[HN Gopher] On iPhone sideloading: it's ok, I'm changing my mind ___________________________________________________________________ On iPhone sideloading: it's ok, I'm changing my mind Author : keleftheriou Score : 96 points Date : 2022-02-09 18:48 UTC (4 hours ago) (HTM) web link (numericcitizen.me) (TXT) w3m dump (numericcitizen.me) | etchalon wrote: | "Sideloading is fine. Just look at the Mac!" | | "Sideloading is dangerous. Just look at Windows." | kemayo wrote: | Honestly, speaking as someone who's pretty heavily invested in | the Apple ecosystem, I'd like iOS to (be made to?) allow | sideloading in order to keep Apple honest. | | Assuming it works out the same as on Android, I very much doubt | that sideloading would ever be mainstream or popular, but the | _existence_ of the option would serve as a constraint on how user | /developer-hostile Apple can be. | | (And I entirely agree with the article that Apple eliding over | the entire internet-sales era of software is highly | disingenuous...) | Melkman wrote: | Being able to sideload is a double edged sword. Yes, it would | be a barrier for Apple to go to far overboard on monetizing the | ecosystem. It would also give companies like Microsoft a means | of ONLY distributing their applications via their own app store | forcing you to side load this app store with less oversight. | Maybe they add a forced installer to push their apps ? It's not | that I trust Apple that much. It's that I trust other companies | like Google, Facebook, Microsoft and Amazon less. | smoldesu wrote: | I fail to see how that's an issue when other developers can | make third-party clients if there's a significant demand for | it. If Twitter/Facebook start forcing people to install their | third-party store to access their app, then there's a massive | opportunity to make a better app that's distributed through | the App Store. | ThatPlayer wrote: | And you can always use Apple's favorite excuse of them not | being a monopoly: Safari browser. | codetrotter wrote: | > If Twitter/Facebook start forcing people to install their | third-party store to access their app, then there's a | massive opportunity to make a better app that's distributed | through the App Store. | | Wouldn't Twitter, Facebook etc in turn demand that those | third-party apps be taken down from the App Store? | | And even if they didn't, how is any third party going to | keep up with Twitter/Facebook/etc API changes. | | And what about push notifications? Those would not work | with a third-party app installed via the App Store unless | Twitter/Facebook/etc explicitly made it so that they | supported that on their end. | | For example, here's a blog post from 2016 about how the | Riot app for iOS is able to get push notifications when you | self-host a Matrix server. | https://thomask.sdf.org/blog/2016/12/11/riots-magical- | push-n... | smoldesu wrote: | > Wouldn't Twitter, Facebook etc in turn demand that | those third-party apps be taken down from the App Store? | | No? Why would they? Third-party clients are alive and | well on the App Store today, and have been for years. | | > And even if they didn't, how is any third party going | to keep up with Twitter/Facebook/etc API changes. | | They've done a fine job of it so far. | | > And what about push notifications? Those would not work | with a third-party app installed via the App Store unless | Twitter/Facebook/etc explicitly made it so that they | supported that on their end. | | It does? Check out Tweetbot or Apollo for Reddit. Both | have push notifications that work fine. | ccouzens wrote: | Apps can't redirect Twitter/Facebook links without | Twitter/Facebook's co-operation. | | This is a key feature stopping 3rd party apps being | competitive. | | https://developer.apple.com/documentation/xcode/allowing- | app... | smoldesu wrote: | Sounds like a pretty easy fix for Apple then. | yreg wrote: | The likes of Facebook would certainly like not having to | submit to Apple's rules. | mannerheim wrote: | This doesn't happen on Android, so why would it happen on | iOS? | babypuncher wrote: | Google's privacy requirements on the Play Store are a lot | less developer-hostile than Apple's. I'm sure it has | something to do with the fact that Android and the Play | Store are owned by one of the data-harvesting tech giants | that Apple's rules just so happen to impact. | core-utility wrote: | I tend to agree with you. Side loading on iOS would be | much more lucrative for, say, Facebook who reportedly | just lost $200B due to Apple's privacy restrictions. | They're likely more happy with Android's play store than | Apple's. | [deleted] | cbdumas wrote: | If both iOS and Android allowed sideloading this would be a | much more attractive option. As it stands something like | that isn't really worth while because most high-value | consumers of mobile apps use iOS. | jdminhbg wrote: | As long as the iOS model exists, the sideload store model | is