This document gives the how, could anyone here perhaps give us a why?
Genuine curiosity, provisioning is not something I deal with much.
There are so many paths that get you the same results, that don't require you to hand out full control to this ever fair and totally predictable friend of ours.
It's covered after the first paragraph of the article. There are lots of apps that could be published as public apps, but you don't want to add confusion to regular users. If Acme publish apps to the store for the public, they may not want their expenses app for employees to be listed alongside the apps.
There are also very specialist apps that require sign-ins or accounts that aren't available to the public. You might have a messaging app for end users, but have an eDiscovery app that's only available for a few enterprise customers that relies on some access that regular user accounts don't have.
What's not yet clear to me, though, is why you'd choose to distribute these non-public applications through the appstore in the first place, rather than just make them available as direct downloads and have them "sideloaded".
>> What's not yet clear to me, though, is why you'd choose to distribute these non-public applications through the appstore in the first place, rather than just make them available as direct downloads and have them "sideloaded".
For most situations where you want to do this, you want the apps to download and update like any other app. At the point of distribution, you want to have some differentiation as described in my original post. As soon as the user initiates app installation, you want the App Store to do the heavy lifting for you.
There is no benefit to side loading an application in many cases because you have to then have users repeat those steps again and again. With this mechanism, it's a standard App Store app so you can also deploy it via MDM or other management mechanism.
I completely understand why lack of side loading is an impediment to freedom and using a device how you wish. The challenge is that there is real value for many to Apple's tools and mechanisms when they are more composable. They are likely to offer up things like this as the pressure mounts to offer real sideloading.
Lest anyone else be confused as I was, this is not about opening Apple's walled garden. It seems these unlisted apps still require Apple's approval and, presumably, must meet their normal standards. The only benefit is that your app can be private and will not be listed in the app store.
Just allow people to put their devices in a mode that allows side loading or let people load their own signing keys. The fact Apple keeps such a tight grip on hardware they don't even own needs to be cracked down on.
You really like the idea of a company controlling property you own after you bought it??? Like if its optional don’t change the defaults.
The issue is starting from the boot-rom and up apple is effectively using cryptography to retain the property right of exclusion when it comes to what code can run on that ARM cpu. Effectively you have to ask apple for approval of any code that will run on your own hardware. If they sign the code they allow it run if they don’t its excluded from running. If you have to keep asking a 3rd party to do something with something you bought you don't fully own it.
The thing is normally a seller wishing to retain some rights to real or tangible property would normally require a legal contract between the buyer. Here however apple is using cryptography to bypass traditional legal means. You can buy an iPhone, iPad without signing any contract. Yet this effectively retained control of the hardware still exists. You can’t just buy the hardware and throw linux or android on it short of finding a weakness in how code is loaded.
> You really like the idea of a company controlling property you own after you bought it???
> right of exclusion when it comes to what code can run on that ARM cpu
Yes I like it for the phone. The walled garden has very little malware and has high quality apps. I am never pestered to install crapware or malware and I don't have to be paranoid about it. You can still run your own development software on these machines, and software distributed in controlled channels outside of the store. The controls are reasonably convenient and necessary to keep unwanted software out.
Compare it to Android Play Store or much worse the Galaxy store situation. The grass is much greener in the walled garden.
For the Mac, it's a different story, you can and should be able to run whatever you want on it. But iPhone as a product is a well tended garden (controlled but quite wide and powerful) and I can appreciate that.
Sounds like different issues. I love options. Well designed options are a feature, I use them. Malware/Crapware is something different, it's a contagion that should be controlled.
I agree that malware and such should be dealt with but at the expense of your own property rights is far too far.
Secondly, if apple just allowed loading your own signing key it’s not like malware writers can sign their crap with their own key, and expect it to run.
Then shady apps will include instructions on how to bypass the security mechanisms. You already see this in Windows where game hacks (or just really shitty game mod sites) often request you disable security features to ensure they don't interfere with the hack.
This is a big misconception. Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
a) If it’s optional then apps will simply demand it be enabled in order to use their apps. And then it’s no longer optional in practice.
b) You need to stop using the term extralegal. You agree to the terms when you first use the phone. Apple is not doing anything without your explicit permission.
It is extralegal though. The boot-rom will enforce these restrictions, and you don’t have to agree to the iOS TOS to buy an iDevice. Further, one may want to use the device without iOS.
Extralegal just means outside of the scope of law or a legal framework. Here apple using cryptography starting from the boot loader to effectively retain the right of exclusion regarding what code may or may not run on the ARM CPU. The sale of the tangible property should include the right of exclusion to the buyer short of a legal agreement at the time of sale allowing the seller to retain some rights. Thats why its extralegal there is no contract just apple using public key cryptography in rather hostile manner that diminishes the property rights of buyers.
Here is a simple test if you have to ask 3rd party to do something with something you “own” you don’t fully own it or your rights are diminished in some manner.
- Apple giving a shit about app curation versus Google Play being a trash heap
- Android having the ability to install third-party-signed apps
Nothing about having the ability to install software outside of Google Play necessitates Google Play itself being a tire fire. Same with Apple: if they tomorrow decided to open up iOS to non-App-Store apps, it wouldn't impact the quality of curation on the iOS App Store.
For the record, I daily drive both an Android phone and an iPad, and don't really worry about malware on either of them. My main gripe is not having any good virtualization options to really stretch the iPad's legs on more developer-centric workflows. That's a particular category of app where App Review has ranged from somewhat hostile to extremely hostile. The end result is that not a lot of people actually bother working on such tools because the chances of actually getting into the App Store and being useful to a wide swath of people is marginal.
> if they tomorrow decided to open up iOS to non-App-Store apps, it wouldn't impact the quality of curation on the iOS App Store
Yes, it would. Developers who are today forced to go through the app store would self publish rather than use the app store. Whether or not they use this power well is a different question but there is no question that opening up other distribution channels would directly impact the app store, (which is a huge part of the value add for an iOS device to me)
> I am never pestered to install crapware or malware and I don't have to be paranoid about it
You still wouldn’t need to be paranoid if sideloading became possible. Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
i like the otwelian angle. side loading, as if you've done something naughty. we could use it for other things like side loading "your" garage or your fridge
I really hope that if Apple is ever forced to open up their devices, that it takes the form of allowing other app stores and not allowing side-loading.
If side loading is allowed the amount of tech support I'll have to provide my family will skyrocket.
> I really hope that if Apple is ever forced to open up their devices, that it takes the form of allowing other app stores and not allowing side-loading.
> If side loading is allowed the amount of tech support I'll have to provide my family will skyrocket.
I mean, if apple ever allow sideloading I suspect it will be behind a 10 feet wall warning and obscure multiple clicks on settings, similar to how google does it.
I also suspect that my family will be divided into two camps: oblivious to the existence of sideloading or technical enough that won't need my tech support.
how big is your family that an option an overwhelming majority of android users don't touch or even know about is going to skyrocket your support levels?
i don't even want to think about the level of intelligence you're suggesting your family has that they will go above and beyond the average person in deliberately breaking their own phones.
Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
Curious take, this. Allowing side-loading would only have a net positive impact on those who desire it, and zero impact on you who wants the walled garden. So why the opposition?
Not necessarily true. Some companies (Epic?) might choose to distribute apps exclusively via sideloading… and you can’t always choose not to install an app (e.g. WhatsApp is sadly essential in my country for work, social life, ordering food and even getting COVID vaccines, since the government uses it to hand appointments)
Epic tried it on android but the law of defaults are strong. Too much friction for an average user but at least on most android devices users can enable developer mode or even root if they want. So google here is not trampling over device owner’s property rights.
But sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
> Allowing side-loading would only have a net positive impact on those who desire it, and zero impact on you who wants the walled garden.
No, it affects everyone, even the people who don’t want it.
Consider the time when Facebook got caught spying on minors by abusing their iOS enterprise certificate, and expand that to everybody.
