Not entirely pointless. As a professional developer, I appreciate not having to support apps across multiple stores. And Apple’s rules have made it easier to explain to clients “yeah ‘sorry’ we can’t do [evil and/or privacy invading feature]. It’s against the App Store rules.”
I totally understand and empathize with the “it’s the user’s device, they should be able to do what they want with it” argument. I just have also appreciated the professional fringe benefits of the walled garden.
I do wish there was some way all the cool apps could run free while the ones we put up with are locked down and restricted even harder. Absolutely no one should install a side loadable version of the Facebook app.
The only clients that will want to evade Apples app store in the future will have very specific requirements that Apple doesn't want to promote or be scam apps, so I wouldn't worry about your clients wanting to jump ship. It simply won't be worth it to them to lose the majority of ios users or support multiple deployment avenues.
Have you met "clients"? They might not want to jump ship but I can already hear "Why isn't our app in app store X as well‽". Dealing with 2 stores is already a pain, adding 2-3 more would drive me nuts. Both as a solo dev and for my company.
Yes I've had clients on Android for 14 years now and none of them want to distribute outside of Google Play. There might have been some flirting with the idea of publishing to the amazon app store or samsung app store, but it never happened cause there was no benefit.
I do have one android app that has to be distributed on a separate app store in china but that's out of our hands and has to be passed off to a third party to accomplish anyway.
When you say you "can already hear", what you mean is you can imagine hypothetically hearing it, not that you've actually been hearing it, right? Because multiple app stores already exist for Android and I've never heard anybody say what you're suggesting. People are usually just bewildered at the Amazon appstore even existing.
> Because multiple app stores already exist for Android and I've never heard anybody say what you're suggesting
Ok, but there is a huge difference between iOS and Android. All my clients want it on Android and iOS but they only really care about iOS. iOS is normally the last platform that approves apps (web being immediate/no approval and Play being faster on average) and without fail my clients pretend there is no app until it's released on iOS. I'll even tell them "Go to hxxp://yoursite.com, it's pretty much exactly what you will see in the app" and they almost never even check the web, I know this because once the iOS app is release /then/ I hear "Can we change X? Let's move Y to X! I don't like the color here....".
All that to say: multiple app stores on iOS /will/ be something I hear about whereas I bet I could forget to release on updates on Play and no one (clients themselves at least) would notice.
Disabling by default but allow sideloading with some disclaimers and warnings seems like a fair compromise, similarly to how Windows will put up barriers and warnings if you try to install software from unknown sources.
The downside is that you don't protect those who enable sideloading and see the warnings when installing Facebook sideload and tap through anyway.
I would agree if you can't do it all on the device itself, the unlocking/sideloading initial warning bypass. The idea would be to prevent those who can barely work their phone from "accidentally" enabling sideloading and then downloading some random app off the internet or other app store by accident or being talked through it with a scammer.
Maybe requiring approval from the iOS account that manages the device, signed in to some other device? I'm imagining something somewhat similar to the "ask to buy" feature for child accounts. That could also help with child or elder accounts if they're managed by someone else holding the keys. Downside is not everyone would have someone to manage their account for them.
Doesn't the Android process still involving tapping 7 times in a row on the build number in the About Device screen? There's definitely ways to create a feature that can't be found accidentally.
Yes that's what they're thinking of (activating developer mode).
Sideloading does require several clicks though. First you download the APK, then you "open" the file in the installer. Then you have to allow "installation from unkown sources," then allow for the app that you downloaded it with (for me that's usually firefox, but for most it's probably Chrome), then you can install it.
Sure, vetting apps can be quite efficient at preventing malware.
But if a sideloaded app can do significantly more harm than just visiting a malicious website (which a scammer can already direct a victim to do), maybe the OS is providing too dangerous (or coarsely-controllable) permissions via its APIs?
For apps that are genuine but behave as malware in terms of data collection I'm not sure it will be possible to build walls high enough to keep them out short of regulation, or that currently users aren't already unknowingly accepting those risks. As is for iOS apps while the user can opt out of their IDFA being shared other tracking methods other fingerprinting methods can still be used, Fingerprint.com/demo has a good demonstration. If sideloading stays prohibited I'm not sure what would stop Facebook from migrating to a browser only version.
Over the long term I'm not sure there's a good solution other than legislation arriving at some "acceptable" level of tracking, given how crucial expanding tracking is to social media companies.
"Install our game via sideloading now: Just ignore all the warnings (we promise it's just as secure) and we'll give you $100 of our in-game currency as a thank-you!"
And who would be able to resist? There's even a little shield icon!
The problem with all of these arguments is that literally no one is doing this at any scale on Android where sideloading has existed since the very beginning. There's literally zero reason to believe that if sideloading was allowed on iOS this would suddenly become a problem.
Fortnite is the biggest example, and still they struggle to encourage installs. People just went to PUBG Mobile instead. Fortnite has the support of the second biggest android stores (Galaxy Store), and still their android revenue isn't great.
Fortnite is basically the only such app with any significant user base, right? So it doesn't make allowing sideloading a bad thing any more than the ZFS-on-Linux situation makes copyleft a bad thing.
Google has however also been very careful about parity in functionality between the Play Store and sideloaded apps form the beginning.
Only very recently have they started cracking down on third-party in-app payments and subscriptions, and otherwise I think they have basically approved everything that's not either outright malware or illegal, significantly including third-party browsers, VMs and emulators and other things that Apple bans by policy.
I would not say zero. I visited a jailbreak store early on and this is exactly what I saw. However, it was not the developer. The store had pirated versions of popular games hacked to create fake in app purchases. I foresee numerous headaches for developers trying to prevent cheating, piracy or fake purchases.
I wouldnt necessarily encourage it, but if its not illegally anticompetitive, and Apple wants to retain control of devices, they could make it where "enable sideloading" disables the Apple App Store, and prevents any app from the Apple App Store from running, including cancelling all subscriptions. If they really wanted to get nasty, they could force a full device reset before going back to Disable Sideloading. The latter part is almost exactly the route Microsoft went with Windows Mode S.
They could let you have your phone in either mode, but refuse to allow "hybrid" App Store + Sideloading configurations.
Imagine if an automaker said "if you ever install a non-OEM part in your vehicle, none of our dealers will ever sell you any OEM parts or perform any service on it." Or if Keurig said "if you ever use a third-party K-cup, you'll never be able to use any of ours in that machine ever again."
Okay, how about "if you ever install any non-OEM parts in your vehicle, none of our dealers will sell you any other OEM parts or perform any unrelated service on it until you pay to have them all re-replaced with OEM ones again?"
This is the same message Apple should deliver to every senator and judge: “developers are more productive on things that matter - this is the consumer surplus”
At the time, they really wanted to pivot from a computer company to a device company after the success they found with iPod. Remember at first they didn't even want to allow 3rd-party apps: that's how device-oriented they were thinking.
The computer landscape in 2007 punted the problem of viruses and inability back on the user. I think Apple's goals when they finally did an app store were to (1) ensure iOs-specific native software (vs crappy ports), (2) prevent viruses and malware, and (3) keep the phone as stable as possible.
I think you could argue that there were other ways to approach those goals, but I think it's harder to argue that preventing side-loading was entirely pointless.
CSS has lots of non-layout-shifting animation techniques - obviously there’s stuff like only changing colours, images, backgrounds, and effects like box-shadow, but things like animating the transform: property are also “layout safe” and very high performance because they’re applied after layout: https://web.dev/animations-guide/
Except developers wanted an API and native apps - careful what you wish for! All the argument over progressive web apps could have been avoided, along with Apple being on board.
> I totally understand and empathize with the “it’s the user’s device, they should be able to do what they want with it” argument.