only viable on Android, and vendors are forced to | support the first-party store model anyway. If both | ecosystems allow sideloading, you could easily imagine | Microsoft or Epic switching to sideload-only and branding | their own stores across Android and iOS. As it is now, if | you can get something first-party on iOS but are forced to | sideload on Android, it just makes the Android experience | for Fortnite (or whatever) seem janky. | rpdillon wrote: | This is a good point, though the lack of auto-updates | from non-Play stores on non-rooted phones does add enough | friction to updating that e.g. Signal won't even | distribute via f-droid because of update latency. At | least that's my reading of Moxie's reasoning. It seems | likely this would dissuade some companies from making | their own app stores, though obviously not all. | etchalon wrote: | iOS and Android are fundamentally different markets. | pseudalopex wrote: | Explain the relevant fundamental difference please. | macintux wrote: | One difference: Apple is far more developer-hostile (or | end-user friendly depending on your perspective) than | Google, so someone like Facebook would be heavily | incentivized to open their own iOS App Store and tell | their users they must install that app from their store, | in order to bypass constraints Apple enforces via _their_ | store. | kelnos wrote: | Why is that a problem, though? If we assume that the | Facebook, Instagram, and Whatsapp apps all have some | levels of good behavior and bad behavior, then we can | probably assume that the "Meta App Store" would be | similar. So what's the big deal if they require you to | install it? | | They could also just offer direct app downloads from | facebook.com, instagram.com, etc. | | So what? This feels like a nothingburger to me. Given how | sideloading is a much less pleasant experience on even | Android (and we can expect Apple to do worse), Facebook | wouldn't leave the main App Store without an earth- | shattering reason. | Jcowell wrote: | One would argue that the app stores provides a benefit to | the consumer that would not be implemented anywhere else | since these benefits are not lucrative. One example is | the ability to cancel subscriptions from one source, App | Privacy Reports, seeing when an app is reading from the | clipboard etc. | | And no, entitlements mean nothing without enforcement. | ccouzens wrote: | > seeing when an app is reading from the clipboard | | I expect that to be a operating system feature that works | regardless of how the application was developed or | installed. | Jensson wrote: | > One example is the ability to cancel subscriptions from | one source | | You pay 40% extra for that. The creator gets $100, Apple | gets 40, you see $140 sticker price. It is a nice | feature, but how many would pay 40% extra for that? And | if many wanted to pay 40% extra for subscriptions to have | them cancellable, I'm sure there would already be | companies doing that. | NobodyNada wrote: | Apple's App Store has very strict privacy rules. Last | year Apple implemented the App Tracking Transparency | requirements, which Facebook says will cost them $10B in | lost revenue this year [0]. If sideloading becomes a | thing, I can definitely see Facebook requiring it in | order to get around these privacy rules. | | [0]: https://hothardware.com/news/facebook- | claims-10b-revenue-hit... | osrec wrote: | Developer hostile != End user friendly | Jensson wrote: | Developers creates things users wants, developer hostile | is ultimately being user hostile when you are large | enough. Being developer hostile can create gains short | term, but that is mostly when you are a fringe, when | dominant parties starts being developer hostile it starts | hurting everyone as the tech sector as a whole becomes | less effective. | athrun wrote: | Developers create things users wants, of course, but they | also create things they want. Things like user tracking | or data harvesting. | | There's an inherent trade off here where adding | safeguards to protect users will make the life of | developers more difficult. Balancing these two concerns | is hard. | | I find that Apple mostly strikes the balance right, and | so I choose to be their customer. People who disagree | have other options available on the market today. | etchalon wrote: | OS users are vastly more lucrative, being more likely, | and willing, to spend money. | | iOS has a lower-cost of support, with lower fragmentation | and higher churn. | | With enough profit on the line, more companies would be | willing to suffer the lower user acquisition rate that | would come from side-loading. | tacitusarc wrote: | This is exactly my feeling. | | Apple has no incentive to let other companies get away with | bad behavior. And so far, their own bad behavior has been | much better than other companies. | m463 wrote: | I'd like a firewall, that does not have to ask permission from | apple. | | Apple's weak privacy stance is a farce, especially when ios | lets any app have unfettered network access. | | Additionally its own software does a lot of not-good-for-me | things I'd like to prevent. | evanextreme wrote: | iOS doesn't do that anymore. Local network access has been a | permission that apps need to be granted for at least a few | years now | pyman wrote: | Very poor analysis and argument for sideloading apps. I'm neither | in favour nor against. I respect his opinion but the research he | did was very poor. | blakesterz wrote: | I thought this was interesting point, way near the end: | | "Even if Apple allowed sideloading, I don't trust Apple to come | up with an elegant solution, though. They will put every warning | they can to discourage users from sideloading applications. It | could make the user experience miserable, worse than it is on | macOS. Why? Money is at stake here. A lot of money, actually. | Because Apple seems to be run by lawyers and greedy people, we | can expect everything." | NobodyNada wrote: | This is exactly what I (selfishly) want Apple to do. I don't | want Facebook, Google, and co. to require sideloading in order | to get around Apple's privacy rules, but I do want to be able | to run emulators without paying $99/year. | babypuncher wrote: | Yeah, it sounds like the best case scenario to me. It would | let us hobbyists and tinkerers have our fun while still | effectively forcing Google and Facebook to obey Apple's | strict privacy rules. | buggeryorkshire wrote: | I don't know why apple don't just allow third-party app | stores but with requirements like the new app store needs | to provide the push messaging, with the seriously large | investment that would require? | | They could then warn users their battery life would be | worse, cos 2 persistent connections, and make it scary. | Meanwhile I, as an Android user would happily take up the | offer. | onemoresoop wrote: | > I don't know why apple don't just allow third-party app | stores | | I'll tell you why: money. | __d wrote: | There is no _technical_ reason that Apple cannot maintain the | exact same review processes that they have today, or even more | stringent ones (that'd actually be good), BUT instead of then | putting the app in the AppStore, they simply sign it with with | the AppleBlessed(TM) key, and give the binary back to the | developer. | | Whatever might happen to that binary between Apple signing it, | and the iOS installer getting hold of it DOES NOT MATTER -- if | the signature is still good, then it's no worse off than if it | was put in the AppStore. | | The security argument is total BS. | EMIRELADERO wrote: | That wouldn't really change this for the better. This whole | thing is about Apple _not having the final say_. | __d wrote: | Sure, but it illustrates that Apple's argument that "it would | weaken security" is rubbish. It is technically possible to | allow side-loading with exactly the same security as provided | by the AppStore, if they simply used a signature to indicate | that an app had passed review. | | It would still use the same sandpit, still use the same | permissions system, still able to be disabled by Apple, etc, | etc. | | Without the argument that "it's less secure", it becomes | obvious that the only motivation is commercial. | saurik wrote: | > Apple isn't perfect. The App Store isn't perfect. Developers | aren't perfect. The App Store review team isn't perfect. | Everything isn't perfect. | | This is key: because individual centralized actors are imperfect | and even corruptible--whether due to intrinsic motivations or | extrinsic application of force--it isn't acceptable to | concentrate so much power onto them; in a talk I gave at Mozilla | Privacy Lab a few years back, I covered a lot of these failure | cases throughout our industry with real-world "this actually | happened" examples, including (as this would of course be one of | my focuses) looking at numerous ways in which Apple's App Store | moderation has been the problem instead of the solution. | | https://youtu.be/vsazo-Gs7ms | tshaddox wrote: | But as long as we have fairly effective enforcement of IP law, | so that e.g. only the publisher of a popular video game can get | away with distributing that video game to smartphone users, | don't you still have largely the same issue with concentration | of power? You still won't have different parties able to | compete in how Fortnite is distributed. The publisher of | Fortnite can choose how to distribute Fortnite, but that power | is still concentrated with the publisher, and arguably _even | more concentrated_ since the publisher would not be subject to | power from any particular app store. | starkruzr wrote: | just want to thank you for everything you've done for the iOS | user community these last 15 years. I left the platform when | Apple's success in fighting its own users became too much of a | pain point, but before that your work