If Apple allowed sideloading, Facebook could just remove their application from Apple’s App Store. They would still have roughly the same amount of users, because even if a person doesn’t want to sideload, most of them will do it anyway if it’s the only way to get Facebook. And now all of those people, who didn’t want to sideload, will be subject to whatever Facebook wants to do that Apple’s rules stopped them from doing.
This isn’t really about individual choice, it’s about the effect on the ecosystem. As soon as you give giants like Facebook a way to opt-out from Apple’s rules, it affects the whole ecosystem, not just the people who choose to sideload.
Sideloading would probably be quite convenient for me personally. But I would rather not have sideloading because of its effect on the ecosystem.
The thing is with the facebook event was apple signed their app so running it was relatively painless. Take the instance of epic trying to sideload on android it flopped because the friction from prompts to enable the feature.
Although, I am of the opinion letting people just load their own personal signing keys. Its not like facebook can sign their app with their own key and expect to work on other peoples devices in that situation. Unless its signed by apple’s private key that all devices would have stored. However, if you had your own signing key you could sign the linux kernel ect or whatever you want, but its definitely not a click/tap and install situation with your own signing key.
People will jump through a lot of hoops to install crapware though. Facebook even has to put big red warnings in browser devtools to stop people running code from scammers that will take over their account.
It eventual comes to point where people have to take personal responsibility for their actions. If you have effectively informed the user of something and they still proceed its on them. Especially, at the expense of everyone else's property rights by allowing a corporation to effectively infringe upon their property rights via extralegal means.
Further, its not just doom and gloom on other systems where being able to install software from any source as you please is the default.
> It eventual comes to point where people have to take personal responsibility for their actions.
You’re missing the original point I was making though.
In this scenario, Facebook removes their application from Apple’s App Store and almost everybody sideloads it. Ultimately, what happens to the people who do that is their own responsibility. Yeah, I get that.
Where does this leave the people who want to use Facebook under Apple’s rules but refuse to sideload it? They have had something taken away from them. Sideloading affects them even if they choose not to sideload. It affects the entire ecosystem, not just the people who sideload. “Just don’t sideload” advice doesn’t work.
Like in theory Facebook could try something like that. This is a what if scenario still. If we look at android they have not pulled their Apps from googles store. So what is the basis they would do this for iOS? Moreover, depending how apple theoretically would release grip the have on other people's devices also plays into effect. If apple just let you load a signing key for the boot-rom and left it at that. The amount technical friction would likely be too high to be easily abused at large.
>Where does this leave the people who want to use Facebook under Apple’s rules but refuse to sideload it?
You can use Safari
If Facebook pulled their app from the Apple App Store right now, would you be forced to use Android? You'd say they can't, because they'd lose the entire iOS marketshare, which is exactly the problem: Apple are forcing people to use their Apple App Store using their iOS monopoly power marketshare. Which is anti-competitive.
If that's the case you should only use iOS devices for everything. No macbook pro, no PC. It's so easy to think the walled garden is great when you can just jump out of it when you need to do actual work or run an app Apple has deemed unfit for the appstore.
Then why can’t I run whatever I want on my phone? The logic here makes zero sense. A computer is a computer whether it fits in your pocket or sits on a desk.
> Then why can’t I run whatever I want on my phone?
You can, legally. You have that right. You can legally jailbreak a supported iPhone in 10 minutes and sideload all day or lldb attach to whatever you want. Nobody will stop you.
But Apple doesn't want to support an open platform. That's their right. They don't want it to part of their ecosystem, their brand, or provide the avalanche of non-negligible support costs.
The distinction here is important and rarely addressed in these discussion.
I mean, Apple blocked countless jailbreaks as of today. It's AFAIK also against their ToS, therefore means they legally try to make it so you don't jailbreak. Can you _really_? Sounds more like a gray area they simply cannot control, but they're definitely trying their hardest to do so...
I don't really understand this perspective. Why should you be allowed to run whatever you want on your MacBook but not on your phone? What makes a phone so different that the software you run on it should be more restricted than the software you run on a desktop?
I would understand (though personally disagree) if you wanted the walled garden everywhere, but it seems contradictory to only want it on phones and not computers.
One of the two needs to be rock solid in case of emergency. If my MacBook crashes while trying to use it, it’s not a big deal. If my phone crashes while trying to call 911 when I have a car accident, someone may die.
Interesting quote: Cause let's be real, as someone without a landline, I sure as hell don't want a phone that freaks out when I try to call 911 in the middle of a life threatening emergency. I'm supposed to trust that a phone will do the main thing is built for, and place the call, and let me speak to the human on the other end.
Microsoft Teams is distributed through the Play Store. If iOS provided a similar API with a similar bug, the same thing could happen there. So clearly, blocking side-loading would have had no impact on this particular issue.
If you're worried about low-quality software being side-loaded onto the phone, you can just not side-load anything. That's probably how most Android users use their devices. But it's nice that the walled garden has a gate.
I’m sorry. The question op asked wasn’t about side loading or about separate stores. It was about what makes a laptop different from a phone.
But that’s an interesting question anyway. Apple and google can remove apps distributed through their stores. If a side loaded malicious app exploited this bug, would you have been in favor of google being able to disable those apps? Or should users wait a month until it is sort of fixed on some phones, and be unable to dial emergency services during the month where this was unpatched?
“ Why should you be allowed to run whatever you want on your MacBook but not on your phone?”
This was simply the question I was trying to answer. No more.
My personal feeling, however, is that, if there is a suitable alternative, people should be allowed to buy a device knowing the limitations (artificial or not).
Nobody is surprised that there isn't an alternative App Store an iPhone or iPad. If that's important to folks, they have plenty of Android or Microsoft alternatives.
It feels a lot to me like people buy a blue car, then complain that it's not a red car. I honestly don't understand why people don't just buy the red car in the first place.
Obviously Macbook is a different product, with different use cases
That's not at all obvious. What is the distinguishing characteristic that makes it reasonable for a giant corporation to have total control over how you use one but not the other?
Fair point, made me think for a second. Sadly these locked down devices which infringe on our property rights have even started changing language =( when it comes to software.
But it's not some americanised rights issue, you can still just install whatever you want outside of the App Store. It's not like I'm installing Sublime Text or stuff from JetBrains from the store or something like that.
Perhaps you're just scoping it to the mobile tables and phones, those are indeed locked down but I don't mind it, they are appliances to me and I want the manufacturer to be 100% responsible for it, 100% of the time.
Yes my scope is mainly tablets and phones, but still applies to other devices with locked down boot-ROMs or boot loaders where the device has no means for the owner to disable it or load their own signing keys.
The right I am talking about is primarily the right of exclusion and its not just an American concept plenty of other countries have similar concepts or even the same name, but of course the exact details will vary from one legal system to an other.
Effectively apple retains the right of exclusion via extralegal means by using cryptography. Apple can unilaterally decide to exclude software from devices they don't own by not signing it. If you wrote some software yourself for instance you would also still have to ask apple to sign it which they only will do under certain conditions. Essentially if you have to keep having to ask a 3rd party to do something with something you “own” you don’t fully own it.
Why it’s extralegal is that normally a seller would require a buyer to agree to a contract to retain some rights over real or tangible property. Instead apple is using cryptography to effectively retain some property rights despite the buyer never signing a contract agree-ing to this arrangement.
> Instead apple is using cryptography to effectively retain some property rights despite the buyer never signing a contract agree-ing to this arrangement.
You agree to the terms when you first use the device.
And if you don’t agree to the terms you can get a refund and buy another phone.
You can buy the device without agreeing to any terms of service. Now you may not be able to use iOS without accepting the TOS durning setup. However, the fact is the hardware is still a separate entity from OS and is still locked down.
The problem still persists that apple is selling hardware that you don’t have full control over. What if I wanted to run linux instead or even bare metal code that I wrote myself? Apple does not permit this nor will sign such software so that boot-rom will load it to RAM. Just because your average user may not do those things does not mean their rights are not being effectively diminished compared to other tangible property they buy.