More often, that argument seems to be used in bad faith. By that, I mean it comes across as a think of the children fallacy. It's developers wanting their own way ("why should I have to pay..."), and as you highlight, wanting to do things with other peoples devices that they really shouldn't.
Oh, I don't mind the argument itself and empathise with it somewhat, it's the hiding behind "user choice" that I take issue with. If the problem is the $99 fee, which for the actual cost of a signed certificate is quite low, just be honest about it.
Truly this is the most cursed thing. Why can I not even make apps for me and my iCloud family for free? I own all these computers. I pay Apple for a few of their services. Why am I prevented from personal computing and only permitted to use these computers for their paradigm.
But I don't think that this criticism of Apple's model requires alternate app stores (which I have seen first hand can be confusing for some users from the pre digital age). Just a side loading method.
I would support this if they didn't do the thing like banning original firefox on iOS. This was firefox's greatest moat, a complete browser with extension support
The reason Apple does not allow other browser engines is because JIT has historically been very prone to security vulnerabilities. That is why only Apple is allowed to make anything involving JIT on iOS. And that is why other browser engines, with their own JIT-powered JS interpreters are not allowed.
And Apple's JIT engine has been as prone to security vulnerabilities as any other, diminishing any theoretical benefits to the point they don't matter. Apple clearly doesn't want competing JIT engines because Safari can't compete with Chrome in many ways.
I get the idea behind unifying the browsing experience, but blocking V8 and SpiderMonkey isn't doing the end user any favours. In fact, because Safari is tied to the OS and isn't part of a separate app like on Android, if you find a vulnerability in your browser you have to report it to Apple and wait for an iOS security release cycle. On all other platforms you just push out the patch and your users are secured in a day or two.
> And Apple's JIT engine has been as prone to security vulnerabilities as any other, diminishing any theoretical benefits to the point they don't matter
It matters because first-party (Apple) vulnerabilities can be fixed and rolled out with iOS updates.
JIT vulnerabilities in third-party apps would leave those vulnerabilities up to the third-party developers to patch.
And that is before we even consider the fact that Apple has shown itself resilient against pressure to introduce back doors in iOS. If third-parties were allowed to write their own JITs you can safely assume that those third-party developers will be pressured to implement intentional vulnerabilities in their apps. And some will fold to pressure.
I am happy that Apple does this.
I don’t understand why anyone has an issue with it.
If you don’t like what Apple is doing, then don’t buy Apple products.
Why should those of us who agree with Apple, and buy Apple products because we agree with them, suffer as a consequence of other people not agreeing with Apple?
Because interpreting JS without JIT would drain the battery and make iOS look bad to its users who would not understand that the poor battery time was due to the third-party browser they are using.
Nope, third party browsers used to be unable to use JIT even when using WebKit, and that was back when devices were slower. This meant there were jailbreak tweaks such as this one: http://cydia.saurik.com/package/net.joedj.nitrous/
> Nitro dramatically improves JavaScript performance in web-oriented applications like Chrome/Facebook/Twitter /AlienBlue/Dolphin/Mercury, typically making it 4x to 5x faster.
They changed this in iOS 8, but not many people really noticed even with the slower devices from back then (at least I don't think they noticed that it had been slower)
For every improvement that gets added to browsers, in executing JS faster, web developers will take that extra perf and spend it to do more. The result of that is that only the heavily optimised browsers will be able to deliver the experience that the people expect.
A browser without JIT today, would be a no-go. It would be noticeably slower, and it would drain the battery faster.
https://v8.dev/blog/jitless says that while some benckmarks can be 80% slower without a JIT, real world performance in the YouTube web app is more like 6% slower. To be fair that probably doesn't rely on that much JS, but it would be totally feasible to use a browser without a JIT even with modern web apps. Edge has a secure mode that disables the JIT.
Of course, the proper solution would be to allow 3rd party apps to use JIT, but allowing 3rd party engines without JIT would definitely be better than nothing
> we can’t do [evil and/or privacy invading feature]. It’s against the App Store rules.
The App Store rules from before sideloading exists will still apply after sideloading exists. Nothing has changed, other than the fact that people could choose to bypass the App Store, and in practice every major app still wants to be on the App Store for maximum convenience.
To wit, sideloading has existed on Android for ages, and nearly all apps still want to be on the Play Store.
People should be allowed to do what they want with their own devices. If you own an iPhone, you deserve to be able to install whatever software you want on your iPhone, end of story.
Apple fans are very scared about FB going to leave the Store and forcing them to side load it. But this is FUD, Android has side loading and alternative stores and you can find FB apps on google Play.
The facts are
1 the apps of the big bad tech companies are still on the google Store
2 the stores abused their power and pushed big apps out, not to protect the users, but because they might not be puritan enough, or that some legal but not correct speech was happening on that app.
I wish there was some way to have this benefit without the restrictions. I moved to Android because I wanted to run apps that could do cool things but weren't kosher with Apple's rules. I know pretty well what I'm doing and the implications of my decision, so it's not protecting me from anything, it's just robbing me of freedom of choice. But I would never in 100 years sideload the Facebook app. I won't even install it from the Play store.
I highly applaud the recent Play store change now where it explicitly tells you what data can be accessed, how it will be used, if shared with third party, etc. It's helped me avoid some unknowns.
What about some sort of master switch you could flip that would filter out apps based on behavior? Like the default could be something like "App Store rules" but you could override and allow seeing/installing apps that do other things?
Eh, that wouldn't help with the people who want to use Tik Tok. If Tik Tok can tell them to "enable deep spying" to install the app, they probably will. Although, it would penalize them somewhat and it would make it clear to users what they're doing, so maybe it would help? Hard problem for sure.
As a professional developer you also have to appreciate the possibility that some competition will probably make AppStore a far better experience for developers, instead of a rather broken, restrictive and arbitrary one that we currently enjoy.
Maybe I'm just cynical, but I would not expect a far better experience for anybody with more competition. We have that in a bunch of other areas of tech, and it always ends up being a race to the bottom. You end up only being able to choose between ad and malware riddled garbage or being heavily surveilled, and yet still under the threat of losing everything if an arbitrary algorithm decides it dislikes you. I would expect the same for developer experiences with other app stores, but with less upside because nobody is going to install those other app stores.
I think some competition would be healthy for the App Store. For example, referral systems for iPhone apps are basically impossible to write with Apple's in-app subscriptions: the App Store API only allows two requests per user per year for extending subscriptions, meaning I can only reward users for two invites, but not beyond that. I can only assume this limitation exists to avoid some other loophole, but still, basic referral systems - like Dropbox' "invite a user and get 100mb storage" style - don't work.
Deferred deep linking is also broken. Of course, nobody likes tracking, but referral links also don't work anymore. You used to be able to send someone a single link to install the app and redeem a voucher/discount/special, now you always have to say "install the app, open it (!), then go back here and click this link".
I soooooo hope that this will improve with competition - at least point 1). And my biggest hope is that Apple will fix it in their store because of competition.
I'm hoping the side-loaded apps are sandboxed. The facebooks of the world will cheat a bit harder to keep their apps running in the background, but at least I can control who gets access to files, contacts, and location.
And even for apps that I trust 100%, including stuff I personally write, there is exposure to zero days if you do stuff like display images or web content. I'd like the extra safety net of sandboxing.
If such sandboxing doesn't have negative side effects like breaking some legitimate apps, then even apps from the App Store should be sandboxed. Otherwise, even if they're technically allowing sideloading, it's totally unfair and basically useless.
I'm not sure I understand, apps in the store are already sandboxed, which affords me some protection from them. I'd like the same protection from side-loaded apps.
