, lie on their marketing, and steal and sell your personal medical information". Apple does not do any of that, and I think that you're intentionally derailing the discussion by comparing their guidelines + practices to any of the above.


> I still don't understand how you can't manifest that choice by simply purchasing a device from a different manufacturer.

I absolutely can manifest that choice - but it doesn't matter, because I have the right to be able to make that choice for any particular manufacturer.

> To quote your linked comment, I wouldn't expect you nor any other sane consumer to purchase goods that are "made with toxic substances, not honor their warranties, lie on their marketing, and steal and sell your personal medical information".

It doesn't matter that you wouldn't expect one to - it's wrong for a seller to sell one of those things at all, and that's why we've enshrined into our legal system that "some bad things are illegal to sell, regardless of whether the consumer has the ability to avoid them or not".

> Apple does not do any of that

It's pretty blindingly obvious that I'm not claiming that Apple is doing any of those things, and just using that as an example of the point that "some things are illegal to sell".

> and I think that you're intentionally derailing the discussion by comparing their guidelines + practices to any of the above.

The one who is doing that is you, by intentionally misinterpreting my words and reading things that I didn't write. The comparison is entirely apt - "we have laws against selling/doing some bad things x, Apple is selling/doing bad things y, even though x != y it's reasonable to have laws against also selling/doing bad things y".


To add, this is the difference from 'not honoring a warranty' and a product that explicitly comes without a warranty: you (can/should) learn about the product before you purchase it to see if it's actually for you.


That’s not a treat model 99% of users have to think about.


My I introduce you to Mr. Fart and his favorite colors? https://medium.com/@blakeross/mr-fart-s-favorite-colors-3177...

Discussed previously: https://news.ycombinator.com/item?id=11231631


I don't see how this is relevant. Nobody is advocating for the relaxations of the iOS security model itself, which is the actual thing that prevents rootkits and malware on your device.

Instead, the proposal is that people be able to install whatever software they want, that runs as a normal iOS app subject to the iOS security restrictions. Being able to install a non-Apple-approved app does not give you the ability to read and write arbitrary kernel memory, or do other actually dangerous things.


Do you believe Chrome should remove the developer tools to protect users from harming themselves? I mean, it's literally one key press away.


Yes, actually. Then every website wouldn't have to litter the console with warnings to users about pasting in code. I would much rather just have Chrome Developer Edition.


But… I "need" those tools to undo the harm that some websites try to inflict on me. I use them almost daily to delete things like taking 25% of my window for a scrolling and animated banner trying to sell me their irrelevant-to-me Excel add-in (annoyingly, this example bypasses all adblockers, comes with a widget that resizes it to a 'mere' 5% of my window, and forgets my choice every time I load or reload any of their pages). I also sometimes use them to repair malfunctioning pages so I can actually use them as intended.

Sure, you could say that I should just use this "Developer Edition", but that requires me to have access to install it on every puter I walk up to (just to be prepared for somewhat common web attrocities like full-page elements that prevent me from interacting with the page in ways that I feel should never be forbidden).

I don't tend to see 'warning' messages in the dev console that seem to be attempts to dissuade me from using the dev tools. Maybe…twice in >20 years?


If there were two separate versions of Chrome you can be sure there'd be people trying to block the dev version because they'd think using it is hacking or someone being tricked and everyone would be adding 'no-dev' scripts to their pages and we'd lose out by moving the web closer to PDFs.


Technology to have managed iOS devices is called MDM. Its mature technology that is already used for things like work-issued devices. What you want already exists. You're setting up a false choice.

https://www.kandji.io/mdm/start/product/?nis=8

https://www.jamf.com/lp/apple-mobile-device-management-mdm-j...

https://www.hexnode.com/mobile-device-management/macos-devic...


So keep her within the walled garden? Hell maybe even enable parental control if you really want to roleplay as her technological parent.


You’re being sarcastic, but as lifespans continue to increase and with no known cures for mental degenerative diseases like dementia; this is more common than you realize.


At some point in the near future we are all going to be in the same shoe as GP's mother: confronted by tech we simply no longer understand. Even the latest generation is merely fluent in using these devices. The subset that will keep up will be even smaller than today, imo. Almost all others will choose the safe options, specially when our lives are even more critically intertwined with our devices.

Even today it is not ok to be careless with what you put on your machine, but in a couple of decades, it could be a true disaster, specially if public services are fully tied to your digital identity. You would not want your digital self to be entertaining any random* program as guest.

* effectively random - see first point


This is a strange prediction to make on hacker news. Most of the people here are constantly learning and adapting to new technology.