Correction, they're under no obligation to provide support if I decide to compromise the security of my device. That decision should be left to the end-user though, and Apple's repeated action against people loading arbitrary code onto the iPhone is user-hostile, regardless of how you frame it. Offering third-party distribution channels is no less harmful than forcing users to access your content through a web browser, and the longer they deny it, the more frugal they'll appear when they face their final judgement. As of today, 35 states are stepping forward to call them on this behavior. Who knows what that figure will look like in a year's time.
Apple is not under obligation to help you yes. However, that is no excuse to limit your property rights of your tangible property via extralegal means. Nor is it okay either. A sale of tangible property generally means the the transfer of all property rights of that object to the buyer.
Also your not free to install any software on the device unless your lucky enough to find an exploit.
> However, the fact is the hardware is still a separate entity from OS and is still locked down.
Is that a fact? I think not. (don't misunderstand me, I would love mobile hardware to be 'the same' as fixed PCs, but as far as the world is concerned, it is not.)
I don't get all the pseudo-lawyering. The firmware in your toaster is closed source too and you can't modify it either, yet that appliance doesn't get the same scrutiny?
If you think: phone has CPU, memory and storage, thus it is a computer and I need to have the same "access" as a 1990's PC, then yes, the whole world might as well be burning right now. But if you take it for the appliance that it is, are you really surprised it works the way it does?
If you are so worried about 'rights', where do you draw the line? (pun incoming) your modem, CMTS/CPE/ODN are all closed, crypto-sealed and inseparable hardware+software as well, as is the core router your packets flow through, the TCON board in your flat screen monitor and the microcontroller in your USB charger. Get a CPU from Intel, AMD, Qualcomm, TI, Nvidia, MediaTek, Rockchip etc., get a sealed boot loader that is cryptographically tied to the chip and the chip manufacturer. Heck, to get that sealed stuff as an ODM you sign so many NDAs it might as well be an appliance in itself.
The days that you bought some end-user high-level hardware and had control over the stack are gone. Not because it can't be done differently, but because it's not viable. Even framework is having a hard time (as are Purism and System76) getting any true 'open' system. Not even a libreboot/coreboot system is actually unencumbered if you use any hardware from the last 5 years. People want a whole bunch of things, but the scale simply isn't there to carry the cost.
Ironically, all of this stems from lawyering from the corporate side.
Well the term computing device predates all this silliness that has come up surrounding portable computers. Device is a more generic term though. Like calling a separate piece of hardware that also likely turning complete in multiple ways in the context of drivers a device is perfectly normal.
Also just take the name AMD it stands for advance micro devices.
A Tesla drives, a PS5 plays games, and a fridge keeps food cold.
What's the one and only thing that a smart phone or tablet is meant to do? If it's make phone calls, most people don't anymore and doesn't apply to tablets.
There is literally an app store full of software to accomplish all sorts of tasks. The marketing slogan for a while was "there's an app for that". How much more general does it need to be to meet your definition of a "general purpose" computer?
Sadly, for all practical purposes, iDevices aren't general-purpose computers. Not because they can't be, but because Apple's lock-down is just too heavy.
I have an app that I wrote myself and run just on “my own” iDevices that I have to re-install every week because the installation certificate expires. I'd have to pay the annual $99 tax just for the privilege of running my own frigging software on “my” iDevices without hassle.
You may think of them as personal computers but most people don’t.
And all of the connotations that people associate with PCs eg. unreliability, viruses, malware, constant updates and complexity are not something that people are in a hurry to bring across to the mobile world.
Then again we can look to the market for guidance which is that side loading has in no way impacted the success of iOS devices.
Problems from the early 2000s that don't exist in the same capacity anymore. In fact, I would say getting scammed by an app from the apple app store is more likely than downloading a virus in 2022.
Since you only provide opinion, and not facts, I'll say you're wrong until you can prove otherwise. Everyone knows the App Store is full of scams and no one does anything about it.
With viruses, at least the OS vendors are getting rid of them.
Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most laptops.
So this malware that you had to clean off of those laptops would still not be possible, even for sideloaded apps.
>Problems from the early 2000s that don't exist in the same capacity anymore. In fact, I would say getting scammed by an app from the apple app store is more likely than downloading a virus in 2022.
This Christmas I had to uninstall adware from my Grandmothers phone that was filling the notification bar with ads.
Last time I visited my other grandparents I had to warn my grandmother not to click on an offer to install device drivers, that had somehow shown up as an add in a Microsoft Game.
This is partly terminology confusion (in English) - the concept of a personal computer is not same thing as a Windows PC, the latter is just a bad implementation of the former and indeed usually not loved by its user.
we don't have personal computers anymore. We have personal computing. Processors are in everything and they don't come attached with any sort of "rights" that are properties of "personal computers".
You might think its the hardware Apple keeps a tight grip on, but it is actually their reputation and brand. The Apple logo doesn't disappear when you buy it. And your ability to talk about it or have other people observing people complaining about virii etc and associate that with their "Apple Phone" doesn't go away once you decide to purchase the iPhone. So in some sense, Apple still does own something and deserve to make decisions to protect their business and brand. A classic response here is: if you don't like it go somewhere else. There are other phones where companies don't care so much and therefore don't hold such a tight grip.
nope. What exactly are the "tires" in the iPhone analogy here? I would consider tires to be more like bluetooth headphones, which are entirely replaceable on the phone.
I see many people blaming Apple's stance (surely Apple has LOTS to blame, but not this one) on App Store/walled garden policy, but without it the whole ecosystem would turn to a mess. Not for the geeky audience of HN Here, but for the rest 99.99% of the world which probably matters more from a brand awareness perspective.
Become something like Android. I'm not talking about someone who knows what they are doing like the audience here. I'm talking about the regular people installing all the crapware onto their devices without knowing what they are doing.
On the “virii” concern: Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
Don't we already have it? Not exactly this way and not super convenient but we can install any app to our own devices via Xcode?
It's intended for developers/tech savvy people, but I think it's right on spot: if average non tech savvy people could easily download any app it'd be like opening a new expired can of worms. The reputation of iPhone platform in terms of reliability and security would plummet and the brand would be affected negatively.
Apple wouldn't want that. Even if it negatively affects me too, I get their point and have to agree with their stance.
I have an easier option, allow one click install of Web Apps. Which are Apps in WebView with additional features such as push notification. And the Icon on the HomeScreen will have a blue or green edge shadow to show this is an HTML5 apps ( As Steve Jobs used to call it )
There is a whole class of Apps that doesn't or shouldn't need Apple's approval. And are mostly reader apps or web page with some interactivity. From Ordering in a restaurant to Reading comics, or as simply as watching Netflix.
Keep the Gaming and "Software" on the App Store if they want it that way.
That would require Safari to actually keep up with standards. In my eyes, they deliberately don't implement features so that you can't compete with a native (and therefore Apple App Store) app.
I can't even send a notification to the iOS Safari, something everyone else has implemented. And Apple themselves implement on desktop Safari.
Yes, and some of them they are working on. While others are not tuned on for iOS Safari. I think this is a much easier fix that their App Store problem though. They just need specific Webkit features only available inside these HTML5 Apps ( And not within Safari browser for whatever reason they have ). Fully Sandboxed, and zero / refined or control access to phonebook or photos.
Instead they made App Clips. While being useful, they are still the holding the ultimate power for access to Apple customers.
If you have a developer account you can do that. There are even services which provides signing services (which is problematic I know) but still there is ability (not easy and cost money) to sideload apps.
That would be a good solution. Allow people to load their own certs, but make it no easier than it is today. That way large companies can't skip out on the app store (and Apples privacy requirements) and nerds can do what we want with our phones.
For those wondering this appears to be a new offering that sits between their enterprise offerings and app store accounts. Right now if you want to offer your internal app you need to host the IPA's, implement your own update mechanism, and get people to accept your developer deep in the Settings app. I'm guessing this lets you take advantage of Apple's update and hosting which makes sense for some apps I'm sure. One of the nicer things with enterprise is you don't need to go through app review (mainly the time savings, we can push a fix as quick as we can code it). This isn't something my company will use but it makes total sense for an internal app that doesn't need rapid release ability and saves you from a lot of management stuff you'd otherwise be on the hook for.
