Apple is defending its shop tooth and nail. In a recently published white paper, the manufacturer attacks sideloading, that is to say the possibility of installing applications outside the App Store – a historic practice on Mac, which Apple refuses to implement on iOS. Yet this is one of the avenues envisaged by the European Digital Market Act, of which Tim Cook has already said all the bad things he thought about it.
This new publication, dated October, complements the one already published in June on the same subject. The same arguments are repeated, Apple hammering that “ Support for direct download sideloading or from alternative app stores would cripple the privacy and protections that made iPhone so secure and expose users to serious security risks “.
Apple is building on what is happening on Android: 230,000 malware infections every day, Android smartphones which are 15 to 47 times more likely to be infected than the iPhone, almost 6 million attacks per month on those terminals where sideloading is allowed. Apple fully plays the fear card by stating the horrors that could affect iPhone users if the manufacturer were forced to endure sideloading:
- proliferation of malicious applications allowing thugs to target users;
- users will have less information about applications, and less control;
- some apps may require the removal of protective functions that prevent them from having access to essential components of the smartphone;
- users may be forced to install sideloading apps by their schools or employers;
- By mimicking the appearance of the App Store, cybercriminals will be able to trick users into downloading malicious apps.
Not all of this is possible on the App Store, with Apple reviewing apps (although there are quite a few hiccups). The white paper is a collection of the worst Android practices in the industry, touted as the reverse mirror of iOS. For Apple, “ sideloading is simply not in the best interests of users “.
This very dark presentation of the dangers of sideloading could however have the opposite effect of that sought: Margrethe Vestager, the European Commissioner for Competition, very clearly warned that Apple should not use security to artificially limit competition on iOS …
Apple is convincing further by citing its own company certificate program that allows companies to distribute apps outside of the store – company-wide sideloading, of sorts. A program that was bypassed by Facebook and Google in 2019, which earned them the revocation of their rights and the blocking of applications used internally.
Despite the strengthening of controls, abuses related to company certificates have persisted, says Apple. ” This demonstrates the enormous risk posed by forcing Apple to take over any developer’s ability to distribute apps outside of the App Store. If Apple fails to control the distribution of applications at the enterprise level, the risks are potentially even greater for the general public.