Side-loading is a gold rush for cybercriminals, says Craig Federighi

Posted:
in General Discussion edited November 2021
Craig Federighi, Apple's Software Engineering chief, gave a keynote focused on the dangers of forcing Apple to allow side-loading on iPhone at the Web Summit 2021 conference.

Credit: Web Summit
Credit: Web Summit


During a keynote speech on day two of the Web Summit in Lisbon, Portugal, Federighi touted the benefits of Apple's iOS and the built-in protections of the App Store. He also spoke out against the provision to allow side-loading in the European Union's Digital Markets Act.

"The DMA has an admirable mission: to promote competition and to make sure consumers have choice," said Federighi. "And I'm a big fan of both of these goals. But as the engineer who wants iPhone to stay as secure as possible for our users, there is one part I worry about. And that's the provision that would require iPhone to allow side-loading."

Federighi said that the provision, intended to provide more choice to consumers, would actually reduce user's choice away.

"Because in the name of giving users more choice," Federighi said. "That one provision would take away consumers' choice of a more secure platform."

The Apple SVP then reiterated some of the company's past talking points on side-loading, included in an October update to its "Building a Trusted Ecosystem for Millions of Apps" white paper.

Federighi, and that white paper, both touted the privacy and security benefits of the iPhone. They also maintain that security is essential on a user's smartphone, given the expanding amount of sensitive data stored on them.

The Apple software chief focused almost entirely on side-loading, choosing to forego talking about the other provisions in the DMA. The crux of his argument came down to the fact that allowing side-loading would, according to Apple, cripple the company's privacy and security mechanisms.

As Apple did in its research paper, Federighi gave a number of specific examples of malware and ransomware that run rampant on competing platforms like Android. All of them, Federighi said, rely on side-loading in one way or another.

"Cybercriminals' targets and strategies vary, but here's one thing that couldn't be more clear: side-loading is a cybercriminal's best friend," Federighi said. "And requiring that on iPhone would be a gold rush for the malware industry."

Read on AppleInsider
patchythepirate
«1

Comments

  • Reply 1 of 31
    Cesar Battistini MazieroCesar Battistini Maziero Posts: 212unconfirmed, member
    Part of the reason I give iPhones to my grandmas and aunts is because of exactly this. 
    No matter what they download, they will not destroy their phone.

    I choose security with my eyes closed. 
    If you want a platform where you can do whatever, it already exists, it's called Android, just go away.
    Oferrepressthiswilliamlondonpatchythepiraterob53StrangeDaysaderutterlkruppbaconstangwatto_cobra
  • Reply 2 of 31
    gatorguygatorguy Posts: 23,321member
    An app from Apple's AppStore will be just as secure and malware-free as it is now whether 3rd party stores/sideloading is permitted or not. It changes nothing for an iPhone owner who uses only the first-party store. 

    No one is saying Apple needs to make it as easy to sideload as not. FWIW Google makes it fairly difficult to do so now, so even if it can be done they definitely strongly discourage it with change settings in an obscure place most people would never see. Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 

    We buy homes and add furniture we choose from whatever source we wish, no payment to the architect or the builder. We buy cars and change out the audio, headlights, et.al sourced from wherever we wish, no permission required from the auto manufacturer or fee to be paid.  We buy computers and laptops and add programs from any developer we wish, no stipend needs to be paid to the computer vendor or manufacturer. But we buy a smartphone and can only add applications that the provider further profits from and/or offers themselves?

    EDIT: As I said, it's not a simple thing to sideload on Android now. It requires more than a bit of familiarity with the system structure and so not something Cesar's grandmas and aunts would accidentally do.

    Pull down from the top and tap Settings. Then nestled among a dozen or so main collections from Security (which is where I would have expected it to be) to Privacy to System, go to Apps. where you're presented with all your recently opened ones and an option to see all of them. Nothing there indicates anything about outside sources or 3rd party stores or anything else. Where they've hidden it is in yet another sub-menu; Special App Access. Even there you won't find it on the first page of options.

    Down near the bottom if you scroll far enough will be "Install unknown apps", a disconcerting title.  Now tapping that makes it even more difficult because you then are offered several different categories of personal devices, products, files and browsers where you will choose to allow it, but which one?? By default they are all disallowed.  Yup, daunting for someone with little knowldege.