You must not have experience with elderly relatives on the edge of Alzheimers or other forms of dementia. It happens; it happens to the best of us.


There is certainly that, but in fairness GP is correct that I am saying that at some point tech is going to outstrip even the best of us (maybe it's just the dumb me projecting).

One possibility that comes to mind is that we could possibly rely on trustworthy AI to help us understand the implications of using X in full. So if not walled gardens maybe private landscape architects or AI gardeners.

But one of the two will be required for digital life.


I do.

But having a debilitating disease is a different story and beyond the persons control.

Given a choice, I and many others here will continue to learn and adapt.


Eh. GP:> The subset that will keep up will be even smaller than today

The subset might include you, or a majority of HN people even. Just a smaller % of population than currently.

Regards your > Given a choice

If you have family with such issues, you know it wasn't a choice. Getting older means facing mental plasticity slowdown. You can work to be fit on that front sure, but it is an issue that we will all face and not everyone will choose as you do.

I am not sure I agree with GP's assertion that technology will be inherently harder to deal with though.


The subject at hand affects the entirety of society, not just hn members. Even today surely you must have very intelligent and capable friends or people you know that are preoccupied with their own domain and it is an unreasonable position to expect them to keep up with software and hardware and cellular/networking and be able to ascertain with high confidence that X is a safe and secure choice.

This issue can not be decided based on what is appropriate for a niche segment of society. We have a variety of options to serve the general society -- state/control, state/licensing, state/regulation, private/corporate, public/ngo, public/community, personal/ai, personal/expertise. These are not mutually exclusive options and we should discuss the possible configurations, optimal for general societal welfare, rather than denying that the problem exists.


macOS has SIP (System Integrity Protection) which can be disabled. Your mom would not disable it. No non-technical person i've ever met, even knows what SIP is, let alone has disabled it.

Security researchers, for example, can disable it. And use this to find security vulnerabilities.

The point is, as users we should have the ability... Apple (or any company) should not be allowed to dictate what people are & are not allowed to do on the devices they own.


And that's fine, but let people to do whatever they want with their devices.


But the device consists of the hardware, the os and the app store. The is no "hardware" in the Apple universe. And that is good. If you don't like it that way, buy a Nokia.


That makes no sense. Device refers to the physical machine. The software running on it is a completely separate matter. Just look at Apple's M1 laptops and Asahi Linux.

I don't want to buy a Nokia. Apple's hardware is really good and I want to buy their devices. I just don't want to become a serf in their digital fiefdom.


No, the device consists of the hardware and firmware required to make the hardware operate.

There is no reason to consider the OS and the App Store part of the device, other than marketing.


So, for this _specific_ purposes, keep the walled garden by default on, on one of the biggest ecosystems? How about opt-in for walled garden for those who need it.


Good news! There is a phone for you. Android allows that. Why not allow others who want their device partially controlled by the vendor to have that option?

I agree with the GP and prefer the current iOS landscape.


> Android allows that.

For now. Remote attestation is already a thing and soon Android apps will refuse to work on phones that have been "tampered with".


This already happens.


Yeah but you can still use software like Magisk to fake out whatever detection mechanisms they used. With hardware remote attestation, it will be impossible to do that.


They own an iPhone though. They deserve the right to install software they want on hardware they own, no?


The device is yours and you can load whatever you want into it. That’s why jailbreak is %100 legal.


If you own your phone in the first place, why did you have to break it out of jail?


Because you intentionally opted to spend more on a locked down device.


Tapping a button in settings a few times to get dev mode is not cool enough for Apple is it?


That’s just a name for adding functionality that Apple did not build in, no actual jails involved.


Yeah duh no real jail involved. That misses my point. Its called jailbreaking for a reason. Out the box its metaphorically in jail. Its restricted and limited in a bunch of ways that you have to break it out of.

You paid to own it, Apple puts in rules as if you're renting it. It doesn't matter that you can hack it. You shouldn't have to hack your own hardware.


Apple made it work in a certain way and it’s clear about it, if you want it to work in a different way I don’t think Apple obligated in helping you. If you’re surprised that they don’t support software installation beyond the AppStore, you can modify your device and make it do that(jailbreak), you can return your device or sell it.

It’s ridiculous to say expect that Apple is obligated in helping you use the device in ways not designed to work. Would you expect Apple also to make it possible to run PlayStation games?


Would you buy a car that only goes on Ford^TM approved roads and only takes Ffuel from Ford approved stations? Sorry, you can't drive here. That's a GM road.

