Craig Federighi blasts Mac security to prop up iOS App Store

124

Comments

  • Reply 61 of 93
    thedbathedba Posts: 762member
    killroy said:
    thedba said:
    Beats said:
    I’m disappointed Apple didn’t roll out an App Store like iOS.

    People called me different names for suggesting the new M1 Mac software should be treated like iPhones App Store and said “PCs have always allowed software via web” as if moving forward was a bad idea.
    Actually they did, with the Mac App Store. Not very successful as many apps outside of Apple’s own, weren’t  there for various reasons, the main one being Apple’s 30% cut. 

    Drivers for cards like fiber optics you will not find in the app sore. You will not find all of Adobe or Avid there to. A lot of Pro broadcast apps are not in the store.
    See my reply to "chasm" as more examples of apps not present in the Mac App Store. 
  • Reply 62 of 93
    AppleZuluAppleZulu Posts: 1,989member
    jib said:
    Beats said:
    I’m disappointed Apple didn’t roll out an App Store like iOS.

    People called me different names for suggesting the new M1 Mac software should be treated like iPhones App Store and said “PCs have always allowed software via web” as if moving forward was a bad idea.

    Antitrust. If Apple tried to lock down macOS after being open for all these years they’d be accused of abusing their position. Same goes with Windows.
    Highly unlikely in my opinion (under US law, at least).  Macs have about a 10% market share. I always prefer the App Store for Mac applications, if there is a choice.
    This demonstrates what would happen if iOS was forced open. You can get Adobe software through the iOS/ipadOS app store, but not via the Mac app store. If MacOS required that, Adobe would do it, but because they don't, they don't. So all the folks claiming iOS customers could still choose to only use apps sold through the iOS app store even if the system was forced open are plainly wrong.  
    thtFidonet127Detnator
  • Reply 63 of 93
    StrangeDaysStrangeDays Posts: 12,834member
    Did the judge pose the same question (about why iOS needs one official store where the Mac doesn't) to Microsoft? Xbox has one official store, where they take a piece, whereas desktop PCs running Windows don't. Same exact thing.

    I know Epic claims MS has to do this because it's supposed taking a loss on the Xbox hardware, but Apple disputed that claim. It has yet to be proven w/ financial statements as far as I know.
    watto_cobra
  • Reply 64 of 93
    GeorgeBMacGeorgeBMac Posts: 11,421member
    AppleZulu said:
    gatorguy said:
    A bit harsh title for this article. Sorry but there is more malware on the Mac than iOS. 

    No Apple should not lock the Mac to only one App Store. Apple would be rightfully attacked by users, developers and antitrust. Did people forget about the conspiracy stories about gatekeeper? 

    No iOS should not allow other app stores, without the ability to turn them off. Malware will vastly increase with other app stores. It isn’t just camera and microphone, but also movement, location, passwords, iCloud, WiFi, and fingerprint security. How is any other App Store going to keep that safe?
    Because it still has to run on the very secure iOS?
    That's not the same thing, and that's the point of Federighi's testimony. iOS was built from the ground up as a secure, internet-connected operating system, and when the App Store was introduced, it was a component of that secure paradigm, unlike any previous operating system's third-party app management process. The Mac predated all that, and you can't easily put the genie back in the bottle. They do a lot to make MacOS secure, but it's not as secure as iOS is with its single, proprietary app store to manage all third-party applications. Forcing them to break up that system will inherently degrade security and take away the choice currently available to consumers in being able to buy an iOS device that meets current security standards.

    I totally agree -- that was well said.

    I suspect though that to some degree Apple will be putting that genie back into his bottle as they, over a period of years, integrate MacOS into the wider Apple ecosystem.

    Right now, it's sort of an outlier in the world of Apple.
    Mephisdogoles
  • Reply 65 of 93
    tedz98tedz98 Posts: 80member
    All of this talk about security misses the point that Epic’s desire is to save having to pay Apple a commission on in-app purchases. The security of of IOS App Store prevents Epic from supporting external purchases. This is all about money and commissions. Should Apple be entitled to commissions on in-app purchases? I would argue they aren’t.
    asdasd
  • Reply 66 of 93
    elijahgelijahg Posts: 2,753member
    Beats said:

    thedba said:
    Beats said:
    I’m disappointed Apple didn’t roll out an App Store like iOS.