Now all I want is Apple to have a better story for "template apps". I know we don't want more spam in the store but getting a company to setup and maintain an Apple Dev account when they are not a tech company can be rough. I've run into this issue both professionally and for side projects. I'd gladly give Apple $100 per app and/or be unlisted if I could publish multiple builds of the same base "template app" on the same account. Maybe they will relax that restriction for unlisted apps, it still wouldn't cut it for some cases but for at least one of my side projects it would be perfect.
There is a place between those today, which is Apple Business Manager (ABM).
It uses the App Store infrastructure, but apps are not listed on the public App Store and are instead made visible through redemption codes or using an email-based invitation. The UX is pretty terrible, the support is nearly non-existent, but it's there.
I just hope they are a little easier on App Review considering how hard it was to get a bespoke app through App Review in the past.
Cydia requires a jailbroken device, which 1) is usually impossible if the device is running an up-to-date version of iOS, and 2) makes the device less secure, making it unreasonable for an organization to require their employees to do.
(For clarity: the device being jailbroken shouldn't and honestly usually doesn't make it less secure, and in the past we have sometimes been able to fix bugs and patch them to be more secure than stock; but, to be jailbroken means the device was jailbreakable, which is where the core insecurity lies: a jailbreakable device--which is an older device or one running an older operating system version with some unpatched exploit that can be abused--whether or not it has been jailbroken is dangerous to be using, and the jailbreaks have become more limited in their ability to fix these bugs.
They were just public listed apps. You’d have a corporate app on the normal store which would just hit a login wall. Not really that big of a deal but not as nice as an unlisted app.
There's also Custom Apps[0] where you go through the same process but can either generate redemption codes to send people or go through the Mobile Device Management tool. These are not on the public app store.
I setup this for a company app that their employees use.
You can publish applications yourself using an enterprise certificate. You have to host and distribute it, although MDM systems can do this for you and roll it out to all your users automatically.
You can also publish on the App Store, but only make it visible / available to specific customers where they buy seats in bulk and get redemption codes for people to install through the App Store.
This seems like a bit of a simplification of the second approach.
We use this, great to see it officially announced! This helps offer apps to potential/current/former employees without competing with yourself in App Store search results. The only way to load the App Store app page is via the direct apps.apple.com link. Past that, the app is treated like any other.
You still go through the regular app review process, but honestly I think employees appreciate that and trust the app more seeing it come from the App Store rather than from some enterprise MDM app that prompts for a whole lot of device access/trust.
I've been saying for years that Apple should do something like this, as an alternative to Apple's exorbitant App Store fees.
Today: Apple charges app devs 15-30% of IAP revenue, providing new users "for free" in search and editorial highlighting.
Tomorrow: Apple could charge 0% of IAP revenue for "unlisted" apps. Unlisted app developers could buy Search Ads to pay for new users.
I think this would align incentives for devs and Apple much better. I should be paying Apple a market rate for what they actually offer me, new users, and not a fixed percentage based on IAP sales that I'm merchandising to my own users after acquiring them.
My point is that there's a market rate for new users, and that's what I should be paying. (Even if Apple is the only purveyor of Search Ads, I can acquire new users on Google or Facebook, or by any other means of advertising.)
When they sell you a phone, you are paying for the hardware and the software that runs on it.
Apple is providing a service with the App Store and related services. Whether or not you _like_ that service or how they price it is another matter, but they _are_ providing a service. It is not unreasonable for them to charge for it.
What if I don't want their services? I'm fine providing my app from my website, it's not like there's any value out of being listed in the appstore anyways.
> What if I don't want their services? I'm fine providing my app from my website
You're free to not use the app store. You could sell an app bundle from your website if you wanted to. I doubt your users will be happy with that, though. Actually installing the thing is gonna suck. FWIW, I partially agree on this point: Apple should provide a reliable way of sideloading applications onto an iPhone without jailbreaking or anything. I rather like the way Android does it (just a toggle in the settings; off by default -- which, let's be honest, really is the right default for 99% of people).
> it's not like there's any value out of being listed in the appstore anyways
Nonsense. Even if you completely write off advertising because discoverability for new apps is terrible, having a system that's baked into the OS able roll out updates ASAP for existing users is an _incredible_ luxury. That _alone_ would be worth some substantial money.
---
Are the fees too high for the service being offered? Yeah, probably. This is Apple we're talking about though. High prices are kind of their thing.
Are there things that could be improved about the service? Absolutely. This has been written about at length in various places around the internet.
Is any of this an _easy_ fix? No, it's really, really not. As technologists, it's easy for you and I to say 'just get out of my way and let me do what i want, apple'. We accept very little risk in doing that because generally speaking, we know what we're doing and what to look out for. The average non-technical consumer, though? The guardrails that Apple puts on the experience are a feature, not a bug. A completely hands-off approach (think Windows circa 2003) is a _terrible_ experience for the vast majority of people because the vast majority of people are almost entirely technically illiterate. A locked down ecosystem is a reasonable default.
> You're free to not use the app store. You could sell an app bundle from your website if you wanted to. I doubt your users will be happy with that, though. Actually installing the thing is gonna suck.
You just can't? There's not a way to download an .ipa and run it on an iPhone. And on Android if the experience of doing that just sucks ... but that's the fault of the OS developers not mine I'd say...
> Nonsense. Even if you completely write off advertising because discoverability for new apps is terrible, having a system that's baked into the OS able roll out updates ASAP for existing users is an _incredible_ luxury. That _alone_ would be worth some substantial money.
It's true I do get "some" free install from the app store, but it's about the same as a 10$ ad though so I evaluate the value of the advertising of being listed in the appstore to something around 10$.
In terms of updates, if they just let embedded an url in the package configuration from where the phone needs fetch the updates, that'd be enough.
> The guardrails that Apple puts on the experience are a feature, not a bug. A completely hands-off approach (think Windows circa 2003) is a _terrible_ experience for the vast majority of people because the vast majority of people are almost entirely technically illiterate. A locked down ecosystem is a reasonable default.
If we're talking about safety, the safest place platform today in terms of security and privacy is still the web, far ahead of the appstore. Since it's an open platform, I don't see the connection.
> You just can't? There's not a way to download an .ipa and run it on an iPhone.
There are ways.
> if they just let embedded an url in the package configuration from where the phone needs fetch the updates, that'd be enough.
No, it’s not. In that model, every app can download something from anywhere on the internet at the discretion of the developer, modify itself, and then execute newly downloaded code. Having that process happen out of band from at least a semi-trusted location is much better.
> If we're talking about safety, the safest place platform today in terms of security and privacy is still the web
For gullible users (of which there are many), the web is incredibly dangerous. Yeah, stuff is sandboxed and such, but that doesn’t stop people from losing egregious amounts of money to scams. I can’t quantify this, but I would guess that the web is a substantially higher percentage of scams compared to the App Store. Anecdotally, I don’t know anyone who has lost more than a trivial amount of money to an App Store scam. I know multiple people who have each lost $50k+ just to romance scams.
Let's just agree that those "ways" aren't exactly usable enough for normal users then.
> No, it’s not. In that model, every app can download something from anywhere on the internet at the discretion of the developer, modify itself, and then execute newly downloaded code. Having that process happen out of band from at least a semi-trusted location is much better.
That's if you believe that the app store process works for that purpose (I don't)
> I don’t know anyone who has lost more than a trivial amount of money to an App Store scam. I know multiple people who have each lost $50k+ just to romance scams.
The vast majority of revenue made on the app store by far are from casino-type gaming apps which are using tricks to make users pay. Out of those casino-type game players, only a small minority is spending all their money on those addictions. These poor people are losing a lot.