No, of course not. We all know that the ability to run on unapproved roads isn't a "feature", but rather the inability to run on an unapproved road is an anti-feature that they built in the first place. For that matter, the inability to run playstation games outside a playstation is also an anti-feature which had to be engineered by Sony. For that matter, do you buy razors that only fit Gillette approved blade designs? So why restrictions on computing devices then?

I will give credit where its due in that Apple is upfront about the nature of the walled garden. Who knows, maybe there really is a market for cars that only go to approved places.


This is such a terribly flawed analogy. Roads are a shared utility that are usually built with public money. They are not a matter of personal choice. In addition, roads are largely a commodity, with few points of differentiation beyond fodder for office small talk. Drawing the comparison, even without referring to these specific attributes, is manipulative and misleading.

Most people that argue for your desired outcome can at least see that there are non-zero user-facing benefits to a walled garden. Do you really not have anyone in your life that isn’t an idealistic tech savvy power user? Apple obviously has financial incentive to maintain its 30% transaction cut, and it’s made some silly arguments to try to maintain that. However it’s also raised some very legitimate and well thought-out downsides.

At this point, the conversation has evolved so far beyond the “it’s a road!” analogy that continuing with that line of reasoning feels either ignorant or acting in bad faith, not because of any “won ground” by the pro walled garden lot, but because all that are interested in a legitimate debate know that these misleading comparisons help nobody.


You can pontificate all you want, but the law is pretty clear that what Apple is doing violates antitrust law, and is thus illegal. See the precedent set in US v. Microsoft.


I guess I wouldn't buy Ford if their fueling features don't meet my expectations.


Wait, you're ok only being allowed to buy Ford gas just so long as Ford gas is actually pretty decent?


No I’m not ok being allowed to buy only Ford gas. I’m ok to buy Ford cars that work only with ford gas if the deal they offer suits me.


Your Ford comes with a particular operating system and performance parameters. If you want to run something else, you have to jump through a few hoops to change that. Those hoops might be more or less difficult to clear than jailbreaking iOS, but the option/requirement is there in both cases.

Everything intelligent comes with a set of software. You can replace that software (on almost everything?), but then it's up to you to maintain the setup how you like. That's not unique to iOS.


Well, lots of people seem to like using Apple products in the way Apple intended to - adhering to your example, driving on the vast Ford network that covers most of the world and gets ford drivers pretty much everywhere.


Nevermind whole classes of apps like NewPipe and F-Droid.


You’re missing the larger point. If people didn’t like it, they wouldn’t buy it. How you feel about it is irrelevant.


You still can't sell a jailbroken device, I think.

It is kind of strange if you own something 100% and you can't sell it.


On the contrary, you can sell it at a premium for the service.


Really? What happens when you put in on craigslist, find a buyer and exchange the device for money? How Apple stops that?


Apple may argue you paid to get a locked-down device and I don’t think they ever claimed otherwise.

Also, if you buy an Xbox, Tesla, Fitbit watch, fridge, etc. you can’t load whatever you please, either. Why would all smartphones be different?

If you look at it historically, the PC is about the only device allowing that kind of user control.


> Why would all smartphones be different?

Because corporations maintaining such control over what should have been our computers is fundamentally unjust. It turns us into serfs of their digital fiefdoms where they make the laws and collect the taxes and tariffs.


You aren’t even remotely engaging with the point that you’re replying to.


Smart phones are as close to general purpose computers as you can get.


> Xbox, Tesla, Fitbit watch, fridge, etc. you can’t load whatever you please, either.

Are you new here? All of these things are examples of locked down ecosystems that most of us in favor of this change also want unlocked.

The idea that you can own a device and can't do whatever you want with it is asinine. If you can't do what you want, you don't own it.


Are you new here? Every discussion about closed ecosystems I see on this terrible website has people arguing for both sides. That’s why they’re…arguments…and not simply people patting each other on the back.


If you have seen multiple discussions about closed ecosystems, then you should know it's not about Apple specifically and is about the principle of device ownership already.


>If you look at it historically, the PC is about the only device allowing that kind of user control

Why should we give a shit about historical norms? For most of history most children died at childbirth. Does that mean we should accept a >50% infant mortality rate?


It's time to open up consoles and cars, too.

Someone doing something bad doesn't excuse someone else for doing the same thing.

Historically, women couldn't vote, does that excuse countries that prevent women from voting from doing so, too?


> you can’t load whatever you please, either.

Well you should be able to. If the customer is powerless to stop it we're going to see cars and fridges playing ads at full volume very soon.


Are you allowed to buy into a walled garden where developers can’t force you to sideload apps to use their apps? That’s what I want to do, but it seems the EU is making that illegal. It seems that users who value freedom can buy Android, and users who value security can buy Apple, but the second option is going away.