    Apple can do the same, make it pretty darn hard, in fact near impossible, for mom, pop and that great aunt to accidentally load an app that comes from an unsafe place. Only the knowledgeable will be able to do so.
    edited November 2021 PShimimuthuk_vanalingamelijahgmobirdlibertymattersctt_zhbyronldarkvader
  • Reply 3 of 31
    elijahgelijahg Posts: 2,555member
    So what about the fact that you can currently side-load some apps (with an enterprise certificate) and there is no "gold rush" from cybercriminals? Apple is drunk on control. 
    avon b7muthuk_vanalingamrcfabyronlctt_zhdarkvader
  • Reply 4 of 31
    The danger is when developers decide not to put their apps in the App Store, forcing you to side load from the web. 

    gatorguy said:
    An app from Apple's AppStore will be just as secure and malware-free as it is now whether 3rd party stores/sideloading is permitted or not. It changes nothing for an iPhone owner who uses only the first-party store. 

    No one is saying Apple needs to make it as easy to sideload as not. FWIW Google makes it fairly difficult to do so now, so even if it can be done they definitely strongly discourage it with change settings in an obscure place most people would never see. Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 

    We buy homes and add furniture we choose from whatever source we wish, no payment to the architect or the builder. We buy cars and change out the audio, headlights, et.al sourced from wherever we wish, no permission required from the auto manufacturer or fee to be paid.  We buy computers and laptops and add programs from any developer we wish, no stipend needs to be paid to the computer vendor or manufacturer. But we buy a smartphone and can only add applications that the provider further profits from and/or offers themselves?

    EDIT: As I said, it's not a simple thing to sideload on Android now. It requires more than a bit of familiarity with the system structure and so not something Cesar's grandmas and aunts would accidentally do.

    Pull down from the top and tap Settings. Then nestled among a dozen or so main collections from Security (which is where I would have expected it to be) to Privacy to System, go to Apps. where you're presented with all your recently opened ones and an option to see all of them. Nothing there indicates anything about outside sources or 3rd party stores or anything else. Where they've hidden it is in yet another sub-menu; Special App Access. Even there you won't find it on the first page of options.

    Down near the bottom if you scroll far enough will be "Install unknown apps", a disconcerting title.  Now tapping that makes it even more difficult because you then are offered several different categories of personal devices, products, files and browsers where you will choose to allow it, but which one?? By default they are all disallowed.  Yup, daunting for someone with little knowldege.

    Apple can do the same, make it pretty darn hard, in fact near impossible, for mom, pop and that great aunt to accidentally load an app that comes from an unsafe place. Only the knowledgeable will be able to do so.



    patchythepirateMplsPapplguywatto_cobra
  • Reply 5 of 31
    So add side loading, disable by default, give customers the choice.  
    VOILA.  
    muthuk_vanalingamrcfabyronlelijahgdarkvader
  • Reply 6 of 31
    dws-2dws-2 Posts: 276member
    I don't agree with this. Currently, Apple is doing a pretty poor job of policing the App Store; maybe someone else could create a better App Store experience. I for one would like an App Store with just premium apps. Currently, even when you look up an app in the search bar, you get ads for stuff you don't want along with a ton of "free" junk.
    rcfabyronlelijahg
  • Reply 7 of 31
    gatorguy said:
    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    You seem to believe that users can learn how to side load, yet you also don't seem to believe that users can learn how to pay for things outside the App Store. That's the only argument that really exists for forcing sideloading on iOS/iPadOS: that users are somehow unable to learn that payments can be made on the internet too. 
    StrangeDayswatto_cobra
  • Reply 8 of 31
    rob53rob53 Posts: 2,769member
    AI just had an article about NSO and Pegasus being branded as threats then they come out with an article saying side-loading is a gold rush for cyber criminals. Once side loading is allowed by iOS, no matter how many settings the consumer has to change, these two organizations, along with many others (like Facebook) will find a way to use it to inject malware, ads and everything else WE DON'T WANT, not matter what developers say. All of you who say Apple is not doing a good job stopping malware are being picky. There will always be something that gets through but the vast majority won't. Allow side-loading (politicians just don't understand this) and there will be a valid way to inject anything, including apps and malware. Some of these apps will be included by various levels of governments, corporations, educational facilities--you get the idea. They will find a way to force users to allow side-loading in order to visit their website or because your employers say you have to. 