Perhaps relaxing the no-JIT restriction, though. I think I'd be ok with them relaxing that in side-load. It might be fine in normal apps too, since we have lockdown mode to disable it across the board (including MobileSafari) if extra security against zero-days is needed.
Ah, I misunderstood your original comment. I thought you were advocating for sideloaded apps to be subject to an extra layer of sandboxing beyond what App Store apps are today.
No sideloading also means you have to give that high percentage of revenue to apple. You can't avoid that. It's the clear monopolistic behavior that should be legally blocked.
[edit] Literally do a side by side of CSS, HTML, and JS vs SwiftUI or storyboard to all the Senators and ask “which one do you understand better” - that’s the point. Then take them through the deployment and ask again
This is the biggest modern PR blunder in some time. Do we not get insane productivity as devs from their platform vs others or not? I say emphatically, yes. That’s all you have to do, repeat over and over until blue.
Honestly I doubt 90% of people that own a phone would even know which App Store they use let alone if they have more than one. From a PR point of view I highly doubt it will have any negative impact.
This is a pretty shallow assessment. They acknowledge the malware argument, but don't address it at all. Remember that the iPhone was introduced at a time when Windows was absolutely plagued with trojan scams.
Even with those protections, we still had apps like LinkedIn Intro which was designed to man-in-the-middle all email connections. And these are supposedly legitimate companies.
I can’t wait to see what apps try to do when there are no restrictions.
Look on Android! There's Fortnite, that's a big app you need to sideload. It's also the only big app I know of.
I suppose some copycat apps send tons of notifications, but you can easily uninstall those. As far as I know, iOS sandboxing is better than Android's, so I don't think there's any greater risk.
What puzzles me to no end is how many people were happy not only with having no control over their device (which is fine if they don't want it), but also other people not having control over their devices (which is totally not fine if they do want it).
One argument for this position is that this policy essentially gets people to trust iOS software more, and to buy more of it (sideloading will certainly increase at least the absolute amount of malware out there, or apps that don't meet Apple's criteria). This position is somewhat supported by the fact that iOS users spend MUCH more per user on software and in-app purchases than Android users even of similarly expensive phones.
This is what i find most interesting about this whole debate.
Read the comments on the article itself, it is just full of "i dont want to do this".. so great, don't sideload apps (no one is forcing them to), but why are they so keen on preventing others from doing it as well?
> Read the comments on the article itself, it is just full of "i dont want to do this".. so great, don't sideload apps (no one is forcing them to), but why are they so keen on preventing others from doing it as well?
because it's going to make unscrupulous companies like google/fb/etc all force you to go through their app clients to install their sideloaded apps, without any of the scrutiny and control the apple store has provided historically. that's not really a world I want to live in. While yes, I can just uninstall those apps, some are nearly intrinsic to a mobile experience, like the youtube app.
Apple can and has threatened to pull apps from the store for unscrupulous behavior. Absolutely no one is claiming that the app store itself provides protection. It's the fact that Apple can decide who gets to publish on a device that over a billion people use.
I'm also not really sure how OS level protections would prevent an app from sending out data it shouldn't. Apple is acting as a regulator here because no one else is.
Apple's leverage has given it de-facto regulatory power that it has, to a considerable extent, used in my favor.
It might be that nothing changes if sideloading is made much easier, or other browser engines allowed, or whatever. But, that's not guaranteed.
Since I like the current situation—at least, better than the alternative of having no one push back on things like spyware-loving megacorps—I'm not in favor of risking changes to it.
My ideal situation would be that a lot of what Apple prevents on their platform were illegal everywhere so it'd hardly matter, but the US, at least, does not seem to be heading that direction anytime soon.
So, that's why. It risks changing the current situation such that I would find it worse, overall, and I'd prefer not to risk that.
I like the phrase “de-facto regulatory power.” Not only is it the case that we don’t have to deal with annoying stuff like “enable the facebook store to download our app,” that is, poorly behaving apps in non-official stores. It also takes away one of bluffs that Facebook and friends could make. They don’t even have the ability to say “Apple, make your rules more permissive or I’ll open up a Facebook store.” They don’t even get to negotiate. It is great.
If alternative app stores were allowed, I’d probably download a GNU iOS store. But that’s about it, and it just isn’t worth it.
> Apple's leverage has given it de-facto regulatory power
Indeed. This is called "being an monopoly" and "using anti-competitive practices to control a market, in violation of anti monopoly laws".
Yes, anti competitive practices work.
Yes, being a monopoly works.
And yes, it has produced some good things like Apple's focus on privacy.
But it has also produced other very not good things, like the 30% Apple tax.
But, it is at least comforting that people are now saying the quiet part out loud, which is "yep, Apple had anti competitive market power the whole time, I just like monopolies".
> But, it is at least comforting that people are now saying the white part out loud, which is "yep, Apple had anti competive power the whole time, I just like monopolies".
It's... been the entire argument, the whole time, for the "please don't change it" side. I'm not even aware of another angle on it. It's never been "quiet".
> I just like monopolies
I like my life being better than it might otherwise be. In this case, yes, that means I'd rather this monopoly stick around at least a while longer. I'm entirely not a fan of black-and-white positions on most issues. Monopolies generally suck. In this case, however, one particular monopoly seems to be giving me significant benefits I might not otherwise have. Now, if I could trade Apple's monopoly for a harsh crackdown on monopolies across the whole economy, that'd be easily worth it—yes, please. Just to "liberate" iOS devices, though? Nah, I'd rather they leave it alone.
Well, it gets conveniently ignored anytime someone would bring up problems with said monopoly.
For example, the 30% Apple fee is a consequence of their anti-competitive market power.
And yet, if you start complaining about that, the response will be to pretend like the anti-competitive market power doesn't exist, and that you should just "go publish on a different app store" if you don't want to pay that monopolistic fee.
You can't have it both ways here. You cannot say that you like their monopoly power, and then pretend like it doesn't exist when the same exact market power allows Apple to extra 30% of the money from the app store market.
> Now, if I could trade Apple's monopoly....... Just to "liberate" iOS devices, though? Nah, I'd rather they leave it alone.
Well then you should blame Apple for the situation we are in now.
People wouldn't be forced to regulate Apple, if they hadn't been abusing their market power for a decade.
If Apple had instead chosen to lower their app store fee, to 5%, then we could have gotten the best of all worlds, which is a focus on privacy, and no monopolistic fees.
Its too late for that now. If only Apple hadn't fought these efforts so much, they could have given everyone a worthwhile compromise.
It's probably a misguided fear based on how bad things are even with the App Store, but I'm worried about each company moving its software to its own sites and requiring a more complicated, frustrating, or more privacy-invasive process to use the software over the requirements set by the App Store.
It’s pretty simple. Side-loading can be exploited by social engineering.
Two very bad consequences for me if sideloading were easy:
1. There would be no safe product to recommend to my aging parents who would be vulnerable to social engineering.
2. A company with a popular produce like Facebook could go outside the store, which would normalize side-loading, thus rendering argument like ‘people who want safety can stick to the store’ moot.
The arguments about not wanting to control what other people do are moot. If you want a platform with side-loading, buy android.
Wouldn't it be fairly straightforward to lock down a particular device with the unlocking step tied to another phone ? Like let's say I buy a phone for my kid and I lock it down using my iphone. For installing any app on my kids phone they require some form of authentication from my device. With more people in the loop I feel social engineering becomes more difficult
My family buys their own phones but I’m assumed to be tech support when things go wrong. I do not want the responsibility of locking down their phones (and neither they do).
Side loading is already possible. Yes, you can only do it for a few days at a time, but that's why there's an easy tool that will refresh the application for you.
I haven't heart of social engineering involving https://github.com/altstoreio/AltStore but maybe you know something I don't. Either way, installing apps onto iOS devices over the network exists today.