If Apple offers it, sure.

"Introducing: iLess - A $15/month optional subscription fee that removes sideloading from your phone."

Sure to be a smash hit, sounds like exactly what you're looking for!


What is this logic? Nobody is stopping you from staying in your walled garden. You want to stop other people from escaping it, though?


A walled garden they willing walked into and willingly can leave at any time? It’s not as though there’s nowhere else to go. The trouble is people want all the benefits of the walled garden without the wall.


Nobody is stopping you from escaping the walled garden; you can absolutely go buy an Android device which is equivalent to an iPhone but without these sorts of restrictions.

The trouble is that the walled garden approach only works if the wall goes all the way around. If Facebook, Google, or the other big ad companies are allowed to access the iOS ecosystem without consumer protections, then they absolutely will and will force users to go along with it. This is about developer freedom, not user freedom.


> Nobody is stopping you from escaping the walled garden;

Apple does. I buy a Macbook, and I can modify the bootloader to completely leave MacOS. It's a pain in the ass, and Apple certainly doesn't make it easy as it was on x86, but it's an option. Even if I use MacOS, I still have the option to disable system integrity, install unsigned apps and use third-party software managers.

That's a system that lets me escape the walled garden. They give me concessions inside their OS and an escape-hatch for third-party OSes if they really fuck things up. The iPhone has none of those things. If you buy an iPhone, your only way to leave the walled garden is to not use the iPhone. Buying an Android phone does not break your iPhone out of the walled garden.


No one is forcing you to use any app, let alone developers.

Without this becoming a rant, what fraction of that "security" is protecting you from nothing more than apps that didn't pay the Apple tax. You must admit, the narrative that only approved apps are "good"/"safe" is insanely self serving and conveniently hard to falsify.


Let me provide a concrete example: right now I can download and use Facebook, with less tracking than Facebook likes, on the App Store. If Facebook is allowed to offer a sideloaded app with all the tracking included, what do you think the chances are they will keep the version on the App Store? If they remove it and only offer the new sideloaded version, I am worse off as a user than I am right now.


If you don’t trust facebook without Apple’s help, maybe don’t use it?

You have a point but without Apple’s restrictions, someone can build tracking free Facebook client too, if that’s something people want.


This is relying on Apple to act as a regulator of Facebook. That's not Apple's job, and they do a bad job of it. That's the job of the government, which is actually (ostensibly (unlike Apple)) representing the people.

The fact that Facebook can do any spying on you at all (because it can still track you, on your current Apple device, right now) is because government regulators are dropping the ball. It's not Apple's responsibility, it's not something they're good at, and it's not something that they should be doing.


I would contend that so far, Apple has done a better job of ensuring their customers' privacy in the face of other companies that employ dark patterns to try to extract personal information from the device that neither Apple nor Apple's customers allowed them to.

The government, so far, has been rather toothless in terms of ensuring the privacy of people and have issued paltry fines to the companies that amounted to no more than a slap on the wrist and extracting a promise that they'll do better next time (with their hands behind their back and fingers crossed).

The reason I purchase apple devices is because they are the only ones that are taking my privacy seriously.

Government regulators are letting the market decide how valuable customer data is and Apple is saying "it is valuable and our customers value not letting random people getting it." Thus, I am voting with my wallet because in this case, votes for elected officials isn't doing much.


> Apple is saying "it is valuable and our customers value not letting random people getting it."

Well... https://www.macrumors.com/2022/11/21/icloud-for-windows-corr...


App tracking permissions are handled by the OS, it's entirely possible to ship Facebook apps that can't track because they can use the same exact permission system that the existing Facebook iOS app is using.

You don't need the App Store for security, it isn't a dichotomy.


Ignoring Facebook as the example since nobody who cares remotely about tracking is using Facebook.

Then [company] lose marketshare to those who don't care about anything outside of the App Store, and when media outlets and social networks pick up on how [company] app on this third party store tracks so much more information than it used to, even more people will uninstall. It's what we've seen on Android for years, there is a huge reputation factor when it comes to third party app stores. That reputation factor is the reason why F-Droid is the major choice outside of the Play Store.

There is incentive here for app developers to continue to provide solid services. Just not Facebook, as their primary goal is tracking.


I'm much more worried about games.

Epic Games is going to put their own storefront on iOS, and it's going to have few if any of the polices for customer protection that the App Store does.


Epic will be able to give you games for free to gain market share, just like the Amazon App Store tried on Android and just like Epic is currently trying on Windows. The horror!