That's not very popular in Apple's marketing but that's the real truth, the appstore as it is today has more in common with a casino than a respectable traditional software market. I run a personal budget app but I'm in the minority and more the kind of apps they use for PR purposes rather than where their actual revenue is coming from.
I do get that they try as hard as possible to change that image since regulators would destroy them but so far, my analysis stays the same.
In terms of privacy, there's a reason everybody asks you do download their apps, there's just much more data to gather compared to the web.
In practical terms, what does being unlisted on the app store really get you?
If you were worried about someone accidentally stumbling across your internal app… ask a hobbyist iOS game developer how many people stumble across the app they’re actively trying to promote.
If the possibility of people outside your organization having access to an app at all is not acceptable, this doesn’t solve that as there is no mechanism to stop the link from being shared outside.
Everything else is the same; same submission and review process, same distribution channel. As best I can tell, all this does is change the visibility of your app from 0.01 to 0.005.
Easy example: You're a big company (Facebook, Google, Apple, etc.) and you want to publish an app without showing it on your developer page in the app store or "related apps" on a big app.
Netflix doesn't want a cafeteria ordering app showing up next to the main Netflix app, but it doesn't actually need to be securely distributed to only Netflix employees since it still requires login.
This was when Facebook had it internal iOS apps disabled due to Apple’s discovery of the true nature of Onavo as a privacy eroding app distributed to consumers by Facebook.
And if your unlisted app does in-app purchases, you still have to pay 30%, right? Apple used to justify that cut by saying "we deserve it for bringing all these users to your app via the app store catalog", but that's not a valid claim for unlisted apps.
Apple must be forced to allow installing iOS apps from arbitrary sources, signed with arbitrary keys. This is the only way. Or are they afraid that if they do allow that, then the app store would have to truly compete with "just host a self-signed .ipa on your own server" on its own merits?
Apple still runs the infrastructure for handling the unlisted app, like storage costs and bandwidth costs. I believe unlisted apps still have to go through review, so there's human cost in that as well.
Which has to be covered by the $99 / year developer program fee, in aggregate.
Sure, a few apps will cost them massively more than that, but most will take five minutes of reviewer time every six months and a few gigs per month (or year) in download bandwidth.
And by the way, they have so much money sitting in banks doing nothing, they could as well just start giving everything away for free and it'll last them for 20 years.
If they were a charity or non profit sure. But why on Earth a for-profit company, whose reason for existing, by definition, is to make money, would give away money?
Employees get their salaries either way. Shareholders? They do nothing useful for the society and won't be missed. The way I see it, companies literally ruin the world for mostly imperceptible, and mostly abstract, benefit of the very few.
> The way I see it, companies literally ruin the world for mostly imperceptible, and mostly abstract, benefit of the very few.
How do you build a car without a company? How do you get 100 people to work together? How do you get components, carry out testing, and still keep people "fed and watered"?
The only other answer I have ever heard is "the state".
I don't mean "don't earn money at all and go full communism". I mean "stop making active steps towards increasing profits when your income already covers your expenses ten times over". I also meant "for-profit", and probably publicly-traded, companies specifically. A company doesn't have to be of this type. There are privately-owned companies that build products people genuinely love. There also are nonprofits.
If you think Apple employees are fixated on their salary, you don't know enough Apple employees. It's all about the stock grants that vest over 4 years. When you get enough of those overlapping and the stock has the growth of Apple, the only thing that matters is stock, not salary. The salary pays for your rent, food, shopping, car in the bay area. The stock builds your wealth.
If the salary pays for literally all your expenses and you also probably have some left for savings, then what's the "wealth" for? As someone who has never owned any stock, I'm genuinely curious.
It's not like two Steves started a company and one said hey we've got lots of cash let's spend it or do non-work cool stuff but the other went like keeping being greedy for more money.
It's simply a publicly traded company (like many others) with shareholders and stocks and people are expecting the value to go up.
Usually this kind of unchecked "growth" at all costs is counterbalanced by competition. Competition is what keeps companies from abusing their position. There's no competition in iOS app distribution. This is where antitrust needs to come in — urgently. This capitalism is broken, we need a new one.
No one forces anyone to buy or use an iPhone (or Android). Why should a private company has to allow conpetition on their own platform for their own hardware?
You mean from the perspective of learning a language they invented (swift) so you can publish apps on a distribution channel they built? to users who feel safe and secure giving you money via their credit cards because of Apple's brand? so you can sit there and collect money on something with zero marginal cost?
I am a developer. Been one since I was 12 years old writing x86 assembly code. Published apps on disks and distributed them at the local video rental store. The market size was probably 2000 people in my town. Let me tell you that what developers have access to today.. built on top of Apple's ROI machine, is incredible. From this perspective, for every $1 I make, I am happy to give apple .30 of it. The total pie is astronomical.
It's fine that you do need the services provided by the app store. So of course do keep using it. But not all developers need it. Some already have an audience they gained by other means, and/or would gladly do their own marketing and distribution, and to them, the app store and its rules, especially the ones that pertain to UGC, are just an asinine barrier they have to clear every time they release an update.
What I'm trying to say that it's nice to have a choice. You know, like on macOS. There's the app store if you want it, but you're also free to DIY the distribution of your app if that's what works better for you.
A free (ad-supported or fully free) app that's very popular and updated frequently (requiring more reviews) would cost them a lot more than an app that has in-app purchases but only gets updated once a year. Yet the latter app would earn them more. Something doesn't add up here. And yes, that $99/year developer account fee, it exists.
If they do that, Facebook is pulling their stuff from the App store and remove every privacy feature Apple demands, then have you install it from their servers.
It is a problem, but the real problem boils down to services being able to mandate what client you use. Solve that, force Facebook and every other service to work with 3th party clients, and we can free the app store.
And the solution to this particular problem of Facebook tracking the crap outta everyone should be technical not organizational. Apps are already sandboxed from the system and each other. For example, each and every API apps could potentially use to share a tracking identifier with each other should be put behind a permission that an app can't get the current state of.
> but the real problem boils down to services being able to mandate what client you use
The underlying problem is that these threats to third-party client developers have teeth. The US government would happily enforce them it seems, paid for by people's taxes. In a saner world, a Facebook lawyer trying to sue someone who built a better Facebook app would be laughed out of the court building.
I'm not suggesting adding more permission dialog boxes. The way I see it is more along the lines of what Google does with Android: anything that would return a unique identifier (IMEI, serial number, Android ID, MAC addresses) returns either random data or zeros. And, crucially, it needs to be such that the app can't know whether it's getting real or fake data.
Android has already proven that this won't happen. Google has enough scary dialogs in place to make it impractical for anyone else to compete at scale (including Amazon and Epic).
186 comments
[ 19.7 ms ] story [ 4612 ms ] threadGenuine curiosity, provisioning is not something I deal with much.
There are so many paths that get you the same results, that don't require you to hand out full control to this ever fair and totally predictable friend of ours.
There are also very specialist apps that require sign-ins or accounts that aren't available to the public. You might have a messaging app for end users, but have an eDiscovery app that's only available for a few enterprise customers that relies on some access that regular user accounts don't have.
What's not yet clear to me, though, is why you'd choose to distribute these non-public applications through the appstore in the first place, rather than just make them available as direct downloads and have them "sideloaded".
For most situations where you want to do this, you want the apps to download and update like any other app. At the point of distribution, you want to have some differentiation as described in my original post. As soon as the user initiates app installation, you want the App Store to do the heavy lifting for you.
There is no benefit to side loading an application in many cases because you have to then have users repeat those steps again and again. With this mechanism, it's a standard App Store app so you can also deploy it via MDM or other management mechanism.
I completely understand why lack of side loading is an impediment to freedom and using a device how you wish. The challenge is that there is real value for many to Apple's tools and mechanisms when they are more composable. They are likely to offer up things like this as the pressure mounts to offer real sideloading.
The issue is starting from the boot-rom and up apple is effectively using cryptography to retain the property right of exclusion when it comes to what code can run on that ARM cpu. Effectively you have to ask apple for approval of any code that will run on your own hardware. If they sign the code they allow it run if they don’t its excluded from running. If you have to keep asking a 3rd party to do something with something you bought you don't fully own it.