I really don't care about having full control over my device as long as my device doesn't stop me from doing any critical function.
Life is too complex and there is too much going on and too much to figure out and too many demands on my time, I just want to pick up a device, use it for what i need and then put it away. I don't want to spend hours tinkering to get every little thing the way i want it, i'm happy to outsource that to someone that knows what they are doing and in return I get a device that just works.
Now we are going to end up with a bunch of app stores, which is horrible and annoying to manage on a phone, side loading apps, apps requiring certain app stores so you have to download that app store just to get it and then apps that don't meet the standards that Apple have set.
If you don't like that, you could have bought an Android, but I was happy with it, I want my devices to get out of my way.
Answer to your puzzle: because as soon as sideloading is allowed, sideloading will become required by the most popular apps.
And then suddenly I lose all the protections afforded to me by the Apple Store, such as easy cancellations of subscriptions, easy refunds of apps that don't work, a layer of protection against malware, and so forth. It also just makes my phone that much harder to use, as finding and installing apps becomes that much harder.
If everybody gets sideloading, that absolutely will impact me directly, and negatively. Does that make sense?
How hard is to to simply not install the Facebook app? I've been choosing to not use facebook for nearly 20 years. If somebody tries to socially pressure you, just say no. If they press, explain your reasoning and reassert the "NO" until they leave you alone. Good friends won't try to bully you into something after you've explained yourself; anybody who does is an asshole and you can tell them that.
> corporate compliance
I've never enrolled any of my personal devices in any sort of corporate network, and I never will. Just say no.
You can’t “just say no” to network effects, though. If you’re trying to, for example, attend a pickup game of baseball, and that game is organized on a Facebook group, what is your alternative? If you’re trying to get a job, and the recruiters are on LinkedIn, what’s your alternative? You have to go to where the other people are, in general…
Have somebody on the team [e]mail out the schedule like has always been done. It's not hard. If you feel the need to explain yourself, just tell them Facebook facilitates genocides in Asia or something like that.
If you actually try saying no, you'll find that it's actually easy.
> You can’t “just say no” to network effects, though
Oh? So are you saying that monopoly power is a real thing, and that a company like Apple can extract a 30% monopoly fee, because of this network effect?
The problem with this argument is that Apple fans on one hand have been smugly commenting for a decade, "go but an Android" or "just don't publish on the iPhone" .
And now, they are turning around and suddenly discovering what market power is.
If Apple had merely reduced their 30% fee to 5% from the beginning, we wouldn't be in the situation.
But thems the breaks. Now every Apple fans will have to hear the same exact argument, that they used against others, for a decade, thrown back in their face.
My way of doing it is to just say to people hey, can we use thus instead I can't use FB for ... reasons, here let me help you install it.
I had problems with that only once. I guess it depends on people you are around with. But most people have different groups of friends on different apps already so it's usually no big deal.
It has. Fortnite is not available in the Play Store.
Given that iphone owners are more wealthy I expect this to happen much more often when sideloading is allowed on iphones since there's more money to be made. It's gonna get bad imo.
Sure, there's Fortnite, and a smattering of other apps that aren't in Play Store. But, even though Android has made sideloading easier over time, it's still not that common; most popular apps don't even offer an apk download outside the Play Store. Attempting to load an apk with the setting off used to just give a failure message that quickly disappeared; now it actually takes you to the setting and asks you if you want to do it (with scary text suggesting you don't).
Certainly, Play Store doesn't feel as restrictive as the App Store, so that's probably a factor. But I doubt popular apps will drop Apple's store, because it will significantly reduce the number of people willing and able to install their apps.
Has Facebook publicly thrown a huge fit over Play Store rules trashing their revenue?
They claimed that they expected Apple's rule changes a while back to cost them $10 billion dollars in 2022 alone.
Things may work out as the have with Android sideloading, but they may not. Incentives definitely differ between the two. It's also not clear to me that if sideloading is forced via regulation, it'll look like it does on Android—both operating systems may be forced to make it easier than it currently is on Android.
Apple lets big companies get away with behaviour smaller developers would get instantly banned for. I very much doubt that Facebook is not somehow bypassing iOS' special privacy rules. Every now and then Facebook breaks their servers and hundreds of common apps crash on startup on iOS (https://9to5mac.com/2020/07/10/app-crash-facebook-sdk/); their network libraries are everywhere.
And, to be honest, who is Apple to dictate what Facebook's users can and cannot pay their Facebook subscription with? If people are fine with Facebook's cyber stalking, let them install the stupid app. You can still use the web version from Safari with all of the ad blocking addons you can find. Apple isn't the government and they don't have power of attorney, so I know what basis they have to say what apps you can and cannot sideload onto your phone.
Even still, I doubt Facebook will leave the app store because of this. They may provide some kind of "Facebook Plus" that you need to sideload, but the app store has too many eyes on it because it comes preinstalled.
> They may provide some kind of "Facebook Plus" that you need to sideload, but the app store has too many eyes on it because it comes preinstalled.
The nightmare scenario, for the "please don't change it" side, is that one of a handful of big players does this but also uses it to push an entire alternative store. Facebook and Epic are the most likely to try. Maybe Google, outside chance Microsoft tries. I doubt any would bother to just push sideloading an app, without using it to make a play to become the second of an app store duopoly on the platform. Basically the same strategy Steam used to gain market share—"here's our new game that everyone wants... oh, by the way, to use it you have to install our store".
I mean, Epic's been burning stacks of Benjamins for at least a couple years giving away tons of games (most of it not even cheap shovelware!) to buy marketshare for their desktop app store—it's not implausible they'd give away a lot of free games or other software to get iOS users to install their store, to make a play for the #2 (or #1!) app store position on the platform. And Facebook could probably get people to install theirs by just adding some visual bling to users' posts when they use the version from Facebook's store—might not even have to give them actual extra features to make it happen.
Maybe none of that happens, sure, but it might. If these changes brought by regulations end up making sideloading easier than it currently is on Android, on both platforms, I'd say it's a certainty that something like that'll go down, at least on iOS (more money to be made there; store's more restrictive) and maybe on Android, too.
I don't think Facebook has enough apps to make an app store happen. Amazon and Samsung couldn't get their app stores onto other people's phones, and not even Microsoft could make Windows Phone happen.
I can see Epic starting a mobile game store. And, honestly, I don't see a problem with that. Apple is using Apple Arcade as one of their many "stay with us and you get all of this stuff" services, so why not? Perhaps Microsoft will join the fight and take Game Pass to mobile phones. May the best app store win.
Apple clearly has the upper hand no matter how this plays out. They'll actually have to compete, which means they may need to fix the review situation and loosen some of their policies to allow for things users want rather than make their users comply with what they want. They can stick to their "no video game streaming, no emulators, no links to your website" policy if they want to, but that'll only work as long as their users agree with them.
> sideloading will become required by the most popular apps.
This point keeps being made in these threads on here, and the response I’ve seen made, which I agree with, is that this clearly isn’t the case when you look at Android. Sideloading already exists and it is far from a common way to distribute applications.
From a business perspective, it really doesn’t make sense to force users to pull from outside the App Store, because you’re basically going to destroy your business. Most users are not all that technical and the moment you require them to fool around with apks or whatever other format, you’re going to lose a huge percentage of them.
>, is that this clearly isn’t the case when you look at Android. Sideloading already exists
The problem with using Android as a counterexample is that Apple iOS is more restrictive (e.g. privacy settings) than Android.
E.g. Facebook admitted they lost billions in revenue because of the Apple iOS ad tracking permissions change. That might be an example of Facebook forcing users to "sideload" Facebook+Whatsapp+Instagram to get around the privacy restrictions. In contrast, the Android platform didn't financially hurt them like that so there's less incentive to ask Android users to sideload Facebook apps.