Then an app like F-Droid will come along and offer even more protections than the App Store. Confound it!

For my part, this is a step in the right direction. With a few more fixes, iOS might even become usable enough for me to buy a device that runs it.


Epic could also, in that case, offer subscriptions that can only be canceled at a storefront in Peoria between 1am and 4am on alternate Tuesdays.


Epic could already do that. So could Apple, for that matter - but neither of them do. Total whataboutism.


Epic currently can’t do that on iPhones in their apps because in-app subscriptions all use Apple’s subscriptions system and can be managed in one place

If you wanted to use an abusive subscription system currently you would have to do it outside the app via a web browser


You would have to do it outside the US, which has many laws that regulate how you can offer subscriptions online. https://www.gunder.com/news/u-s-state-laws-impose-new-obliga...


The fb webpage still exists. No app. No permissions. No problems.

If Facebook makes a change that kills the low-tracking front-ends and insists everyone be tracked more, and in response you grovel to them and put up with their new app, then no amount of EU law or App store law was ever going to protect you from yourself. Apple store polices are a red herring, the problem you're actually highlighting is the adversarial relation you have with fb.


That depends entirely on how much friction there is involved in the process. I think you know and Facebook knows that technical hoops at the level of, say, enabling developer menus on Android is a bridge too far for the average tech illiterate user.

Reminder that Epic tried this with Fortnite and eventually went back on the play store. And this was on the platform that had sideloading since day one.


I think this depends on how much friction side-loading ends up being. If I can just click a link and hit "run" like I can on a computer, yeah it could be an issue.

If it requires diving in to Settings or connecting the phone to a computer -- Facebook would never abandon the App Store, friction to using side-loading would be too high.


Can't you choose to only use apps on Apple's app store?


I believe the implication is there will now be less incentive for app developers to ship for App Store when they can get 80% of the way there with 0% of the “hoops” to jump through (I.e. Apple guidelines)


It's typically one aspect of (mobile) device management on platforms that support side-loading out of the box.


You are also free not to download any app that forces you to sideload and can stay "secure".


I’m free to not work for a company whose ethics or contract I dislike. But only because I got a skill which made me a desirable employee elsewhere.

I’m free to resolve my cancelled flight by either waiting a week for the free alternative or buying a combination of rail and ferry tickets to get me from Stansted to Berlin, but only because I have an understanding boss, enough money, and an app which can get me arbitrary hotels on route because that’s more than a day’s journey unless I plan to sleep in a train station.

I’m free to not remain in a country whose politics or laws I dislike. But only because I got lucky with a few things.

I’m free to not download any app which forces me to sideload. But only because they don’t exist yet on iOS (except for the ways that apparently never counted according to all the people demanding this) — there’s too many ways a theoretical “optional” can become an “actually mandatory”, from laws to employers to defacto monopolies, and those are just the ones I’ve seen examples of in other contexts.


And others?

Hope not, especially by everyone and their mum.


You don’t think a 30% tax on users for the privilege of using an AppStore app and Apple’s abuse of that are problems? But somehow the AppStore affects government abuse of iPhones?

The AppStore would have never been a problem had Apple not been so greedy and draconian about it.


It's weird how the app store started out from nothing with even worse terms, and they were enthusiastically accepted by developers and consumers alike. Under these greedy and draconian terms, the app store became broadly embraced by developers, to the point of being called a monopoly. However, with this success Apple's reaction wasn't to abuse its market power by increasing its fees, but instead it reduced fees for long-term subscriptions and for developers with under $1M in revenues.


Apple's control over the device risks governments making Apple their police

Even with sideloading, neither Apple nor the government will give up that much control. Apple will almost certainly retain the ability to delete "malware" apps even if they're sideloaded and governments can then lean on that mechanism. Even Google can probably do a lot through Play Services.


Play this scenario out to its logical conclusion. If we are in a situation where Apple and the government is targeting specific apps for removal, this becomes a game of whack a mole that the developer always wins.


> I'm afraid that Apple's control over the device risks governments making Apple their police

It's already happening. We must oppose it.

The only person who should be in control of the device is the user who owns it. Absolutely no one else. Our computers are sacred ground that no one else may enter without permission.


I mean, AirDrop has been a problem for a while elsewhere as well: https://www.nbcbayarea.com/news/local/passengers-removed-fro... and https://streamable.com/fkgbr


AirDrop is not limited in China. iOS 16.2, which released today, limits AirDrop to 10 minutes for everyone in all regions.


Yet, near share, Googles version of airdrop, has been disabled in mainland China for years.


I'm not sure if this is better or worse.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: