[HN Gopher] iOS 17 will reportedly set the stage for sideloading...
___________________________________________________________________
iOS 17 will reportedly set the stage for sideloading apps on iPhone
Author : mikece
Score : 329 points
Date : 2023-04-17 11:40 UTC (11 hours ago)
(HTM) web link (techcrunch.com)
(TXT) w3m dump (techcrunch.com)
| stale2002 wrote:
| Man, I remember arguing with so many people, who were on complete
| copium, regarding this decision.
|
| It should have been obvious, for anyone who has following this
| whole saga, that eventually Apple was going to be forced to open
| up.
|
| Sure, maybe it was the Epic lawsuit that did it, but there were a
| dozen different vulerabilities, and pathways to them being forced
| to open up. If it wasn't that lawsuit, then it was going to be a
| new law, if not in america, then instead in the EU.
| thescriptkiddie wrote:
| Apple is considering possibly removing one of the most anti-
| consumer features of its phones and there are people in the
| comments arguing against it. Not looking good for the future of
| society.
| EMIRELADERO wrote:
| The big question is: will there be some kind of "program" the
| user and/or developer needs to get into to be able to
| sideload/distribute independent apps?
|
| The ideal status quo would be one where developers can make
| native apps, and users download and run them, without entering
| into a contractual relationship with Apple _period_. (Beyond the
| iOS EULA, which stands on legally shaky ground)
| kroltan wrote:
| Speaking of which, if you don't like that kind of thing, never
| use a Xiaomi phone. It requires registering for a Xiaomi
| account to "unlock" the bootloader and install alternative
| operating systems (such as one without most of the spyware -
| why does the _calculator app_ or the _pdf viewer_ need a
| privacy policy?)
|
| This account registration is baked into the phone while the
| bootloader is unlocked, and you have to factory-reset the phone
| and lock it back up to be able to dissociate the account from
| the phone.
| mschuster91 wrote:
| That's a side effect of anti-theft measures.
|
| Samsung is the same, you can't unlock them any more without
| signing in into both Samsung and Google accounts which allows
| the two companies to detect if the device was registered as
| stolen. And for what it's worth, Samsung is the worst of the
| bunch anyway as rooting it _permanently_ bricks the TEE via
| an e-fuse.
| kroltan wrote:
| I guess having an account enables that deterrance, but I
| don't see how it is related to unlocking the bootloader if
| there was not an account bound beforehand.
|
| If signing into an account can be preserved despite the
| "unlocked" bootloader, there has to be some sort of
| hypervisor/"secure chip" type deal denying access to the
| part of the device the account info is stored, no?
| Otherwise one could erase the account info and pass the
| device as untainted anyways.
|
| So, if that information is secured against alternative
| operating systems, then there is no harm in allowing them
| by default or upon local user authorization.
|
| In other words, if it was strictly for theft deterrence
| then surely you would need an account to be able to factory
| reset the device at all, even with the bootloader locked?
| mschuster91 wrote:
| > If signing into an account can be preserved despite the
| "unlocked" bootloader, there has to be some sort of
| hypervisor/"secure chip" type deal denying access to the
| part of the device the account info is stored, no?
| Otherwise one could erase the account info and pass the
| device as untainted anyways.
|
| All Android devices have some sort of TEE these days,
| otherwise they wouldn't get Netflix and a bunch of other
| apps people will demand to work.
| alden5 wrote:
| Im fairly certain it will be just like macos, sure you can make
| apps people can download, but if you don't want your users to
| face scary popups when starting up your app for the first time
| you gotta cough up $99/year for a developer subscription
| voisin wrote:
| > The ideal status quo
|
| I disagree. Allow side loading of apps that still meet a
| threshold for safety, privacy, etc (determined through a
| program like you refer to), but eliminate the App Store cut of
| sales.
| blokey wrote:
| Who does the checking and verification that the apps are
| compliant with the "threshold for safety, privacy, etc"?
|
| Apple do this now, using the Apps that pay the 30% on digital
| purchases to fund everyone. If they no longer make a fee from
| those to cover every app (including all the free ones), who
| pays to validate the apps?
| candiodari wrote:
| And what about the plenty of policies Apple has that I
| don't agree with and they've declared not their problem?
|
| * their developer policies (as in my own apps, think
| business apps, playing around, ... and no the little play
| education app is not enough)
|
| * file synchronization apps (syncing books,
| development/source code, apps, photos and music on my
| webserver, ios, android, and laptops through syncthing)
|
| * emulation (in both directions). Both emulating other
| systems on the iPhone _and_ emulating the iPhone /ios
| elsewhere (strange how they have always allowed and even
| facilitated this for macos, but on either iphone or ipad
| ...)
|
| * their policy about 30% cut on anything sold through apps.
| Sorry, but that's just going too far
|
| * their charging policies (meaning what their devices allow
| for charging and how fast. And frankly 90% of the problem I
| have with their policy on charging is how complicated it
| is. If they merely instituted a rule "if it's apple
| equipment, it just works as fast as possible", that'd
| already be a big improvement)
|
| At this point I'm very inclined to say, not getting the 30%
| cut and still having to check ... is Apple's problem, not
| mine. How about we treat it the way apple treats their
| customers' problems? At this point I don't care about
| whatever problems being reasonable presents for Apple.
| scarface74 wrote:
| Points 1 and 2 don't really make sense (ie doesn't really
| make a point at all). What exactly are you saying?
|
| > their policy about 30% cut on anything sold through
| apps. Sorry, but that's just going too far
|
| Only things digital items. 80% of all App Store revenue
| comes from in app purchases of loot boxes and pay to win
| games (according to the Epic trial).
|
| > their charging policies (meaning what their devices
| allow for charging and how fast
|
| What does this even mean.
| EMIRELADERO wrote:
| What I got from the comment was that the overall
| intention and push behind sideloading, both by the
| community and what the EU mandates, is to not be bound by
| Apple's policies for appmaking, not just to use your own
| distribution infrastructure.
| musictubes wrote:
| As far as I can tell the main use case for side loading
| that people are making inevitably boils down to piracy.
| Emulators, torrents, cracked software. 95% of the talk
| about "freedom" on Android revolves around Vanced and
| other kinds of piracy.
|
| I'm glad to see people talking about alternative browsers
| for PWAs (yuck) and open source projects but I am
| thoroughly cynical about the motivations of the vast
| majority of people advocating for side loading on iOS. I
| worry that this ability to pirate like you can on Android
| will result in degradation in app quality in the App
| Store.
| scarface74 wrote:
| > I worry that this ability to pirate like you can on
| Android will result in degradation in app quality in the
| App Store.
|
| Is it possible for quality on the App Store to get any
| lower?
|
| 80% of App Store revenue comes from Pay to Win games
| (according to the Epic trial). Most of the other apps
| monetize through subscriptions for things like streaming
| services or don't charge money at all.
| isthiseasymode wrote:
| I predict that this will probably be irrelevant to the majority
| of users.
|
| There's no way apple makes side loading easy enough for anyone
| outside of HN to use.
| cloogshicer wrote:
| If the DMA (Digital Markets Act) has any teeth, they'll have
| to.
| realusername wrote:
| That's going to end up the same way as Android if I have to
| guess yeah, as complicated as it gets for a normal user to
| activate so that nobody uses this outside of tech workers.
|
| Then they can just say that it's technically "there" for the
| courts.
| isthiseasymode wrote:
| Hot take: that's how it should be. After fixing laptops for
| less technical people, I don't think the average person can
| be trusted to protect themselves against malware.
| tristor wrote:
| I have mixed feelings about this. I'm exactly the type of person
| who used to jailbreak my iPhone to run Cydia, and I used to build
| my own custom Android ROMs and spend hours on XDA-Developers
| before that. Now though, I appreciate how locked down iPhones
| are, and I keep it as locked down via Apple Configurator as
| possible, because the mobile web and mobile application space are
| fraught with peril. The vast majority of mobile apps are net-
| negative experiences unless it's a companion app to an in-person
| service (e.g. restaurant/airline/hotel/bank), and even those are
| often risky. If you look at the Android ecosystem, the Google
| Play Store is basically a ghetto where the lowest common
| denominator criminal gangs operate malware at scale with
| impunity, and Apple has been a haven away from this.
|
| I went through a lot of effort to switch my elderly parents into
| the Apple ecosystem, and since doing so I have been able to have
| a lot less support required and to sleep easy at night. With
| sideloading coming, I am not longer certain that their devices
| are safe and they won't be tricked into putting malware on the
| device.
| [deleted]
| trallnag wrote:
| Do you wrap yourself with tinfoil at night to prevent your
| neighbors Android from scanning your thoughts?
| tristor wrote:
| > Do you wrap yourself with tinfoil at night to prevent your
| neighbors Android from scanning your thoughts?
|
| Do you think this sort of question is in line with HN
| guidelines? Nothing I said is driven by paranoia, it's driven
| by the reality we find ourselves in. As mentioned in my
| comment I've developed custom Android ROMs, my wife actually
| is an Android user (yes I'm in a house divided), but myself
| and my wife are also much more technology savvy than my
| elderly parents. If you cannot understand how those
| situations differ in our current reality, there's not much I
| can do for you.
|
| When it comes to non-technical users that don't have good
| opsec practices, Android is a ghetto that basically
| guarantees your mobile devices are running malware, and the
| Apple ecosystem is nearly the opposite. Arguably the App
| Store is fraught with danger, but it's many orders of
| magnitude better about the impact of apps on user security
| and privacy than the Google Play Store. You may feel strongly
| in your support of Android and its ecosystem for other
| reasons, but it's pretty indisputable that it is less secure
| and less privacy-respecting, especially in relation to third-
| party applications.
| rickdeckard wrote:
| So many "Not good. I want [company I trust] to be free to
| regulate [company I don't trust]" comments here.
|
| Even more odd, its sometimes followed by the even stranger
| argument "If [company I trust] is legally forced to stop
| restricting its competitors and has to allow me to choose, I may
| be lured into choosing [company I don't trust]".
|
| Sorry, but all this is closer to religion than common sense.
| r053bud wrote:
| It's Apple Stockholm syndrome at it's finest. But you are apt
| in your religion comparison. Anything the good lord Jobs, or
| his prophet Cook says or does is law
| jutrewag wrote:
| If this is Stockholm syndrome then it's better than any
| experience I've had in a non-hostage situation.
| TexanFeller wrote:
| I'm dreading this. I want privacy hostile companies like Facebook
| to have to comply with the app store rules and respect system
| settings relating to privacy. As a user, I'm thrilled when Apple
| wields its big stick to stop big tech companies from
| overreaching. Before there was a bit of a compromise, I could use
| evil apps with some peace of mind that they wouldn't do something
| egregious. Now I suspect evil apps just won't be available in the
| App Store, or Apple will be forced to relax their control.
| kyriakos wrote:
| Apple (and Google) blocks all sorts of apps from their stores
| that even though legal in nature are not allowed for some
| arbitrary reason that helps their bottomline. E.g. things like
| gambling, crypto, adult etc are all blocked. On Android you
| have the choice to side load them on iOS you can't. For this
| reason alone allowing sideloading will be a generally good
| thing.
|
| For the average user there will be zero impact and for the
| power users who wants to still to Apple's guidelines no one is
| forcing them to install anything they don't want to. If its any
| similar to Android it will take quite a few clicks to allow the
| installation which deters the average user from installing
| unwanted stuff.
| rched wrote:
| How does blocking gambling, crypto, and adult content help
| their bottom line? Seems to me like these would be a
| lucrative source of income if they allowed them on the store.
|
| The risk to the average user is that an app they want is
| removed from the App Store and only available via
| sideloaidng.
| kyriakos wrote:
| Adult and Gambling have different compliance requirements
| with banks and payment processors, some outright don't
| allow dealing with these types of content/marketplaces
| (have a look at Stripe's T&C as an example). Apple and
| Google would rather not get into these markets than dealing
| with the legal complexities, this is the reason they are
| blocked. If they were doing it for the good of the users
| they would have just blocked them for underage users.
| rched wrote:
| > Apple and Google would rather not get into these
| markets than dealing with the legal complexities, this is
| the reason they are blocked
|
| I find this claim pretty suspect. What are you basing
| this on? I'm sure the extra income would be vastly more
| than the cost of dealing with legal complexities.
| kyriakos wrote:
| On the fact that they don't allow them in the first
| place.
| wkat4242 wrote:
| They're got going to have such mainstream apps only available
| by sideloading. Not enough people do it. See how few people
| actually use this on Android. It's way too complex and scary
| for Joe Soap and Facebook won't want to lose all of them.
|
| The only big player I can imagine doing this is TikTok if they
| really get banned, they'll still lose a ton of users though.
|
| It's a great thing for the ecosystem because at least those who
| want to sideload can do it.
| the_common_man wrote:
| Same. I wish all laptops and all electronics gadgets are
| totally locked down and only cozintrollable by the
| manufacturer. Like Lenovo laptop, should only have apps from
| Lenovo store. I would also say we should have only one editor.
| I don't see point of many. Like you, i am filled with dread
| about multiple choices!
|
| Edit: just thought of an idea. Maybe each ISP can provide a
| store and we can only install from those into our devices.
| After all, we trust ISP already
| a_vanderbilt wrote:
| They could allow side loaded apps with the same notarization
| requirements as Mac apps. This could prevent the proliferation
| of outright malware. Even side loaded apps are still subject to
| the iOS app sandbox. The permissions APIs could still be
| enforced too. Done correctly, this could be like current side
| loading but without the need for a developer certificate to
| make apps last more than 7 days.
| zackees wrote:
| [dead]
| gerash wrote:
| This reminds me of the "protections" real estate agents provide
| by taking a "meager" 5% commission on a home sale. Right now it
| seems practically impossible to sell a house without the
| involvement of an agency. I wish we could get rid of these
| overpaid middle men for filling out a bunch of forms and taking
| zero risk.
|
| I feel what Apple is doing is taking 30% of what you pay to
| e.g. Spotify as a middle man because they made the device and
| can dictate whatever terms they please. How are people ok with
| this is beyond me.
| asddubs wrote:
| the problem is that apple also heavily censors security
| unrelated things. e.g. art platforms and emulators, just to
| name two prominent examples.
| hparadiz wrote:
| Why do you hate freedom?
| Karunamon wrote:
| App Store review was not stopping evil/scam apps, though. I
| would expect the system privacy APIs to clamp down on the worst
| of it (even Facebook can't violate your privacy if it can't
| identify your device, or access its contents or location).
|
| Normal users don't sideload on Android. Even the (objectively
| easy) steps for enabling it there are too much for the average
| user. Why do you think this would be any different?
| bastardoperator wrote:
| They're never going to which is why you just need to delete it
| and never look back. You're the product. As long as you keep
| coming back, they win.
| jclardy wrote:
| I'm the opposite, as looking at android, where do we see this?
| All big players are still in the play store, because the
| average user of those services doesn't want to be bothered
| going to a website, clicking scary looking buttons to enable
| third party installs, then manually update their own installed
| apps.
|
| Basically the risk would be someone like TikTok dropping out of
| the store, but I find that unlikely. Maybe at the best they
| will have an "unrestricted" version with bonus features outside
| the app store. Visibility for indie apps is basically zero on
| the big platforms, but for the large players, being in the app
| store is actually important, at least for now, as users are
| used to going to the app store to search for software, and not
| just typing something into google.
|
| The other thing is, these apps will still be sandboxed. Being
| available outside the store just means they can accept their
| own payments, they aren't going to have full system access to
| photos/contacts/files/etc. without explicit user permission,
| same as an app available via the app store.
| tshaddox wrote:
| It has been several years since I gave Android a try, but my
| experience was that the Android ecosystem (specifically the
| Google Play Store in the U.S.) was indeed much worse than iOS
| with apps distributing malware, destroying battery life and
| performance with background tasks, sending all your contacts
| off to their server, using push notifications for spam, etc.
| (To be clear, these things have also been problems on iOS,
| and my position continues to be that Apple should be _even
| more restrictive_ about this stuff).
| philwelch wrote:
| > Basically the risk would be someone like TikTok dropping
| out of the store, but I find that unlikely.
|
| Maybe it's the other way around. I don't know the current
| legislative status of the attempts to ban TikTok, but the
| most realistic mechanism for doing so would involve banning
| it from app stores. By enabling sideloading, Apple would be
| enabling TikTok to circumvent such a ban.
| kmlx wrote:
| > I'm the opposite, as looking at android, where do we see
| this?
|
| fraud. we'll see lots and lots of fraud. a new avenue will be
| open.
| kaba0 wrote:
| Just make it hard to sideload, like the android dev mode.
|
| Then your grandma won't install anything, but power users
| can actually use their general purpose devices as such.
| vbezhenar wrote:
| Power users can already sideload anything on iPhone. It's
| not even hard.
|
| I guess the whole talk is about making side-loading
| easier.
| seba_dos1 wrote:
| It used to not be possible at all, and now you still have
| to repeat it regularly if you want to keep using the
| sideloaded application, which makes it close to useless
| for anything else than development. Of course, as
| expected from Apple, doing it from another OS than macOS
| is a huge PITA too.
| _fzslm wrote:
| what you're seeing in the iPhone sideloading space is a
| product of a _lot_ of hard work by many different people
| over many years. AltServer and the like (what I assume
| you're referring to) are the best solutions we have, but
| come with significant downsides - iOS updates breaking
| the software, limits on how many apps you can install
| (last time i checked, you could only install 3), time
| constraints (need to "re-sign" apps every week), software
| constraints (still can't use JIT or other private APIs
| without Apple's blessing), and - relative to using the
| App Store or Android sideloading - the setup procedure is
| pretty complicated. on both Macs and PCs, AltServer can
| be kind of difficult to set up.
|
| all of this has prevented a legitimate sideloading scene
| from truly emerging on the iPhone - which, depending on
| where you ideologically stand on this, could be
| considered monopolistic.
|
| i think there's definitely room to make the process a lot
| easier - even _if_ it's just for power users.
| dvzk wrote:
| When I first looked into this, free Apple developer
| accounts also could only use limited app entitlements: so
| no network extensions, VPN profiles, Apple push
| notifications, or other capabilities. NetworkExtension is
| basically the only reason I'm interested in iOS
| development at all, so a paid account was not optional.
| soraminazuki wrote:
| We already have an example of what Meta would do with
| sideloading: trick clueless users into installing highly
| invasive spyware that inspects every traffic going in and out
| of your device, even MITM-ing TLS connections.
|
| https://techcrunch.com/2019/01/29/facebook-project-atlas/
|
| They did this by abusing their enterprise certificate.
|
| As much as I'd like the ability to sideload apps, abuse by
| commercial vendors is a very real concern. With a few
| exceptions, commercial software has proven itself to be
| untrustworthy with the growth of surveillance capitalism. I'd
| rather that sideloading be reserved for free software.
| dhdhhdd wrote:
| DJI does not provide its app via play store and requires side
| loading :(
| cronix wrote:
| > I'm the opposite, as looking at android, where do we see
| this?
|
| For one, DJI drone software. It's available in the Apple
| store but you have to sideload it for Android. DJI isn't a
| small company, and there is quite a large professional
| market.
|
| Edit: meant apple app store, not play store...fixed for
| clarity
| rickdeckard wrote:
| Sorry, if it's available in the play store, why do I have
| to sideload it for Android?
| cronix wrote:
| Because Apple forced DJI to comply for their version, but
| since sideloading is available on Android as an
| alternative, they basically told Google to go pound sand.
|
| Edit: I misspoke in my original, which I fixed
| phpisthebest wrote:
| I suspect as well the version is Android has features the
| iOS one does not due to limitation placed on it from the
| store, Issues they got around by simply removing it from
| the draconian store.
| _rs wrote:
| Is this actually true though?
| pjc50 wrote:
| Possibly this is _preparation_ for TikTok being forced out of
| the store by the US government? But they 'd still like to
| offer it, to avoid losing business to Android if that becomes
| the only platform with TikTok.
| ben_w wrote:
| It would be deliciously ironic if one hand of the US
| government forces Apple to allow side-loading while another
| other forces it to stop distributing apps.
|
| I appreciate it's not just the US in either case, but the
| irony is still delicious.
|
| (No way I'm allowing side loaded apps on my main phone
| though; would rather have a secondary phone for them if I'm
| forced to install them for whatever reason).