So even a mega giant like Facebook has to follow Apple's rules because there is no sideloading to bypass them. A somewhat analogous situation in 2019 happened when Facebook violated Apple's app store policy and spied on teenagers by abusing their Apple developer account: https://www.google.com/search?q=apple+revokes+facebook+certi...
>Most users are not all that technical and the moment you require them to fool around with apks
I think some conversations about "sideloading" are muddy because casual conversation around it mentally includes alternative app stores rather than end users literally downloading raw ".app" bundle files
The first facebook issue that you mention is unrelated to the App Store, it’s an OS restriction. Side loading won’t affect this.
Apple can clearly make the OS secure/privacy friendly if they want to. The only layer of security that you may lose is the dubious “review” process, which clearly doesn’t do anything considering the amount of scam apps on the store.
>The first facebook issue that you mention is unrelated to the App Store, it’s an OS restriction. Side loading won’t affect this.
Your sentences above are a prime example of a technology mindset being so familiar with the underlying technology that it actually handicaps the analysis of how people might use the tech in ways you don't expect.
The way the sideloaded app gets around the os-level restriction is that they would force users to give permission to the ad-tracking. Otherwise, the sideloaded app has crippled functionality.
That scenario can't happen on Apple's offical App Store because their policies don't allow apps to have crippled functionality when users opt-out of ad tracking.
The theme is that the side-loaded apps can exercise way more freedom with clever psychological dark patterns that bypasses os-level settings.
> That scenario can't happen on Apple's offical App Store because their policies don't allow apps to have crippled functionality when users opt-out of ad tracking.
There is a simple solution for Apple: disable ad tracking on iOS. The DMA doesn't require gatekeepers permit ad tracking. It only requires gatekeepers provide the same functionality they provide themselves. Apple is still perfectly able to provide a safe and secure OS under the legislation.
I totally agree with this concern as things stand.
But it's also been apparent that relying on code auditing wasn't going to be sustainable long term. The real answer is for Apple to beef up their sandboxing to prevent things like cross app tracking, coercing permissions from users, etc - independent of the app store review process or policies.
This is what the Libre Android distributions (eg GrapheneOS, CalyxOS) have been (slowly) converging on.
> But it's also been apparent that relying on code auditing wasn't going to be sustainable long term.
Why not? It seemed to be going fine. As the number of apps increases, so does get money the App Store receives. I don't see anything inherently unsustainable in it at all.
For the same reason that all central planning ends up being unwieldy - the world is complex. It's not the work of doing the reviewing itself that is unsustainable, but rather crafting some singular policy that can reject all "bad" while allowing all "good", compounded by having to work with governments/corporations/etc that want increasingly fine-grained censorship.
Obviously they wouldn't remove themselves. If anything, they'd offer Facebook Plus via sideloading, which gives you amazing deals and new features in exchange for granting a few, totally harmless extra permissions.
The thing is, Apple still controls how apps may be sideloaded, and what permissions those apps can use at the OS level. They have no obligation to make sideloading an easy process.
I generally agree, but one problem is that many of Apple's rules are enforced primarily or exclusively through policy, not actual technical permissions. This is especially true for all the high-level ones around tracking.
Obviously, things like phone book access can be solved for sideloaded apps just as well as for App Store ones – just like Android has been doing for many years.
They do, actually. The DMA is one of the most comprehensive and impressive pieces of technology focused legislation in a lifetime. It expressly forbids gatekeepers like Apple from making the process of installing applications any more difficult than it is for Apple's App Store. The purpose of the legislation is to foster fair competition. It's not fair competition if Apple is allowed to make the process prohibitively complex or cumbersome.
Like all the popular android apps require sideloading?
No, at most you'll pay more for the same app your coworker sideloaded. The price for apple protection, +30% on everything.
Most people didn't extract pictures from their phone before apple cloud (or w/e their service is called) appeared. I know because i was the tech support for my family for those 5 years. How would they sideload?
I wish Apple had attacked this from a different perspective. Instead of fighting side loading, remove the reasons that drive a lot of the demand for side loading. I should be able to buy a Kindle book in the Kindle app. If I download the Netflix app I should be able to sign up for Netflix in the app (or at least be redirected to their web site). Don’t charge fees to competitive services (ie music, books, movies, etc…).
I originally thought I would never load a different App Store but now I might. If an App Store came out that was highly curated (ie no casino games, no subscription scams, no advertising against competitors), that listed exactly what the in-app purchases are before buying, and removed developers who get a lot of complaints in the store, I would be interested. Apple hasn’t been a good steward of the App Store.
I'm fine with it. Apple has been intentionally hindering WebKit development for years to hobble web apps and maintain their App Store dominance. They'll finally be forced to compete again.
> I wish Apple had attacked this from a different perspective. Instead of fighting side loading, remove the reasons that drive a lot of the demand for side loading.
Couldn't have said it better. The only things I could see myself sideloading are indeed the Kindle app (I like being able to single-click buy books without having to switch to Safari), a full browser, and possibly some retro computer, calculator, and console emulators.
All of these are (or at least have been, before I switched) been possible on Android via official apps from the Play Store.
Years ago they had the chance to shape how installing software outside the App Store would work. They could have gone the Android route and it's possible this legislation never would have arrived. Their arrogance and greed created such a animus that we now have the DMA; one of the most comprehensive pieces of technology focused legislation in my lifetime.
> as soon as sideloading is allowed, sideloading will become required by the most popular apps.
Android has always supported sideloading, yet in almost 10 years of using Android, I've never had to sideload any commercial app.
Anecdotally, Amazon has tried to push their app store for a while by incentivizing installs with free games and the like, but none of these weren't also available on the official Play Store. Nowadays, it's all free-to-play anyway, but that's a different topic.
Paraphrasing: "If you don't want to, don't sideload apps, no one is forcing you to" - do people really not see the problem? It's not that technically unsophisticated users will want to sideload apps. They don't know / don't care / have different things to worry about.
But they want their Facebook. Or SnapChat, or Insta, or TikTok, or whatever.
Once other app stores are allowed, there's nothing stopping Meta (for example) from revoking their existing apps, and requiring the use of the Facebook App Installer for access to Facebook. They've paid people in the past to use their Onavo VPN app to bypass Apple's privacy controls, so this would be unsurprising.
Of course, that's just an example; replace with the next SnapChat, TikTok, whatever. If that's the thing that teens want, and the way to get it is to click a bunch of "Yes I agree" dialogs, they'll happily do it. And now suddenly some developer has access to all your family financials through your teen.
If your solution is "well, people shouldn't do that then", you might not understand teens. (Or grandparents. Or regular people.)
Well, there is maybe one thing. That is their projection of reduced installs. It's not just an issue of clicking "Yes". It's probably also an issue of knowing how to do it in the first place. The first party app store will always be easier.
Because software companies have proven they can't be trusted-- as soon as they can Facebook or someone will try to force side loading as the method to get their apps.
I have plenty of control and am happy I don’t have to deal with developers that installs outside AppStore like Mac, getting hacked is no joke and side loading ups the chances
I just think back to before the iPhone. If you wanted something on your phone, it was still a walled garden, just one that the carriers put up. A new ringtone would cost you, and you’d be charged monthly for access to using gps through your phone.
By strong arming carriers Apple took this revenue to themselves which had the paradoxical effect of opening things up from where they were before. Without this, there’s no doubt you’d be using a Verizon App Store and I’d have AT&T and governments would see no need to take action because there was carrier competition.