helped enable developers | to do some utterly fantastic stuff. | rektide wrote: | The Safari team is asking for feedback, after "Safari is the | new IE"[1] is getting steam again as an idea. This idea that | they want to do better is good, but your arguments really cut | into the heart of it. | | Even if Safari turns the ship around & decides to support fun & | interesting new platform capabilities that make the web | interesting, like WebMIDI, WebUSB, the mere fact that Safari is | the gauntlet for innovation, that Apple & Apple alone gets to | say what parts of the web will work, is highly poisonous to the | web. iOS users having no choice, having a centralized actor now | & forever gating progress is untennable, is wrong, prevents | healthy emergence & discovery. However good they are today, | they may drift tomorrow, and having no fallback, no options is | a technocratic fascism that society should recognize as | structurally sick. | | [1] https://news.ycombinator.com/item?id=30277179 | difosfor wrote: | These kinds of monopolistic practically unavoidable parts of our | lives should have been regulated long ago already. I'm afraid | given the existing political climates and tech lobbies that they | will still just circle around the problems though. | kstrauser wrote: | I'm so utterly torn on this. I want sideloading for my own | purposes, like installing classes of apps Apple would never | approve (such as a real Unix shell with native code compilers). | On the other hand, I absolutely _don 't_ want my older relatives | to be able to install stuff from wherever. I just know I'll have | a Thanksgiving conversation like "hey, could you look at my | phone? It's been getting hot after Microsoft called and helped me | install the new antivirus." | | I don't have an answer for this. I'm all for people being able to | get around the garden walls. I just hope and pray that no one in | my "you use computers so you're my de facto tech support" circles | does it. | jcelerier wrote: | I'm sorry but who are you to decide what your relatives can or | cannot install ? I find this way of thinking super fascistic. | ghayes wrote: | I tend to think the issue is, in fact, security. If Apple (or | Google or anyone) had a truly secure phone, then there should | be no need for curation of apps. But our devices are full of | zero-day exploits and dangerous "private APIs." I think the | next generation (as in 20 years from today) of devices will | embrace a secure-by-default mindset and thus not make users | choose between the nanny-state and the wild west. | gleenn wrote: | Agreed. And I think the article's point about whether or not | Apple's store is safe or not is moot. The question really is, | how much worse would it be if they weren't there. I'll take a | good attempt at safety over the wild west. If you removed the | protections today, how much faster do you think the average | user would get pwn'd by a rogue app? Because at some point we | all will; security isn't black and white. The walled garden has | big problems, but the other side of the wall is way uglier. | lapetitejort wrote: | The vast majoring of apps I use on Android come from the Play | Store. I've sideloaded maybe five or six apps on Android since | the T-Mobile G1. It's not something I keep in the back of my | mind. But when I find an app I can only sideload, I really want | to do it, and I would be really annoyed if I couldn't use my | hardware the way I wanted. | syshum wrote: | F Droid is my first stop for anything I need, if I can not find | it there then I go to Play Store | | F Droid is only possible because of side loading | iqanq wrote: | If you want to sideload then buy an Android... they are even | cheaper. It's not like they pulled the rug out from under you: | you already knew you couldn't sideload when you bought the phone. | ThatPlayer wrote: | >It's not like they pulled the rug out from under you | | Situations and therefore opinions are allowed to change over | time. I could argue they pulled the rug out from under me when | they removed Fortnite from the store, or started blocking apps | I want such as Stadia. It's not like it's advertised on the | phone "Hey we'll remove any app from the store that we don't | like". | Dma54rhs wrote: | And if you don't like railway cartel you're free to ride a | horse? | tehwebguy wrote: | I definitely prefer iPhone but I don't think it's quite fair | to say _train : horse :: iphone : android_ | jay_kyburz wrote: | Its actually not that bad. A train is stuck on the tracks, | only stops at stations. Owned by somebody else. A horse you | can own yourself and go anywhere. | ericmay wrote: | This is how the world works. I don't like the suburbs, yet | people keep building them and I don't really have a choice to | not live in them. If I go to the BMW dealership they won't | sell my an off-road version of a BMW equivalent to a Jeep. If | I go to Wal-Mart and I don't like their prices I