Side-loading is a gold rush for cybercriminals, says Craig Federighi

2»

Comments

  • Reply 21 of 31
    I would prefer to not force apple to allow sidelining.  It opens up a lot of security issues.  I had an android before switching to iPhone and there were all kinds of malware programs I had to dodge when searching outside the google app store for apps. Wouldn’t this also make it a lot easier for someone to side load malware onto your phone.  I’d be a lot less comfortable letting someone use my phone to make a call or send a quick text, hell even to take a quick family picture.  Can you imagine how much worse this would make things for Chinese dissidents? It would make it easier for bad actors.  As others have said, if you want a phone that allows side loading if apps, go to android.  There are more android phones than iPhones. There is no monopoly.  There are people who want to have their trucks jacked way up, and have giant tires on them.  That does t mean ford or GM should be made to sell them that way, or make it easy.  The higher you lift a truck the more likely it is to flip = less safe.  Allowing side loading is also less safe.  If you want side loading, jailbreak your iPhone.  Yes, that will void some of your iPhone warranty, same as exceeding certain specs with car mods will void warranties.  
    roundaboutnowbaconstangwatto_cobra
  • Reply 22 of 31
    ctt_zh said:
    gatorguy said:

    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    Completely wrong, or course. But how can we expect a google guy to understand the value proposition of the platform when he doesn’t even have an iPhone? Having absolute trust in the walled garden and security of apps within the App Store is the entire reason for its success with non-techies. That isn’t profit-based, it’s value-based. You general-IT-dude types still fail to grok Apple, forty years later and counting. It shows.
    No, Gatorguy is completely right. It is a profit-based decision. I imagine you also believe that Apple stopped including the charger with iPhones for the good of the planet... 
    gator guy is *never* right.
    watto_cobra
  • Reply 23 of 31
    gatorguygatorguy Posts: 23,321member
    Wgkrueger said:
    ctt_zh said:
    gatorguy said:

    Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 
    Completely wrong, or course. But how can we expect a google guy to understand the value proposition of the platform when he doesn’t even have an iPhone? Having absolute trust in the walled garden and security of apps within the App Store is the entire reason for its success with non-techies. That isn’t profit-based, it’s value-based. You general-IT-dude types still fail to grok Apple, forty years later and counting. It shows.
    No, Gatorguy is completely right. It is a profit-based decision. I imagine you also believe that Apple stopped including the charger with iPhones for the good of the planet... 
    gator guy is *never* right.
    You're right. ;)
    elijahg
  • Reply 24 of 31
    netroxnetrox Posts: 1,114member
    So add side loading, disable by default, give customers the choice.  
    VOILA.  
    That's not how it works.

    When Facebook and Netflix decide not to do on App Store, what choice do you have? They will force you to pay on the side, not in App Store to get around the 30% fee. 

    I am tired of people thinking that they should have a free choice when it's deigned to protect you from criminals. 


    watto_cobra
  • Reply 25 of 31
    danvmdanvm Posts: 1,206member
    netrox said:
    So add side loading, disable by default, give customers the choice.  
    VOILA.  
    That's not how it works.

    When Facebook and Netflix decide not to do on App Store, what choice do you have? They will force you to pay on the side, not in App Store to get around the 30% fee. 

    I am tired of people thinking that they should have a free choice when it's deigned to protect you from criminals. 


    From what I know, Facebook and Netflix are available in the Play Store even though Android allow sideloading of apps.  Why would it be different with the iOS App Store?  
    gatorguydarkvaderelijahgcrowleymuthuk_vanalingam
  • Reply 26 of 31
    As I've said many times, it's MY iPhone, not Apple's iPhone.  I should have a right to install software on MY iPhone from any source of MY choosing, as should you on YOUR iPhone.  You're absolutely free to never install an app from anywhere but the official Apple app store.  You and YOUR iPhone would not be impacted at all by my choice to install software from another source that I trust on MY iPhone.

    If Apple won't allow it on their own as they absolutely should, then the courts should force them to. 

    elijahgmuthuk_vanalingam
  • Reply 27 of 31
    darkvader said:
    As I've said many times, it's MY iPhone, not Apple's iPhone.  I should have a right to install software on MY iPhone from any source of MY choosing, as should you on YOUR iPhone.  You're absolutely free to never install an app from anywhere but the official Apple app store.  You and YOUR iPhone would not be impacted at all by my choice to install software from another source that I trust on MY iPhone.

    If Apple won't allow it on their own as they absolutely should, then the courts should force them to. 

    As you’ve been told before, and I’m guessing will once again ignore, you are free to install any OS you want to on your phone. I remember something from years ago where somebody had Android running on an iPhone. It’s your phone, do what you want. iOS isn’t yours, it’s Apple’s. 

    I agree with you, though, that if you install some janky malware from a third-party App Store or via side loading it likely won’t have any effect on me and my phone. 
    gatorguywatto_cobra
  • Reply 28 of 31
    Part of the reason I give iPhones to my grandmas and aunts is because of exactly this. 
    No matter what they download, they will not destroy their phone.