    Don't allow side-loading and it gets a ton harder to do the same thing.
    aderutterjony0MplsPbyronlWgkruegerwatto_cobra
  • Reply 9 of 31
    StrangeDaysStrangeDays Posts: 11,862member
    elijahg said:
    So what about the fact that you can currently side-load some apps (with an enterprise certificate) and there is no "gold rush" from cybercriminals? Apple is drunk on control. 
    Pure rubbish, of course. Like others said, the stupid-simple security is what makes iOS such a great option for so many. I no longer have to do tech support for family and other seniors. It’s great. Feature, not a bug. 

    You’re free to get an enterprise cert but the target market for abuse is small and the participants are advanced users.
    jony0Dogpersonwatto_cobra
  • Reply 10 of 31
    StrangeDaysStrangeDays Posts: 11,862member
    dws-2 said:
    I don't agree with this. Currently, Apple is doing a pretty poor job of policing the App Store; maybe someone else could create a better App Store experience. I for one would like an App Store with just premium apps. Currently, even when you look up an app in the search bar, you get ads for stuff you don't want along with a ton of "free" junk.
    Relevance or usefulness of apps is not the topic. Security of the apps is, and there iOS has the better record compared to the knockoff platforms.
    jony0MplsPdewmebaconstangwatto_cobra
  • Reply 11 of 31
    StrangeDaysStrangeDays Posts: 11,862member
    gatorguy said:

    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    Completely wrong, or course. But how can we expect a google guy to understand the value proposition of the platform when he doesn’t even have an iPhone? Having absolute trust in the walled garden and security of apps within the App Store is the entire reason for its success with non-techies. That isn’t profit-based, it’s value-based. You general-IT-dude types still fail to grok Apple, forty years later and counting. It shows.
    aderutterjony0get seriousericthehalfbeeargonautbaconstangDogpersonwatto_cobra
  • Reply 12 of 31
    Their arguments fall flat when it is realized 'side-loading', aka installing software, is common practice on the Macintosh.  

    It is quite simple, have two modes: full security and medium security just like Apple Silicon Macs.  Grandma can stay in full security mode.  People who want non-Apple approved software can turn on medium security mode.  Apple should not get to decide what a user values more, freedom or security.  It should provide a choice just like the Macintosh.

    The bottom-line is this is about money from App Store revenue.  They cannot admit that because it is a losing argument so they lie about their motives.  They use fear, security! security! to sell it.  The fact that the Macintosh allows 'side-loading' proves it is about money.
    byronlelijahgctt_zhdarkvadermuthuk_vanalingam
  • Reply 13 of 31
    Their arguments fall flat when it is realized 'side-loading', aka installing software, is common practice on the Macintosh.  

    It is quite simple, have two modes: full security and medium security just like Apple Silicon Macs.  Grandma can stay in full security mode.  People who want non-Apple approved software can turn on medium security mode.  Apple should not get to decide what a user values more, freedom or security.  It should provide a choice just like the Macintosh.

    The bottom-line is this is about money from App Store revenue.  They cannot admit that because it is a losing argument so they lie about their motives.  They use fear, security! security! to sell it.  The fact that the Macintosh allows 'side-loading' proves it is about money.
    By all means let's welcome the age of Mac Keeper shenanigans to the billion or so iPhone/iPad users in the world.
    mattinozbaconstangRudeBoyRudywatto_cobra
  • Reply 14 of 31
    gatorguy said:

    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    Completely wrong, or course. But how can we expect a google guy to understand the value proposition of the platform when he doesn’t even have an iPhone? Having absolute trust in the walled garden and security of apps within the App Store is the entire reason for its success with non-techies. That isn’t profit-based, it’s value-based. You general-IT-dude types still fail to grok Apple, forty years later and counting. It shows.
    No, Gatorguy is completely right. It is a profit-based decision. I imagine you also believe that Apple stopped including the charger with iPhones for the good of the planet... 
    elijahgdarkvadermuthuk_vanalingam
  • Reply 15 of 31
    gatorguygatorguy Posts: 23,321member
    gatorguy said:

    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    Completely wrong, or course. But how can we expect a google guy to understand the value proposition of the platform when he doesn’t even have an iPhone?
    I have an iPhone 11, purchased with my own money, and I regularly use it. I think I understand a whole lot more than you want to admit. But can we expect Strangedays to understand the other platform's side-loading when he doesn't even have an Android phone. :)

    Next. 
    elijahgctt_zhdarkvadermuthuk_vanalingam
  • Reply 16 of 31
    MplsPMplsP Posts: 3,498member
    Their arguments fall flat when it is realized 'side-loading', aka installing software, is common practice on the Macintosh.  