    People called me different names for suggesting the new M1 Mac software should be treated like iPhones App Store and said “PCs have always allowed software via web” as if moving forward was a bad idea.
    Actually they did, with the Mac App Store. Not very successful as many apps outside of Apple’s own, weren’t  there for various reasons, the main one being Apple’s 30% cut. 

    MacOS allows multiple app stores.

    I would love if Apple gave more incentive to support the Mac App Store exclusively so we can have one giant pot to choose safe apps from. Apple dropped the ball on having one safe App Store with the M1 launch which would have been a huge incentive. Now that developers are in Apple’s new process, it’s too late.
    You don't have to have Apple force that, you have what's known as a "choice". Turn on "App Store only" apps in security settings and only use the App Store. Let us know how you get on.
    kestral
  • Reply 67 of 93
    elijahgelijahg Posts: 2,753member
    aderutter said:
    I do think Apple should lock MacOS down to a single Apple provided Mac app-store, but they would likely need to reduce the commission to a much lower figure to appease the big developers and not hurt the platform. Then again, they could even maybe not take a commission at all just like they don’t charge for MacOS upgrades nowadays. 
    That would be the death of the Mac as a viable alternative to PCs for all manner of things. Pros wouldn't use it anymore. I would probably have to abandon it as well. If nothing else, I run plenty of things that I get from Homebrew, to run in the Mac's Unix environment (something that is currently impossible on iPads). And, those apps, and many more, have access to pretty low level aspects of the computer. And I need that stuff. Why? Because I use my Mac as a general purpose computer for a large number of things that one uses a general purpose computer for. Whenever I use my iPad, it is abundantly clear that it is a far more limited device. And that's fine. I just do a heck of a lot less with it. 
    Exactly this. A lot of people here can't comprehend how some people are more "pro" than they see themselves since they use 3 apps from from the App Store and opened Disk Utility once; which means no one else could possibly have any other requirements than them. Certainly not the command line.
    Apple could disallow non Mac App Store apps by default, and force you to go through some hoops to use apps not downloaded from there, which would be fine. Forcing Mac App Store as the only means of running stuff on the Mac would be platform suicide. 
    They do, you have to choose "App Store and identified developers" in the Security preference pane.
    kestralasdasd
  • Reply 68 of 93
    elijahgelijahg Posts: 2,753member
    My respect for Federighi lessened after reading this. There is always going to be malware on every platform, even ones with no App Store at all. iOS 1.0 had plenty of exploits which enabled third party apps (and malware) with no App Store to speak of. Locking it down only makes the people producing malware go through more hoops, and since the web browser is entirely uncurated content that's a huge vector. How long until Apple only allows access to curated web pages? Unfortunately there is no protecting some people from themselves. Some are stupid enough to follow any random tutorial or follow the demands of a random person asking them for their bank details on Facebook, calling them and asking them to pay some tax bill they've somehow missed or sitting on a car airbag and setting it off. The same people who read the "never send this 2FA code to anyone" and then send it to some random person from "your bank" on Facebook and claim they've been "hacked". You can't wrap everyone and everything in cotton wool, lest overheads of risk reduction become so burdensome no one would ever be allowed or able to do anything.
    kestralasdasd
  • Reply 69 of 93
    elijahgelijahg Posts: 2,753member
    chasm said:
    thedba said:
    Actually they did, with the Mac App Store. Not very successful as many apps outside of Apple’s own, weren’t  there for various reasons, the main one being Apple’s 30% cut. 
    Woah, let me stop you right there. You don't get to spew easily-disproven, nonsensical bullshit here and not get called out for it.

    While specific figures are not available for the Mac App Store, it is by far the most successful of any marketplace for Mac Apps, and offers a catalog of at least 1.5 million apps
    Let me stop you right there. You don't get to spew easily-disproven, nonsensical bullshit here and not get called out for it. Where did you get 1.5M? That's 84x more than the number reported by AppShopper, and sourced by AI. Complete bollocks. Also the ratio of junk to decent apps is similar to the iOS App Store, pretty high. Things like WiFi Signal Monitors and "Mac Speedup" apps for $5 that do exactly the same as free apps available away from the App Store. MS Office wasn't there until a couple of years ago. There are almost no open-source apps on the App Store, none of the full blown engineering and scientific apps are on it. Where is Matlab? Where is Pixar's Renderman? Where is KiCAD? Where is InkScape? Where is Blender? Autodesk removed their software from the MAS a while ago (even free apps), due to "issues". There are vast numbers of professional apps not on the MAS.