    I choose security with my eyes closed. 
    If you want a platform where you can do whatever, it already exists, it's called Android, just go away.
    You can put a setting “use just Apple Store”. Does not look so complicated, isn’t it?
    muthuk_vanalingamelijahg
  • Reply 29 of 31
    "Because in the name of giving users more choice," Federighi said. "That one provision would take away consumers' choice of a more secure platform.".... uhhhh... no it doesn't. A statement that is non-factual nonsense and an insult to whoever hes trying to convince that has half a brain. Akin to the statement, "because in the name of providing the choice of turning right, giving that choice removes the choice of going left!". so i guess giving consumers choice is, in fact, a trick!? To actually remove consumers choices?? What a twist of fate! Youve taught me oh so so much Mr. federguy, repeat it some more, we can will it to be true, I can flyyyyyy! LOL
    elijahgmuthuk_vanalingam
  • Reply 30 of 31
    gatorguy said:
    An app from Apple's AppStore will be just as secure and malware-free as it is now whether 3rd party stores/sideloading is permitted or not. It changes nothing for an iPhone owner who uses only the first-party store. 

    No one is saying Apple needs to make it as easy to sideload as not. FWIW Google makes it fairly difficult to do so now, so even if it can be done they definitely strongly discourage it with change settings in an obscure place most people would never see. Allowing a user choice of what applications to load on their own personal $1000 expenditure puts the onus where it belongs. The only legitimate reason not to is purely profit-based and not because they're "saving us from ourselves". 

    We buy homes and add furniture we choose from whatever source we wish, no payment to the architect or the builder. We buy cars and change out the audio, headlights, et.al sourced from wherever we wish, no permission required from the auto manufacturer or fee to be paid.  We buy computers and laptops and add programs from any developer we wish, no stipend needs to be paid to the computer vendor or manufacturer. But we buy a smartphone and can only add applications that the provider further profits from and/or offers themselves?

    EDIT: As I said, it's not a simple thing to sideload on Android now. It requires more than a bit of familiarity with the system structure and so not something Cesar's grandmas and aunts would accidentally do.

    Pull down from the top and tap Settings. Then nestled among a dozen or so main collections from Security (which is where I would have expected it to be) to Privacy to System, go to Apps. where you're presented with all your recently opened ones and an option to see all of them. Nothing there indicates anything about outside sources or 3rd party stores or anything else. Where they've hidden it is in yet another sub-menu; Special App Access. Even there you won't find it on the first page of options.

    Down near the bottom if you scroll far enough will be "Install unknown apps", a disconcerting title.  Now tapping that makes it even more difficult because you then are offered several different categories of personal devices, products, files and browsers where you will choose to allow it, but which one?? By default they are all disallowed.  Yup, daunting for someone with little knowldege.

    Apple can do the same, make it pretty darn hard, in fact near impossible, for mom, pop and that great aunt to accidentally load an app that comes from an unsafe place. Only the knowledgeable will be able to do so.

    How did such an ignorant post get so many likes? New group of trolls sign up?

    Your first point is a lie. I’ll repeat the previous example I used. I download an App from The App Store. My friend downloads it from a 3rd party store. My App has restrictions applied by Apple but the 3rd party App has no such restrictions. Anything I share with my App that goes to my friend now gets shared with an outside party because THEIR App doesn’t get vetted. Suddenly my personal information is shared WITHOUT my consent, not by my version of the App but by an App on the other end. The idea staying away from side-loading protects you is asinine.

    How do you reconcile this stance with your constant promotion of Google Messages being E2EE and therefore safe? It’s not safe if the other end isn’t. Seems you’ve really backed yourself into a corner here.

    Your second point shows your ignorance of what’s being requested. Epic is suing Google because they claim the warnings you see before side-loading are anti-competitive. They claim these warnings are designed to scare users away from side-loading. What the companies/groups/Senators want is frictionless side-loading. They will accept nothing less. Therefore there will be no warnings. They want 3rd party stores to be as simple as The App Store. One-click installs and no constant nagging/warnings. This is where the danger lies as it will be easy to trick users into allowing and installing 3rd party Apps. The only warning Apple/Google will get away with is most likely a single, one-time notification to enable side-loading. After that it’s the Wild West.



    ok, your first point about his first point. what i have to say is.. its your choice to share
    and the second one, if they are successfull in making it mainstream to side-load 3rd party apps and stores the result of that will be more legitimate developers and companies that are trustworthy and respectable being drawn in to that sphere, making it safer to sideload 3rd party apps. right now with the way things are IS thE CAUSe of the general lack of verified legitimate apps you can feel safe with to hold you at night and comb your hair.
    elijahg
  • Reply 31 of 31
    seriously, how does anybody even know that apples OS isn't, itself, the malware? do you know what they do with your data? trusting them enough to download apps that they provide would be exactly the same as trusting some other app provider that comes in if 3rd party apps for apple products becomes a market that developers see any opportunity in. In fact, any other company is more likely to be MORE transparent and verifiable while at the same time un-limiting locked up functionalities that apples holding back (many of them not difficult and common anywhere else) in the attempt to make buyers of their products get so frustrated with the stupid gotchas that when apple releases the next ipood the basic feature feels like a gift handed down by the apphole gods and they all go upgrade
Sign In or Register to comment.