| brundolf wrote:
| Some things can be sandboxed in software, some things are
| only socially-enforceable. For example, look at Apple's
| requirement to list everything an app does with the user's
| data. It's impossible to enforce that in software and still
| have functioning apps (trivial example: an app's back-end
| sells every single request made to it to some third party),
| but Apple was able to enforce it anyway via App Store
| rejections
| HWR_14 wrote:
| > looking at android, where do we see this?
|
| Google doesn't prevent Meta or TikTok or any other apps from
| spying on you, as long as they also get to spy on you. So
| they have no incentive to build a competing store.
|
| Apple, on the other hand, limits what apps are allowed to do.
| squeaky-clean wrote:
| Fortnite isn't as big as Facebook, but it's still side-load
| only on Android and not available at all on iOS
| yamtaddle wrote:
| > I'm the opposite, as looking at android, where do we see
| this?
|
| 1) Android hasn't made things as hard for malware vendors as
| Apple has, and
|
| 2) Android's not as lucrative a market as iOS
|
| Those together mean incentives are significantly different,
| so we _might_ not see the same behavior on iOS as we have on
| Android, from companies that are upset about not being able
| to to distribute as-effective malware as they 'd prefer. Like
| Facebook.
| wkat4242 wrote:
| Android is a much bigger market worldwide. Only in the US
| and a few other rich places Apple is still the #1.
| lockhouse wrote:
| Apple is more lucrative in the sense that people spend
| significantly more money on their App Store.
| HFguy wrote:
| Read the above comment regarding FBs breakdown of revenue
| per customer by region.
| jjeaff wrote:
| Only by user count. Last I checked, apple's worldwide app
| store revenue was nearly 10x that of Google's app store
| revenue.
| kevviiinn wrote:
| So are malware vendors looking for who spends the most on
| software or for biggest impact through sheer number of
| installations
| rovr138 wrote:
| I'm guessing they're looking for the users they can steal
| the most from in the least amount of time. Aka, the most
| lucrative.
|
| Apple's ecosystem means that most of the devices are up
| to date, or close, and because they control the full
| pipeline, things behave better.
|
| This means that targeting ios is easier (since they'll be
| on closer versions and behave uniformly) and that because
| they spend more money, which they have, means that
| targeting them is easier and more lucrative.
|
| Most are looking to hack. If they're looking to build a
| botnet, android might be better.
| boring_twenties wrote:
| > This means that targeting ios is easier
|
| I don't think so? Android devices are much more likely to
| be vulnerable to well-known exploits. Stealing keys and
| passwords of course is much easier if your app can get
| root on the device.
| judge2020 wrote:
| > In Q1 2022, Facebook had an average revenue per user
| (ARPU) of $48.29 in the US and Canada, $15.35 in Europe,
| $4.47 in Asia-Pacific, and $3.14 in the Rest of the
| World. Facebook reported a quarter-over-quarter decline
| in ARPU of 20% in the US and Canada, 22% in Europe, 18%
| in Asia-Pacific, and 5% in the Rest of the World.
|
| https://www.globaldata.com/data-insights/technology--
| media-a...
| yamtaddle wrote:
| User count, yes. Expected value per user, and amount
| spent per user on software and computer services is far
| lower for Android, even if we only look at the US. That,
| combined with the relative ease of supporting a couple
| iOS versions on a handful of devices versus a whole
| universe of Android OS-device combos, is why a lot of
| apps go iOS-first if they're not doing dual-platform from
| day 1. The benefit for _most_ monetization models is
| greater on iOS, and the cost of support tends to be
| lower.
| kevviiinn wrote:
| >amount spent per user on software and computer services
| is far lower for Android
|
| But why does that matter in this context
| tshaddox wrote:
| Pickpocketing is less of a problem in areas where people
| aren't carrying around cash and credit cards.
| ben_w wrote:
| Unless your goal is propaganda, the incentive is measured
| in dollars etc., not eyeballs.
| yamtaddle wrote:
| An alt-store stands to capture more value on iOS than
| Android, and spying on iOS users is probably a whole lot
| more lucrative than spying on Android users.
|
| That, combined with the App Store restricting spying more
| than the Play Store does, is why we can't necessarily
| expect the iOS ecosystem to behave the same way as
| Android's, were iOS to get similar side-loading
| capabilities. A common argument goes that nothing will
| change on iOS, because it hasn't on Android, but the two
| markets are different enough that I don't find that a
| strong argument. Maybe it'll turn out to be right, but I
| don't think it's as much a slam-dunk argument as those
| advancing it seem to think it is.
| [deleted]
| WastingMyTime89 wrote:
| > An alt-store stands to capture more value on iOS than
| Android, and spying on iOS users is probably a whole lot
| more lucrative than spying on Android users.
|
| How so?
|
| I think American Apple users just don't realise how
| insignificant Apple market share is outside the US.
|
| Android was open from the start. Giant like Amazon tried
| to kickstart alt stores. What did happen? Nothing.
|
| I think people should stop drinking Apple fear mongering.
| It's just aggressive lobbying to protect their cash cow.
| arcticbull wrote:
| - 27.71% worldwide is iOS.
|
| - 56% in the US.
|
| - 34% in Europe.
|
| - 18% in Asia.
|
| - 13% in South America. [2]
|
| That all in mind Apple has 85% of the _global_ share of
| smartphone profits. [1] Many Android players have a
| _negative_ profit share.
|
| [1] https://www.bloomberg.com/news/articles/2023-02-03/ip
| hone-gr...
|
| [2] https://gs.statcounter.com/os-market-share/mobile/
| trarmp wrote:
| Those are numbers for smartphone sales, not the software
| on them. Hardware sales can be negative, sometimes even
| intended. Just look at console vendors for that.
| arcticbull wrote:
| That can't make the numbers look better, after all, Apple
| gets 30% of App Store sales, while _Google_ takes the cut
| of Android apps sold through the Play store. And that
| gets even worse when you see Apple gets 67% of all app
| revenues too. [1]
|
| [1] https://www.businessofapps.com/data/app-revenues/
| yurishimo wrote:
| Are you arguing that the average Android user spends more
| on apps than their phone is worth?
|
| Anecdotally, most people I know might spend $20/year on
| App Store purchases (excluding streaming services if they
| don't have a desktop computer).
|
| I've made well over six figures for a few years and have
| never spent more than $100 in a year, the vast majority
| of those purchases for one off games/apps, not iap
| coins/tokens/etc.
| yamtaddle wrote:
| > > An alt-store stands to capture more value on iOS than
| Android, and spying on iOS users is probably a whole lot
| more lucrative than spying on Android users.
|
| > How so?
|
| What... part of this remains unclear? It's the same
| incentives that drive iOS-first development choices, with
| the added wrinkle that the App Store restricts the
| potential of certain monetization schemes (spying on
| users) more than the Play Store does. All that means the
| incentives to distribute apps outside the App Store, or
| to launch an alt-store, are stronger than on Android.
|
| > I think American Apple users just don't realise how
| insignificant Apple market share is outside the US.
|
| I do realize. I think you may be overestimating how much
| all those Android users spend, and how much their
| eyeballs (and personal data) are worth to advertisers,
| compared with iOS users.
|
| > Android was open from the start. Giant like Amazon
| tried to kick start all stores. What did happen? Nothing.
|
| My entire point is that there are enough differences
| between the two that we can't assume they'll behave the
| same.
| pantalaimon wrote:
| Obviously the implication is that only plebs are using
| Android and affluent people are on iOS
| yamtaddle wrote:
| Income demographics are almost certainly part of it,
| sure. I expect iOS also makes users feel safer or more
| comfortable spending money than Android does, and that
| the average iOS device in the wild is generally more
| pleasant to use than the average Android device. There
| could also be age-related demographic factors
| contributing (that is, Android users may skew older, and
| older people might spend less on software, and may tend
| to use their devices far less than younger smartphone
| owners--this is just a guess, though)
|
| Whatever the reasons, iOS device owners use their devices
| a lot more, and spend a lot more money through them, than
| Android users, on average.
| chiefalchemist wrote:
| Put another way,Apple and iOS is becoming more like Google
| and Android.
|
| My privacy isn't happy about this.
| hoffs wrote:
| Citation needed
| sjsdaiuasgdia wrote:
| For the money part,
| https://www.businessofapps.com/data/app-revenues/
|
| iOS is 15% of the mobile device market but generates 67%
| of the app revenue.
| yamtaddle wrote:
| Yeah, I suppose this stuff isn't common-knowledge outside
| the commercial mobile development space.
|
| There are complaints in this very thread about how shit
| the software selection is on the Play Store compared with
| iOS. This is why. Companies that have to, for whatever
| reason, pick only one platform to start on, usually pick
| iOS. If they add on Android later, they expect it not to
| make as much money as the iOS app, so may half-ass the
| port. In some cases, good apps that have enough revenue
| to keep them alive on iOS, may judge that an Android port
| won't be worth the added cost (especially smaller apps--
| think, one or two developer sorts of operations, they may
| run the numbers and project only a 20% revenue boost from
| adding an Android port, which may not be enough to cover
| the dev, testing, administrative, and support time the
| platform would require). There's a perception that,
| basically, Android users won't buy apps (which is...
| kinda true) and that's why the iOS version of an app
| might be ad-free and paid, while Android only gets an ad-
| supported variant--the vendor doesn't think creating and
| supporting a paid option on Android is worth the extra
| overhead.
| eropple wrote:
| I used to be a mobile developer, and I literally got
| death threats for charging $6 on Android. People just
| paid it on iOS and got on with using the app.
| arcticbull wrote:
| Also 85% of all the profit in the entire global
| smartphone market. [1] Roughly speaking nobody makes
| profit in smartphones other than Tim.
|
| [1] https://www.bloomberg.com/news/articles/2023-02-03/ip
| hone-gr...
| tgv wrote:
| iOS users spend more than Android users, and are even
| becoming the majority in the US. Here's some citation:
| https://nix-united.com/blog/are-android-vs-ios-users-
| really-...
| yamtaddle wrote:
| Spend more, _and use their devices a lot more_ , both Web
| and Apps. At least, last time I looked at market research
| data like this, which was admittedly 4-5 years ago.
| prox wrote:
| As someone used Android and Apple co-currently, this is
| it. Android apps I supported (camera and photo apps, some
| music) all went down in some form and were gone in some
| time. Furthermore, the quality was always lower than any
| iOS counterparts.
|
| Apple apps almost never have these problems and are
| higher quality.
| kitsunesoba wrote:
| Something that I think is often not considered when
| thinking about mobile device usage stats is the
| proportions of types of users the market is comprised of.
|
| While I don't have any links to back the idea up, I
| suspect that Android's marketshare is somewhat inflated
| by users who'd normally be using feature phones -- these
| users don't need anything more than the ability to make
| cell calls and maybe text occasionally, and even the
| absolute cheapest of cheap Android phones checks those
| boxes. There's no point in these users buying even a low-
| midrange Android phone, let alone a flagship or an
| iPhone. So while these users are technically Android
| users, they're not really smartphone users.
|
| Also, the difference in rates of usage extends beyond
| phones. I think I read some of the same reports you did
| and compared to iPads, Android tablets are much more
| likely to end up forgotten in a drawer or collecting dust
| on a shelf. Having a recent low-midrange Android tablet
| myself (for Android app dev purposes) I would guess that
| this is at least partially due to how ridiculously low-
| spec cheap Android tablets are... mine cost almost as
| much as a refurbished iPad 9th gen _on sale_ but doesn 't
| perform a fraction as well as that model of iPad. Even my
| old Pixel 3XL runs circles around it.
| jimmydddd wrote:
| Agree with the user base portions. My parents (in their
| 80's) each have 3 android phones because my dad keeps
| buying them for some reason. We never know which of their
| phones/features are currently active. My mom wasn't
| getting my texts and we just figured out that she doesn't
| have texting enabled. Not sure if it's a setting or that
| my dad picked a 90 day phone plan without text support.
| :-)
| roamerz wrote:
| > I'm the opposite
|
| You already can side load apps. Just buy an Android device. I
| liken this to people who buy a house near an airport then
| lobby to get the airport closed because they do not like the
| noise. I bought into IOS because of the walled garden and
| without it some app that I would prefer to get through the
| sanctioned app store will now only be available by side
| loading.
| WastingMyTime89 wrote:
| > I liken this to people who buy a house near an airport
| then lobby to get the airport closed
|
| Well, no, in this case it's the government going to see the
| pseudo-monopolist and telling them: "Party is over. There
| is going to be some competition there from now on."
| Something I most definitely cheer for.
| GeekyBear wrote:
| > I'm the opposite, as looking at android, where do we see
| this?
|
| Where do we see Android devices with apps like Facebook
| preinstalled, unremovable and granted root permissions? All
| over the ecosystem.
| andsoitis wrote:
| Only Apple sells iPhones, so I wouldn't worry about
| preinstalled 3rd party apps with root permissions like we
| see on Android phones.
| GeekyBear wrote:
| Only Facebook makes the Facebook app, and I find it
| extremely easy to imagine a Facebook app that can only be
| sideloaded, so that Facebook can bypass the restrictions
| put in place by the App Store.
|
| For instance, Apps are currently not allowed to degrade
| functionality if the user says no to a permissions
| request (e.g. location tracking).
| ChrisMarshallNY wrote:
| I don't use the Facebook app. I hardly ever use FB,
| anyway (I am an admin on a user group for an OSS project
| I authored), but their app is a well-known nightmare.
|
| I use their Web interface, which, I suspect, they
| deliberately cripple, in order to try forcing me to use
| their app.
| katbyte wrote:
| I wanted to check fb messenger on my phone for a
| marketplace thing so I logged into the website: wouldn't
| let you look/ pushed you to the app and I couldn't flip
| it into desktop mode
| ChrisMarshallNY wrote:
| Yeah, I was forced to install Messenger. It sucks.
| andsoitis wrote:
| Perhaps, but what I was emphasizing was that on iPhone
| such apps will likely not come pre-installed; neither by
| Apple (vs e.g. Samsung) nor by a carrier because I
| seriously doubt Apple would allow that.
|
| Instead, what Apple is doing is finding a new balance
| that appease those who are attacking the legitimacy of
| the App Store (and its toll booth) while in practice the
| vast majority of iPhone users will retain their privacy.
| GeekyBear wrote:
| > Perhaps, but what I was emphasizing was that on iPhone
| such apps will likely not come pre-installed; neither by
| Apple (vs e.g. Samsung) nor by a carrier because I
| seriously doubt Apple would allow that.
|
| If Facebook is willing to pay to have their app
| preinstalled, unremovable, and granted root permissions
| on Android, why in the world wouldn't they be willing to
| force users to sideload their app on iOS?
| smoldesu wrote:
| Why in the world does it matter? If Facebook wants to use
| the iOS sideloading scene to promote organ harvesting or
| whatever, we use that to sue them. From the outside-
| looking-in, it seems like another one of those hissy-fit
| scenarios where Apple's petty disagreement with other
| companies actively reduces the capability of their
| devices.
| filoleg wrote:
| Sue them for what? Gathering user data that users gave an
| explicit permission to gather?
|
| Previously, the app devs wouldn't be able to, for
| example, lock out the entire app from being used, just
| because you didn't give them permissions for something
| that isn't vital for the app to function (e.g., location
| tracking or photo gallery). App Store rules prohibit that
| behavior, and those apps get rejected.
|
| Sideloading would allow FB and others to do that and
| more, since they won't need to follow App Store rules
| anymore. And I don't think there is anything illegal
| about them doing it.
| kaba0 wrote:
| They would sideload to do what exactly?
| tshaddox wrote:
| Any of a large number of things that Apple currently
| doesn't allow on the App Store.
| waboremo wrote:
| In this hypothetical, Apple would agree to take Facebook
| funds to preinstall the app.
|
| Otherwise I think you may be confused on what sideloading
| is.
| jackson1442 wrote:
| Facebook has actually done this before with their Onavo
| VPN that intercepted all your web traffic in exchange for
| something like a $5 gift card every month. Distributed
| publicly using their internal enterprise certificate and
| got their cert revoked.
| raydev wrote:
| Sure, but that's not scalable.
| kaba0 wrote:
| What exactly are those restrictions? Ios has a good
| sandbox model which is responsible for security.
| judge2020 wrote:
| They don't speak of the security model. But the
| compliance model, ie. "you can't block the entire app
| until the user enables precise 'always' location
| tracking".
|
| But in terms of security, every jailbreak since ~iOS 8
| besides checkm8 has been via a third-party app breaking
| out of the sandbox. The ramifications for shipping an
| exploit chain like this via the built-in app store is
| going to be extreme (possibly being blacklisted from
| iOS), but a sideloaded app can run such an exploit chain
| in the background (to install spyware if the user isn't
| on the most up-to-date version of iOS) with no
| consequence.
| waboremo wrote:
| This is false and not how it works on macOS, worse I
| would consider this fearmongering.
| judge2020 wrote:
| What is false?
|
| Facebook could pull Instagram and tell users to visit
| Instagram.com.
|
| They can now block some/all of the app based on whether
| or not you've enabled location tracking.
|
| And malware on macOS works different because macOS
| doesn't have the same security model as iOS. macOS apps
| can access large parts of the system after one or two
| security prompts, and Apple has gone on record that this
| is not the security level they want for iOS[0].
|
| I guess you could mean that Apple would do notarization,
| but I can assure you that enough third parties would
| still fight Apple in court/via lobbying to remove all of
| Apple's oversight over app approval.
|
| 0: https://www.cultofmac.com/742918/craig-federighi-
| apple-softw...
| boring_twenties wrote:
| Preinstalled and unremovable, sure. I've never heard of
| Facebook being given root, though? Do you have any more
| info about this?
| EMIRELADERO wrote:
| Maybe it's just me, but I'd rather have my government defending
| my (and most citizen's) interests (with laws such as GDPR)
| rather than a private company's rules which, as evidenced by
| this article's existence, have pretty big "collateral damage".
| kaba0 wrote:
| You do realize that the sandbox won't seize to exist, right?
| Apple does jackshit at censoring the App Store, they run some
| routine checks on the code and disallow upload if it has "porn"
| in the title, the real security is the sandbox.
| overthrow wrote:
| You're dreading giving other people the freedom to make one
| choice, and yourself the freedom to make a different choice
| (yours being the default option from the factory btw), and
| everyone gets the privacy/control tradeoff they want?
| bena wrote:
| I think you're missing something.
|
| Meta makes the Facebook app. Currently, the only way to get
| the Facebook app on iOS is through Apple's App Store. Which
| means Meta has to follow all of Apple's guidelines.
|
| Once sideloading is allowed, Meta can make a version of their
| app that does not follow Apple's guidelines.
|
| Now, they can maintain two apps, but last time I checked, the
| cost of maintaining one app was lower than the cost of
| maintaining two.
|
| Eventually, the App Store version will no longer work with
| Facebook's API. Or the iOS version, or a third thing. There
| will only be the sideloaded option.
|
| _I_ don 't have the freedom to choose the version of the app
| I want. And now I can't actually trust any of the apps out
| there because none of them are required to follow any of
| Apple's guidelines.
| darkwater wrote:
| > I don't have the freedom to choose the version of the app
| I want. And now I can't actually trust any of the apps out
| there because none of them are required to follow any of
| Apple's guidelines.
|
| You don't have that "freedom" right now either, it's just
| the Apple Store one. Also the law is about giving options
| on the distribution system, not on "app versions". So if
| Epic or 37 Signals use their own channel to distribute
| their own apps with subscriptions fees, they can do it and
| Apple cannot take its cut. So, Apple might want to reduce
| their fees there. You know, competition.
| bena wrote:
| Right, but the person I responded to spoke as if this was
| going to be a way to increase consumer choice. It's not.
|
| Everyone will not get "the privacy/control tradeoff they
| want". They're going to get whatever the creator of the
| app decides. And sure, for TODO apps, you can choose from
| the 15 billion ones out there. But if you want ride-
| sharing, you have Lyft and Uber. If you want specific
| services, you will have to use their app.
|
| And after the shit Epic pulled, I don't really think I
| want them in control of the payment processing portion.
| fauxpause_ wrote:
| I would rather pay less for Ubers than have Apple's
| protections. I would rather pay less for Uber and have
| Apple's protections.