Is being able to install whatever you want on your phone, a good thing? Undoubtedly, but we wouldn’t have tasted this opportunity without Apple’s move to take App Sales in house. We also have to be mindful of the devil we don’t know. if you’re OSS you see sideloading as blissfully unchaining your device, but if you’re an Apple competitor you see it as a chance to do everything you were forbidden to.
Depends on the phone. On a Symbian, you just downloaded a SIS file; later versions required code signing. Afaik, WinCE and Palm phones were similar. I had some java capable feature phones that were similar, put together a jad file and hope that write once, run everywhere works (I remember my first phone had some features that used a J2ME standard interface exactly backwards; turn on backlight would turn it off, and vice versa). I didn't even select those two phones for their openness, I just had them and tried to write/run code and it was available.
Certainly, the carriers had stores, but it's not like they had software I wanted to run.
It’s a device for convenience. I want the critical functions work well. If you can make that work in an open system, great but I haven’t seen that being successfully done.
Because the people in my life who aren't as technical as me and I support will be taken advantage. Sideloading would make their lives noticeably worse as scammers, hackers, and thieves trick them into doing dangerous things. Not giving them the options makes their phone a safer place, which is why people want it applied to others.
Smart tech users do lose out in the trade off, but it is a trade off.
Apple really set themselves up as a "Willy Wonka's Chocolate Factory", spending a lot of time presenting marvels (both helpful and useless) to hide the dirty secrets under the surface. Near slavery conditions in manufacturing, arbitrarily applied clauses and rules, and technically enabled limitations to even repair their "Intellectual Property". For years you had to accept the rules of the factory or get shoved down an egg chute, while fanboys laugh at you all the way down.
Times have changed though, Willy Wonka is gone now, phones are nearly identical in specs across the board, and there aren't that many more marvels to distract with.
meanwhile over here in reality: 1) all manufacturers have dirty manufacturing, 2) people bought iPhones for the walled garden, 3) three year old Apple chips are faster than anything competitors make today...
I don't think it was pointless. It's probably made them a good bit of money, and since they got ahead of the narrative anyway (as the article concludes) it really seems like fighting it tooth and nail was a great option for them.
I have to concur with the article. That said, this likely won’t get far. Google has allowed multiple app stores for years and, still, the vast majority of purchases come from the Google Play Store—so much so that the vast majority of developers don’t even bother putting their apps on other stores.
Yeah I really don't get where all the fearmongering is coming from. People seem terrified we're going to end up in some kind of federated decentralized App Store "hell"scape instantly. Vs the reality where the thought of posting on even the Amazon App Store literally sounds like a joke to me.
Apple is still going to have the best integrations for their own App Store and even if eg Epic manage to get close (I kind of doubt it even if it's technically possible) all it will do is force Apple to actually compete on eg take % and developer experience. Versus right now they can tell you to go pound sand for no reason when you're releasing a 1-line bug fix revision for your 10 year old app.
Apple has always been incorrect in their arguments. How do I know? Android allowed sideloading since day one and most people have never even considered sideloading. I've never seen any news articles about Android security incidents related to sideloading an trojaned app as the initial vector. I'm sure it's happened, but it is not widespread.
Those who did sideload were forced to do so by the extraordinarily popular app they wanted to run not being on the Google Play Store at all. Yeah, I'm talking about Fortnite.
Sure there are techies like us who will sideload apps to skip YouTube ads or covertly save Snapchat nudes or sniff wifi packets or whatever, but we're a vanishingly small minority. Most android users didn't even know sideloading was an option and wouldn't care if they did.
It's not zero risk, no arguing that. It's just pretty small, and (IMO) not worth the loss in user choice.
I always thought the "spam click the android version then accept the prompt" as a very clever way to hide the developer mode from even the most clueless users. They'd never even be looking at their android version anyway :P
You already can. However, if you’re asking if they’ll bring down certificate-less sideloading, the answer is no.
It should be noted TrollStore does also enable this in certain versions of iOS, and jailbreaking enables this in older and newer, up to 15.x on arm64e devices (iPhone 11 and up), and up to 16.4.1, the latest version, on older arm64 devices.
My worry here is how the big apps will just publish instructions on how to sideload and then escape the controls and safety that the App Store provides. We know from years of phishing attacks how easy it is to convince people to click links to non-official sites. The App Store already is doing a poor job at trying to prevent copycat apps, this makes it so much worse.
For the majority of my family the App Store provides a huge amount of safety, as no cost. They have no concept of the protections it provides, but equally will just blindly follow instructions online as well.
My mother was convinced for years her iMac and MacBook were from Microsoft because every doc she opened said "Microsoft Windows" and she knows Microsoft.
Weren't Facebook caught teaching people to use TestFlight to install VPNs to circumvent rules before? This feels like it'll play out similarly to Binance teaching users to install VPNs to circumvent trading controls, for the big official apps, and simultaneously open the floodgates to a ton of spam/phishing/fake apps.
Facebook/TikTok/etc just have to say something like "Here's our fancy new version and feature X is only available when you follow these new install instructions" and it'll happen.
Then it'll normalize it, which is the worst outcome.
Just don't do that. Advise your family to not do that. Accept that some of them may choose to anyway, and that's their choice to make.
"Think of my elderly mother!" is the apple fanboy's version of "think of the children!" No. Get over it. Talk with your mother and explain your concerns. Do you have power of attorney over your mother? If you think she's too mentally feeble to be responsible for herself, then maybe you should think about that instead of advocating for the imposition of these rules on everybody else.
Edit for response:
phone8675309: If scammers can talk your mother into sideloading an application, then they can also talk her into emptying her bank account. Get power of attorney over her, if you care.
The fact that anybody here would say "she's too mentally feeble to be responsible for herself" to "my mom would be confused by this tech thing" really says a lot about the type of people here at Hacker News.
Apple will do all it can to fight this. With third-party keyboards, your iPhone will warn you that the keyboard can steal everything you type into it. Apple will amp up warnings like that and run ad campaigns about the goodness of the App Store and how straying from it will expose you to untold danger.
And Apple will probably get pretty far with that. People trust Apple a lot more than they trust Facebook.
> With third-party keyboards, your iPhone will warn you that the keyboard can steal everything you type into it.
Once, when you enable the keyboard. And it seems like an entirely sensible warning. It’s a keyboard, by definition it has to have the ability to react to your key presses. Explicitly letting the user know of this risk seems like a good thing.
> The App Store already is doing a poor job at trying to prevent copycat apps, this makes it so much worse.
Perhaps, but if it is like Android, users will get plenty of warning when they try to turn on side loading, and every time they get a chance to sideload.
> Facebook/TikTok/etc just have to say something like "Here's our fancy new version and feature X is only available when you follow these new install instructions" and it'll happen.
10+ years of Android sideloading and this has not happened.
I suspect things like this won't happen on their primary apps, but Facebook _has_ already done this on iOS with their Onavo VPN app. They incentivized people (including teenagers) to sideload the Onavo VPN app which would intercept their network traffic for "research" in exchange for a $20 gift card every month.
This was done using Facebook's enterprise developer certificate, which allows them to sign apps for internal use - Apple revoked the certificate as it was a violation of ToS to use it externally as they were.
> 10+ years of Android sideloading and this has not happened.
Android's permission and anti-tracking measures have generally been more lenient. I'm sure if sideloading was permitted when the anti tracking measures rolled out on iOS Facebook would have jumped to side loading ASAP.
It's important not to mix App Store/Play Store policies with iOS/Android restrictions.
Sideloaded Facebook can't access your location or camera if you don't tell iOS to give them access (iOS restrictions). On the other hand, there's nothing stopping sideloaded Facebook from refusing to work if you don't let them access those things (no App Store rules).