    So yeah, might wanna tone down your bullshit before incorrectly trying to call our others on theirs. Because telling someone to sit down and suck their thumb when apparently you don't know how to do either makes you look pretty stupid, and moreover talking to someone like that either way makes you look a complete dick.
    edited May 2021 kestralmuthuk_vanalingamasdasdthedba
  • Reply 70 of 93
    22july201322july2013 Posts: 3,564member
    tedz98 said:
    All of this talk about security misses the point that Epic’s desire is to save having to pay Apple a commission on in-app purchases. The security of of IOS App Store prevents Epic from supporting external purchases. This is all about money and commissions. Should Apple be entitled to commissions on in-app purchases? I would argue they aren’t.
    Ok, why do you argue Apple isn't entitled, and why do you single out only Apple? Yes, why do you single out only Apple?
    Fidonet127watto_cobra
  • Reply 71 of 93
    elijahgelijahg Posts: 2,753member
    michelb76 said:
    Well, it's no secret that MacOSX has tons of issues. It's not a priority and the attack surface is really small compared to iOS. Also fixing stuff doesn't make a new product release so that's why 6 year-old radars never get picked up.
    Exactly. If macOS security was genuinely such a huge concern at Apple they'd actually act upon the tipoffs they're given within say, a couple of months instead of ignoring security holes for years until their hand is forced by a public reveal of the issue.
  • Reply 72 of 93
    22july201322july2013 Posts: 3,564member
    elijahg said:
    There is always going to be malware on every platform, even ones with no App Store at all. iOS 1.0 had plenty of exploits which enabled third party apps (and malware) with no App Store to speak of. Locking it [any OS] down only makes the people producing malware go through more hoops, and since the web browser is entirely uncurated content that's a huge vector. 
    So your objection with anyone locking down an OS is because, as you say, it only makes malware producers go through more hoops? Are you trying to defend malware producers or people?
    elijahg said:
    How long until Apple only allows access to curated web pages? 
    That's actually a great question. I like it, and I want to use it. Would you object to Apple curating web pages? Do you object to Google currently curating web pages? I don't remember you objecting to Google doing this through its search engine. But yet you live in horrible fear that Apple might do it.
    elijahg said:
    Unfortunately there is no protecting some people from themselves. Some are stupid enough to follow any random tutorial or follow the demands of a random person asking them for their bank details on Facebook, calling them and asking them to pay some tax bill they've somehow missed or sitting on a car airbag and setting it off. The same people who read the "never send this 2FA code to anyone" and then send it to some random person from "your bank" on Facebook and claim they've been "hacked". You can't wrap everyone and everything in cotton wool, lest overheads of risk reduction become so burdensome no one would ever be allowed or able to do anything.
    So your logic is that you can't protect everyone so therefore you shouldn't try (and shouldn't be ALLOWED) to protect anyone. Sweet. We understand you.
    edited May 2021
  • Reply 73 of 93
    sflocalsflocal Posts: 6,092member
    I don't think he's "blasting" MacOS.  It's a sensationalist headline (as usual) meant to generate a response and emotion.

    It's a desktop OS meant to do a lot of things.  It's certainly not perfect.  I challenge anyone to provide a desktop OS that allows users to install whatever they want, yet provide 100% security.  Don't worry... I won't wait.

    iOS is a different beast.  I can totally understand with the mobile phone that security and privacy is even more important on a mobile device.  