The thing is normally a seller wishing to retain some rights to real or tangible property would normally require a legal contract between the buyer. Here however apple is using cryptography to bypass traditional legal means. You can buy an iPhone, iPad without signing any contract. Yet this effectively retained control of the hardware still exists. You can’t just buy the hardware and throw linux or android on it short of finding a weakness in how code is loaded.
> right of exclusion when it comes to what code can run on that ARM cpu
Yes I like it for the phone. The walled garden has very little malware and has high quality apps. I am never pestered to install crapware or malware and I don't have to be paranoid about it. You can still run your own development software on these machines, and software distributed in controlled channels outside of the store. The controls are reasonably convenient and necessary to keep unwanted software out.
Compare it to Android Play Store or much worse the Galaxy store situation. The grass is much greener in the walled garden.
For the Mac, it's a different story, you can and should be able to run whatever you want on it. But iPhone as a product is a well tended garden (controlled but quite wide and powerful) and I can appreciate that.
Secondly, if apple just allowed loading your own signing key it’s not like malware writers can sign their crap with their own key, and expect it to run.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
b) You need to stop using the term extralegal. You agree to the terms when you first use the phone. Apple is not doing anything without your explicit permission.
Extralegal just means outside of the scope of law or a legal framework. Here apple using cryptography starting from the boot loader to effectively retain the right of exclusion regarding what code may or may not run on the ARM CPU. The sale of the tangible property should include the right of exclusion to the buyer short of a legal agreement at the time of sale allowing the seller to retain some rights. Thats why its extralegal there is no contract just apple using public key cryptography in rather hostile manner that diminishes the property rights of buyers.
Here is a simple test if you have to ask 3rd party to do something with something you “own” you don’t fully own it or your rights are diminished in some manner.
- Apple giving a shit about app curation versus Google Play being a trash heap
- Android having the ability to install third-party-signed apps
Nothing about having the ability to install software outside of Google Play necessitates Google Play itself being a tire fire. Same with Apple: if they tomorrow decided to open up iOS to non-App-Store apps, it wouldn't impact the quality of curation on the iOS App Store.
For the record, I daily drive both an Android phone and an iPad, and don't really worry about malware on either of them. My main gripe is not having any good virtualization options to really stretch the iPad's legs on more developer-centric workflows. That's a particular category of app where App Review has ranged from somewhat hostile to extremely hostile. The end result is that not a lot of people actually bother working on such tools because the chances of actually getting into the App Store and being useful to a wide swath of people is marginal.
Yes, it would. Developers who are today forced to go through the app store would self publish rather than use the app store. Whether or not they use this power well is a different question but there is no question that opening up other distribution channels would directly impact the app store, (which is a huge part of the value add for an iOS device to me)
You still wouldn’t need to be paranoid if sideloading became possible. Sideloading doesn’t imply that app isolation (sandboxing) is also going away, nor does it imply that any app would ever be able to trick the user into running it with escalated privileges (sudo/root) as is the case on most computers.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
If I didn’t, I wouldn’t buy an iPhone. What’s the problem?
If side loading is allowed the amount of tech support I'll have to provide my family will skyrocket.
> If side loading is allowed the amount of tech support I'll have to provide my family will skyrocket.
I mean, if apple ever allow sideloading I suspect it will be behind a 10 feet wall warning and obscure multiple clicks on settings, similar to how google does it.
I also suspect that my family will be divided into two camps: oblivious to the existence of sideloading or technical enough that won't need my tech support.
i don't even want to think about the level of intelligence you're suggesting your family has that they will go above and beyond the average person in deliberately breaking their own phones.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
The other side did not, until COVID started. Then they had to get one so their kid could attend online schooling. It is used just for that.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
No, it affects everyone, even the people who don’t want it.
Consider the time when Facebook got caught spying on minors by abusing their iOS enterprise certificate, and expand that to everybody.
If Apple allowed sideloading, Facebook could just remove their application from Apple’s App Store. They would still have roughly the same amount of users, because even if a person doesn’t want to sideload, most of them will do it anyway if it’s the only way to get Facebook. And now all of those people, who didn’t want to sideload, will be subject to whatever Facebook wants to do that Apple’s rules stopped them from doing.
This isn’t really about individual choice, it’s about the effect on the ecosystem. As soon as you give giants like Facebook a way to opt-out from Apple’s rules, it affects the whole ecosystem, not just the people who choose to sideload.
Sideloading would probably be quite convenient for me personally. But I would rather not have sideloading because of its effect on the ecosystem.
Although, I am of the opinion letting people just load their own personal signing keys. Its not like facebook can sign their app with their own key and expect to work on other peoples devices in that situation. Unless its signed by apple’s private key that all devices would have stored. However, if you had your own signing key you could sign the linux kernel ect or whatever you want, but its definitely not a click/tap and install situation with your own signing key.
Further, its not just doom and gloom on other systems where being able to install software from any source as you please is the default.
You’re missing the original point I was making though.
In this scenario, Facebook removes their application from Apple’s App Store and almost everybody sideloads it. Ultimately, what happens to the people who do that is their own responsibility. Yeah, I get that.
Where does this leave the people who want to use Facebook under Apple’s rules but refuse to sideload it? They have had something taken away from them. Sideloading affects them even if they choose not to sideload. It affects the entire ecosystem, not just the people who sideload. “Just don’t sideload” advice doesn’t work.
You can use Safari
If Facebook pulled their app from the Apple App Store right now, would you be forced to use Android? You'd say they can't, because they'd lose the entire iOS marketshare, which is exactly the problem: Apple are forcing people to use their Apple App Store using their iOS monopoly power marketshare. Which is anti-competitive.
They are both well-tended gardens of different types for different uses. Much higher walls on the phone is a great feature IMO.
You can, legally. You have that right. You can legally jailbreak a supported iPhone in 10 minutes and sideload all day or lldb attach to whatever you want. Nobody will stop you.
But Apple doesn't want to support an open platform. That's their right. They don't want it to part of their ecosystem, their brand, or provide the avalanche of non-negligible support costs.
The distinction here is important and rarely addressed in these discussion.
I mean, Apple blocked countless jailbreaks as of today. It's AFAIK also against their ToS, therefore means they legally try to make it so you don't jailbreak. Can you _really_? Sounds more like a gray area they simply cannot control, but they're definitely trying their hardest to do so...
https://www.macworld.com/article/206764/jailbreak_exemption....
I would understand (though personally disagree) if you wanted the walled garden everywhere, but it seems contradictory to only want it on phones and not computers.
https://www.androidpolice.com/microsoft-teams-911-break-emer...
https://www.reddit.com/r/GooglePixel/comments/r4xz1f/pixel_p...
Interesting quote: Cause let's be real, as someone without a landline, I sure as hell don't want a phone that freaks out when I try to call 911 in the middle of a life threatening emergency. I'm supposed to trust that a phone will do the main thing is built for, and place the call, and let me speak to the human on the other end.
If you're worried about low-quality software being side-loaded onto the phone, you can just not side-load anything. That's probably how most Android users use their devices. But it's nice that the walled garden has a gate.
But that’s an interesting question anyway. Apple and google can remove apps distributed through their stores. If a side loaded malicious app exploited this bug, would you have been in favor of google being able to disable those apps? Or should users wait a month until it is sort of fixed on some phones, and be unable to dial emergency services during the month where this was unpatched?
> Apple can also issue a revocation ticket for apps known to be malicious—even if they’ve been previously notarized.
https://support.apple.com/guide/security/protecting-against-...
https://developer.apple.com/documentation/security/notarizin...
And iPads?
This was simply the question I was trying to answer. No more.
My personal feeling, however, is that, if there is a suitable alternative, people should be allowed to buy a device knowing the limitations (artificial or not).
Nobody is surprised that there isn't an alternative App Store an iPhone or iPad. If that's important to folks, they have plenty of Android or Microsoft alternatives.