Something else to consider is the fact that the average user only installs apps from the default store. If Facebook wants installs, that's where they have to be. Also, we don't know many "scary screens" Apple will display when trying to sideload something.
The problem becomes they add some feature like a camera subapp with decals/mlbullshit to get your permission, but once they have that permission they can do whatever the fuck shady thing they want with it.
Some Android skins show you a big red warning, disable the "install" button for a few seconds, and the cancel button is the one with the bright colour. This, plus not allowing sideloading by default, seems to work well. A simple popup probably wouldn't be as effective.
I worry about this kind of thing even with my family who are filled with tech elites. Being tech savvy does not mean being security savvy. The amount of times I've had to convince my family that yes, you do have to update your OS, your devices, your password manager, etc is maddening. Hardly anyone cares about security over convenience.
I foresee that Meta will make a dedicated landing page with a side-load download + easy steps and it will get adopted by a size-able chunk of people (like you say). Once that side-loaded app is on the device, they will have auto-update features built-in and you'll likely never need to manually install it ever again. They'll essentially have complete rooted control over your device and use it to steal any and all information possible.
This is a very real reality and I don't think folks care enough. I'm not even against opening up the app store(s), I just wish we had regulated social media's permissions to our private life more before we opened the flood gates to the garbage they will now attempt to dump onto our devices.
> My worry here is how the big apps will just publish instructions on how to sideload and then escape the controls and safety that the App Store provides.
Android has sideloading since forever, and this doesn't happen there. The number of users you get by the convenience of being in the main app store for the system is way bigger then from any feature you can do if you are not.
As others have pointed out, Google Play isn't as locked down as the App Store so there isn't the same incentive.
But the biggest question that always gets me is why anyone who considers the Android way fine would want to change Apple? Simply stay with Android and let others be. Changing Apple makes it just another Android-- you can't have your cake and eat it too.
Exactly, you can't have your cake and eat it too. If you want to see yourself as a platform, you must hold yourself to higher standards as a platform. Hence, the DOJ ruling that restricting access to the platform is anti-competitive.
This is also why Google is under pressure as well. This isn't just a "go to Android" situation, this is a "the entire mobile market is entirely anti-competitive due to Apple and Google being in bed with each other" one.
Tech illiterate people are barely installing new apps on their phones, let alone separate app stores. Almost everyone I know runs Android and I've never seen F-Droid or Aurora or any other alternative app store on their phones.
Scammers can already trick your mother into installing their apps. https://altstore.io/ exists and is widely used to install an emulator and some other apps Apple has deemed unworthy of their users' attention. The source is here: https://github.com/altstoreio/AltStore
There are plenty of scams on the App Store itself. And it's not like one needs apps to scam people. The internet is full of scams and iPhones come with Safari. Unless you prevent your family from going on the internet, they'll find a way to get scammed. The solution here is education.
I think the antitrust argument has always been specious at best. Apple doesn't control Android or Microsoft Windows Phone OS. If Apple's control over its own package manager can be accused of antitrust, why not the Apple Store? Does McDonald's have a monopoly over Big Macs? Why can't I buy a Big Mac at Hardees? These antitrust accusations stem from a deep misunderstanding of law and exhibit an entitlement to corporate IP. If I have storefront that sells handpicked fruit, you can't legitimately claim antitrust and force me to sell your alfalfa. It's absurd.
Ultimately I support the change but, however self-interested it may be, their argument is probably true that people will get social engineered into side loading stuff they don’t want to.
And their argument is a load of horseshit. The lowest common denominator will always be the lowest common denominator. They're using these hypothetical dummies as a scapegoat in order to ensure a monopoly on software distribution for their hardware.
> Worse, by fighting the issue so loudly and for so long, Apple has actually given the issue way more publicity than it would ever have received otherwise. It has turned what would otherwise have been a boring technical detail covered only by the Apple press into a mass-media news story. Apple has effectively contributed to its portrayal as a bad guy, with zero benefit to the company.
I can only agree with this conclusion. And I'm still somewhat surprised Apple would so intransigently do something that makes them look so utterly stupid and bad.
It's always surprising how many times Facebook comes up in these conversations, even though Facebook has not said anything about creating its own store and Epic was the one that brought suit originally.
It's almost like a talking point that relates this policy to the bad name of Facebook was seen as being effective
If the sole provider isn't acting responsibly, regulators have to allow alternatives.
HOWEVER. This would have been a lot easier if Apple and Google simply reformed their commission models. A take rate of 10% instead of 30% would have prevented this.
I’m happy about this, but I’m going to continue using the App Store unless they censor an app that I like.
It’s a very personal decision, but I like iPhone/iOS because it feels like a device, not like a computer. Android still geeked computer-y the last time I tried it a few years ago. Different strokes.
I like the level of review that apps get and the data shows a much lower prevalence of malware in the iOS ecosystem vs the Android ecosystem. I also like the integration and convenience. I’m mostly happy in my walled garden.
What I don’t like is the political speech suppression. I was appalled when AWS, Google and Apple all canceled Parler. I was not a user of Parler but the arbitrary censorship was shocking.
I am ok with protecting me from malware, but not happy with arbitrary editorial decisions about what speech I can see/participate in.
> What I don’t like is the political speech suppression. I was appalled when AWS, Google and Apple all canceled Parler. I was not a user of Parler but the arbitrary censorship was shocking.
I agree. It was all the scarier because of how obviously coordinated the attack. It makes me wonder what else they are coordinating. Any move to wrest power from their hands and put it back in the hands of ordinary citizens is a very good move from a moral, legal, economic, and democratic perspective.
Apple has always had contempt for its customers, their argument is just an escalation of that which elevated the official company comment to "all of our customers are total idiots"
Even if Apple allows third party stores or side loading, its portion is going to be negligible unless regulators force them to change the platform default store (which is not going to happen for a while). The only meaningful competitor in the current era is the Play Store but those duopoly effectively maintain non-aggression pact so they won't likely launch it on iOS. Yeah, finally some hackers may have fun on iOS, but I doubt if this will transform the landscape.
I think allowing third party browser engines actually has much broader, significant implications here; Apple is already making aggressive investments into Safari in order to keep its edge against Chromium based browsers. Hopefully, PWA will finally become a viable development platform, which may weaken this "app store" economy in a long run.
218 comments
[ 3.2 ms ] story [ 311 ms ] threadI totally understand and empathize with the “it’s the user’s device, they should be able to do what they want with it” argument. I just have also appreciated the professional fringe benefits of the walled garden.
I do wish there was some way all the cool apps could run free while the ones we put up with are locked down and restricted even harder. Absolutely no one should install a side loadable version of the Facebook app.
"Well I charge $x per store for testing.
I do have one android app that has to be distributed on a separate app store in china but that's out of our hands and has to be passed off to a third party to accomplish anyway.
Ok, but there is a huge difference between iOS and Android. All my clients want it on Android and iOS but they only really care about iOS. iOS is normally the last platform that approves apps (web being immediate/no approval and Play being faster on average) and without fail my clients pretend there is no app until it's released on iOS. I'll even tell them "Go to hxxp://yoursite.com, it's pretty much exactly what you will see in the app" and they almost never even check the web, I know this because once the iOS app is release /then/ I hear "Can we change X? Let's move Y to X! I don't like the color here....".
All that to say: multiple app stores on iOS /will/ be something I hear about whereas I bet I could forget to release on updates on Play and no one (clients themselves at least) would notice.
The downside is that you don't protect those who enable sideloading and see the warnings when installing Facebook sideload and tap through anyway.
Having to call into Apple to confirm maybe?
Sideloading does require several clicks though. First you download the APK, then you "open" the file in the installer. Then you have to allow "installation from unkown sources," then allow for the app that you downloaded it with (for me that's usually firefox, but for most it's probably Chrome), then you can install it.