|
| Apple will still offer Uber, but they will take a smaller
| cut. Uber will still be available on the App Store
| because it is the most common App Store.
| bena wrote:
| Apple doesn't offer Uber. Uber offers Uber. Uber offers
| it through the App Store because that's their only
| option. And even if the only thing that happens is that
| Apple takes a smaller percentage, that doesn't impact me
| at all. I'd still pay the same.
|
| So, in your best case, we have a scenario that is neutral
| for me. Excuse me for not being thrilled by that.
| cageface wrote:
| This hasn't happened on Android where side loading and
| alternative app stores have been available for years. Why
| would iOS be different?
| j16sdiz wrote:
| Because play store have less rules? FB can steal all your
| photo and play store couldn't care less.
| yamtaddle wrote:
| Facebook hasn't recently blamed the Play Store rules for
| their losing a shitload of money. They have so-blamed iOS
| App Store rules.
|
| Basically, they have far less incentive to try to push a
| side-loaded version of their app, or to try to create an
| alternative app store, on Android.
| mschuster91 wrote:
| Because Google doesn't give a fuck about what apps pull
| off until there's media outrage. It took them years to
| implement basic privacy features.
| akmarinov wrote:
| Apple will likely make the sideloading process so involved
| that it'll be outside of the competency of the vast
| majority of the users.
|
| Facebook would just shoot themselves in the foot with
| having to support two apps for little value.
| trarmp wrote:
| I would bet that Apple would still require developers to
| sign their apps, like they do on macOS.
|
| That means you that if a vendor does something
| particularly egregious, stuff akin to malware, they can
| pull the certificate for that vendor. They don't do that
| often: IIRC, they've only done that in macOS a handful of
| times.
| joshstrange wrote:
| Something tells me the people who installed FB's shaddy
| VPN via sideloading weren't exactly what's I'd call
| "competent users".
|
| FB complained about lost revenue from Apple locking down
| tracking so if $X is what they make per user via the
| official app store and $Y is what they make on the
| sideloading app store then there exists $Y-$X = $Z where
| $Z (or even $Z * some number) can be used for "customer
| acquisition" to convince people to switch with the goal
| of making more off them in the long run.
|
| "Get $5 in FB Credit if you download this app", "Get
| access to this cool new filter if you install this app",
| etc. No, people here on HN won't be swayed by that but a
| good number of people will.
| twelve40 wrote:
| > There will only be the sideloaded option
|
| how did you come to that conclusion? certainly not true in
| the android world. I don't have the stats on prevalence of
| sideloadong vs. play, but all official apps are alive and
| well in play after decades of being able to sideload
| pdpi wrote:
| Does Facebook have an ongoing dispute with Google about
| privacy controls on Android, though?
| smoldesu wrote:
| Meta already does all sorts of stuff that violates Apple's
| TOS, they just do it server-side.
|
| > I don't have the freedom to choose the version of the app
| I want.
|
| Sure you do. You can either use it or you don't. Regulating
| data privacy isn't Apple's job, if you want that fixed then
| you should take it up with the government or someone who
| can actually hold them accountable.
| yamtaddle wrote:
| > Regulating data privacy isn't Apple's job
|
| It's part of why I pay them, so I say it is.
|
| > if you want that fixed then you should take it up with
| the government
|
| Yeah, I'd strongly prefer the government do what it
| obviously should and reign in abusive, dangerous
| stalking-at-scale across the entire economy, but absent
| that, it sure is nice to have a _choice_ to still get
| some of that regulation in one area of my life, by going
| with Apple.
|
| Take away that option and I'm sure as shit not going to
| feel _more_ free.
|
| > Sure you do. You can either use it or you don't.
|
| That's two choices, where now we have three. Buy Android
| and every app you download is malware; don't use apps;
| buy Apple and every app's _trying_ to be malware, but at
| least they can 't be nearly as good at it as on Android.
| Losing choice three doesn't increase my liberty.
| smoldesu wrote:
| > It's part of why I pay them, so I say it is.
|
| Okay. It's meaningless in a legal context, completely
| unaccountable and contradictory to their own regulation.
|
| You're welcome to insist otherwise but I don't think any
| just court would hear you further than that.
|
| > Take away that option and I'm sure as shit not going to
| feel more free.
|
| Nobody is taking away anything. These apps have always
| had the option to leave Apple's ecosystem, adding
| additional stores doesn't miraculously add that
| possibility. It's like saying that the Taco Bell opening
| up down the road is threatening your upscale Cantina
| burrito that you're eating as-we-speak.
|
| > That's two choices
|
| Okay, I'll amend it then. You can either use it, or you
| don't, or go buy an Android phone. Or degoogle your
| Android phone, that's 4 options.
|
| Quit whining about liberty and put your stubbornness
| where your mouth is. Stay on the App Store if you insist,
| nobody will stop you. If you did it on a Mac, you'd
| probably look like a bit of a fool though. Plenty of
| longtime, respectful Apple devouts (see: Panic)
| acknowledge that the App Store is a raw deal and
| distribute their apps themselves. There are people other
| than bad actors advocating for this, as shocking as it
| may sound. It is possible to see the forest through the
| trees.
| pwinnski wrote:
| > Regulating data privacy isn't Apple's job, if you want
| that fixed then you should take it up with the government
| or someone who can actually hold them accountable.
|
| I live in the United States of America, where the
| government is bought and paid for by companies who
| dislike privacy for their users.
|
| In the meantime, it may not be Apple's "job," but it's
| part of their value proposition, and the grumbling from
| software vendors indicates it's reasonably effective.
| smoldesu wrote:
| You live in the United States of America, which has had
| Google, Microsoft and Apple under it's thumb since
| Snowden's leaks. If you want to insinuate that Apple
| protects you against state-level actors, you should
| disprove that or at least refute their own transparency
| page[0].
|
| > the grumbling from software vendors indicates it's
| reasonably effective.
|
| If not the software vendors, who are you trusting to keep
| your best interests at-heart here?
|
| [0] https://www.apple.com/legal/transparency/
| overthrow wrote:
| If Meta pulled from the official app store, their install
| rate would go to 0 overnight. And a third-party developer
| would quickly swoop in and take over the #1 search result
| for the word "Facebook" (plenty of such apps already
| exist), so oblivious users would still end up ahead.
|
| Sure they could offer a sideloadable app on their website
| somewhere, but nobody will find it or use it. If your
| grandma searches for facebook and the top result says
| "Friendly for Facebook" instead of just "Facebook", do you
| really think she'll notice the difference let alone go on a
| wild goose chase of googling for alternative app stores and
| clicking through scary warnings?
| joshstrange wrote:
| I mean it didn't stop a lot of people from clicking
| through "scary warnings" to install Facebook's VPN app
| that hoovered up their data. I think you are vastly
| underestimating what people will go through for a minor
| benefit to themselves (in the case of the VPN it was low
| dollar amount gift cards).
|
| FB won't remove their app from the app store but instead
| will add a new feature or offer a perk that is only in
| their side-loaded version and it will drive users in
| droves to install it.
| mattrighetti wrote:
| > You're dreading giving other people the freedom to make one
| choice
|
| Users made this choice when they bought an Apple product in
| the first place. Everybody knows well in advance that this is
| the current state of things, that is a well-informed choice
| by the end user.
| HDThoreaun wrote:
| I did not know that side loading was impossible when I
| choose the ios ecosystem. I mainly chose it because the
| green texts made communicating difficult. Now I'm locked
| in.
| Spivak wrote:
| Software isn't fungible and right now today you have the
| ability to install facebook with app store restrictions on
| iOS and without on Android. If FB pulls from the app store
| that choice is taken away.
| 1over137 wrote:
| >today you have the ability to install facebook with app
| store restrictions on iOS and without on Android
|
| You have a third choice: don't install facebook at all.
| [deleted]
| Spivak wrote:
| You see how that's worse right? Either give up your
| privacy or don't use FB. On iOS you can have both.
| ThatPlayer wrote:
| You can also do it the same way I use Facebook on my
| desktop without install an app that gives up my privacy.
| Open up my browser and type in www dot facebook dot com.
| You'll get all the privacy protection that Safari on The
| App Store gives you. I think they even have a PWA now if
| you really want an icon to make it easier.
| lolinder wrote:
| > On iOS you can have both.
|
| No, you can't. You can have some protections against the
| most egregious overreaches, but if you're concerned about
| privacy you shouldn't be on Facebook, ever, on any
| platform.
|
| Aside from that, there's no way Facebook will remove
| themselves from the app store. Apple isn't going to make
| sideloading easy enough for the average Facebook user.
| Spivak wrote:
| No, you can't. And if you could, the protections
| aren't that good. And if they were, it's not
| going to happen anyway. And if it does, that's
| Apple's fault for making it too easy. And even
| so, you deserve it anyway for using Facebook.
|
| I don't think is the argument you think it is. It's
| basically "nuh-uh" while agreeing with all the arguments
| in favor no sideloading along the way.
|
| Facebook has 2.95 _billion_ MAUs and 73% of the entire US
| population actively use it, 93% of businesses are on it
| -- "just don't use Facebook" is a woefully out of touch
| take. And this is only Facebook and doesn't include IG
| and WhatsApp. Meta is 4/4 of the most downloaded apps.
| stcroixx wrote:
| That 73% number sounds fudged. I'm sure they have some
| justification, but they're proven liars.
| dvngnt_ wrote:
| you have zero privacy on Facebook.
| waboremo wrote:
| If you care about privacy you wouldn't be using Facebook
| on any platform.
| dylan604 wrote:
| You're confused on hows removing your privacy in this
| example though. The recent-ish changes to iOS protects
| your privacy from FB. So, yeah, your choice is use FB or
| don't. It has always been this way. The app store is not
| the bad guy in the FB conversation.
| Rhedox wrote:
| It's the OS that ensures privacy, security and sandboxing,
| not the App Store.
| zamadatix wrote:
| On some things but not others. E.g. OS protections don't
| limit against things like "Displaying targeted
| advertisements in your app based on user data collected
| from apps and websites owned by other companies." as it's
| not something the OS can really know is happening, just
| that there are ads being loaded.
| harold_b wrote:
| The OS can control the data the app has access to for
| fingerprinting, with enough restrictions apps like
| Facebook would still have to rely on guesswork to do so
| zamadatix wrote:
| Play has restrictions they are just less strict than the
| App Store. Similarly on iOS if people are choosing iOS for
| this vetting then it follows Facebook would not be able to
| migrate to being a 3rd party app just because the option is
| there. All else being equal it's actually quite hard to get
| most users to use anything but the default store anyways,
| as is seen on Android.
| Rhedox wrote:
| It's the OS that enforces privacy and security, not the App
| Store. They won't be able to do much more than they can now.
|
| Besides, they'll stay on the App Store just like they are still
| on the Google Play Store on Android where side loading has been
| possible since version 1.0.
| sergiotapia wrote:
| None of this affects you whatsoever. Just don't use a
| sideloaded apps. I don't see why this would bother you in any
| way.
|
| Personally if Apple finally allows me to install whatever I
| want on my phones then I may return to their phones. Until
| then, I will use Android since I can download and install any
| .apk I want on my device.
| mort96 wrote:
| > None of this affects you whatsoever. Just don't use a
| sideloaded apps. I don't see why this would bother you in any
| way.
|
| That's unfortunately wrong.
|
| Say you use WhatsApp to keep in touch with your friends. Say
| Facebook pulls WhatsApp from the app store and makes it only
| available via side-loading. What do you do? You have to
| decide between trying to move everyone you know off of
| WhatsApp, or you side-load.
| filchermcurr wrote:
| An unattractive decision is still a decision you can make.
|
| If you believe so strongly that you shouldn't sideload
| applications, you absolutely have the choice to not do it.
| It may not be a choice that you like, but it _is_ a choice
| available to you. Which I think is what 's so wonderful
| about this whole situation. It's opening up options that
| were previously unavailable.
|
| Besides, this kind of Sophie's Choice has been around
| forever. Your friends all use Facebook Messenger but you're
| morally against Meta. Do you compromise your principles so
| you can see gifs your friends post or do you stand your
| ground and potentially miss out?
|
| It's just a variation on another theme that's been around
| for ages. Only this time it actually adds exciting
| possibilities rather than a binary 'use' or 'don't use'
| choice.
| mort96 wrote:
| There's a potential that someone who's currently using
| some app without side-loading won't have the opportunity
| to keep using the app without side-loading as a result of
| a decision to allow side-loading. That means "this
| decision doesn't affect you, just keep using apps without
| side-loading" isn't a valid statement.
|
| You're right that everyone will technically always have
| the choice not to side-load. Just like everyone
| technically has the choice to not own a phone in the
| first place. It's the "it doesn't affect you whatsoever"
| part I take issue with.
| sergiotapia wrote:
| Why are you conjuring up this unprecedented hypothetical?
| mort96 wrote:
| Because it doesn't seem implausible? Apple allowing side-
| loading is unprecedented, we can't say from experience
| how companies will respond to the ability to side-load.
|
| The closest analog we have is Android, where side-loading
| is permitted. Google Play is much more lenient than the
| App Store, so there's less incentive for companies to
| make their apps sideload-only than on iOS, yet some
| companies have already done it. Alternative software
| stores are also a thing there.
|
| I'm also not against side-loading. I think, as the owner
| of the device, I should be able to put software on it
| without Apple's permission. My only point here is that
| there are ways in which people who don't have to may be
| forced into side-loading software, meaning "just don't
| side-load if you don't want" is too simplistic.
| HDThoreaun wrote:
| Facebook isn't pulling any of their apps from the App
| Store. That's just baseless fear mongering.
| peoplefromibiza wrote:
| > Say Facebook pulls WhatsApp from the app store and makes
| it only available via side-loading.
|
| Say a meteorite hits the Earth and we all die.
|
| In a completely hypothetical scenario there are much worse
| things that can happen than Facebook voluntarily pulling
| WhatsApp from the App store, forcing their users to side-
| load it, gaining nothing on the permissions side of the
| bargain while at the same time losing a majority of their
| users or, even more probably, having users stuck on the
| last version they could install from the store and never
| update again.
| jron wrote:
| Stop installing "evil apps" and stop believing Apple actually
| cares about you. Cheering for a corporation to control what you
| can and can't install on your phone is gross.
| pwinnski wrote:
| Think about it this way: any app that refuses to go through
| Apple's store is telling you that you're not a customer they
| want. If Facebook makes that choice, it's a great time to give
| up Facebook!
| andsoitis wrote:
| > I want privacy hostile companies like Facebook to have to
| comply with the app store rules and respect system settings
| relating to privacy. As a user, I'm thrilled when Apple wields
| its big stick to stop big tech companies from overreaching.
|
| Apple is a saint?
| r053bud wrote:
| From reading through this thread, it sounds like most people
| think they are
| webmobdev wrote:
| That's why repetitive advertising is so effective - it
| starts to make you doubt reality.
| lenkite wrote:
| Apple's reality distortion field never really faded. Any
| Action taken by Apple Is Absolutely Righteous. Even if the
| very same action taken by another company would make them
| Absolutely Evil. The cognitive dissonance is truly amazing.
| yunohn wrote:
| > privacy hostile companies like Facebook to have to comply
| with the app store rules and respect system settings relating
| to privacy
|
| Currently and historically, Facebook's apps have been provided
| purely through the App Store and have been following Apple's
| privacy guidelines.
|
| Surely then, you can't criticise their approach to privacy?
| After all, Apple has always approved their apps.
| m-p-3 wrote:
| I don't think Apple will diminish their control on the App
| Store requirement, it's too much of a selling point to them. In
| fact I hope they keep their requirements the same, and I'm
| quite happy to see sideloading becoming a thing. More choice is
| nice.
|
| I'd be so happy to see F-Droid venturing on the iOS side, and
| distribute open-source apps you can trust that would otherwise
| not be available on the App Store (emulators, third-party
| YouTube clients, an actual Mozilla Firefox browser using its
| own rendering engine, etc).
| jclardy wrote:
| TBH I'm hoping Apple will use this to actually improve the
| app store's position and security, get rid of all the garbage
| spam apps, fake clone games and whatnot. But I doubt they
| will, given they make a ton of money off the scam
| subscription apps.
| Loic wrote:
| The only reason I am using an Android phone and not an iOS
| one is because of F-Droid to install the open-source app I
| like and need. I would definitely switch to iOS if I could
| have this freedom there.
|
| I hate that with Android I _trust that Google will at some
| point succeed with a dark pattern in letting me agree to
| siphon my data_ without my _real_ agreement.
| webmobdev wrote:
| > I'm thrilled when Apple wields its big stick to stop big tech
| companies from overreaching.
|
| If Apple did just that, it would have been ok. But they didn't
| stop at that - they decided to do the very same thing that
| Google, Meta, Amazon, Microsoft etc. - after partially
| preventing their competitors from getting hand on some data
| they started to deliberately invade our privacy and collect as
| much of our personal data as they can to mine it. They self-
| appointed and forced themselves to be our conservatorship (
| https://medium.com/@tonytyre9/what-is-conservatorship-legal-...
| ) because we have all been judged too stupid to manage it
| ourself. And like any abusive conservatorship they also exploit
| us.
| Silhouette wrote:
| This seems like the wrong target. A better solution might be to
| break the monopoly control that platform operators like Apple
| and Google have _and_ impose proper laws and regulations to
| fight abusive behaviours by app developers (and the platform
| operators, if necessary).
|
| Even if this set of changes is coming out of the EU and the
| chances of getting good tech regulation any time soon might not
| be high it's probably still better than having all of the
| safeguards for millions of people using a platform depending
| only on the whims of companies like Apple, whose track record
| on user-hostile behaviours and issues like privacy has no
| shortage of concerning events.
| webmobdev wrote:
| Exactly. Recently there was a big drama by the US where they
| summoned TikTok app's management to answer questions publicly
| in a Congressional hearing. International media were
| commenting how America is getting ready to ban TikTok because
| of privacy concerns that allegedly even allowed spying.
|
| None of the major media in the USA even suggested that a
| strong data privacy act, and a general privacy regulation,
| could fix this for _every_ app and be a _better long-term
| solution_.
| lbotos wrote:
| To support sideloading do they have to "Relax control" though?
|
| I think the fear is "sideloaded apps can do bad things" and my
| answer is make the OS better and more clearly manage bad
| things?
|
| What are the bad things we imagine a sideloaded app could do?
| Like it still has to follow the platform APIs right? It would
| have to ask for perms? Sure, it could have egregious tracking
| or spam, or hostile ads, but app store apps already have this??
|
| I'm genuinely asking: What risk am I missing?
| willis936 wrote:
| The risk of big companies like Meta requiring users to
| sideload in order to use their service. To me the answer is
| obvious: don't use services provided by Meta. They can choose
| to race to the bottom all they want. I welcome the freedom to
| use my phone the way I want to.
|
| If bad actors choose to misbehave don't blame the medium
| they're misbehaving on. This line of thinking is similar to
| negotiating with terrorists.
| pie_flavor wrote:
| You can tell by how it hasn't happened on Android once in its
| fifteen-year lifespan.
| [deleted]
| Vespasian wrote:
| I understand your concern and share some of them.
|
| However the solution to overreaching unaccountable private
| cooperations cannot be to hand all the power to another private
| unaccountable company.
|
| Apple is venturing into advertising and that'll tempt them to
| weaken privacy protections sooner or later.
|
| Additionally their app store rules went far beyond enforcing
| security and privacy. They gave themselves an advantage and
| removed competitors for commercial reasons.
|
| Given that the mobile market is pretty much a duopoly in Europe
| there were two (political) realistic alternatives:
|
| - Regulate tightly what apple/google are allowed to do with
| their stores (e.g. like a common carrier)
|
| - force them to give customers a choice by allowing side
| loading.
|
| The elected EU legislative took some points from both
| approaches AFTER the free market failed to implement a
| meaningful competition for central app stores.
| HeckFeck wrote:
| > the free market failed to implement a meaningful
| competition for central app stores.
|
| I don't want every component of my phone OS broken apart and
| subject to what some legislator or lobbyist thinks is
| 'competition'. The competition is between Apple and Google
| making mobile platforms and we already had a choice.
|
| I chose Apple's approach after a few years with Google. I
| miss the headphone jack, but having no tacky tracky shit
| shovelled throughout the OS is nice.