It feels a lot to me like people buy a blue car, then complain that it's not a red car. I honestly don't understand why people don't just buy the red car in the first place.
That's not at all obvious. What is the distinguishing characteristic that makes it reasonable for a giant corporation to have total control over how you use one but not the other?
Perhaps you're just scoping it to the mobile tables and phones, those are indeed locked down but I don't mind it, they are appliances to me and I want the manufacturer to be 100% responsible for it, 100% of the time.
The right I am talking about is primarily the right of exclusion and its not just an American concept plenty of other countries have similar concepts or even the same name, but of course the exact details will vary from one legal system to an other.
Effectively apple retains the right of exclusion via extralegal means by using cryptography. Apple can unilaterally decide to exclude software from devices they don't own by not signing it. If you wrote some software yourself for instance you would also still have to ask apple to sign it which they only will do under certain conditions. Essentially if you have to keep having to ask a 3rd party to do something with something you “own” you don’t fully own it.
Why it’s extralegal is that normally a seller would require a buyer to agree to a contract to retain some rights over real or tangible property. Instead apple is using cryptography to effectively retain some property rights despite the buyer never signing a contract agree-ing to this arrangement.
You agree to the terms when you first use the device.
And if you don’t agree to the terms you can get a refund and buy another phone.
The problem still persists that apple is selling hardware that you don’t have full control over. What if I wanted to run linux instead or even bare metal code that I wrote myself? Apple does not permit this nor will sign such software so that boot-rom will load it to RAM. Just because your average user may not do those things does not mean their rights are not being effectively diminished compared to other tangible property they buy.
Apple is under no obligation however to compromise the security of their device in order to help you.
This technically is ridiculous and completely untrue.
Web applications, by design, have a tiny fraction of the capabilities of a fully fledged mobile app.
[0] https://jonbottarini.com/2021/12/09/dont-reply-a-clever-phis...
[1] https://www.theverge.com/2022/1/16/22886809/safari-15-bug-le...
[2] https://nvd.nist.gov/vuln/detail/CVE-2021-30858
[3] https://www.ryanpickren.com/safari-uxss
[4] https://www.cvedetails.com/cve/CVE-2021-30954/
[5] https://www.exploit-db.com/exploits/11567
Also your not free to install any software on the device unless your lucky enough to find an exploit.
Is that a fact? I think not. (don't misunderstand me, I would love mobile hardware to be 'the same' as fixed PCs, but as far as the world is concerned, it is not.)
If you think: phone has CPU, memory and storage, thus it is a computer and I need to have the same "access" as a 1990's PC, then yes, the whole world might as well be burning right now. But if you take it for the appliance that it is, are you really surprised it works the way it does?
If you are so worried about 'rights', where do you draw the line? (pun incoming) your modem, CMTS/CPE/ODN are all closed, crypto-sealed and inseparable hardware+software as well, as is the core router your packets flow through, the TCON board in your flat screen monitor and the microcontroller in your USB charger. Get a CPU from Intel, AMD, Qualcomm, TI, Nvidia, MediaTek, Rockchip etc., get a sealed boot loader that is cryptographically tied to the chip and the chip manufacturer. Heck, to get that sealed stuff as an ODM you sign so many NDAs it might as well be an appliance in itself.
The days that you bought some end-user high-level hardware and had control over the stack are gone. Not because it can't be done differently, but because it's not viable. Even framework is having a hard time (as are Purism and System76) getting any true 'open' system. Not even a libreboot/coreboot system is actually unencumbered if you use any hardware from the last 5 years. People want a whole bunch of things, but the scale simply isn't there to carry the cost.
Ironically, all of this stems from lawyering from the corporate side.
You cannot install a working Wireguard on macOS outside of the App Store.
They don't want you to think of them as (general-purpose) computers.
Also just take the name AMD it stands for advance micro devices.
What's the one and only thing that a smart phone or tablet is meant to do? If it's make phone calls, most people don't anymore and doesn't apply to tablets.
This is an absurd argument.
I have an app that I wrote myself and run just on “my own” iDevices that I have to re-install every week because the installation certificate expires. I'd have to pay the annual $99 tax just for the privilege of running my own frigging software on “my” iDevices without hassle.
And all of the connotations that people associate with PCs eg. unreliability, viruses, malware, constant updates and complexity are not something that people are in a hurry to bring across to the mobile world.
Then again we can look to the market for guidance which is that side loading has in no way impacted the success of iOS devices.
Problems from the early 2000s that don't exist in the same capacity anymore. In fact, I would say getting scammed by an app from the apple app store is more likely than downloading a virus in 2022.
> constant updates
That's a mobile problem.
And you would be wrong.
With viruses, at least the OS vendors are getting rid of them.
Nonsense. I've cleaned malware off of employee laptops within the last 2 years. And off family members' computers within the last 3 months.
So this malware that you had to clean off of those laptops would still not be possible, even for sideloaded apps.
This Christmas I had to uninstall adware from my Grandmothers phone that was filling the notification bar with ads.
Last time I visited my other grandparents I had to warn my grandmother not to click on an offer to install device drivers, that had somehow shown up as an add in a Microsoft Game.
And language such as "side loading" helps that too.
See how ridiculous that sounds?
I see many people blaming Apple's stance (surely Apple has LOTS to blame, but not this one) on App Store/walled garden policy, but without it the whole ecosystem would turn to a mess. Not for the geeky audience of HN Here, but for the rest 99.99% of the world which probably matters more from a brand awareness perspective.
We’re not talking about going back to the old Windows security model where you were always one wrong click away from damaging other apps or the OS, or having your data stolen.
It's intended for developers/tech savvy people, but I think it's right on spot: if average non tech savvy people could easily download any app it'd be like opening a new expired can of worms. The reputation of iPhone platform in terms of reliability and security would plummet and the brand would be affected negatively.
Apple wouldn't want that. Even if it negatively affects me too, I get their point and have to agree with their stance.
There is a whole class of Apps that doesn't or shouldn't need Apple's approval. And are mostly reader apps or web page with some interactivity. From Ordering in a restaurant to Reading comics, or as simply as watching Netflix.
Keep the Gaming and "Software" on the App Store if they want it that way.
I can't even send a notification to the iOS Safari, something everyone else has implemented. And Apple themselves implement on desktop Safari.
https://caniuse.com/notifications
Instead they made App Clips. While being useful, they are still the holding the ultimate power for access to Apple customers.
Now all I want is Apple to have a better story for "template apps". I know we don't want more spam in the store but getting a company to setup and maintain an Apple Dev account when they are not a tech company can be rough. I've run into this issue both professionally and for side projects. I'd gladly give Apple $100 per app and/or be unlisted if I could publish multiple builds of the same base "template app" on the same account. Maybe they will relax that restriction for unlisted apps, it still wouldn't cut it for some cases but for at least one of my side projects it would be perfect.
It uses the App Store infrastructure, but apps are not listed on the public App Store and are instead made visible through redemption codes or using an email-based invitation. The UX is pretty terrible, the support is nearly non-existent, but it's there.
I just hope they are a little easier on App Review considering how hard it was to get a bespoke app through App Review in the past.
I setup this for a company app that their employees use.
[0] https://developer.apple.com/custom-apps/
You can also publish on the App Store, but only make it visible / available to specific customers where they buy seats in bulk and get redemption codes for people to install through the App Store.
This seems like a bit of a simplification of the second approach.
You still go through the regular app review process, but honestly I think employees appreciate that and trust the app more seeing it come from the App Store rather than from some enterprise MDM app that prompts for a whole lot of device access/trust.
Today: Apple charges app devs 15-30% of IAP revenue, providing new users "for free" in search and editorial highlighting.
Tomorrow: Apple could charge 0% of IAP revenue for "unlisted" apps. Unlisted app developers could buy Search Ads to pay for new users.
I think this would align incentives for devs and Apple much better. I should be paying Apple a market rate for what they actually offer me, new users, and not a fixed percentage based on IAP sales that I'm merchandising to my own users after acquiring them.