can't make | them go down, but I can take my business elsewhere. | | I see this highlighted all the time. When people agree with | how something works then there's no comment. When it doesn't | work how they want they believe they're being forced into a | novel love-it-or-leave-it scenario, when the reality is they | are in those scenarios all the time (daily/hourly even) and | support them as well. Don't believe me? Ok I want less | battery life on the iPhone and for it to be cheaper. Now | what? You'll say "cost is important to you there are cheaper | alternatives like X, Y, and Z". Same song. | | tl;dr yea just buy an Android phone if sideloading apps is | the killer feature for you. If I want the best battery life | or the best camera I can base my purchase decision off of | those product features. Sideloading apps is no different. | That's a fact. Jack. | selfhoster11 wrote: | That assumes that side-loading is the only feature you care | about. I care about a lot of other things besides that, and | I decided I will be switching platforms because of that. | ericmay wrote: | Ok great! I think this is exactly how things should work. | Apple doesn't provide this "feature" in place of other | features that it does provide (Apple Pay, sign-in with | Apple, etc.). Similarly I could buy a phone that is | GoogleFi enabled if that was important to me. I could buy | a phone with the most megapixels, or that folds. Each of | these devices makes trade-offs that I don't like, so I | buy the product with the feature mix that I want the | most. | | If side-loading is the only feature you care about, | Android is for you. If it's one of many, you may have to | make a trade off or pick between different mixes of | features. This is just how the world works and always | will work. | bee_rider wrote: | Is this really a suitable analogy? Horses seem pretty vastly | inferior to trains in many objective metrics, at least as far | as long-range transport for average people goes. I've always | used iOS, and while I like it, I can't imagine that Android | is so mind-blowingly behind, right? Maybe horses to bicycles | would be a better comparison? Which seems like less of a | problem. | yjftsjthsd-h wrote: | Okay, then it's like arguing that a rail cartel is okay | because people have cars, which are better in some ways, | except for the ways they aren't - that _is_ a mitigating | factor, but doesn 't make it okay. | colinmhayes wrote: | I've had an android. My social interactions went way down | because iPhone users refuse to download messaging apps and | SMS is slow as molasses. Apple has locked me into iOS with | a fucking messaging app. | tehwebguy wrote: | This is the only honest argument for this. | selfhoster11 wrote: | My next phone will be an iPhone. I say this as a long-term | Android user of over a decade. The Android platform has finally | become too toxic and too user-hostile even for the likes of me. | And that's quite a challenge. | | If I'm gonna be ruled by an authoritarian mobile OS that | constantly tries to "engage" me, I might as well go for a nicer | one that still cares about UX and being less buggy. | jaywalk wrote: | > I might as well go for a nicer one that still cares about | UX and being less buggy. | | iOS is straying further and further from that path with every | release, though. It's not Android-level, but it's far from | what it used to be. | EMIRELADERO wrote: | This is less about consumers and more about developers. Many | would want to reach iOS users with apps that are outright | disallowed on the App Store, such as emulators, VM hypervisors | or cloud gaming plattforms. | wudangmonk wrote: | There is a bigger issue at play here that ties in these | platform exclusive software stores with the right to repair | movement. These companies have convinced the general public | that buying their products only entitles you to have the | priviledge of using their products. | | This is all done using the excuse that they are curators that | want to give you the best possible experience. It has worked | wonders too because now we debate not with these companies and | their hired help but with others who have been screwed over | just like us but are thankful for the experience. | xoa wrote: | I've said this repeatedly, but what I'd like would be a _buy- | time_ option to "enable sideloading" (specifically, to enable | the hardware owner to add their own signing certificate to the | root keystore, iOS would still enforce full normal trust chaining | and such except that Apple wouldn't be the only valid root). | Because I think _not_ have sideloading is actively valuable in | many cases too and thus should itself remain an option (and | probably the default) for purchaser. Leaving the power with Apple | has obvious downsides, but it also has upsides in terms of | pooling negotiating power of users vs powerful developers and | entirely eliminating a large class of possible social engineering | attacks. The reason Apple has been able to enforce privacy | protections vs Facebook for a current example is that there is no | sideloading. Period. Facebook is a powerful enough entity vs its | users[products] that if they _could_ demand that users sideload | the "Facebook store" and then run root from there they could get | a sufficient mass to do so that they could then afford to ignore | Apple and do an end run. Can see the same thing play out with | stuff like Zoom, Dropbox etc: on iOS all these are applications | in the App Store and must abide by all the privacy, disclosure, | and so on rules. On the Mac, they demand their own clients which | get a lot more powers. | | Of course, the MAS is a pile of shit, Apple has utterly fucked up | on basic great software business things like "upgrade pricing", | and there are lots of examples of fantastic decent small/med size | software devs doing their own Mac software same as always. Apple | certainly has perverse incentives they have abused, primarily | around service integration (can't aim backups at any storage | provider for example). Also, it all breaks down when there is an | entity MORE powerful than Apple like a major government. Then | Apple becomes a single point of failure for censorship and | control, and indeed that ties right back into the former. We | don't have E2EE encrypted wireless backups for iDevices because | of Apple caving to "security" agencies. | | But still, it cuts both ways and I really appreciate that less | technical (but still very smart!) users, including vulnerable | members of my own family and friends, can have a platform in iOS | which has much stronger guardrails that they cannot physically be | talked into bypassing. I think giving those who ask for hardware, | software, or both root cert access that access is enough of a | release valve (these are probably all the same people who would | jailbreak which is much worse) to help check Apple and bypass the | big failing points while still accommodating the hundreds of | millions of users whose threat models involve worse from other | corporations. And it'd help nudge Apple's incentives in a good | direction even for those staying fully within the walled garden | by making them balance a bit on keeping them there. | idle_zealot wrote: | Mostly agree. Rather than a buy-time setting though, I think it | should work like Chromebook dev mode. Put the option in the | settings, but require a device reset/wipe to activate it. Then | while the dev is in this mode show a message on every boot. | xoa wrote: | > _Put the option in the settings, but require a device reset | /wipe to activate it._ | | Hrm. I don't think that actually would be as effective on | iOS, reset/wipe is essentially setting up a new phone or a | recovery procedure that is meant to be quite easy and near | fully automated if time consuming. Which means the bar to | social engineering is either very low because it follows the | existing workflow and restores from backup ("click this | before going to bed that's it"), or if it wouldn't allow | restoring a non-root backup to a root device then it really | screws the utility for all of us who want root ownership over | our normal hardware (me included). This would not at all be a | "dev mode" after all, it'd be a more normal | Windows/Mac/Linux/BSD use mode including for people who never | intend to ever write a single piece of software but do want | stuff that Apple doesn't allow/enable. | | Still an interesting different potential path. | tshaddox wrote: | The odd thing about this article is that it seems like the author | is conceding to removing all restrictions on third-party software | being installed on the iPhone _because Apple is not currently | restrictive enough on what third-party software makes it into | their App Store_. | | I suppose I can understand the appeal of that argument, since it | does resolve apparent hypocrisy and lying in Apple's statements | about its policies, but crucially this argument doesn't actually | address whether allowing sideloading will be good for users, | despite the author indicating that they think it will be ("Until | today, I thought forbidding applications sideloading on the | iPhone was good for users. But..."). | | All the arguments that preventing sideloading protects users | still apply, and haven't actually been addressed in this article. | Crontab wrote: | I am pro-sideloading but I think it has to be done in a way that | people cam't be tricked into doing it. | | Speaking personally, the only thing I want to sideload is Mame | (assuming an iOS version exists). | anonymouse008 wrote: | If sideloading means code signing becomes as difficult as it is | on the Mac, then there's nothing to fear... | pyman wrote: | Very poor analysis and not at all compelling argument for | sideloading apps. ___________________________________________________________________ (page generated 2022-02-09 23:00 UTC)