| kaba0 wrote:
| 2 is no choice, that's just ridiculous.
| airstrike wrote:
| Network effects. Or do we really expect devs to write
| proper code for 3+ entirely different native mobile
| platforms?
| phpisthebest wrote:
| If only there was a way of delivery applications using a
| uniform set of rules independent of any manufacturer or
| vendor..
|
| hmm what would I call that.... A standard perhaps..
|
| Then maybe we could make that same application work on
| several types of devices and form factors that simply run
| that standard via a web of devices
|
| We could call them Web Apps... A Web App Standard....
| [deleted]
| kaba0 wrote:
| No, that's why we need market regulations so that the two
| lucky platforms that won the game serves the people, and
| not only their wallets.
| HeckFeck wrote:
| More platforms would be better but the answer is for
| someone - commercial or some free software initiative -
| to get a usable and supported device to market, not
| making impositions on an already established platform
| with its own strengths and legions of customers who are
| willing to pay slightly more because of them.
| waboremo wrote:
| >but having no tacky tracky shit shovelled throughout the
| OS
|
| Like ads for icloud services in settings? Apple TV and
| Music subscription promotions appearing above all other the
| settings links? Personalized tracking being enabled by
| default?
| Spivak wrote:
| The fact these are the complaints is the best possible
| endorsement for iOS. That's all?
| HeckFeck wrote:
| That and the fact that it isn't being sold to other
| companies (from what I know of their privacy policy) and
| can be disabled if you wish.
|
| I don't blindly trust any company, but from what I can
| tell Apple makes their money from services and hardware.
| Someone else in this thread has indicated that
| advertisers are frustrated because they cannot access
| Apple user data. They recently implemented E2E for all
| iCloud data. It looks a better offering than trusting
| every aspect of my online life with a company who makes
| their $$$ from adverts and data mining.
|
| While I'd love to use a PinePhone running OpenBSD for my
| mobile needs, having the ability to message my friends is
| nice. As are online services that Just Work, and if they
| make their money from me paying and not from selling my
| data, then we can be content.
| paulddraper wrote:
| :)
|
| what a hill to die on
| sizzle wrote:
| Have you ever used a Samsung Galaxy device in comparison?
| I'm being upsold on their bloatware left and right and
| third party services. I hate Samsung and Android now with
| a passion because they don't respect my settings and
| often install random system settings that contradict my
| choices.
|
| iOS is a breath of fresh air in comparison and does none
| of this. I say this as a diehard Android G1/Nexus fanboy
| from way back before it became obvious to me that Google
| apps are basically spyware for the surveillance
| capitalism machine.
| dexterdog wrote:
| Get a pixel and put graphene on it.
| nceqs3 wrote:
| lol
| dexterdog wrote:
| Explain
| GeekyBear wrote:
| > Apple is venturing into advertising
|
| It's not the advertising part that is problematic. It's the
| part where you relentlessly spy on everyone to make selling
| ads more profitable.
| [deleted]
| rchaud wrote:
| Advertising isn't profitable without spying. It's an arms
| race with little regulation. If you are not spying, you're
| ceding ground to those that are.
| GeekyBear wrote:
| Advertising has been profitable without spying for many,
| many decades.
|
| Spying just makes it more profitable. Most of the world
| would be fine with Larry, Sergey and Mark only being able
| to afford one mega yacht apiece.
| rchaud wrote:
| > Advertising has been profitable without spying for
| many, many decades.
|
| So was the horse drawn carriage. Where is that industry
| now?
|
| George Orwell could not have conceived a time where
| everyone was voluntarily carrying an electronic billboard
| in their pocket. But we are in that world, and that world
| no longer has room for the Mad Men/Ogilvy/Chiat Day era
| of ad agencies creating one-size fits all campaigns.
| Google and Facebook took them out over the past 15 years.
| GeekyBear wrote:
| > So was the horse drawn carriage. Where is that industry
| now?
|
| Less profitable is not the same thing as impossible, no
| matter how much it enriches your bottom line.
| rickdeckard wrote:
| Meta is collecting data from people using its products to
| create targeting-models for advertisement. An Advertiser
| can then buy ads targeting a specific audience. Companies
| really want the individual user-information to cut out
| Meta, but Meta is not sharing it to the advertiser, they
| have to go through Meta to reach their audience based on
| Personas they curate.
|
| Now Apple owns the underlying Hardware and tracks usage of
| every single application and service on top. How exactly is
| Apple expected to operate their advertising business if NOT
| with the very same method as Meta/Google (creating
| personas, selling them for ads)?
| GeekyBear wrote:
| > Meta is collecting data from people using its products
| to create targeting-models for advertisement.
|
| Meta has been creating shadow profiles of people who
| don't even use their products for over a decade now.
|
| https://www.theverge.com/2018/4/11/17225482/facebook-
| shadow-...
|
| Google, literally, buys a copy of everyone's credit/debit
| card transaction data so they can spy on your bank
| account and not just your online activities.
|
| https://www.technologyreview.com/2017/05/25/242717/google
| -no...
|
| You can sell ads without constantly spying on everyone.
| Glossy Magazines, Newspapers, Radio, and Television
| managed to do so for many decades.
| rickdeckard wrote:
| Glossy Magazines sell Ads to people interested in those
| glossy magazines. The Magazine-content defines its
| target-group. This doesn't work for platform-based
| advertising, the platform needs to offer ways to select
| the target-group to address.
|
| Google purchased transaction data to connect online
| behavior to the real world and refine their Persona
| profile. Apple doesn't need to do this, because they
| already collect data from their users' behavior in the
| real world via their Apple Pay / Apple Card purchases. In
| 2017 Google didn't know whether you actually have money
| to buy a new TV, they only saw that you kept looking at
| TVs online. So they thought it's a good idea to buy this
| data to refine their Ad Personas. In 2023, Apple already
| owns sufficient data to know if you can afford a TV or
| not. They curate your persona from your Apple ID and your
| Apple Pay transactions and even know whether you went to
| BestBuy recently.
|
| Putting you in a matching advertising cluster for that
| isn't a legal privacy violation, your private data will
| never be shared with anyone. Just like Google and Meta
| don't share your private data with anyone.
|
| I don't like any of those practices, but let's not buy
| into the illusion that Apple is doing anything different
| to Meta/Google. They all create and refine Personas to
| allow targeted marketing, and protect the underlying data
| to be the gatekeeper.
| GeekyBear wrote:
| > Glossy Magazines sell Ads to people interested in those
| glossy magazines.
|
| It's entirely possible to sell ads based on the content
| of a web page, just like it's possible to sell ads based
| on the content of a magazine.
|
| It's just not as profitable as relentlessly spying on
| everyone.
|
| > Google purchased transaction data to connect online
| behavior to the real world and refine their Persona
| profile
|
| Google already has more than enough data on it's
| customers through their search history. They don't need
| to relentlessly spy on every aspect of your life,
| including your bank account, to turn a profit.
| rickdeckard wrote:
| > It's entirely possible to sell ads based on the content
| of a web page.
|
| Yes. But at some point i.e. Bentley wants to spend its
| Marketing money only on people likely to buy a Bentley.
| If Bentley shops for ads tomorrow, they can select
| Personas like "Age 40-60", "owns a car" and many others
| from Meta as well as Google as well as Apple. Those are
| the "ads relevant to you" Apple talks about in their T&C.
| Again, I don't like it either, but let's not buy into the
| illusion that Apple is not entering this exact same
| industry to sell their customers' attention to the
| highest bidder.
|
| > Google already has more than enough data on it's
| customers
|
| And so does Apple. Time to start a lucrative ads
| business.
| GeekyBear wrote:
| > at some point i.e. Bentley wants to spend its Marketing
| money only on people likely to buy a Bentley.
|
| So they can run their ads on web pages that are related
| to luxury goods.
|
| It's entirely possible to sell ads without relentlessly
| spying on everyone.
|
| It's just less profitable.
| rickdeckard wrote:
| Hence "Yes". Lots of things are "possible", it's just not
| how things are. We're circling around a straw-man
| GeekyBear wrote:
| Yes, for some reason you're pushing the straw man
| argument that relentlessly spying on everyone, even
| people who are not your customer at all, is the same
| thing as having a first party business relationship with
| your own customer.
| evilduck wrote:
| > Apple is venturing into advertising
|
| Why is this a worry right now and not 12-13 years ago when
| they started venturing into advertising with iAd?
| eitland wrote:
| If I am not mistaken, HN pointed it out back then too.
| GeekyBear wrote:
| Because iAd was designed to preserve user privacy?
|
| >A new report on Advertising Age has revealed what
| advertisers think of Apple's arrogance when it comes to its
| mobile advertising platform and its tight grip on user
| data. This attitude towards its ad business turns off
| advertisers and makes them turn elsewhere, perhaps other
| avenues such as Google, Yahoo, or Facebook that make life a
| lot easier for them.
|
| "One person familiar with the situation exec said Apple's
| refusal to share data makes it the best-looking girl at the
| party, forced to wear a bag over her head," the AdAge
| report read.
|
| https://www.techtimes.com/articles/3568/20140222/apple-
| cares...
| HeckFeck wrote:
| This is the most beautiful thing I've read today. We need
| many more sulking advertising execs.
| rickdeckard wrote:
| Exactly this. When Apple tried "Premium Advertising"
| without sharing any Personas 10 years ago, it failed as
| it was expensive and didn't allow targeted marketing.
|
| In the meantime Meta learnt that they can't allow others
| to extract their precious userdata and need to protect
| their position by clustering data into Personas for
| advertisers to select from.
|
| Now Apple reenters the ad-business, using the very same
| scheme as Google/Meta (maintaining Personas based on
| userdata they safeguard) but with an unprecedented set of
| profiling data of its users, as they collect data on the
| Apple-ID level, spanning from positioning data over types
| of apps used and stocks you're watching to actual
| purchases in the physical world.
|
| If people consider Meta/Google's practice as spying, I
| don't know what they expect Apple's Ads to be. Their T&C
| already describe that they create a persona from your
| data to display "Ads relevant to you", just like
| Meta/Google does...
| GeekyBear wrote:
| > If people consider Meta/Google's practice as spying
|
| Maintaining shadow profiles on people who aren't even
| customers and buying user data from third parties isn't
| spying on people?
|
| Again, it's not the part where you sell ads that is
| problematic.
| rickdeckard wrote:
| Agreed. But USING data of your transactions and your
| third party apps to refine your profile is not spying?
|
| Both is done for the sake of understanding who you are in
| order to sell ads to you.
|
| Is one "spying" and the other "a little bit of spying"?
| GeekyBear wrote:
| Are we talking about something like Amazon having a
| record of things I have purchased from Amazon? Or are we
| talking about Google buying a copy of my credit card
| transaction data?
|
| Because one of those is a perfectly normal part of any
| business relationship, and the other is absolutely not
| normal and not acceptable.
|
| I mean, Amazon stopped mailing receipts with line items
| of your purchases to Gmail customers because Google was
| maintaining a purchase history for transactions that they
| had nothing to do with.
|
| > Google's secret page records everything you've bought
| online
|
| https://www.komando.com/shopping/googles-secret-page-
| records...
| rickdeckard wrote:
| We talk about all of this, yes.
|
| I'm not defending either of these practices, I'm asking
| how it is any different to what Apple does.
|
| So Apple forcing all third parties on the iOS platform to
| use Apple's payments APIs to process payments and thus
| being able to track what you've purchased inside of any
| third party app they have nothing to do with, is that
| comparable to what Google does on the Gmail platform?
| GeekyBear wrote:
| > I'm asking how it is any different to what Apple does.
|
| How is a first party business relationship with your own
| customer different than buying a copy of people's credit
| card transaction data, spying on receipts emailed by
| other businesses, turning on location tracking by
| default, paying children to give root access to their
| device (Onavo), setting up user tracking on a huge swath
| of websites (Google Analytics, Facebook Like Button), and
| the other sorts relentless spying tactics that we have
| seen from companies with a surveillance capitalism
| business model?
|
| > Since 2016, Facebook has been paying users ages 13 to
| 35 up to $20 per month plus referral fees to sell their
| privacy by installing the iOS or Android "Facebook
| Research" app. Facebook even asked users to screenshot
| their Amazon order history page.
|
| https://techcrunch.com/2019/01/29/facebook-project-atlas/
| scarface74 wrote:
| > They gave themselves an advantage and removed competitors
| for commercial reasons.
|
| Which competitor has been "removed"?
|
| > Regulate tightly what apple/google are allowed to do with
| their stores (e.g. like a common carrier)
|
| So there shouldn't be any rules are quality controls on what
| should be allowed?
|
| > The elected EU legislative took some points from both
| approaches AFTER the free market failed to implement a
| meaningful competition for central app stores.
|
| Yes, the EU is the model of smart regulations when it comes
| to tech. That's the reason that it has such a thriving tech
| ecosystem.
| no_wizard wrote:
| >Yes, the EU is the model of smart regulations when it
| comes to tech. That's the reason that it has such a
| thriving tech ecosystem.
|
| I don't think the (perhaps perceived) lack of
| entrepreneurship in the EU should be taken as a sign of
| regulation overreach to protect privacy. Seems liked a red
| herring in this conversation
| VWWHFSfQ wrote:
| The reality is simply that the EU is just not competitive
| in pretty much any of these industries. I'm actually
| struggling to think of any industry at all where EU has
| produced the market leaders.
| malermeister wrote:
| In Software, I can think of Music Streaming and ERP.
|
| Outside of Software, aeroplanes and luxury goods come to
| mind.
| illiarian wrote:
| > That's the reason that it has such a thriving tech
| ecosystem.
|
| By "market leaders" you mean the very many American
| companies fuelled by unlimited investor money that lose
| billions of dollars a year with no chance of ever turning
| a profit?
| scarface74 wrote:
| Or maybe the top five most valuable tech companies -
| Microsoft, Apple, Amazon, Facebook, Google.
|
| Even if that's the case, why aren't investors willing to
| invest in EU tech companies at the same level?
| illiarian wrote:
| Hitory, lax laws (esp. around consumer protection) etc.
|
| On top of that the US is a rather homogenous market with
| a single language vs. 27 conuntries with 27 different
| languages (in reality more) and quite a difference in
| local laws (even if all are compliant with EU-wide laws).
| IIRC there's also an expectation in Europe that companies
| should actually turn a profit at one point (though with
| influx of American money this is starting to change,
| too).
|
| You still get ASML and Infineon, SAP, Adyen, Amadeus etc.
| FredPret wrote:
| I have a tiny measure of power over Apple. I can decide not
| to buy their products or their stock.
|
| But I have zero power over the EU. And yet they're
| legislating what my iPhone is going to work like. Talk about
| unaccountable.
|
| The free market did not deliver competing app stores because
| that is not a problem for the majority of users and is in
| fact a huge boon for most.
| andruby wrote:
| > But I have zero power over the EU.
|
| This is true for every powerful country that you are not a
| citizen of.
|
| For example: EU citizens have zero power over US
| regulations forcing US companies to share data with them.
| Plenty of examples from other jurisdictions as well.
|
| I don't think there is a way around this. A global market
| with these influences is still much better than fully
| isolated markets.
| nightski wrote:
| They are doing no such thing. You don't have to use side
| loaded apps. If a company decides to only distribute from
| side loading, you can just not use their app. This is
| effectively what you are forcing on people who would prefer
| side loading, so it shouldn't be a problem for you.
| FredPret wrote:
| I want a locked down phone. So does every old person in
| my life. I'll literally pay extra for a locked-down
| phone. If you want to side load, buy a phone that allows
| it, don't force Apple to make one.
| stouset wrote:
| FWIW, I am a young person who's professionally employed
| in cybersecurity.
|
| I _also_ want a locked-down phone with no ability to
| sideload.
| andrekandre wrote:
| > I'll literally pay extra for a locked-down phone.
|
| would you prefer a mac or pc to be so as well?
|
| if not, why just lockdown phones and not pcs?
| ben_w wrote:
| These days? Sadly, yes. With good reason, I cannot by
| default trust any software from the web.
|
| Depending on how exactly this is done, it might yet be
| safe: we can have multiple roots of trust, multi multiple
| app stores, etc.
|
| I'm nostalgic for the bygone days when I didn't feel even
| slightly concerned about spyware because no bank cards
| were stored on my device and tech companies didn't phone
| home so routinely that the EU nations unified their
| existing legislation into GDPR in a vain attempt to try
| to get them to stop.
|
| But I don't see those days returning short of a Butlerian
| Jihad against anything post-2002.
| nightski wrote:
| Can you explain how this will compromise your ability to
| lock down your phone? Not only do you still have complete
| control over which apps you install, those that are
| installed are still subject to the same sandbox.
|
| If you want only Apple "approved" apps, well you can
| still do that and you lose nothing. You can't really
| complain about side load only apps that aren't Apple
| approved then, because that is exactly what you want. But
| keep in mind this is orthogonal to the "locked down"
| level of your phone.
| filchermcurr wrote:
| You, and the old people in your life, can simply stick to
| downloading from the official store. This change doesn't
| suddenly force you to live your life in a way that you're
| uncomfortable with.
|
| If applications suddenly drop out of the App Store
| (horrendously unlikely) and force you to install them via
| sideloading, don't do it. It's entirely your prerogative.
|
| Plus, I imagine Apple is going to make it quite involved
| to actually sideload anything. I think the old people in
| your life (incidentally, I know a lot more tech savvy
| older people than younger people, but that's neither here
| nor there) are safe from the nefarious clutches of added
| freedom.
| schrodinger wrote:
| This is still an objectively worse outcome for the person
| who doesn't want sideloading (fwiw, I agree). There is a
| non-zero chance they'll lose access to apps they like /
| need to keep in touch with friends if they stick to their
| principles and avoid all sideload-only apps.
| mrcode007 wrote:
| This will be the biggest future exploit vector.
|
| "Your phone is infected. Click here to load our
| antivirus"
| frumper wrote:
| Good thing even my mom learned to ignore that one a
| decade ago in windows.
| kaba0 wrote:
| If they make it like android's dev mode, no one on Earth
| who shouldn't will enable it.
|
| The people whom for such exploits would be dangerous
| won't be able to follow the 6 steps to enable them.
| JustSomeNobody wrote:
| There is absolutely zero chance Apple will allow it to be
| this simple.
| lenkite wrote:
| I am very confused. Is someone forcing you to deliberately
| side-load apps ? If nobody is forcing you to do this, why
| do you want to force others to only use the App store ?
| ericmay wrote:
| > However the solution to overreaching unaccountable private
| cooperations cannot be to hand all the power to another
| private unaccountable company.
|
| Another way of thinking about this is what we're taking this
| so-called overreaching, unaccountable private corporate power
| from one company and giving many companies that same power.
|
| > The elected EU legislative took some points from both
| approaches AFTER the free market failed to implement a
| meaningful competition for central app stores.
|
| You are presenting both Android and iOS, _and_ default app
| stores for each platform as a duopoly, which is a mistake,
| because on Android you can already install third-party app
| stores. The mobile OS landscape is a duopoly, but there are
| many app stores across both platforms so is is not really a
| duopoly, it 's just that the Google Play Store and App Store
| on iOS are superior products (particularly the iOS App
| Store).
|
| On the OS side I think instead of premature legislation and
| stagnation we should let things just play out. It's a mistake
| to assume that because the state of the world is X today that
| it'll always be X. You can't have instantaneous change. It
| also might just be the economic reality that having just a
| couple of operating systems is the best for consumers and the
| market.
| legutierr wrote:
| > Apple is venturing into advertising and that'll tempt them
| to weaken privacy protections sooner or later.
|
| I hope they never become this short-sighted. I buy Apple
| primarily because I believe that they protect my privacy--or
| at least that they do a better job of it than everyone else.
| rickdeckard wrote:
| The thing is, yes Meta/Google did make mistakes in the past
| and malicious players were able to gather individual
| information from them. But the current business of
| Meta/Google Ads is actually based on protecting your
| private information and curating it into anonymous
| Personas.
|
| They protect your privacy for the very same reason as
| Apple: To be the sole gatekeeper for effectively reaching
| you with Ads.
|
| There also won't be any "weakened privacy protections". The
| goal of Meta/Google/Apple is to reach maximum precision for
| those Personas they create from their users, and protect
| the underlying data for competitive advantage.