My point is that there's a market rate for new users, and that's what I should be paying. (Even if Apple is the only purveyor of Search Ads, I can acquire new users on Google or Facebook, or by any other means of advertising.)
Apple is providing a service with the App Store and related services. Whether or not you _like_ that service or how they price it is another matter, but they _are_ providing a service. It is not unreasonable for them to charge for it.
You're free to not use the app store. You could sell an app bundle from your website if you wanted to. I doubt your users will be happy with that, though. Actually installing the thing is gonna suck. FWIW, I partially agree on this point: Apple should provide a reliable way of sideloading applications onto an iPhone without jailbreaking or anything. I rather like the way Android does it (just a toggle in the settings; off by default -- which, let's be honest, really is the right default for 99% of people).
> it's not like there's any value out of being listed in the appstore anyways
Nonsense. Even if you completely write off advertising because discoverability for new apps is terrible, having a system that's baked into the OS able roll out updates ASAP for existing users is an _incredible_ luxury. That _alone_ would be worth some substantial money.
---
Are the fees too high for the service being offered? Yeah, probably. This is Apple we're talking about though. High prices are kind of their thing.
Are there things that could be improved about the service? Absolutely. This has been written about at length in various places around the internet.
Is any of this an _easy_ fix? No, it's really, really not. As technologists, it's easy for you and I to say 'just get out of my way and let me do what i want, apple'. We accept very little risk in doing that because generally speaking, we know what we're doing and what to look out for. The average non-technical consumer, though? The guardrails that Apple puts on the experience are a feature, not a bug. A completely hands-off approach (think Windows circa 2003) is a _terrible_ experience for the vast majority of people because the vast majority of people are almost entirely technically illiterate. A locked down ecosystem is a reasonable default.
You just can't? There's not a way to download an .ipa and run it on an iPhone. And on Android if the experience of doing that just sucks ... but that's the fault of the OS developers not mine I'd say...
> Nonsense. Even if you completely write off advertising because discoverability for new apps is terrible, having a system that's baked into the OS able roll out updates ASAP for existing users is an _incredible_ luxury. That _alone_ would be worth some substantial money.
It's true I do get "some" free install from the app store, but it's about the same as a 10$ ad though so I evaluate the value of the advertising of being listed in the appstore to something around 10$.
In terms of updates, if they just let embedded an url in the package configuration from where the phone needs fetch the updates, that'd be enough.
> The guardrails that Apple puts on the experience are a feature, not a bug. A completely hands-off approach (think Windows circa 2003) is a _terrible_ experience for the vast majority of people because the vast majority of people are almost entirely technically illiterate. A locked down ecosystem is a reasonable default.
If we're talking about safety, the safest place platform today in terms of security and privacy is still the web, far ahead of the appstore. Since it's an open platform, I don't see the connection.
There are ways.
> if they just let embedded an url in the package configuration from where the phone needs fetch the updates, that'd be enough.
No, it’s not. In that model, every app can download something from anywhere on the internet at the discretion of the developer, modify itself, and then execute newly downloaded code. Having that process happen out of band from at least a semi-trusted location is much better.
> If we're talking about safety, the safest place platform today in terms of security and privacy is still the web
For gullible users (of which there are many), the web is incredibly dangerous. Yeah, stuff is sandboxed and such, but that doesn’t stop people from losing egregious amounts of money to scams. I can’t quantify this, but I would guess that the web is a substantially higher percentage of scams compared to the App Store. Anecdotally, I don’t know anyone who has lost more than a trivial amount of money to an App Store scam. I know multiple people who have each lost $50k+ just to romance scams.
Let's just agree that those "ways" aren't exactly usable enough for normal users then.
> No, it’s not. In that model, every app can download something from anywhere on the internet at the discretion of the developer, modify itself, and then execute newly downloaded code. Having that process happen out of band from at least a semi-trusted location is much better.
That's if you believe that the app store process works for that purpose (I don't)
> I don’t know anyone who has lost more than a trivial amount of money to an App Store scam. I know multiple people who have each lost $50k+ just to romance scams.
The vast majority of revenue made on the app store by far are from casino-type gaming apps which are using tricks to make users pay. Out of those casino-type game players, only a small minority is spending all their money on those addictions. These poor people are losing a lot.
That's not very popular in Apple's marketing but that's the real truth, the appstore as it is today has more in common with a casino than a respectable traditional software market. I run a personal budget app but I'm in the minority and more the kind of apps they use for PR purposes rather than where their actual revenue is coming from.
I do get that they try as hard as possible to change that image since regulators would destroy them but so far, my analysis stays the same.
In terms of privacy, there's a reason everybody asks you do download their apps, there's just much more data to gather compared to the web.
Why this limitation?
(TestFlight awkwardly only requires review for any build in a release train, and future builds can be released toll-free)
If you were worried about someone accidentally stumbling across your internal app… ask a hobbyist iOS game developer how many people stumble across the app they’re actively trying to promote.
If the possibility of people outside your organization having access to an app at all is not acceptable, this doesn’t solve that as there is no mechanism to stop the link from being shared outside.
Everything else is the same; same submission and review process, same distribution channel. As best I can tell, all this does is change the visibility of your app from 0.01 to 0.005.
Netflix doesn't want a cafeteria ordering app showing up next to the main Netflix app, but it doesn't actually need to be securely distributed to only Netflix employees since it still requires login.
This was when Facebook had it internal iOS apps disabled due to Apple’s discovery of the true nature of Onavo as a privacy eroding app distributed to consumers by Facebook.
This is still a shit deal
Apple must be forced to allow installing iOS apps from arbitrary sources, signed with arbitrary keys. This is the only way. Or are they afraid that if they do allow that, then the app store would have to truly compete with "just host a self-signed .ipa on your own server" on its own merits?
Sure, a few apps will cost them massively more than that, but most will take five minutes of reviewer time every six months and a few gigs per month (or year) in download bandwidth.
I don't understand this whole idea of keeping on increasing your profits when you already make enough money thousand times over.
How do you build a car without a company? How do you get 100 people to work together? How do you get components, carry out testing, and still keep people "fed and watered"?
The only other answer I have ever heard is "the state".
Large charities accumulate wealth endlessly through active fundraising despite having enough to cover their costs for over a decade.
The issue isn't the collective fiction of the "company", it is "humans" and an inherent greed and self centredness (imo)
It's simply a publicly traded company (like many others) with shareholders and stocks and people are expecting the value to go up.
Could you please try looking at this from the developer perspective?
I am a developer. Been one since I was 12 years old writing x86 assembly code. Published apps on disks and distributed them at the local video rental store. The market size was probably 2000 people in my town. Let me tell you that what developers have access to today.. built on top of Apple's ROI machine, is incredible. From this perspective, for every $1 I make, I am happy to give apple .30 of it. The total pie is astronomical.
What I'm trying to say that it's nice to have a choice. You know, like on macOS. There's the app store if you want it, but you're also free to DIY the distribution of your app if that's what works better for you.
I'm just saying that the cost of the average app developer team is likely offset by the income Apple makes from the average app developer team.
Whether that's how they spend the money, I have no idea.
I don't need to know how they spend it to guess that the costs and income probably roughly balance out.
Apple uses paid apps to subsidize free apps.
It’s not compensation for services rendered, it’s a toll or tax on their platform, regardless of their services offered.
It is a problem, but the real problem boils down to services being able to mandate what client you use. Solve that, force Facebook and every other service to work with 3th party clients, and we can free the app store.
> but the real problem boils down to services being able to mandate what client you use
The underlying problem is that these threats to third-party client developers have teeth. The US government would happily enforce them it seems, paid for by people's taxes. In a saner world, a Facebook lawyer trying to sue someone who built a better Facebook app would be laughed out of the court building.
It’s interesting to me.
So just like my regular apps then? Signed, a frustrated indie developer :)
I just saw an update on this from the compliance guidelines and seems to go against the whole ordeal they came out on top of two years ago.