Tim Cook has kept a firm stance against permitting “sideloading” on iOS devices. That’s the idea that a consumer could download and install an app onto an iPhone or iPad from somewhere other than Apple’s own App Store, either directly from a website or via a third-party app store.
Sideloading is among the contentious issues at the heart of the recent trial pitting Apple against Fortnite-producer Epic Games. Forcing Apple to relax its restrictions against sideloading is what the European Union wants the company to do as part of the proposed Digital Markets Act. In the U.S., a group of bipartisan lawmakers have put Apple, as well as Amazon, Facebook and Google, in the crosshairs of a sweeping set of antitrust bills, which in Apple's case could have major repercussions for its App Store.
In a recent interview with the French digital media company Brut, CEO Cook said that sideloading would “destroy the security of the iPhone and a lot of the privacy initiatives that we’ve built into the App Store (including) privacy nutrition labels and app tracking transparency.”
On Wednesday, Apple published a paper that illustrates what the company outlines as the potential threat sideloading poses and explains the steps Apple takes in the App Store to protect consumers. Among other measures, Apple scans apps for malware and checks that apps don’t necessarily request access to sensitive user data.
So what are some of the dangers as Apple sees them?
*Protecting kids: Sideloaded apps could bypass parental controls, Screen Time, and the “Ask to Buy” feature that requires Junior to do just that, before mom or dad give their kid the OK to download or purchase an app.
*Ransomware: A user can be fooled into downloading a fake copy of an app that lets a malicious actor threaten to delete or encrypt all the photos or other data on the phone, unless the victim agrees to pay a ransom.
*Piracy: It may be hard to tell where an app comes from. Pirated apps could mean payments go to a scammer, and not the the developer who built the app.
*Violating privacy: A user could be tracked without the person’s knowledge and have no recourse for addressing abuses.
Apple claims such issues are rampant in the Android ecosystem. The paper cites a Nokia study which found that devices that run on Android had 15 times more infections from malicious software than iPhone, with a key reason being that Android apps “can be downloaded from just about anywhere.”
In the report, Apple says it reviews 100,000 new apps and updates weekly, part of the App Review process developers must adhere to before their app makes it into the store. In 2020, Apple rejected or removed 150,000 apps for spam or copycat violations, or for misleading users. More than 215,000 apps were thrown out for violating user privacy. And about 95,000 apps were removed for “bait and switch” and other fraudulent activities.
Apple also says it expelled 470,000 teams from its developer program due to fraud.
It remains to be seen if this latest report on sideloading will sway U.S. or European regulators, much less satisfy developers who aren't cool with the restrictions Apple places on them or who believe Apple's motivation has more to do with profit than privacy.
Apple's answer, of course, is that such restrictions protect the end user and has nothing to do with making money.
Whose side are you on? Should Apple be forced to allow sideloading? Or has Apple satisfied you that it doing the right thing in the name of privacy and security?
Photo courtesy of Apple.