|
| Personas are legally not personal data, they are
| abstractions. Advertising to you via a cluster with other
| people who recently purchased a new car is not a legal
| violation of privacy.
|
| This is how Meta/Google advertising works and how Apple Ads
| works as well, their T&C already state this clearly ("your
| information will be used to show ads relevant to you").
| toxik wrote:
| The problem is that once the apple turns sour, and it will,
| you'll turn around to see that all the fruit is spoiled.
| Some moldy, some maggot-ridden, but none made for you.
| peoplefromibiza wrote:
| > I'm dreading this. I want privacy hostile companies like
| Facebook to have to comply with the app store rules
|
| I can't honestly understand this argument.
|
| Are you afraid of yourself?
|
| If you don't trust Facebook, don't install their app.
|
| App store or not, nothing changes, what the app is allowed to
| do is the exact same thing, they're asking for the exact same
| permissions, that you can grant or not on a per app/per
| permission basis.
|
| End of the story.
|
| But if I want to install an app that I completely trust,
| because I know the developer or I have developed it myself, I
| can't install it now.
| comboy wrote:
| In theory you should be able to run untrusted code and be safe
| if permissions, sandboxes etc. are organized reasonably.
|
| The idea that you can tell if somebody's else code is malicious
| just by looking at it is flawed anyway and it's been shown many
| time over.
|
| Plus they still can automatically scan binaries of sideloaded
| apps (maybe that is what this is about, they automated enough)
| onlyrealcuzzo wrote:
| Why are you dreading it?
|
| It's not like Facebook can force you to sideload apps on your
| phone.
|
| If you don't want sideloaded apps, don't sideload them...
|
| The amount of people that try to make choice and freedom seem
| dystopian amazes me.
|
| Oh, no, others have a choice I disagree with! The end is nigh!
| 015a wrote:
| I don't see a reality where companies like Facebook or Snapchat
| start distributing their applications outside the App Store.
| _Maybe_ we see something where e.g. Facebook tries to spin up
| their own App Store, for them and anyone else who wants to
| join, but I would bet every dollar I have that this would
| simply be a failed venture. Because ultimately most people
| think, intentionally or not, like you do: Apps come from the
| App Store. Leaving would be suicide.
|
| The company to watch is Epic Games. If they have the
| opportunity to bring a new gaming-focused App Store to iOS, to
| get Fortnite and other games back on the platform: I think
| they'll take it, and its possible it will do rather well.
| Giving game devs a distribution channel with a far lower cut of
| revenue is tempting, and may open the door to higher quality
| games on mobile. That _could_ pivot to companies like Facebook
| distributing Instagram through something like the EGS for iOS;
| but again, I wouldn 't bet on it.
|
| Three industries will be massively benefited by this change:
| Gaming, Gambling, and Porn.
| M3L0NM4N wrote:
| Gaming, Gambling, and Porn also happen to be my 3 larges
| sources of dopamine.
| bakugo wrote:
| The extent to which Apple has hammered the idea that any sort
| of freedom is unconditionally dangerous and undesirable into
| its users' heads is legitimately impressive.
| WaitWhatHuh wrote:
| >I want privacy hostile companies like Facebook to have to
| comply with the app store rules and respect system settings
| relating to privacy.
|
| How about you spend 10 minutes looking at what Apple is
| actually doing and realize they are just as if not more
| "privacy hostile" as Facebook/Google/etc. They've been on a
| hiring spree since they announced their "privacy" update in
| 2020 to build out their own Ad Tech/DSP/Self Service Ad
| Platform.
|
| Yeah - Apple was pulling a monopolistic move and kneecapping
| their competition for profits sake. They realized "Hey, we can
| kneecap these guys and in the near future profit billions like
| they did with our own ad network".
|
| How is this good for privacy?
| brookst wrote:
| > they are just as if not more "privacy hostile" as
| Facebook/Google/etc
|
| You're going to have to back that up. Apple is degrading
| their privacy value prop for sure, but show me their
| Cambridge Analytica or their "Incognito mode" that still ties
| web activity back to user identity.
|
| > How is this good for privacy?
|
| That's a straw man. It is possible to believe that 1) Apple
| is curbing the worst excesses of abusers like Facebook, AND
| ALSO 2) Apple is making some mistakes that weaken their own
| privacy story.
|
| > Apple was pulling a monopolistic move and kneecapping their
| competition for profits sake.
|
| This is a recurring theme on HN and I find it so strange. Are
| we really supposed to form opinions on what we imagine
| faceless committees _motives_ are, rather than the actual
| corporate actions?
|
| I honestly don't care why Facebook does the things they do.
| My opinion would not change if it turned out it was from the
| most noble and altruistic motives. Just like I'll judge Apple
| for what they do. I don't think it's fruitful to argue about
| whether individual people are a "good person" or "bad
| person", and it's even less meaningful for giant
| multinationals.
| yunwal wrote:
| > This is a recurring theme on HN and I find it so strange.
| Are we really supposed to form opinions on what we imagine
| faceless committees motives are, rather than the actual
| corporate actions?
|
| I'm unsure which side I fall on in this argument, since
| Apple has had an incredible run of customer-friendly
| decisions IMO (at least when compared to their competitors,
| and other near-monopolies). However, it's important to
| learn from history too. Amazon was once one of the most
| revered brands in the world. They successfully priced out
| local shops and online retailers by stocking everything,
| having reliable and fast shipping, and good customer
| service.
|
| But now look at them. Fake products and reviews everywhere,
| 2 day shipping is no longer a thing, they're purposefully
| making returns more of a hassle, and people outside of
| major metropolitan areas no longer have other options for
| many things.
|
| Companies with serious lock-in are bound to screw you
| eventually. Strong culture and product decisions can only
| last for so long until some minmaxer with no product vision
| or care for brand reputation starts calling the shots.
| brookst wrote:
| I agree with everything you've said. I guess I'm just not
| invested in guessing whether Apple will make better or
| worse decisions in the future, or at least I don't have
| enough confidence in my ability to guess correctly to
| make any kind of purchasing decisions.
|
| I'll buy Apple until there's something better for my
| utility function. And then I'll switch and I won't look
| back. I might read a book about how culture, durable
| advantages, and customer-first policies are intertwined,
| I suppose.
| nerdjon wrote:
| I agree with you and I hate that you are being downvoted.
|
| People love to say this is about choice for the consumer but it
| really is not going to be.
|
| My fear is that the choice will be taken away from my by
| companies that are no longer able to engage in shady behavior
| on iOS. Things like trying to collect all my data, forcing me
| into their billing system, shady subscriptions (like how I can
| cancel or reminders of it being about to charge).
|
| The Facebooks, TikTok, etc know that many of their users are
| addicted to their platform and it would not be a stretch for
| them to push users to download the app through a third party
| service. I could even see them going so far as to not be on the
| official store because they know they have the name
| recognition.
|
| Facebook could even make their own store for other apps that
| don't want to respect my privacy.
|
| This is a huge concern of mine that this could be a trend that
| starts small but overtime I no longer have the choice to avoid
| these alternate stores or to side load to be able to continue
| to get the full use out of my phone.
|
| Choice is great, but this is giving the choice to developers
| not consumers.
|
| This doesn't mean that Apple's solution is perfect, but just
| opening up the flood gates is not the solution either. If you
| really want to side load get an Android phone.
| smoldesu wrote:
| > but overtime I no longer have the choice to avoid these
| alternate stores or to side load
|
| Maybe Apple should update the terms of the App Store to be
| more competitive/attractive then.
| nerdjon wrote:
| Sure they could lower the percent from 30% but that doesn't
| address the privacy and shady practices that the free apps
| engage in.
|
| Apple should in no way loosen those terms.
| smoldesu wrote:
| Of course not! They have an image to uphold, as the
| stalwart tinfoil knights of user privacy. However they
| respond is up to them, their forced competition with the
| free market is inevitable though.
| macintux wrote:
| More attractive to giant social media companies who thrive
| on data collection is almost never going to be in favor of
| the user.
| smoldesu wrote:
| Like TikTok and Facebook, both of whom already collect
| and process data serverside? If we want those things
| seriously addressed, we should be lobbying governments to
| fix it. Private companies are obligated to serve the
| government and shareholders first, then address your
| privacy somewhere after that.
| macintux wrote:
| Apple is serving their shareholders by offering users a
| safe platform. It's a marketing feature.
|
| I don't disagree that government should be regulating
| this, these aren't mutually exclusive options.
| ascagnel_ wrote:
| There are no terms on which companies big enough to already
| be bad actors and not get banned[0] won't at least push
| users to their own app stores where they can easily
| sidestep any of Apple's privacy rules.
|
| [0]: https://arstechnica.com/gadgets/2019/01/facebook-and-
| google-...
| hwbehrens wrote:
| Per the parent comment, the terms they would have to add to
| be competitive in this scenario would be "Developers can
| blatantly and horrendously mine all sensitive data from
| users." which, while they would be appreciated by many
| businesses that want to provide apps to iOS users, may not
| be as desirable to the users themselves.
|
| Essentially, what I believe that parent comment is calling
| out is that Apple is currently (voluntarily) acting as a
| user advocate by discouraging exploitative behavior, and
| enforcing that position using their monopsony.
|
| When the monopsony breaks down, Apple will lose the power
| to enforce this rule, and exploitative practices will
| become the new norm. Of course, this does take a somewhat
| paternalistic view of users, in that it assumes that people
| will continue to use TikTok, Instagram, and so on despite
| their privacy being grossly violated. I think that this
| assumption does have a strong precedence, however.
| nerdjon wrote:
| YES!
|
| And not just privacy but also shady practices around
| canceling and managing subscriptions and others.
|
| There is a very good reason I bought my parents iOS
| devices and the app store is the biggest one.
|
| Even as a technical person myself this is a big selling
| point for me to have an iPhone.
|
| Does it give a lot of control to apple and have they
| blocked some apps I wish they could allow, Yes!
|
| But I will take that over a future (that I really don't
| see being an "IF" since we know developers like Facebook
| will jump at the chance to be shady, and they could just
| make it easier for others to follow) where the choice is
| made for me by an app not being available on the store.
| smoldesu wrote:
| I'll respond to both of your comments here, since I think
| you're largely coming around to the same point.
|
| > the terms they would have to add to be competitive in
| this scenario would be "Developers can blatantly and
| horrendously mine all sensitive data from users."
|
| If they can do this as-is on iOS, that's the OS
| manufacturer's failure, not the failure of the store.
| Apple controls the runtime, they control what data gets
| exposed. Same as it ever was.
|
| > Apple is currently (voluntarily) acting as a user
| advocate by discouraging exploitative behavior
|
| I'm going to proceed on good faith and say I agree. Their
| idea of "exploitative behavior" is an obvious double-
| standard, but they don't make _zero_ effort to protect
| their runtime. For the sake of argumentation, I 'll
| assume they're entirely benevolent (even if I believe
| they aren't).
|
| > Apple will lose the power to enforce this rule, and
| exploitative practices will become the new norm.
|
| No they won't. They control the sandbox, there is no
| reason to assume "this rule" goes away. They just have to
| enforce it on an OS level instead of with arbitrary App
| Store signing. Their current method is arguably the
| worse/less secure option anyways.
|
| > it assumes that people will continue to use TikTok,
| Instagram, and so on despite their privacy being grossly
| violated.
|
| They already do. Apple can protect them against certain
| fine-grained fingerprinting from the runtime (and
| should), but they haven't removed any of those apps from
| their store. They all violate their acceptable terms for
| data processing, but they do it server-side where Apple
| can prove nothing. Apple's personal enforcement crusade
| failed since they cannot compel any company to truly act
| in good faith. It's living proof that the government
| should be handling this, not a private company. If Apple
| would lobby for privacy bills stifling Meta/TikTok, their
| privacy dollars would go much further than signing certs
| for known malicious apps.
|
| ---
|
| > And not just privacy but also shady practices around
| canceling and managing subscriptions and others.
|
| Sure, all those are great features. They also require
| Apple to charge an asinine per-transaction fee to
| sustain, but I'm sure the user experience is excellent.
| Without the ability to impose an unfair monopoly, I'm not
| sure if they'll be able to offer these going forward.
|
| > Even as a technical person myself this is a big selling
| point for me to have an iPhone.
|
| I'd hate to hear what you go through when you gotta
| cancel the morning edition of The Times.
|
| > But I will take that over a future where the choice is
| made for me by an app not being available on the store.
|
| You don't get to choose. If the market settles on an
| illegal or unproductive status quo, it will be disrupted
| or regulated back into functionality. It doesn't matter
| if you're a user or a shareholder, bad behavior gets
| patched-up through the democratic process. Apple is
| standing in the way of fixing things, and instead of
| cooperating they're being bent into compliance by the EU
| and States.
|
| > that I really don't see being an "IF" since we know
| developers like Facebook will jump at the chance to be
| shady
|
| FWIW, it's not like Apple doesn't also have a litany of
| shady moments. They're cardholding PRISM members who have
| no problem operating in China even if it means
| compromising iCloud. They want to upload unique
| identifiers for your Photo Gallery so they can pinkie-
| promise that they won't use it for anything bad,
| complimenting their OCSP telemetry.
|
| Facebook is no saint, but nobody is forcing you to use
| their app. Your "fear" is that other people might still
| find Facebook's terms agreeable after leaving the App
| Store, which is neither "your" business nor that
| different from the status quo. The only thing that
| changes is Apple isn't negotiating the business side of
| things anymore... and why should they? Their only concern
| should be keeping the runtime secure and improving their
| platform.
|
| ---
|
| In conclusion, myself (and a number of regulators) feel
| like Apple has asserted unfair control over app
| distribution. No foul, they still have a chance to fix
| things - the iOS platform can still remain secure while
| offering users options. The very plain reason Apple
| resists this is because the status quo is profitable -
| the App Store makes ~$80bn annually on a good year, so
| they'll defend it's monopoly to the death. Apple
| shouldn't say what the user does on a phone they own
| though. You should have the option to default to Apple's
| opinion, but purchasing any product does not make you
| beholden to the manufacturer's will. Apple has seemingly
| forgotten this: the government will kick them out of bed
| if it finds that they've been fucking the economy on the
| side this whole time.
| [deleted]
| Karunamon wrote:
| Let's stop pretending that not being allowed to engage in
| "mining sensitive data" is the only reason a company has
| to not want to be on the app store.
|
| - Discrimination against entire fields of endeavor like
| emulators and streaming clients
|
| - 30% tax
|
| - Victorian era morality clause that has forced
| applications to make UX degrading changes for NSFW
| content
|
| - Anti-competitive behavior for anything that competes
| with Apple's own offerings, including e-books (audible),
| music (bandcamp), web browsers (Firefox/Chrome), and
| probably more I'm not thinking about right now.
|
| - No GPL on the app store
|
| If this were just about "Facebook is mad because they
| can't data mine and stay on the app store" there would be
| a much stronger case, but in the world we live in, Apple
| has abused their so-called "user advocate" position to
| advance their own interests at the expense of their
| competitors, and users, in many other ways. They did not
| have to do this.
|
| If you want to be upset at someone, be upset at Apple for
| inviting the typically heavy and imprecise hammer of the
| state when they could have just stayed in their lane and
| not behaved like greedy controlling puppet masters.
| 1over137 wrote:
| >...this could be a trend that starts small but overtime I no
| longer have the choice to avoid these alternate stores...
|
| You wouldn't lose that choice. Want only Apple-vetted apps?
| Only use their App Store. Easy. Maybe I'm misunderstanding,
| but you seem to be saying: 'evil facebook will harvest more
| data, but I want to keep using evil facebook'. Maybe the
| conclusion you need to reach is that you should stop using
| facebook (and the like)?
| nerdjon wrote:
| No I am not saying I want to continue using Facebook, but
| as more technical people we have to understand the impact
| that this has on non technical people.
|
| Short term we may just see apps like Facebook, TikTok, and
| others that wish to engage in shady practices put out a
| side loaded app. Fine no harm done I can just choose to not
| use those.
|
| But as they get more users they could push their own app
| stores that make it even easier for other smaller apps to
| ditch the App Store entirely.
|
| My concern is not what happens right away for me. (But we
| should all be concerned about companies like Facebook being
| able to harvest more data and be more shady for others).
| But as time goes on and if I need a certain app that I no
| longer have the choice of using an App Store with basic
| protections in place because its too easy for a developer
| to use the alternate store.
|
| We all know that app developers love to use really shady
| practices, this is just going to make it worse.
| LapsangGuzzler wrote:
| You can never assume that one company represents your
| interests better than another: the solution to reducing
| addictive patterns is to enable other developers to build
| more privacy-oriented and dark-pattern-busting apps (one sec
| is a good example of this).
|
| Apple makes certain aspects of the phone addictive as well
| (i.e. the app tray that can't be disabled, Screen Time is a
| joke for actually trying to restrict how much time is spent
| on apps, etc.), and the lack of 3rd party APIs to modify the
| addictive behavior makes it difficult to control.
|
| The easiest way to reduce addiction to devices is design UX
| roadblocks that prevent seamless, mindless interaction with
| the device, and the "digital drug" providers are never going
| to willingly build that themselves.
| nerdjon wrote:
| I agree that we should be talking about the addition
| problem of these apps.
|
| But I reference these specifically as being the gateway to
| more bad behavior.
|
| The idea of Facebook being able to introduce their own App
| Store for example that would allow other developers to
| engage in the same shady behavior.
|
| I only mention those apps since I feel like they have the
| addicted user base to be able to pull it off in a
| meaningful way, but I don't mean that those apps are
| specifically my concern.
| LapsangGuzzler wrote:
| Any technology can be abused and misused. If the bar for
| introducing any new technology was that it couldn't do
| harm to anyone, then nothing would ever change.
|
| The current marketplace for apps gives us very limited
| choice in many ways, it's more of an illusion of choice
| in many cases. If 3rd-party marketplaces allow us to
| build more and less-private apps at the same time, I see
| that as a net positive.
| josephcsible wrote:
| Why is everyone so worried that Facebook, etc. will pull out of
| the App Store and require sideloading on iOS just because it'll
| be possible, when they haven't pulled out of the Play Store or
| required sideloading on Android where that's already been
| possible all along?
| onli wrote:
| It's a talking point. I'm sorry that it is negative and it
| might not fair to the parent commenter, but it's obvious bs.
| It is a propaganda point that was placed somehow into the
| discussion and gets repeated again and again. In no world
| does it make any sense that an app like FB would not try to
| be in every big store, but here we are, having that "concern"
| repeated under every Apple sideloading discussion.
|
| Propaganda is fucking awesome in how effective it can be. And
| equally dangerous.
| op00to wrote:
| The difference between the Play store and the Apple App
| store is that the Play store doesn't even pretend to
| protect against apps that do underhanded, unexpected, and
| intrusive things. There are numerous stories of iOS apps
| being pulled out of the store for using private APIs to
| bypass this or that protection.
| onli wrote:
| That's not true. The Play store absolutely promises such
| protection, and Google adds more protection measures
| every year. The Android system even warns you when you
| install apps from other sources. Also see the related htt
| ps://support.google.com/googleplay/answer/2812853?hl=en.
| op00to wrote:
| Running a "safety check" is not the same thing as the
| (admittedly opaque) Apple App Store review process. Based
| on the challenges developers have had with Apple getting
| certain apps approved, the Apple App Store review process
| is significantly more involved than Google's.
| josephcsible wrote:
| Is your argument that because Apple's review process has
| a lot of false positives, that it must be good? Consider
| a "review" process that consists of rolling two dice, and
| rejecting the app if you rolled snake eyes.
| op00to wrote:
| no, I did not say that. My intention of referring to the
| difficulties is that some rigor is required. The play
| store is a rubber stamp.
| onli wrote:
| The Play Store reviews promises more than a rubber stamp.
| It's okay to see it as such, but you said above the Play
| Store doesn't even pretend; If that were the case there
| would be no review process.
|
| Google will this year address some of the data leaks that
| are still possible by limiting what apps can do. They
| introduced the limitations before, now apps will be
| forced to use the newer API targets that enable them. And
| that is done via the limitations the Play Store applies
| to apps (rule based + reviews) and the changed to
| Android's permission system.