    Headlines this this one just brings out all the iHaters looking to suck on something else when their lollipops are gone.
    watto_cobrakillroy
  • Reply 74 of 93
    thttht Posts: 5,421member
    tedz98 said:
    All of this talk about security misses the point that Epic’s desire is to save having to pay Apple a commission on in-app purchases. The security of of IOS App Store prevents Epic from supporting external purchases. This is all about money and commissions. Should Apple be entitled to commissions on in-app purchases? I would argue they aren’t.
    Frankly, the lawsuit has revealed zero reasons on why Epic is doing what it is doing. None of the publicly available statements and court documents provide any rational and sensible reasons for why Epic has chosen the course of action they have chosen. I prefer to think they are rational, for now, and maybe a rational reason will be presented eventually. It's all a guessing game as to why right now.

    I don't see any path forward by which Epic makes more money with Fortnite on Apple platforms. Even if they get everything they want out of the court case, I think they will make less revenue out of Fortnite on Apple platforms. It's just not going to work out if you've made an enemy out of the platform vendor.

    Epic knows this. They already tried pulling out of the Google Play Store, side loaded an Epic Games Store app, tried to get OEMs to install it by default, and they got nowhere. This included the awesome side effect of users having to be careful with downloading malware infested Epic Game Store installer apps. They had to return back to the Play Store. With Apple, they don't even have a chance of having an OEM default install it. There is no path by which Epic will make more money on Apple platforms with their current course of action.

    There's the idea that they are playing the long game where if they win the court case, they can use it to enable an Epic Games Store on Playstation, XBox and Switch, where about 85% of Fortnite money is made, and reap Epic platform fees of their own. They want to be Steam for any platform. But why and why Apple? It's a Rube Goldberg golden path to get there, and they are making enemies of all the platform vendors. That's insanity. They think they will get branded enough to sell their own consoles, like Steam tried? If they are going to do that, they don't need to have a EGS on competitor platforms, just go and do it.

    There really nothing of strategic value that I can see with their actions.
    watto_cobraDetnator
  • Reply 75 of 93
    mattinozmattinoz Posts: 2,299member
    There is a famous science fiction story called "The Humanoid Touch" by Jack Williamson in which millions of well meaning androids land on Earth and smother all humans with care. They make humans so safe that they are incapable of doing anything that involves even the smallest amount of risk. This is what Craig Federighi wants to do for Mac users. I have been using MacOS for decades now and have never had a serious problem with malware of any kind but in Craig's mind there is still a tiny chance I could download a bad app and so keeps adding layer after layer of security which serves mainly to break the apps I need to do my job. I am a software developer. There are exactly zero software development apps that run natively on iOS, you know, because they are too risky. There is a very simple way to make both MacOS and iOS 100% safe. Just get rid of all third party apps.
    Can you find a quote from Craig to suggest this is his thinking?
    Specially that Apple shouldn't be building platform for others to value add.

    I don't think he has. I recall Craig has said this himself at WWDC talk show maybe by certainly other times.  Apple's mission is to make life better or in other word to be a platform for all their customers to value add. 

    He seems, as other have already said, macOS isn't as secure, there are reasons it can be better and other reasons it will never catch up to iOS. 
    watto_cobra
  • Reply 76 of 93
    mattinozmattinoz Posts: 2,299member

    killroy said:
    thedba said:
    chasm said:
    thedba said:
    Actually they did, with the Mac App Store. Not very successful as many apps outside of Apple’s own, weren’t  there for various reasons, the main one being Apple’s 30% cut. 
    Woah, let me stop you right there. You don't get to spew easily-disproven, nonsensical bullshit here and not get called out for it.

    While specific figures are not available for the Mac App Store, it is by far the most successful of any marketplace for Mac Apps, and offers a catalog of at least 1.5 million apps (and that's a stat from more than two years ago) -- the largest single repository of apps for the Mac platform by far. Nearly every major developer writing apps for the Mac has a presence on the Mac App Store, and consumers generally prefer to download from the Mac App Store because of the incredibly low risk of malware concerns, that the app has been tested by Apple, and the store's easy refund policy if you change your mind.

    Developers can offer their wares at prices that include Apple's cut on the App Store, or they can offer it independently (which is generally MORE expensive/time-consuming than 30 percent of the purchase price unless you are a large and very successful developer), or they can remember back to when software was sold in boxes in stores and both the store AND the distributors took substantial cuts that would usually total in excess of 50-70 percent. Developers can offer a product in the MAS and also encourage users to buy it in other ways (SetApp, directly, etc), but most users enjoy the convenience of the Mac App Store.. Building and maintaining a secure website that operates in every market worldwide, provides world-class analytics, with iron-clad payment security and an easy refund policy is not cheap or easy, me bucko -- try it sometime!