    It is quite simple, have two modes: full security and medium security just like Apple Silicon Macs.  Grandma can stay in full security mode.  People who want non-Apple approved software can turn on medium security mode.  Apple should not get to decide what a user values more, freedom or security.  It should provide a choice just like the Macintosh.

    The bottom-line is this is about money from App Store revenue.  They cannot admit that because it is a losing argument so they lie about their motives.  They use fear, security! security! to sell it.  The fact that the Macintosh allows 'side-loading' proves it is about money.
    How much malware exists for iPhones vs Macs? There’s none on iPhones but it’s a definite problem on Macs, so there’s your answer, and your argument falls flat. 
    watto_cobra
  • Reply 17 of 31
    elijahgelijahg Posts: 2,555member
    rob53 said:
    AI just had an article about NSO and Pegasus being branded as threats then they come out with an article saying side-loading is a gold rush for cyber criminals. Once side loading is allowed by iOS, no matter how many settings the consumer has to change, these two organizations, along with many others (like Facebook) will find a way to use it to inject malware, ads and everything else WE DON'T WANT, not matter what developers say. All of you who say Apple is not doing a good job stopping malware are being picky. There will always be something that gets through but the vast majority won't. Allow side-loading (politicians just don't understand this) and there will be a valid way to inject anything, including apps and malware. Some of these apps will be included by various levels of governments, corporations, educational facilities--you get the idea. They will find a way to force users to allow side-loading in order to visit their website or because your employers say you have to. 

    Don't allow side-loading and it gets a ton harder to do the same thing.
    Again you are conveniently ignoring the fact that you can already side-load and this has never happened. If something sideloaded can escape the sandbox, something from the App Store can too. There have been proof-of-concept exploits hidden in iOS apps that were in the App Store, that were able to both bypass Apple's human checks and the sandbox. You can sideload on Android, where is the gold rush there? Is Android's sandbox better?
    edited November 2021 gatorguyctt_zhdarkvader
  • Reply 18 of 31
    elijahgelijahg Posts: 2,555member
    elijahg said:
    So what about the fact that you can currently side-load some apps (with an enterprise certificate) and there is no "gold rush" from cybercriminals? Apple is drunk on control. 
    Pure rubbish, of course. Like others said, the stupid-simple security is what makes iOS such a great option for so many. I no longer have to do tech support for family and other seniors. It’s great. Feature, not a bug. 

    You’re free to get an enterprise cert but the target market for abuse is small and the participants are advanced users.
    So which part is rubbish? You in fact can't side-load apps or that somehow we have all missed the gold rush from cybercriminals? The target would still be small, as with Android, very few would actually bypass the official store.
    edited November 2021 ctt_zhdarkvadermuthuk_vanalingam
  • Reply 19 of 31
    gatorguy said:
    An app from Apple's AppStore will be just as secure and malware-free as it is now whether 3rd party stores/sideloading is permitted or not. It changes nothing for an iPhone owner who uses only the first-party store. 

    No one is saying Apple needs to make it as easy to sideload as not. FWIW Google makes it fairly difficult to do so now, so even if it can be done they definitely strongly discourage it with change settings in an obscure place most people would never see. Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 

    We buy homes and add furniture we choose from whatever source we wish, no payment to the architect or the builder. We buy cars and change out the audio, headlights, et.al sourced from wherever we wish, no permission required from the auto manufacturer or fee to be paid.  We buy computers and laptops and add programs from any developer we wish, no stipend needs to be paid to the computer vendor or manufacturer. But we buy a smartphone and can only add applications that the provider further profits from and/or offers themselves?

    EDIT: As I said, it's not a simple thing to sideload on Android now. It requires more than a bit of familiarity with the system structure and so not something Cesar's grandmas and aunts would accidentally do.

    Pull down from the top and tap Settings. Then nestled among a dozen or so main collections from Security (which is where I would have expected it to be) to Privacy to System, go to Apps. where you're presented with all your recently opened ones and an option to see all of them. Nothing there indicates anything about outside sources or 3rd party stores or anything else. Where they've hidden it is in yet another sub-menu; Special App Access. Even there you won't find it on the first page of options.