|
| All of that can be criticized in detail, but that they
| are doing nothing and not even try to project the image
| that they protect users is just wrong.
| op00to wrote:
| I'll admit my opinion is out of date and wrong.
|
| As an iOS user who doesn't care to give my mobile device
| any thought at all, Google has a long way to go to
| overcome the perception that behind a thin shiny veneer,
| the Play store is like Mos Eisley.
|
| That and seamless shared clip boarding keep me from
| leaving the ecosystem.
| ayewo wrote:
| I wouldn't call it propaganda. Facebook's reputation in
| this regard hasn't exactly been stellar because they've
| been caught red-handed spying on users at scale [1] [2].
|
| And Apple was swift to limit the damage of their spying by
| banning [1] their app from the app store which is why the
| point the gp is making is sound. The app store is two
| things: a (heavy-handed) review process and a marketplace.
| Without the Apple app store review process, you'd end up
| with what looks like the Google Play store.
|
| So it's not hard to imagine Facebook disappearing
| completely from the Apple app store (to avoid being bogged
| down by Apple's policies) forcing users to sideload the app
| directly from their website to "get their fix".
|
| 1: https://techcrunch.com/2019/01/30/apple-bans-facebook-
| vpn/
|
| 2: https://en.wikipedia.org/wiki/Onavo
| kaba0 wrote:
| Why would the technical solution that solved the privacy
| issue not still solve it just because it is now
| sideloaded? It's not like the sandbox will suddenly get
| disabled for sideloaded apps..
| pwinnski wrote:
| Because Facebook announced publicly that Apple's privacy
| policy changes would cost them $10 billion[0], putting them
| on the record as having strong motive to avoid the App Store.
|
| 0. https://www.cnbc.com/2022/02/02/facebook-says-apple-ios-
| priv...
| josephcsible wrote:
| Isn't that about a technical feature of iOS that won't be
| bypassed just by installing an app from outside the App
| Store?
| kitsunesoba wrote:
| App Tracking Transparency is more App Store policy than
| technical feature, and even if Apple were stonewalling
| third party dev access by technical means, outside of the
| App Store there's nothing to stop Facebook from using a
| rotating set of holes to pull data through, turning the
| situation into an arms race which will only result in iOS
| being locked down progressively further, despite having
| sideloading.
| kitsunesoba wrote:
| Yes, Facebook has plenty of motive. Apple mandating that
| Facebook give users the ability to opt out of their
| tracking has made a major dent in their revenue, and Google
| never implemented an equivalent requirement for the Play
| Store.
|
| Additionally, iOS users' attention has traditionally been
| worth more to advertisers than that of their Android using
| counterparts because they buy so much more.
| yamtaddle wrote:
| > when they haven't pulled out of the Play Store or required
| sideloading on Android where that's already been possible all
| along?
|
| Has Android restricted spying as much as iOS has? I seem to
| recall Facebook freaking out _pretty hard_ about iOS policy
| changes around tracking and blaming that for some serious
| revenue shortfalls, a while back, and have no such
| recollection about Android, but maybe I just missed it.
| Rhedox wrote:
| The only thing that Android doesn't do is zero out the
| advertizing ID unless the user gives explicit permission.
|
| That's an OS thing on iOS though, not a user one.
| Edd314159 wrote:
| I agree, and the idea of a sideload-able iOS makes me very
| uneasy. I like the idea of Apple aligning itself with the user
| to protect me and, more importantly, my tech-unsavvy friends
| and family, from scams, data-hoarding apps, and just generally
| crappy software. I don't mind that they take a portion of
| revenue in return for providing that platform (30% feels too
| much, but you can't argue that it should be zero).
|
| Unfortunately, in practice, Apple have proven to be entirely
| incompetent at achieving that protection. The App Store is 90%+
| garbage and scams. It's completely unusable for any form of
| discovery. Even when you know exactly what app you're looking
| for, you have to wade through copycats, typo squatters, and
| even paid adverts trying to distract you from your search.
|
| Sideloading is full of risks, and I don't love it. But it's at
| least a little bit of competition to push Apple towards make
| the App Store useful again.
| jamil7 wrote:
| > Sideloading is full of risks, and I don't love it. But it's
| at least a little bit of competition to push Apple towards
| make the App Store useful again.
|
| As someone who develops for the platform, I tend to agree,
| I'll probably never distribute apps with sideloading, but I
| think ultimately it's a good thing. I'd also be happy if it
| attracts more interest and developers to the platform who
| were previously turned off by the App Store process and Apple
| Tax.
|
| I also build for macOS, which has always allowed sideloading
| and don't see any major issues with it there.
| throwaway290 wrote:
| Are you worried about piracy or that your app may not be
| available to all platform users anymore? I bet that
| immediately after this feature comes countries, mobile
| providers, etc. will roll out their own app stores and many
| users will not go with Apple's. Those stores will probably
| incentivize big apps like Facebook get on them but not
| regular solo developers. You may have to distribute your
| app through a dozen of app stores and comply with all their
| differing regulations and review processes instead of one,
| or pass on user share... (Or more likely you'll need to pay
| up some app store distribution middleman who will
| capitalize on the situation)
| waboremo wrote:
| It should at the very least help with Safari. What a
| dreadful existence that browser is when you can't get
| extensions into the store without paying the 99/yr fee,
| which has stopped a lot of potential ports from happening.
|
| Most ports right now are quite gnarly, you have to jump
| through a multi step build process just to do what other
| browsers can handle in a single click or drag and drop.
| Other methods I've seen involve relying on something like
| tampermonkey to run the scripts on the sites you want.
| Alternatively, making safari users mad by making your
| extension cost on the app store.
|
| So I have high hopes! Finally developers should be able to
| release things for safari without feeling so suffocated.
| tgv wrote:
| That won't happen. People will install Chrome, and that's
| the end of it. Well, not the end of Google, of course,
| which will now have even more opportinuties to grab your
| data and sell your privacy.
| Spivak wrote:
| Chrome on iOS will be the death of Safari and the final
| nail in web developers supporting anything other than
| "last two versions of Chrome."
|
| I don't know if that'll be good or bad but it will for
| sure be a shift.
| waboremo wrote:
| I'm not sure you're really following. If developers are
| already jumping through hoops to make their extensions
| available for safari users, the only way this "will not
| happen" is if apple makes barriers to entry even worse.
| michelb wrote:
| I think the thing with macOS is, is that if sideloading
| ever became impossible on mac OS, they would instantly lose
| most, if not all of the major applications, making the
| platform irrelevant.
| webmobdev wrote:
| > I also build for macOS, which has always allowed
| sideloading
|
| Isn't it funny that something that has been completely
| normal for decades - the freedom to (develop and) install
| the software we want - now has new term because corporates
| have forced themselves as a middle-man to dictate what we
| can or cannot install? (And worse, now even have automated
| ways to kill or uninstall a software without our
| permission. Remember when the Amazon Kindle app deleted the
| 1984 ebook from everyone's devices ( _Amazon Secretly
| Removes "1984" From the Kindle_ -
| https://gizmodo.com/amazon-secretly-removes-1984-from-the-
| ki... )? That's the bleak future we are heading to ...)
| andai wrote:
| Do you also align with other powerful entities taking away
| your freedom for your "protection"?
| op00to wrote:
| I certainly align with powerful entities taking away some
| semblance of freedom for protection:
|
| 1. I am a citizen of a country, so I give some freedoms
| away to have a military, police force, etc.
|
| 2. I work for a company, so I give some freedoms away to
| gain economic security.
|
| 3. I am part of a family, so I give some freedoms away to
| ensure my family is stable and secure.
|
| 4. I drive a car, and I give the freedom to not submit to a
| brethalyzer test to ensure I can get to places further than
| I can walk.
|
| You do too.
| andai wrote:
| Nobody's forcing you to do these things, though (except
| arguably paying taxes). Of course, nobody's forcing me to
| use an iPhone either. I just picked the least crap option
| I could find given my personal preferences.
|
| What I object to is the idea that I'd be better off with
| _more_ totalitarianism (in this instance, a corporation
| dictating which computing I am allowed to perform on my
| pocket computer) rather than less. I prefer as little as
| possible.
|
| Again, I sacrifice some freedom and privacy (too much,
| I'm afraid) for convenience. But I certainly won't go
| ahead and say, "I wish I'd sacrificed even more."
|
| Though I can understand that this is very common, and
| appears to be an adaptive mechanism that maintains mental
| health by minimizing cognitive dissonance.
| Edd314159 wrote:
| Yes. On a regular basis. Do you not?
| andai wrote:
| I am subjected to it on a regular basis, and it hurts
| every time. I do not seek it out voluntarily.
| justapassenger wrote:
| > I agree, and the idea of a sideload-able iOS makes me very
| uneasy [...] Sideloading is full of risks, and I don't love
| it.
|
| Luckily, there's very simple solution for you! Just don't use
| sideloaded apps.
| sneak wrote:
| That's because you don't live in China where Apple is forced by
| the state to remove VPN apps (that bypass government
| censorship) from the App Store.
| simion314 wrote:
| No such thing really happened on Android. Facebook is still
| there.
|
| But the opposite happened , apps were pushed out from the Store
| and if you are using iOS you are screwed but on Android you
| could decide to take the risk and side load the app from the
| official website. I just had to do this, I installed solar
| panels and they are made by Huawei, thx to USA-China wars ,
| Huawei apps are no longer in google Play and Huawei phones do
| not contain Google Play support anymore (or last time I
| checked)
| Eric_WVGG wrote:
| Has everyone forgotten that bit where Facebook sent
| representatives out to college campuses and paid students
| twenty bucks to install their VPN app (distributed via Apple's
| beta or testflight or whatever)?
|
| Apps like Instagram are popular enough that, if Meta wants to
| move them to their own app store (possibly incentivized via
| exclusive new features), people _will_ follow. And the VPN
| thing shows that there's no depths to the level of trickery and
| and violation of privacy that they will indulge in.
| Aachen wrote:
| You're phrasing that as though paid market research is on the
| order of living through war. If we don't all remember that
| continuously in the context of how dangerous app installs
| are, it might not be warranted.
|
| I kinda like being able to install open source software
| without agreeing to anyone's terms of service. I'm typing
| this from an open source browser going through an open source
| firewall that blocks trackers which both came from an app
| store that I contributed to, for example. That's a lot more
| benefit than letting a bigcorp from another continent with a
| very different culture decide the rules about everything you
| can do with every unit sold.
|
| There are paths where you can prohibit businesses you deem
| evil from paying people to study their lives that don't
| involve letting your device's content rules be set by an
| undemocratic and profit-oriented company.
| WheatMillington wrote:
| You know it's optional, right? No one is forcing you to do
| anything.
| bonestamp2 wrote:
| I'm less worried about the large companies than the scammers.
| If we look at Android, the big name apps will stay in the OEM
| app store and the scammers will trick the young and old into
| installing their janky app from an untrusted source. Hopefully
| Apple will have a setting in parental controls that prevents
| side loading.
| danShumway wrote:
| > I want privacy hostile companies like Facebook to have to
| comply with the app store rules and respect system settings
| relating to privacy.
|
| Just as a general reminder, I heavily recommend that you not
| install Facebook on your phone _even if you have an iPhone._
| There are good things Apple is doing with enforcing privacy
| controls, the controls aren 't useless, but there are still
| loopholes: https://arstechnica.com/information-
| technology/2022/04/a-yea...
|
| To provide a counter silver-lining to the concerns here, I'm
| hoping that if iOS gets sideloading that maybe apps like
| NewPipe could start becoming more commonly available for iOS
| users.
|
| Right now, iOS is sort of stuck in this middle ground where
| Apple does legitimately do some excellent work reducing the
| privileges of apps, but also... you still have to use those
| apps if you want access to the services. It would be good to
| see more unofficial clients for some of these services like
| NewPipe or Twire get better support like they have on Android.
| I'm not knocking Apple here, they're trying to hit a middle
| ground between accessibility and privacy, but I don't want
| people thinking that the iOS version of Facebook isn't still
| tracking them. It's (hopefully) tracking _less_ than it would
| on Android, but it 's still tracking.
| tenebrisalietum wrote:
| The setting that Facebook hates and evidently bet the whole
| company on - "Ask App Not To Track" - probably wouldn't go away
| for sideloaded apps.
|
| Honestly, given things like this ...
|
| https://www.msn.com/en-us/news/politics/montana-lawmakers-vo...
|
| I think Apple may not have a choice. This is a move that will
| leave Apple free (or freer) of liability in various situations.
| For example, Apple is no longer liable if you sideload an app
| that is outlawed by your locality, and Apple removing apps from
| the App Store for violating App Store TOS can no longer be as
| strongly framed in a censorship debate.
|
| I'm looking forward to it because quite a few apps that feature
| adult content can exist on iOS now and not have to be clunky
| web apps.
| WorldMaker wrote:
| > The setting that Facebook hates and evidently bet the whole
| company on - "Ask App Not To Track" - probably wouldn't go
| away for sideloaded apps.
|
| Apple phrased that as peculiarly as they did for several
| reasons. "Ask App Not To Track" is not "Force App Not To
| Track", it relies a lot on self-disclosure from apps and some
| discovery from App Store testing cycles and apps already
| currently lie about it and things are missed in App Store
| certification.
|
| There's less reason for self-disclosure by sideloaded apps
| and no certification process to spot-check such self-
| disclosures even if a sideloaded app provided them.
|
| "Ask App Not To Track" does feel like a vulnerable tool if
| sideloading is allowed and certain major apps create pressure
| to encourage average users to sideload some common apps.
|
| Whether or not you are looking forward to capabilities that
| sideloading would grant, it is fair to lament the possible
| loss of how good "Ask App Not To Track" has been so far and
| assume it will get worse in a sideloading world.
| 35208654 wrote:
| It seems like everyone in these discussions sees only two worlds:
| lawless hellscape of intrusive, data-stealing apps that permit
| freedom or "walled garden" of good apps that restrict it and
| users' freedom. The truth, as always, is already somewhere in
| between. And it will be after iOS 17.
|
| Let's see how Apple innovates in this space. It's time. The
| iPhone is 16 years old this year. Time to users get behind the
| wheel if they want to.
| throwaway290 wrote:
| My nightmare scenario is if every country and mobile reseller
| will come up with their own app store, and pre-load/make users
| use those. Once Apple gave in, they will press further to make
| this happen.
|
| These stores would onboard Facebook and other big apps, but
| regular solo dev will have to submit each app to a dozen of
| different stores and comply with a dozen of different
| requirements and review processes or pass on user share to some
| local dev who copies the idea quickly enough.
| 35208654 wrote:
| The EU is pushing for (has already ratified?) rules against
| even pre-installing Apple apps, or at least making it easy to
| remove them. I'm certain that Apple, who sells their phones
| directly, will be able to keep the carrier bloat at bay.
|
| But I also share that concern. It's one reason I don't use
| android as a daily driver.
| olliecornelia wrote:
| Great, can't wait to see what apps my parents get tricked into
| installing.
| CogitoCogito wrote:
| The comments to this article just scream Stockholm Syndrome.
| ChrisMarshallNY wrote:
| I would hope that Apple is going to try adding some kind of
| security guardrails on this. Not sure if they could do it,
| though.
|
| The one _really big_ deal with cracked phones, is that the apps
| can do whatever the hell they want, and many app authors (I 'll
| bet a number of them are on this very venue) will take advantage
| of that.
|
| I know that I can be circumspect, but many of my non-technical
| friends, cannot. They are highly likely to be manipulated into
| sideloading malware.
|
| Phones, these days, carry _our whole freaking life_. They are
| lucrative hacking targets.
|
| Many phone owners seem to be blissfully unaware. I have at least
| two friends, that deliberately don't engage locks or biometrics,
| for convenience, yet, their phones are loaded with banking apps
| and whatnot (I don't use any banking apps, myself).
| christkv wrote:
| I got a beat that they will launch this sounding like they made
| this decision to improve the user experience. One more thing now
| we have opened the iPhone so all developers can test their apps
| without the cumbersome approval process. We call it express
| deploy and it's awesome.
| 29083011397778 wrote:
| > Historically, Apple execs including Tim Cook and Craig
| Federighi have staunchly opposed sideloading citing privacy and
| security reasons.
|
| Which is funny to me, because after flipping through the App
| Store for an email client, I found, on this heavily curated
| storefront, a single digit number of apps I would trust with my
| email credentials. Android, with it's option to "sideload"
| F-Droid, gives me dramatically more options that I trust.
|
| Security and trust do not require locking me out of my own
| hardware.
| Retric wrote:
| Apps you trust is a really poor security mechanism for the
| general public.
|
| The Apple App Store is a dumpster fire, but there is a
| perfectly reasonable argument for locking down a device you're
| handing to family members who aren't security conscious.
| [deleted]
| layer8 wrote:
| I'm sure you'll still be able to do so with MDM using
| Configurator.
| galleywest200 wrote:
| > perfectly reasonable argument for locking down a device
| you're handing to family members who aren't security
| conscious
|
| Then enable a more limited App Store mode as an opt-in
| feature.
| CharlesW wrote:
| > _Then enable a more limited App Store mode as an opt-in
| feature._
|
| As on macOS (with SIP, etc.) it'll be the opposite: Users
| will need to opt-in to this new less-secure mode, as they
| do the ultra-secure Lockdown Mode.
| rootusrootus wrote:
| > As on macOS
|
| I'm on the latest version of MacOS and I routinely
| install software outside of the App Store (in fact,
| nearly 100% of the software I install is outside the app
| store).
| squeaky-clean wrote:
| You only have to enable the setting once, but you
| probably did change the "Allow apps downloaded from"
| setting at some point in the past.
|
| https://support.apple.com/en-us/HT202491
| nightski wrote:
| I don't personally know a single person outside of developers
| that have side loaded apps on Android. Maybe I am an anomaly,
| but it just seems very rare.
| dublinben wrote:
| It's probably just you.
|
| Fortnite went sideload-only on Android in 2018, and had
| ~40m players on Android. Their userbase is 60% 18-24 years
| old, so you may not know many players. [0]
|
| Leading drone maker DJI's app for Android is also sideload-
| only, and they've sold hundreds of thousands of drones to
| people, many of whom probably use Android.
|
| [0] https://www.sportskeeda.com/esports/how-many-people-
| play-for...
| m463 wrote:
| I wouldn't sideload a DJI app on my phone - for that
| matter any chinese manufacturer
| squeaky-clean wrote:
| My mom got tricked into installing an "emoji pack" that
| would make her phone give her constant notifications for a
| gambling website. She doesn't know she sideloaded an app,
| but that's what happened.
| nicce wrote:
| The problem is that most of the mainstream apps will not be in
| F-Droid et al. when they are the ones which should be in there.
|
| We lose all transparency for the big players. Meta does not
| want us to know precisely how much it collects data.
|
| If they can start somehow avoid Apples privacy restrictions and
| reduce transparency with side loading, they will do it.
|
| There isn't really problem with the lack of sideloading in iOS.
|
| It is just that costly developer licence and strict requiremets
| of App store to increase the quality of the apps.
|
| Sideloading just makes it easier to install lower quality
| software and some random oss projects where maintainers do not
| have either Apple's licence or time to maintain app store
| releases.
|
| Of course, there is the payment fee but that is another story.
| mft_ wrote:
| Genuine question: what are you basing these 'trust' judgements
| on, especialy in the case of the Android apps? Open source, or
| something else?
| 29083011397778 wrote:
| Developers don't get paid for information, ads, user data, or
| per-install / purchase on F-Droid. As a very general rule,
| apps are uploaded to F-Droid because people made something
| fun or helpful, and they want to share. Their incentives ("I
| made something fun!") align with my incentives ("I want
| something made by a dev that can at least pretend to give a
| shit about the user"). Apps are not inherently user-hostile,
| or made for an ulterior motive.
|
| Proprietary app stores are... nearly as much of an exact
| opposite I can think of, regardless of who sponsors them;
| Microsoft, Amazon, Google, or Apple, devs are putting apps
| there to get paid. Sometimes it's user data, sometimes it's
| "Free" with in-app purchases pushed by dark patterns,
| sometimes it's to push for consumer lock-in, and sometimes
| it's straight up malware, like most flashlight and cleaner
| apps on Google Play. Regardless, the incentives don't align,
| and that is what I'm on about when I use the word trust here.