    Your comment shows off your ignorance. Until you can provide some evidence to support your BS, maybe sit down and suck your thumb.


    Who pee'd in your Corn Flakes?

    You want examples of apps not present in the Mac App store?
    1) Citrix Receiver: Even though "Citrix SSO" is there it simply doesn't work. So I had to download "Citrix receiver" outside the Mac App store.

    2) UltraEdit/UltraCompare suite: I have projects using this suite on both Windows and Mac. Gotta get it from outside.

    3) FortiClient VPN:  Not there. I have two clients whom I connect to using this particular VPN.

    4) SQL Developer for Oracle: Nope not there either.

    5) Cisco AnyConnect VPN:  A client is set up with this and he had to send me the dmg file through his Cisco account.

    That's just five examples. There are others.  


    Add all Broadcast production apps and raid drivers to that.
    I assume everyone who value adds on the platform will have 5-6 without a lot of overlap one professional group to the next. 
  • Reply 77 of 93
    mattinoz said:
    There is a famous science fiction story called "The Humanoid Touch" by Jack Williamson in which millions of well meaning androids land on Earth and smother all humans with care. They make humans so safe that they are incapable of doing anything that involves even the smallest amount of risk. This is what Craig Federighi wants to do for Mac users. I have been using MacOS for decades now and have never had a serious problem with malware of any kind but in Craig's mind there is still a tiny chance I could download a bad app and so keeps adding layer after layer of security which serves mainly to break the apps I need to do my job. I am a software developer. There are exactly zero software development apps that run natively on iOS, you know, because they are too risky. There is a very simple way to make both MacOS and iOS 100% safe. Just get rid of all third party apps.
    Can you find a quote from Craig to suggest this is his thinking?
    Specially that Apple shouldn't be building platform for others to value add.

    I don't think he has. I recall Craig has said this himself at WWDC talk show maybe by certainly other times.  Apple's mission is to make life better or in other word to be a platform for all their customers to value add. 

    He seems, as other have already said, macOS isn't as secure, there are reasons it can be better and other reasons it will never catch up to iOS. 
    I am simply observing Apple's actions under Craig's leadership. Over time it has become more restrictive and harder to get basic work done. Meanwhile iOS is flat out impossible to use for many jobs due to Apple's restrictions. Users do need security but they also need to have control over it and make some of the decisions if they need to.
    muthuk_vanalingamelijahg
  • Reply 78 of 93
    asdasdasdasd Posts: 5,686member
    tedz98 said:
    All of this talk about security misses the point that Epic’s desire is to save having to pay Apple a commission on in-app purchases. The security of of IOS App Store prevents Epic from supporting external purchases. This is all about money and commissions. Should Apple be entitled to commissions on in-app purchases? I would argue they aren’t.
    Ok, why do you argue Apple isn't entitled, and why do you single out only Apple? Yes, why do you single out only Apple?
    elijahg said:
    There is always going to be malware on every platform, even ones with no App Store at all. iOS 1.0 had plenty of exploits which enabled third party apps (and malware) with no App Store to speak of. Locking it [any OS] down only makes the people producing malware go through more hoops, and since the web browser is entirely uncurated content that's a huge vector. 
    So your objection with anyone locking down an OS is because, as you say, it only makes malware producers go through more hoops? Are you trying to defend malware producers or people?
    elijahg said:
    How long until Apple only allows access to curated web pages? 
    That's actually a great question. I like it, and I want to use it. Would you object to Apple curating web pages? Do you object to Google currently curating web pages? I don't remember you objecting to Google doing this through its search engine. But yet you live in horrible fear that Apple might do it.
    elijahg said:
    Unfortunately there is no protecting some people from themselves. Some are stupid enough to follow any random tutorial or follow the demands of a random person asking them for their bank details on Facebook, calling them and asking them to pay some tax bill they've somehow missed or sitting on a car airbag and setting it off. The same people who read the "never send this 2FA code to anyone" and then send it to some random person from "your bank" on Facebook and claim they've been "hacked". You can't wrap everyone and everything in cotton wool, lest overheads of risk reduction become so burdensome no one would ever be allowed or able to do anything.
    So your logic is that you can't protect everyone so therefore you shouldn't try (and shouldn't be ALLOWED) to protect anyone. Sweet. We understand you.
    This is replete with logical fallacies. 

