Apple is continuing its campaign to explain why sideloading on Apple’s devices is a bad idea.
Apple Software Vice President Craig Federighi appeared at Web Summit 2021 to passionately defend his company’s approach to platform security on iPhones. He was speaking against a clause in the EU’s Digital Markets Act that would force the company to support app sideloading on iPhones.
There are four primary reasons people want Apple to do this:
- For commercial reasons, such as to sell products created using Apple’s APIs to people on Apple’s platforms without paying for the chance to do so.
- For consumer choice, so it becomes possible to install and use apps that are not made available on the App Store.
- For devious reasons, such as avoiding the App Store app review process to continue tracking users without consent or for other forms of surveillance.
- For criminal purpose, such as creating fake app stores to spread malware, ransomware, and more.
It’s perfectly acceptable to try to seek commercial advantage, and we’ve seen before how the “open beats closed” mantra is often used to undermine consumer interest. Google used it when it went up against Apple with Android, though years later Android has become a great deal more closed.
Show your face
However, I think much of the energy behind the current campaign comes from a loosely coalesced set of interests working to undermine Apple’s privacy and security for their own benefit. The group has allies, too, equally committed to making their fortunes in the so-called “metaverse,” which many see as a virtual world we can still enjoy once climate change renders the real world too toxic.
As I see it, when a company that can afford to hire a voter-rejected former UK deputy prime minister as its lobbyist complains about something, it is probably going to reflect its own self-interest. In this case, it wants to undermine Apple’s privacy protections to protect its business and wants to create a bulwark against the incoming war over augmented and virtual reality.
Protecting Meta’s business model is the root of the company’s motivation. That’s why it accuses Apple of the same thing. And a recent move to create its own internal marketplace that contravenes Apple’s own App Store guidelines shows how far it will go.
An even bigger business model
But there are others with a commercial interest in undermining Apple’s platform security: criminals who want to break into your digital lives.
The problem is that they are good at what they do. They are smart, sophisticated, and quite capable of setting the scene to get innocent users to make mistakes. Who hasn’t clicked a bad link in an email at least once?
They also don’t work in isolation. Online crime is a richly financed industry, it isn’t just lone geeks in basements. It’s banks of computers in legitimate-seeming office spaces paid for by state and non-state sponsored groups. Cybercrime is expected to cost the world $10.5 trillion per year by 2025. A single successful ransomware attack has an estimated cost of around $9 million to a US company if it succeeds, according to IBM.
With this kind of money at stake, it’s trivial for criminals to create bogus apps and app stores in an attempt to inject malware into devices. A little social engineering and some targeted phishing scams and they may be able to create stores that target locations, individuals, businesses, or government agencies.
“Even if you have no intention of sideloading, people are routinely coerced or tricked into doing it,” Federighi points out. The impact of such attacks is vast in terms of revenue, business continuity and reputation.
Humans are vulnerable
In all these cases, the challenge is that humans are vulnerable. In all my years writing security advice for users, I’ve encountered this. Many argue that they don’t need to worry about security when using a Mac (they do); others will make a case that they can download what they like, and no one else will be affected. That’s not true either — you can be used as a conduit to infect others.
Think about those annoying messages we all receive from friends in the event their online address book is hacked. I think we have all seen a few. Or consider those vast troves of data regularly stolen from companies, including a shock leak of data concerning half a million people in the UK this week.
All that information can be weaponized.
Now, imagine if that weapon relied on mining these data stats to detect particular groups of people, and then creating attractive sounding software products that can be distributed to those folks via your own malware-infested app store.
A person who downloads malware can end up leaking all the information they hold about you. On a corporate level, this is much worse. As an attack at Target showed, security vulnerability in a relatively low-level system can be used as a route into your overall enterprise technology stack.
Federighi put it this way: “The fact is one compromised device, including a mobile phone, can pose a threat to an entire network. Malware from sideloaded apps can jeopardize government systems, infect enterprise networks, public utilities….”
But what about…?
There are two arguments routinely rolled out to undermine Apple’s position: That few people sideload on Android, which allows it. And that Macs do permit users to install apps from other sources.
I have found no proof of the first claim. I have found some reports that point out that sideloading of apps is more popular in the APAC region than in the US. I have also seen a report (from Google) to suggest that sideloading apps does indeed create risk. But I’ve found no evidence one way that shows few people sideload on Android. So, it probably isn’t appropriate to argue that this is the case.
And when it comes to the second claim, even Apple admits Mac security isn’t as solid as it would like, despite it being the most secure PC platform around.
Ultimately, a move to force sideloading on Apple devices will not deliver any significant benefit to most users, but may have costs and consequences across most businesses and individuals that far outweigh the dubious benefits.
Consumers already have a choice they can take if sideloading matters to them. The argument that this is about choice ironically denies choice by removing the option of a secured system.