|
| People don't like it when a UX change is made by and for the
| company that just so happens to screw lots of users, or break
| or slow their usage. That's exceedingly rare on apps made by
| devs in the first category, and depressingly common for the
| latter group.
| IceWreck wrote:
| All applications on fdroid's main repos are
|
| a) open source b) built by fdroid's CI from source without
| depending on external executable binaries.
| MagicMoonlight wrote:
| That's irrelevant when you're never going to read the
| source code. It's like saying that you can trust a chinese
| chemical plant to make good chicken because if you pay for
| a flight over there they'll let you read their recipe.
| Unless somebody actually puts that effort in to check that
| out and conduct a huge factory-wide audit in their own time
| for free then you are getting zero benefit from that.
| sneak wrote:
| For me, it's where the apps send the credentials or usage
| information off to.
|
| Most apps in the iOS App Store are chock full of spyware that
| reports on everything you do in the app. Many of the Apple
| system apps function the same way too (even with analytics
| disabled).
| mft_ wrote:
| Again, totally genuine question: how do you know this?
|
| From a (my) relatively uninformed perspective, I'd have
| expected the opposite - that the iOS App store was more of
| a 'controlled' environment, and the Play store more like
| the wild west. But maybe this is just me believing Apple's
| marketing...
| smoldesu wrote:
| Well, any app can make web requests for starters. If
| Facebook/Meta/Whoever wants to exfiltrate data from their
| app, they probably can. So, the issue on most apps
| becomes limiting the amount of personally identifying
| data that can reach that runtime in the first place.
|
| Both Android and iOS now do a fairly good job sandboxing
| the filesystem, but both cannot protect against advanced
| fingerprinting/data processing. Apple can outline
| acceptable data processing terms in the App Store, but
| that doesn't stop bad actors from taking data and
| processing it remotely. In Facebook and TikTok's case,
| this is almost certainly what's happening - and why the
| government is the only one capable of holding them in
| check.
|
| The "alternative" is restricting the amount of entropy a
| user can generate to near-zero, which isn't really useful
| for app developers. Suffice to say it's an unsolved
| issue, even with a singular App Store.
| FloatArtifact wrote:
| Having the power to choose side load is a net benefit. For those
| that have any sort of fear, they simply just get apps from the
| official store.
|
| Could and will people be taking advantage of by side loaded apps?
| The obvious answer is yes, it's a risk that allows for
| responsibility and freedom.
| mort96 wrote:
| What happens when the apps which used to be available on the
| app store get taken down and made sideload-only, like what Epic
| did with Fortnite on Android?
| peoplefromibiza wrote:
| The same thing that happened before: you either chose to
| install it and side-load it or you don't. Side-loading is
| something that only a very marginal minority of people do. I
| don't understand the fearmongering.
|
| Anyway when you sideload an app on an Android phone, the APK
| is scanned to check if it's secure to install.
|
| Permission wise, nothing changes.
|
| Policy wise, it means no Apple tax and maybe some publisher
| will be able to cut prices, to the users' benefit.
| vsareto wrote:
| As dumb as it sounds, I'd buy a second phone for side loading
| things if I needed to use enough of those apps. Before side
| loading on my personal phone, I'd want enough real world time
| to pass to make sure it's not easy to find vulnerabilities
| that lead to a complete compromise by side loading (they will
| be found, but it needs to be "zero-click text message for
| root" levels of rarity).
| TingPing wrote:
| They are still going to be sandboxes, regular permissioned,
| apps. Nothing changes for most apps except they get a 100%
| cut of in-app sales.
| judge2020 wrote:
| And can put up a banner that says "Sorry - to improve
| your experience, you must enable 'always' location
| tracking".
| toast0 wrote:
| If you don't want to sideload, then don't. If companies don't
| want to be on the platform app store anymore, it's not the
| end of the world. I ran a windows phone for several years; if
| there's no app for something, there's usually a website, and
| Safari is loads more usable than mobile IE or mobile Edge; so
| you're fine for the most part.
|
| Yeah, you might lose out on playing FPS games on your phone,
| but is that really a loss?
| judge2020 wrote:
| The net loss is to society when Meta pulls Instagram from
| the official store and says "to continue using Instagram,
| go to instagram.com in safari and follow the instructions".
| kaba0 wrote:
| And they could close overnight from lack of millions of
| users.
|
| Apple is not required to make it "download file and
| double click" easy, the best course for action would be
| making it relatively hard to enable so that no one's
| grandma will be able to follow the instructions.
| squeaky-clean wrote:
| It hasn't killed Fortnite and people just as addicted to
| fb/insta.
| raydev wrote:
| Fortnite has a different audience with different needs.
| Pfhortune wrote:
| I feel the HN crowd vastly overestimates both Meta's
| willingness to abandon the App Store and the average
| user's ability to "follow the instructions."
| sammax wrote:
| I fail to see the net loss to society in this scenario.
| galleywest200 wrote:
| I hope Epic does this for the Bandcamp store on iOS (Epic
| bought Bandcamp recently). The iOS app disallows the
| purchasing of digital music, but if they can get around the
| App Store policies then I can purchase digital music from the
| app without needing to go to the mobile site.
| barkerja wrote:
| I'm curious what benefit this would actually yield to you?
| Is it simply just the case of not having to leave the app?
| Because aside from that, there would (likely) be no IAP;
| you'd still be required to give your financial info
| directly to the app.
| pph wrote:
| I suppose the current situation is that buying is
| disabled in the app because it is not allowed by Apple
| (without going trough them and pay the 30% cut), but in
| an app outside the store it could be enabled.
| wackget wrote:
| Are you implying that allowing companies the choice to go
| sideload-only is a _bad_ thing?
| tsbinz wrote:
| If the company is big enough (e.g. not using whatsapp is
| not an option for a lot of people), or if the app comes
| from a state that can force you to install it by law, yes
| it can be.
| 015a wrote:
| As opposed to Apple being big enough that they can bully
| developers into both building for their platform and
| distributing through the channels they christen?
| jutrewag wrote:
| Yes. All hail the walled garden, didn't know it's what I
| wanted but it is.
|
| The PC is my playground, I want my phone to be rock solid
| and someone else to do the weeding there.
| zarzavat wrote:
| Don't worry, you can bet Apple is going to make
| sideloading as awkward as possible within the bounds of
| the law. It's not like Apple woke up one day and decided
| they don't like money. It will only be useful for
| hobbyists.
| jutrewag wrote:
| Yes, I've come to trust apple and they protect their
| consumers privacy. I don't have the same level of trust in
| other companies.
| mort96 wrote:
| I'm saying that "[you can] simply just get apps from the
| official store" is not necessarily correct. I'm not making
| a value judgement about whether that's a good or a bad
| thing.
| kube-system wrote:
| It is a good thing that mainstream users get their apps
| from somewhere that they've been reviewed by a third party.
| A world where sideloading from anywhere becomes a normal
| thing for mainstream users to do, is bad for privacy and
| security.
|
| eg.: https://c1.staticflickr.com/3/2040/1924189728_668c4bc4
| e2.jpg
| vorpalhex wrote:
| Users deserve freedom with their devices regardless
| whether you think they should have it.
|
| The internet is valuable because it is open and free.
| Meanwhile the appstore complies with authoritarian
| regimes.
| kube-system wrote:
| I disagree with the idea that an open internet somehow
| means that proprietary devices shouldn't be permitted to
| connect to it.
| jacooper wrote:
| It probably wont succeed, the play store still exists for a
| reason.
| mort96 wrote:
| Fortnite seems plenty popular.
| raydev wrote:
| Not because of the ability to sideload. Most people want
| to play it on console or PC.
| jacooper wrote:
| Still it didn't kill the play store did it? No body is
| forcing you to install it.
| Hamuko wrote:
| > _like what Epic did with Fortnite on Android?_
|
| Epic pulled Fortnite from Google Play Store in 2018 because
| they wanted to keep more of Google's 30% share and they were
| back in 18 months because most people aren't that determined
| to get an app outside of the official app store.
|
| Any company pulling their apps from the App Store must have a
| pretty good reason to do so, because they're gonna be
| decimating their download numbers.
| xeromal wrote:
| I also think Google dropped down to 15% IIRC
| coldpie wrote:
| > Epic pulled Fortnite from Google Play Store ... and they
| were back in 18 months because most people aren't that
| determined to get an app outside of the official app store.
|
| Can you please link me to the Fortnite page on the Play
| store?
| Hamuko wrote:
| That's an unrelated issue. They're not on the Google Play
| Store anymore because Google banned them. But they most
| definitely did come back to the Play Store with their
| tail between their legs, and even made some salty
| comments on life outside the Play Store.
|
| https://www.theverge.com/2020/4/21/21229943/epic-games-
| fortn...
| concerned_ wrote:
| [flagged]
| TheLoafOfBread wrote:
| I can't wait when Apple will stop being a little childish brat
| about "What obscure rule does this application break and I am not
| allowed to publish?" when I will have the ability to publish on
| competing app store and tell Apple to GFY.
|
| Apple users should also rejoice, because browsers coming to iOS
| will finally support full PWA functionality and Safari will
| either support all the features as well (not the current neutered
| one) or it will disappear into obscurity.
| londons_explore wrote:
| Nah - Apple with drag its feet at every step.
|
| They will, at every point, do as little as possible to avoid EU
| fines, while simultaneously not opening up the platform to
| developers like you.
| TheLoafOfBread wrote:
| From my perspective I just need a PWA browser with working
| WebBLE API or Apple stop having set of obscure unpublished
| rules. I am betting that I will get working PWA sooner than
| Apple will stop being Apple.
| jraph wrote:
| Many people here are afraid of being able to install apps on iOS
| from somewhere else than the Apple store because then Facebook
| will be able to be fully evil on iOS.
|
| A relationship without trust and with fear of evil actions is
| called a toxic relationship. If you don't trust Facebook, don't
| install it. Even from the app store. There is no world in which
| you _need_ the app.
|
| First, if you use Facebook because of the network effect, don't
| stay passive. Advocate for using something else, like Signal,
| mastodon, anything.
|
| Second (in the meantime), if you still need Facebook, I'm sure
| you can access it from a browser in private mode.
|
| Get out of this toxic relationship now.
|
| Get your news and your fun from somewhere else not amenable to a
| filter that suits a manipulative company.
|
| We should be happy for such new possibilities. Of course it
| requires putting your time and money where your mouth is. But
| it's worth doing either way! Stop the dissonance!
| jutrewag wrote:
| Not having WhatsApp at this point is akin to not having a phone
| at all. I wouldn't be able to talk to most of my friends/family
| outside the US.
| diebeforei485 wrote:
| For most of the world outside US/Canada, WhatsApp is as
| mandatory as SMS or Phone Calls.
| jraph wrote:
| WhatsApp is pervasive in France, where I live.
|
| I have resisted installing it from the start. Of course I
| felt some pressure about this. People never built the
| expectation I had WhatsApp. I never stopped advocating
| against it (in a nice way, without blaming people). Now, more
| and more people have been installing Signal and now I can
| have group discussions again.
|
| We are many who don't like Facebook. If enough of us resist,
| WhatsApp will stop being so pervasive and "mandatory".
|
| It has happened in my social circles. There's no drawback
| anymore for me to not having WhatsApp. When there was, I
| still had a fulfilling social life, with as many friends, or
| even more, than average. I was still invited to events, I was
| still able to organize events, etc.
|
| If people like you, they'll reach you. Having WhatsApp is
| just convenient, not a determining factor.
|
| Most people now understand that privacy is an important topic
| and will cope with you not having WhatsApp, or even embrace
| your action.
|
| The world needs you to become better. Of course it's not
| easy. But it's not inevitable.
|
| Again, WhatsApp might (still) be mandatory to you today.
| Okay! You are stuck with it for now. Fine. I understand. But
| do something about it! Advocate for something else! You can
| do it gently without pissing people off (which would be the
| best way to fail convincing them anyway)
|
| If nobody does anything about it, we are stuck with Meta.
| [deleted]
| seanw444 wrote:
| Apple has successfully convinced their base that leaving their
| walled garden is a danger. I wonder what particular word could be
| used to define that.
|
| Anyways, F-Droid is a clear example of how alternative sources of
| apps can be just as secure as the official one (and in F-Droid's
| case, _more_ secure).
| jutrewag wrote:
| The particular word is "comfort".
|
| The App Store is comfy and they enforce a certain modicum of
| non-jank.
| gorbypark wrote:
| I think everyone agrees that not only Apple has the ability to
| offer an malware free App Store, it's just that if F-Droid
| exists than so can G-Droid, the fork made by criminals to
| exploit less technical users. I think it's overblown, though.
| Android has side loading and there doesn't seem to be an
| epidemic of sketchy app stores.
| techaqua wrote:
| is this epic related?
| ESMirro wrote:
| No, this is as a consequence of the EU Digital Markets Act.
| browningstreet wrote:
| One upside I haven't seen discussed a lot about this: sideloading
| your own apps.
|
| I don't care, and don't really imagine, sideloading others'
| apps... but this could give rise to a hobbyist/customization wave
| again.
| alden5 wrote:
| Apple already lets you sign your own apps, but i will admit the
| 1 week expiration is very quick and a $99/year developer
| subscription for 1 year signing is way too expensive for most
| hobbyists.
|
| It'll be great to see all the neat little apps that macos has
| come over to ios
| sixstringtheory wrote:
| I wonder if there will still be two classes. I imagine
| sideloadable apps will need notarization like they recently
| implemented for macOS apps delivered outside the mac app
| store. They can require a developer account for that, or make
| it behave differently for the separate classes.
| ye-olde-sysrq wrote:
| This is my plan, I'm super excited about this change.
|
| I plan to sideload exactly 0 non-play-store apps except maybe
| dolphin or similar big-name open source things.
|
| I DO plan to sideload two apps of my own (currently web apps
| but they suffer for being so, as opposed to being native), and
| while I know apple has given some ways previously to let you
| have "private" apps etc, they still require paying a ton of
| money AND you still have to get them approved by Apple!!
|
| I was sad when I left android solely for the reason of
| sideloading apps, but given I'd used android for ages and only
| sideloaded two apps: dolphin and one of my own custom apps that
| I had stopped developing, I figured it wouldn't be a big deal.
| But I'm looking forward to this a lot now.
| tempodox wrote:
| That's exactly what I want to do and what I hope this will
| eventually enable: Run my own apps on my own frigging devices
| (no distribution involved) without having to bribe Apple for
| the privilege (if you don't buy a Developer subscription, you
| have to re-install your apps weekly to keep them functional).
| asdff wrote:
| This would eat the app store alive and I could not be
| happier. So many very basic and simple, frequently cloned,
| but sometimes necessary apps exist out there that do the
| whole trial and subscription song and dance to collect rent.
| This is only because there is no path for open source
| alternatives. If there were, it would be like the state of
| affairs with desktop based software, where you have some
| first party solution, then on github there are typically a
| couple open source free alternatives if there is any demand
| for that sort of software, or there are even whole ecosystems
| like apt, brew, or conda to maintain open source software on
| your device.
| malermeister wrote:
| There's F-Droid on Android, which is exactly what you're
| describing. App Store for Open Source projects. I'm hoping
| this brings something similar to Apple Devices!
| g8oz wrote:
| Could this mean a F-Droid type app store on the iPhone? That
| would be a big deal.
| microflash wrote:
| I can't wait for my banking app to ask me to disable sideloading
| on iOS before I can actually use it. Such idiocy has been rampant
| on Android with banking apps refusing to launch when Developer
| Options are enabled.
|
| That aside, I am very happy with this development. I have
| personal apps that I'd like to sideload without paying for a
| developer account. I am also looking forward to a more lively
| open-source ecosystem around iOS apps which has been
| significantly lackluster compared to that on Android.
| jutrewag wrote:
| You can side load your personal apps now.
| Pfhortune wrote:
| ...but you have to refresh them every seven days or they stop
| launching. A very annoying tether for a mobile device.
|
| And you can install three personal apps at most.
| layer8 wrote:
| I don't think banking apps will have much reason to do so,
| given that sideloaded apps will still be sandboxed. This is not
| like a jailbreak. I would also assume that apps have no way to
| check what kind of other apps are installed.
| DevKoala wrote:
| I hope there is an option to disable this by default. My parents
| already manage to install tons of awful apps somehow.
| tempodox wrote:
| The AppStore is not there to protect your parents from awful
| software, it's there to protect Apple's interests. And they
| sure as hell won't force side-loading on you.
| DevKoala wrote:
| The Apple Store makes it incredibly easy to cancel
| subscriptions and getting charge refunds. Try getting a
| refund out of a side loaded app charge.
| dahwolf wrote:
| Mozilla should step into this space. Launch an alternative app
| store, cost-neutral or minor profit only, all apps privacy
| checked.
|
| Better than the writing of preachy blogs that do nothing. The
| problem with current Mozilla is that they have no platform. They
| have no reach.
| binarymax wrote:
| I would totally pay for apps on a Mozilla store. This is a
| great idea.
| dahwolf wrote:
| The only risk I see is their progressive views at times being
| a little too progressive, leading to "safetyism" and a too
| restrictive policy on what can go in the store and what
| cannot, or this somehow affecting which app get prime real
| estate, whilst others are burried.
|
| Screw it, I might as well spit it out: it should not be a
| woke app store.
| Pfhortune wrote:
| What is woke? Can you quantify it?
| ralphc wrote:
| I look forward to this, not for potentially sketchy third party
| apps but for my own apps. My phone is the computer, camera, etc.
| that I always carry with me and I'd like to be able to write my
| own apps, both for experimenting and for my utility. Just
| sideload them, no developer program, no yearly license fees,
| write in languages of my choice, have a VM on my phone if I want.
|
| If nothing else, imagine your own AI assistant that you know
| respects your privacy because it only communicates with your home
| server, or fits completely on your phone.
| djxfade wrote:
| That would still require Apple to open the various APIs. Even
| though we will be able to sideload apps, it dosent necessarily
| grant us access to everything we need to compete with let's say
| Siri (not from a technical standpoint, but from an integration
| perspective)
| EMIRELADERO wrote:
| The DMA law says they would have to.
|
| > 7. The gatekeeper shall allow providers of services and
| providers of hardware, free of charge, effective
| interoperability with, and access for the purposes of
| interoperability to, the same hardware and software features
| accessed or controlled via the operating system or virtual
| assistant listed in the designation decision pursuant to
| Article 3(9) as are available to services or hardware
| provided by the gatekeeper. Furthermore, the gatekeeper shall
| allow business users and alternative providers of services
| provided together with, or in support of, core platform
| services, free of charge, effective interoperability with,
| and access for the purposes of interoperability to, the same
| operating system, hardware or software features, regardless
| of whether those features are part of the operating system,
| as are available to, or used by, that gatekeeper when
| providing such services.
| rafark wrote:
| Pretty sure the you won't have full access to the system.
| You'll still need to jailbreak for that.
| smw wrote:
| I think it's been quite easy to run your own apps on your
| iPhone for years now?
| raydev wrote:
| If you have a free developer account then you need to
| redeploy the app to your phone every 7 days. You can only add
| up to 3 devices to your free account, and there's no way to
| remove them without paying (at least that I could see when I
| let my subscription lapse), so good luck if you replace your
| phone too many times or try to share an app with a family
| member or friend.
|
| It's not impossible, and perhaps it's easy if you've already
| hit all the pitfalls and know where they are, but I would not
| describe it as easy.
| twalichiewicz wrote:
| It's understandable that people are eager for the potential of
| side loading on iOS, as it could provide more direct access to
| apps without the need for intermediaries / App Store policy
| misunderstandings. However, it's worth considering the potential
| downsides of this approach, particularly the risk of app and
| service balkanization. This is already happening in the gaming
| industry, where major studios force you to use their own
| launchers to capture valuable (sellable) data about their
| customers.
|
| But to play the optimist, perhaps inspiration can be taken from
| how macOS handles app installation from non-App Store sources:
|
| - You go to the developers website
|
| - You are presented with two links if the app is also available
| on the App Store with the alternative being direct download
|
| - After downloading the .dmg you are presented with a modified
| version of the Installer.app UI that runs you through what
| services the app uses, data that it collects, where it will
| install, additional options, etc.