    Down near the bottom if you scroll far enough will be "Install unknown apps", a disconcerting title.  Now tapping that makes it even more difficult because you then are offered several different categories of personal devices, products, files and browsers where you will choose to allow it, but which one?? By default they are all disallowed.  Yup, daunting for someone with little knowldege.

    Apple can do the same, make it pretty darn hard, in fact near impossible, for mom, pop and that great aunt to accidentally load an app that comes from an unsafe place. Only the knowledgeable will be able to do so.

    How did such an ignorant post get so many likes? New group of trolls sign up?

    Your first point is a lie. I’ll repeat the previous example I used. I download an App from The App Store. My friend downloads it from a 3rd party store. My App has restrictions applied by Apple but the 3rd party App has no such restrictions. Anything I share with my App that goes to my friend now gets shared with an outside party because THEIR App doesn’t get vetted. Suddenly my personal information is shared WITHOUT my consent, not by my version of the App but by an App on the other end. The idea staying away from side-loading protects you is asinine.

    How do you reconcile this stance with your constant promotion of Google Messages being E2EE and therefore safe? It’s not safe if the other end isn’t. Seems you’ve really backed yourself into a corner here.

    Your second point shows your ignorance of what’s being requested. Epic is suing Google because they claim the warnings you see before side-loading are anti-competitive. They claim these warnings are designed to scare users away from side-loading. What the companies/groups/Senators want is frictionless side-loading. They will accept nothing less. Therefore there will be no warnings. They want 3rd party stores to be as simple as The App Store. One-click installs and no constant nagging/warnings. This is where the danger lies as it will be easy to trick users into allowing and installing 3rd party Apps. The only warning Apple/Google will get away with is most likely a single, one-time notification to enable side-loading. After that it’s the Wild West.


    baconstangwatto_cobra
  • Reply 20 of 31
    gatorguygatorguy Posts: 23,321member
    gatorguy said:
    An app from Apple's AppStore will be just as secure and malware-free as it is now whether 3rd party stores/sideloading is permitted or not. It changes nothing for an iPhone owner who uses only the first-party store. 

    No one is saying Apple needs to make it as easy to sideload as not. FWIW Google makes it fairly difficult to do so now, so even if it can be done they definitely strongly discourage it with change settings in an obscure place most people would never see. Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 

    We buy homes and add furniture we choose from whatever source we wish, no payment to the architect or the builder. We buy cars and change out the audio, headlights, et.al sourced from wherever we wish, no permission required from the auto manufacturer or fee to be paid.  We buy computers and laptops and add programs from any developer we wish, no stipend needs to be paid to the computer vendor or manufacturer. But we buy a smartphone and can only add applications that the provider further profits from and/or offers themselves?

    EDIT: As I said, it's not a simple thing to sideload on Android now. It requires more than a bit of familiarity with the system structure and so not something Cesar's grandmas and aunts would accidentally do.

    Pull down from the top and tap Settings. Then nestled among a dozen or so main collections from Security (which is where I would have expected it to be) to Privacy to System, go to Apps. where you're presented with all your recently opened ones and an option to see all of them. Nothing there indicates anything about outside sources or 3rd party stores or anything else. Where they've hidden it is in yet another sub-menu; Special App Access. Even there you won't find it on the first page of options.

    Down near the bottom if you scroll far enough will be "Install unknown apps", a disconcerting title.  Now tapping that makes it even more difficult because you then are offered several different categories of personal devices, products, files and browsers where you will choose to allow it, but which one?? By default they are all disallowed.  Yup, daunting for someone with little knowldege.

    Apple can do the same, make it pretty darn hard, in fact near impossible, for mom, pop and that great aunt to accidentally load an app that comes from an unsafe place. Only the knowledgeable will be able to do so.

    How did such an ignorant post get so many likes? New group of trolls sign up?

    Your first point is a lie. I’ll repeat the previous example I used. I download an App from The App Store. My friend downloads it from a 3rd party store. My App has restrictions applied by Apple but the 3rd party App has no such restrictions. Anything I share with my App that goes to my friend now gets shared with an outside party because THEIR App doesn’t get vetted. Suddenly my personal information is shared WITHOUT my consent, not by my version of the App but by an App on the other end. The idea staying away from side-loading protects you is asinine.

    Except that so far only using the official app store has protected me from malware even if "someone" could have gotten their copy of the app someplace else. His malware won't magically appear on mine. That's where your fear-mongering falls apart. Ignorance?
    ctt_zhmuthuk_vanalingam
Sign In or Register to comment.