    1) tedz98 is talking about Apple because this is an Apple forum.
    2) Asking him about Google IAP is whataboutary and a personal attack. He probably does believe that Google shouldn't have IAP but it isn't relevant. If he is here he is probably an Apple customer. 
    3) Talking about Google curating pages is more whataboutary. And a false dilemma. And a personal attack on elijahg  when you "didn't remember him objecting to google".  People can oppose both but nobody is obliged to mention other companies on this forum. And it's not the same either, Apple would have to stop you from clicking on the site, not just reducing its frequency in a list. That curation is more visible. 
    4) The "so your logic" reminds me of a BBC interview I once watched on the subject of lobsters. You are arguing a straw man. 


    edited May 2021 muthuk_vanalingamcrowleyelijahg
  • Reply 79 of 93
    asdasdasdasd Posts: 5,686member
    honestly, as someone who has been here since 2003 when it was Mac centric I am amazed at what is going on here. I am primarily a Mac fan, the iPhone is good but I don't love it like the Mac. Yet here we are with Apple "fans" supporting ideas that would kill the Mac Pro line which is a significant revenue stream for Apple by only allowing Mac App Store apps.

    If Apple were tomorrow to just allow downloads from the Mac App, which means crippling downloads in general ( I have no idea why people are talking about other app stores, they are not relevant, off Mac App Store apps are mostly downloaded from websites), it would also mean some kind of curation of the filesystem to stop side loading of DMGS, or PKGs, or apps in general which might bypass the checks. And you couldn't allow building from code in the terminal.app either, as that would clearly bypass the Mac store only rule. So that would go. Forcing sandboxed apps would cripple a lot of security, networking, photography, and other pro apps. 

    In short the professional market would disappear over night. It would save money I suppose on chip design, and the non pro Mac market of grandmas would be ok with it ( or would they if they found an interesting app online to download which then didn't load?).

    Web apps would dominate over native running apps as well, unless you wanted to ban those.  All of this would collapse what is left of the macOS developer market. And Pros would migrate to another operating system. 


    edited May 2021 muthuk_vanalingamelijahgkillroy
  • Reply 80 of 93
    MplsP said:
    Beats said:
    sflocal said:
    Beats said:
    I’m disappointed Apple didn’t roll out an App Store like iOS.

    People called me different names for suggesting the new M1 Mac software should be treated like iPhones App Store and said “PCs have always allowed software via web” as if moving forward was a bad idea.
    I believe if MacOS had an App Store similar to iOS and only software from that App Store can be installed, it would have meant the death of MacOS for sure.  

    I hate Android, I love iOS.  MacOS has to balance that line between user safety, and flexibility.  There are tons of apps that aren't on the Mac App Store, and it will always be that way.  I the user accept responsibility for downloading/installing software that could infect it.  When I need to install software, I look first at the Mac App Store, but most of the time it's from the developer's website.

    iOS is completely a different animal.  It's a toaster.  Treat it as such.

    It’s called moving forward. Just like how developers are migrating to M1.

    The irony is that the judge is questioning why they allow multiple app stores on Mac. Had Mac had one iOS-like App Store the argument wouldn’t have arose.
    Part of the problem is you can’t go back. Apple rolled out the Mac App Store after the iOS store but MacOs was obviously long established and they didn’t want it risk alienating developers (and users) by locking the system down and restricting Apps to the official App Store only. In contrast, iOS has always been a walled garden so it’s easier to maintain it that way. I hope Epic doesn’t ruin that. 
    Ruin that plus even if we choose to only use Apple’s store what’s to then stop someone else grabbing our iPhone like at a border and installing a back door into our devices. If they had to do it I hope Apple is smart and comes out with two versions of iOS, one that a user can add other stores, one where it can’t be added. It should be a choice for the user if they want to stay within the walls. 
    elijahgwatto_cobrakillroy
Sign In or Register to comment.