|
| - One final confirmation of "Is this from a trusted developer"
|
| - Installer.app runs a virus / malware check against what is
| going to be installed
|
| - App is ready to go on the phone
| tehlike wrote:
| There will be many ux frictions and restrictions that unless
| companies with stake in it complain, it won't make a meaningful
| dent.
| kimmeld wrote:
| Sideloading, otherwise known as installing software you want, on
| hardware you own.
|
| Love how the term tries to make it sound so suspicious.
| game_the0ry wrote:
| I get the intuition that this might be a form of government back
| door. Hope someone can convince me I am wrong.
| moomoo11 wrote:
| Isn't it a minority of people who want this?
|
| I'd bet 99% of Apple users don't care nor want this.
|
| I know I don't. I like Apple's App Store standards. If I want to
| side load apps I'd use android. But I don't.
|
| If companies don't like it just don't support iOS. Others will
| and I'll use those apps.
| Hippocrates wrote:
| Precisely. You'll find that within HN and consumer electronics
| communities, the concept is much more polarizing. How many of
| your friends know what side-loading is? How many would want it
| if they did know what it was?
|
| If app-store only is ANY more secure than side loading than
| that's what I'd want my friends and family using, based on
| their technical chops, and my desire to not be their IT guy.
| vbezhenar wrote:
| For many years, everyone who wanted to sideload apps on an iPhone
| has been able to do so. I am unsure about what makes this so
| exciting.
| notsound wrote:
| Except people that don't have a computer, a decent chunk of
| technical know-how, and if you want the apps to stick around
| for longer than a week, $99/year.
| Karunamon wrote:
| The EU found that argument unconvincing. As, likely, do you.
| Requiring a Mac and a reinstall every week and not more than
| three apps at a time is blatantly anti-competitive.
| hu3 wrote:
| How?
| vbezhenar wrote:
| For most convenience you need to have developer subscription.
| Then you can use something like sideloadly.
| [deleted]
| gjsman-1000 wrote:
| I think developers who don't want to give 30% are going to have
| to deal with a new enemy: Piracy. The moment sideloading is
| available for iPhone, I expect within weeks there will be a cool,
| first-of-its-kind piracy App Store. As well as, within months, a
| cool, first-of-its-kind hacked game clients for iOS App Store. I
| think Epic Games might quickly discover that 30% might be lost to
| Apple or Piracy, pick your poison.
| jt2190 wrote:
| The source for this article is Mark Gurman's newsletter at
| Bloomberg:
|
| "Apple Plans to Launch More Than Just Its New Headset at WWDC"
| https://www.bloomberg.com/news/newsletters/2023-04-16/apple-...
| flax wrote:
| A lot of these arguments against this sound like long-term
| prisoners convinced that they can't make it on the outside.
|
| https://dictionary.cambridge.org/us/dictionary/english/insti...
| jutrewag wrote:
| Eh, I've seen the outside and it belongs on my PC.
| akmarinov wrote:
| Nice, can't wait
| lewisflude wrote:
| If Apple do implement this, I hope they can ensure 3rd party apps
| live in a sandbox or otherwise need to be given explicit
| permissions. One big argument I've seen against side-loading on
| iOS is people like the confidence of knowing that an app has to
| play by iOS's rules, so if we can bring this to the world of
| side-loading then this could be a win-win for "both camps".
| jamil7 wrote:
| It will still run in a sandbox, that's how iOS works. It just
| will bypass app store review, meaning certain rules won't be
| enforced.
| EMIRELADERO wrote:
| Careful!
|
| _7. The gatekeeper shall allow providers of services and
| providers of hardware, free of charge, effective
| interoperability with, and access for the purposes of
| interoperability to, the same hardware and software features
| accessed or controlled via the operating system or virtual
| assistant listed in the designation decision pursuant to
| Article 3(9) as are available to services or hardware
| provided by the gatekeeper. Furthermore, the gatekeeper shall
| allow business users and alternative providers of services
| provided together with, or in support of, core platform
| services, free of charge, effective interoperability with,
| and access for the purposes of interoperability to, the same
| operating system, hardware or software features, regardless
| of whether those features are part of the operating system,
| as are available to, or used by, that gatekeeper when
| providing such services._
| sixstringtheory wrote:
| None of that negates what GP said. Apps have the _ability_
| to interoperate, but they still have to build that
| functionality. Apps can't just take over other apps or
| their data at unawares.
| nashashmi wrote:
| Interesting point. I also hope that Apple will allow sideloads
| into these permission-less sandboxes.
|
| Imagine two classes of sandbox: offline with loads of
| permissions, online with no permissions. Offline apps will
| obviously have to be paid for upfront. Online apps will have a
| subscription model.
| Traubenfuchs wrote:
| Isn't sideloading already available with sidelodely?
| YmiYugy wrote:
| I'm excited and afraid at the same time. Excited for all the
| stuff the community will come up with that wasn't possible on the
| app store, but afraid that some apps I rely on will leave the App
| Store to do evil things.
| c7DJTLrn wrote:
| Can't wait to have five different App Stores and be forced to
| install a spying app with full system access upon entering
| undemocratic countries.
|
| The average person does not care about the "walled garden." They
| want a phone that works and protects them.
| bakugo wrote:
| None of this happens on android. It's time to step out of the
| Apple fantasy land and into the real world.
| c7DJTLrn wrote:
| What do you mean? There's plenty of examples on Android where
| users have been tricked into sideloading malicious apps.
| daveoc64 wrote:
| You just said there would be "five different App Stores",
| yet this hasn't happened on Android.
|
| Amazon has an app store for Android, but its apps are all
| on the Google Play Store. It's really there to serve
| Amazon's Fire platform where Amazon doesn't licence Google
| Play.
|
| Samsung has an app store for Android, but again, all of its
| apps it makes available to other non-Samsung device users
| are on Google Play.
|
| Additional app stores on Android have so far been
| complementary to Google Play, which remains the place where
| the overwhelming majority of apps are obtained.
| lisper wrote:
| This seems like a no-brainer to me: just make it opt-in with a
| huge warning label: "If you turn on this feature, many bad things
| might happen to you if you are not very careful, and we disclaim
| responsibility."
| zapdrive wrote:
| Don't hold your breath over it.
| bogwog wrote:
| I expect it to be implemented in the most passive-aggressive
| way possible.
|
| Also, it will probably have the same bullshit tricks that
| Google uses to make it difficult, meaning it will only be
| useful to tech nerds.
| Vespasian wrote:
| Following the typical cycle of adversial compliance by
| industry, politicans will immediatly start working on round 2
| to plug the holes.
|
| I believe this is much better than being to broad on the
| first attempt. And maybe apple decides that this battle is
| not worth their time and preempts the need for further
| regulations.
| EMIRELADERO wrote:
| That bullshit won't stand up to EU scrutiny though.
| Simulacra wrote:
| I, too, am not optimistic but I hope a day comes when my Iphone
| does not need to be jailbroken..
| rimliu wrote:
| Interesting, my iPhone never needed to be jailbroken.
| gumby wrote:
| If I wanted side loading I'd have gone for Android.
|
| With Apple I can install my own apps and those of a couple of my
| friends; for anything else I let Apple provide some modicum of
| security checking.
| PartiallyTyped wrote:
| This has been bugging me for a few minutes, and I'd be keen on
| hearing thoughts from other hackers.
|
| Given sideloading will be available, does this not create a
| broader attack vector that government agencies may use to access
| user data?
| criddell wrote:
| Of course it does.
|
| In addition to governments, how long do you think it will take
| for companies and schools to roll out apps to monitor what
| people are doing with their phones? Companies will say you have
| a choice (you can always quit!) and schools will just be
| protecting children - who could oppose that?
|
| And you know when it comes to enterprise and software sold to
| school districts, it's usually top quality stuff.
| izacus wrote:
| Apple literally allows them to do that via MDM already so
| what exactly is your point here?
| EMIRELADERO wrote:
| Can't they already do this with MDM?
| rickdeckard wrote:
| Yes, that "scary story" basically describes MDM
| iamjake648 wrote:
| yes they can.
| wmf wrote:
| Thanks to the sandbox, sideloaded apps will have no more access
| than regular apps. Of course every app will ask for every
| permission but that's a different problem.
| PartiallyTyped wrote:
| Is the sandbox a requirement by EU or is it apple imposed?
|
| If the latter, I can see the push to provide kernel-space
| access happening.
|
| Will alternative appstores also be sandboxed and run in user-
| space?
| gcanyon wrote:
| When the App Store first opened, I wondered if Apple would allow
| an alternative App Store to launch, to carry apps that Apple was
| unwilling to. I wonder if that solution, instead of a side-
| loading free-for-all, would 1. Satisfy Europe 2. Protect users 3.
| Potentially get Apple everything they want.
|
| 1. Because Apple wouldn't have a monopoly on app distribution
|
| 2. Because there would still be a limited number of players who
| would need to commit to app review/security.
|
| 3. Because users would likely continue to use Apple's App Store
| almost exclusively, while allowing certain outliers
| (subscription-dependent apps) a way out.
| diebeforei485 wrote:
| I don't like this. I don't want my government or school or
| employer to coerce/"encourage" me to install apps on my personal
| device.
| McDev wrote:
| Then don't install them.
| diebeforei485 wrote:
| It is not optional in most of these cases.
| ThatPlayer wrote:
| They can already sideload through MDM.
| jmull wrote:
| Having "side loading" -- also known as regular app installation
| on non-phone platforms -- hasn't caused chaos on desktop
| platforms or android. No reason to think it will on iOS either.
| ChicagoBoy11 wrote:
| Wait... hasn't in? How many examples do you have of people
| dealing with ransomware on their non-jailbroken iPhone?
| thiht wrote:
| Same as on Android: 0
| andruby wrote:
| > hasn't caused chaos on desktop platforms
|
| I beg to differ. How many windows machines were infected in the
| early 2000's? Would bot-nets exist if Windows had a strict app
| store back then?
|
| Now: I will agree that freedom to install any software on
| desktops has been wonderful, and I hope it remains, but I
| wouldn't say it hasn't caused chaos.
| 015a wrote:
| > How many windows machines were infected in the early
| 2000's?
|
| Great Scott. If you haven't looked at a calendar recently,
| its not 2001 anymore. The industry has spent the past 23
| years improving the security of basically everything.
| Isolation is better. Filesystem security is better. Anti-
| virus is better. Browsers are more secure. Everything is more
| secure. Malware is still around. Its harder and harder for it
| to cause real damage, unless the user clicks past thirty five
| warnings.
| realusername wrote:
| Windows had absolutely ZERO security at the time though,
| appstore or not you could just go into the System32 directory
| and delete everything. I don't see how any appstore would
| have solved that, malware would have spread equally with such
| a poor security model.
| peoplefromibiza wrote:
| > How many windows machines were infected in the early
| 2000's?
|
| Yeah, that's a very bad analogy, it wasn't about side
| loading, even assuming that MS was able to vet every
| application out there, which nobody was technologically or
| had the resources to or wanted to, the infrastructure wasn't
| there, the OS security was worse than today and based on
| different assumptions entirely, the responsibility is still
| in the hands of the user, and, most of all, with good reason
| users pushed back on the all TPM/Trusted Computing thing.
|
| So they did not want that feature and voted with their money,
| until they could not vote anymore, because smartphone ruined
| it for everyone except Google and Apple.
|
| edit:
|
| besides (obviously) RMS [1] being right and opposing to
| TC/TPM, this BBC article from 2005 [2] summarizes what even
| users there were not particularly tech savy thought about the
| topic
|
| A couple of significant quotes
|
| _computing base is also used to make digital rights
| management systems more secure, this will give content
| providers a lot more control over what we can do with music,
| movies and books that we have bought from them_
|
| _We need to ensure that trusted computing remains under the
| control of the users and is not used to take away the
| freedoms we enjoy today_
|
| [1] https://www.gnu.org/philosophy/can-you-trust.html
|
| [2] http://news.bbc.co.uk/2/hi/technology/4360793.stm
| jmull wrote:
| Why are people bring up the early '00s?
|
| This seems too obvious to have to mention, but I guess I do:
| the comp for iOS with side-loading isn't Windows 98, it's
| MacOS in 2023.
| kahrl wrote:
| Because it's the only way their argument holds any water.
| In 2023, the security problems inherent to allowing app
| installations outside operating system stores have been
| almost completely mitigated.
| kaba0 wrote:
| Sandboxes are a thing, and are quite great on mobile devices,
| unlike desktops, especially 2000's.
| wmf wrote:
| A company can get taken down by a .pdf.scr file on Windows.
| jmull wrote:
| As if anyone is suggesting iOS adopt the Windows 95 security
| model.
| tclancy wrote:
| What people are suggesting is giving an entire new
| unsupervised point of entry and one with a lot of
| permissions is opening up unsuspecting users to these kinds
| of problems.
| layer8 wrote:
| And iOS could by an iMessage [0]. OS bugs are OS bugs. On
| Windows, non-administrator accounts and GPO restrictions are
| the way to go, in an enterprise environment.
|
| [0] https://citizenlab.ca/2021/09/forcedentry-nso-group-
| imessage...
| m463 wrote:
| On the other hand, you can install 3rd party firewalls, virus
| scanners and more on windows. That also means you can install
| programs to know what microsoft is doing with your comptuer,
| and protect yourself.
|
| Currently there is no way on ios to know what an app is
| really doing, and what it is sending where.
| [deleted]
| vinyl7 wrote:
| Does apple throw a .pdf.scr at every app during validation?
| throwaway290 wrote:
| Many of us may not realize it here, but desktop is super niche
| compared to mobile... (edit: if you consider worldwide)
| asadotzler wrote:
| Not really, it's about 50/50 plus or minus 10 depending on
| which geography of income level you look at.
| auguzanellato wrote:
| It caused more malware to spread for sure.
| [deleted]
| askafriend wrote:
| You're giving away your age with this comment.
|
| Of course it has caused chaos on desktop platforms, especially
| Windows in the early 2000s, late 90s.
|
| Since that era, it's slowly dug itself out of that hole.
| EVa5I7bHFq9mnYK wrote:
| What's bad about age that someone should be hiding it? Your
| proud boomer.
| standardUser wrote:
| I was there. It was not chaos.
| nicce wrote:
| Why anti-virus engines used to be multi billion business?
| peoplefromibiza wrote:
| Except now it's even worse.
|
| https://purplesec.us/wp-content/uploads/2019/03/Malware-
| Infe...
| jmull wrote:
| Well, my first computer was a Commodore PET, so I was there
| before, during, and after. Don't you think iOS with "side
| loading" would be more like MacOS in 2023 than Windows 98?
| wahnfrieden wrote:
| EU only. Not in the land of the free.
| Karunamon wrote:
| This assumes facts not in evidence. The change is being forced
| by EU law, but it would take more effort to geo-fence it than
| to make the change globally. Not to mention the fact that it
| would be effort in the direction of a PR loss.
|
| No, the more Apple way to spin this is as a positive for
| everyone. As if they had the idea the entire time and just now
| figured out how to make it work.
| wahnfrieden wrote:
| It's been previously reported, you missed the evidence you
| say doesn't exist (you frame your ignorance as knowledge of
| absence)
|
| >Apple is only planning to implement sideloading support in
| Europe.
|
| See also the language about this being the start of a rollout
| of sideloading in other reports - ie EU only. This will be
| driven by courts, Apple hasn't and won't be charitable. Apple
| spins every incremental change as a positive win to cover PR
| instead of admitting partial defeat.
|
| Btw Apple already today restricts loads of services and
| content based on region, you should look into that if you
| think that's a challenge for them
| akmarinov wrote:
| It's not that hard - they already do it plenty.
|
| Like Apple One, Apple News, the Emergency SOS feature, the
| Apple card stuff, Apple Pay it Later, ECG on the watch, heart
| rate notifications, Siri defaulting to a male voice, etc
| that's only available in the US/UK/some other countries.
|
| And that's not even getting into all the changes they've made
| to the Chinese version of iOS to appease the Chinese
| government.
| [deleted]
| rickdeckard wrote:
| > it would take more effort to geo-fence it than to make the
| change globally
|
| No, really not. It's dead-simple to tie such a feature to the
| region of the user, it's how Apple rolls out and operates
| lots of their services...
| ChuckNorris89 wrote:
| How will that geofencing be enforced?
|
| Is this EU feature dependent to the place you purchased your
| device or to the location registered on your Apple account?
|
| If you change your location in or out of the EU does it then
| apply or revert the feature?
| supriyo-biswas wrote:
| This isn't as difficult as you make it look.
|
| Many Android devices have the concept of carrier-specific
| configuration files (CSCs) which are baked into the ROM, and
| phones sold in the region come baked with the variant with
| only the specific CSCs in question. A similar implementation
| could be followed by Apple, where they have a separate image
| for the EU.
| smoldesu wrote:
| I look forward to the US passing similar laws and getting
| the upgraded image!
| ChuckNorris89 wrote:
| In EU phones are also sold unlocked without any carrier
| info baked into the ROM.
| rickdeckard wrote:
| Phones of major vendors sold in EU still contain carrier
| info for the region even if they're sold unlocked.
|
| Outside of US and China, Samsung for example ships so-
| called "Multi-CSC" variants of their devices which
| permanently apply the region and country of your device
| on first power-on with a SIM-card.
|
| The required information for that is not pulled from the
| network but is already preloaded in the ROM of the
| device, a network connection can be used to get an
| updated version of these profiles though
| Teamancer wrote:
| Is there a business opportunity here for an independent,
| transparent 3rd party, (side-loaded or not app)safety
| inspection/testing service? Right now customers rely on the word
| of outfits. mostly Google and Apple who make money on your use,
| that the software they will "allow" you to install is "safe." Yet
| a lot of malicious crap gets through and sometimes remains
| available until enough victims post reviews.
|
| A legitimate, transparent and disinterested 3rd party vetting
| service would not have a stake in whether or not a customer would
| download or sideload apps - from anywhere.
| diebeforei485 wrote:
| I'm not happy about this. If the dispute is around Apple's
| monopolistic 30% commission, regulate the commission.
| thiht wrote:
| Can't wait to finally be able to install a YouTube app with
| SponsorBlock.
| h1fra wrote:
| Once again, EU laws benefiting everyone.
|
| And even this article only acknowledge this at the 3rd paragraph,
| if you only read the title or the first few sentences it depict
| Apple as the good guy.
| LeSaucy wrote:
| Did not expect to see Donald Fagen in the headline screenshot
| tempodox wrote:
| Who doesn't have Donald Fagen / Steely Dan in their music
| collection? Even millenials ought to know him.
| jutrewag wrote:
| I can't believe I'm arguing for this but why is this necessary.
| I've gotten comfortable with my walled garden...
| archerx wrote:
| I just want first class PWAs.
| ascagnel_ wrote:
| iOS 16.4 added a bunch of PWA-focused features. What gaps do
| you feel still exist?
| akmarinov wrote:
| Probably background services and processing, something even
| native apps can't do.
| NoMoreBro wrote:
| Not OP, but I'd start with a one-click way to "install" the
| PWA apps using an API, e.g. with a banner (like on Android)
| instead of an item in the share menu.
| musictubes wrote:
| Oh God, this is one of the reasons people hate PWAs. No
| more banners on websites! I don't want to see sites even
| more cluttered.
| rabuse wrote:
| More low-level camera access would be a nice improvement.
| Also, the ability to work with raw video data for
| trimming/editing.
| kmlx wrote:
| that's browser standards territory.
|
| also, this:
|
| https://developer.mozilla.org/en-
| US/docs/Web/API/WebCodecs_A...
| rabuse wrote:
| Ah, sweet. Haven't looked at the Web API specs in a bit,
| but just remember working with video was a PITA. Thanks.
| lykahb wrote:
| I find the term sideloading problematic. It carries the bias that
| the "correct" way is to install apps from the centralized app
| store. The term conveys that this is an alternative and
| undesirable thing to do.
|
| The concern of malware is legitimate, but having a centralized
| approved store is a weak barrier anyway. The iOS has a solid
| system of permissions and sandboxing that should take care of
| that. A more drastic change is that tgere are no technical means
| to impose UI that conforms to the Apple standards or enforce that
| the app payments go through the Apple payment system.
___________________________________________________________________
(page generated 2023-04-17 23:01 UTC)