But if a sideloaded app can do significantly more harm than just visiting a malicious website (which a scammer can already direct a victim to do), maybe the OS is providing too dangerous (or coarsely-controllable) permissions via its APIs?
People will be forced to choose between clicking through an explanation & accepting risks they don't understand, and participating in society.
Over the long term I'm not sure there's a good solution other than legislation arriving at some "acceptable" level of tracking, given how crucial expanding tracking is to social media companies.
And who would be able to resist? There's even a little shield icon!
Only very recently have they started cracking down on third-party in-app payments and subscriptions, and otherwise I think they have basically approved everything that's not either outright malware or illegal, significantly including third-party browsers, VMs and emulators and other things that Apple bans by policy.
They could let you have your phone in either mode, but refuse to allow "hybrid" App Store + Sideloading configurations.
There's no cost to wiping the phone. It doesnt require you to drive to an apple store and have them do it.
This also isnt a phone part. It's not "you cant have a new battery until you wipe your phone."
This is the same message Apple should deliver to every senator and judge: “developers are more productive on things that matter - this is the consumer surplus”
The computer landscape in 2007 punted the problem of viruses and inability back on the user. I think Apple's goals when they finally did an app store were to (1) ensure iOs-specific native software (vs crappy ports), (2) prevent viruses and malware, and (3) keep the phone as stable as possible.
I think you could argue that there were other ways to approach those goals, but I think it's harder to argue that preventing side-loading was entirely pointless.
They had a "sweet solution" for 3rd-party apps! *drumroll* webpages!
More often, that argument seems to be used in bad faith. By that, I mean it comes across as a think of the children fallacy. It's developers wanting their own way ("why should I have to pay..."), and as you highlight, wanting to do things with other peoples devices that they really shouldn't.
The inconvenience is small but real.
But I don't think that this criticism of Apple's model requires alternate app stores (which I have seen first hand can be confusing for some users from the pre digital age). Just a side loading method.
I get the idea behind unifying the browsing experience, but blocking V8 and SpiderMonkey isn't doing the end user any favours. In fact, because Safari is tied to the OS and isn't part of a separate app like on Android, if you find a vulnerability in your browser you have to report it to Apple and wait for an iOS security release cycle. On all other platforms you just push out the patch and your users are secured in a day or two.
It matters because first-party (Apple) vulnerabilities can be fixed and rolled out with iOS updates.
JIT vulnerabilities in third-party apps would leave those vulnerabilities up to the third-party developers to patch.
And that is before we even consider the fact that Apple has shown itself resilient against pressure to introduce back doors in iOS. If third-parties were allowed to write their own JITs you can safely assume that those third-party developers will be pressured to implement intentional vulnerabilities in their apps. And some will fold to pressure.
I am happy that Apple does this.
I don’t understand why anyone has an issue with it.
If you don’t like what Apple is doing, then don’t buy Apple products.
Why should those of us who agree with Apple, and buy Apple products because we agree with them, suffer as a consequence of other people not agreeing with Apple?
> Nitro dramatically improves JavaScript performance in web-oriented applications like Chrome/Facebook/Twitter /AlienBlue/Dolphin/Mercury, typically making it 4x to 5x faster.
They changed this in iOS 8, but not many people really noticed even with the slower devices from back then (at least I don't think they noticed that it had been slower)
https://9to5mac.com/2014/06/03/ios-8-webkit-changes-finally-...
It's clearly because Apple wants control
It was also back when websites relied less on JS.
For every improvement that gets added to browsers, in executing JS faster, web developers will take that extra perf and spend it to do more. The result of that is that only the heavily optimised browsers will be able to deliver the experience that the people expect.
A browser without JIT today, would be a no-go. It would be noticeably slower, and it would drain the battery faster.
Of course, the proper solution would be to allow 3rd party apps to use JIT, but allowing 3rd party engines without JIT would definitely be better than nothing
The App Store rules from before sideloading exists will still apply after sideloading exists. Nothing has changed, other than the fact that people could choose to bypass the App Store, and in practice every major app still wants to be on the App Store for maximum convenience.
To wit, sideloading has existed on Android for ages, and nearly all apps still want to be on the Play Store.
People should be allowed to do what they want with their own devices. If you own an iPhone, you deserve to be able to install whatever software you want on your iPhone, end of story.
The facts are
1 the apps of the big bad tech companies are still on the google Store
2 the stores abused their power and pushed big apps out, not to protect the users, but because they might not be puritan enough, or that some legal but not correct speech was happening on that app.
And in that case, I can download, sign, package, and load the app on my phone myself.
I cringe every time I check the "allow packages from unknown sources" option on an Android device.
I don't, because I trust F-Droid apps more than random Play Store apps, but that switch only restricts the former.
I highly applaud the recent Play store change now where it explicitly tells you what data can be accessed, how it will be used, if shared with third party, etc. It's helped me avoid some unknowns.
What about some sort of master switch you could flip that would filter out apps based on behavior? Like the default could be something like "App Store rules" but you could override and allow seeing/installing apps that do other things?
Eh, that wouldn't help with the people who want to use Tik Tok. If Tik Tok can tell them to "enable deep spying" to install the app, they probably will. Although, it would penalize them somewhat and it would make it clear to users what they're doing, so maybe it would help? Hard problem for sure.
Deferred deep linking is also broken. Of course, nobody likes tracking, but referral links also don't work anymore. You used to be able to send someone a single link to install the app and redeem a voucher/discount/special, now you always have to say "install the app, open it (!), then go back here and click this link".
I soooooo hope that this will improve with competition - at least point 1). And my biggest hope is that Apple will fix it in their store because of competition.
And even for apps that I trust 100%, including stuff I personally write, there is exposure to zero days if you do stuff like display images or web content. I'd like the extra safety net of sandboxing.
Perhaps relaxing the no-JIT restriction, though. I think I'd be ok with them relaxing that in side-load. It might be fine in normal apps too, since we have lockdown mode to disable it across the board (including MobileSafari) if extra security against zero-days is needed.
So the walled garden didn't work that well right?
This is the biggest modern PR blunder in some time. Do we not get insane productivity as devs from their platform vs others or not? I say emphatically, yes. That’s all you have to do, repeat over and over until blue.
I can’t wait to see what apps try to do when there are no restrictions.
I suppose some copycat apps send tons of notifications, but you can easily uninstall those. As far as I know, iOS sandboxing is better than Android's, so I don't think there's any greater risk.
Read the comments on the article itself, it is just full of "i dont want to do this".. so great, don't sideload apps (no one is forcing them to), but why are they so keen on preventing others from doing it as well?
because it's going to make unscrupulous companies like google/fb/etc all force you to go through their app clients to install their sideloaded apps, without any of the scrutiny and control the apple store has provided historically. that's not really a world I want to live in. While yes, I can just uninstall those apps, some are nearly intrinsic to a mobile experience, like the youtube app.
2) Android is far, far less lucrative per-user than iOS.
Maybe sideloading on iOS will work out like Android has. Maybe not.
I'm also not really sure how OS level protections would prevent an app from sending out data it shouldn't. Apple is acting as a regulator here because no one else is.
It might be that nothing changes if sideloading is made much easier, or other browser engines allowed, or whatever. But, that's not guaranteed.
Since I like the current situation—at least, better than the alternative of having no one push back on things like spyware-loving megacorps—I'm not in favor of risking changes to it.
My ideal situation would be that a lot of what Apple prevents on their platform were illegal everywhere so it'd hardly matter, but the US, at least, does not seem to be heading that direction anytime soon.
So, that's why. It risks changing the current situation such that I would find it worse, overall, and I'd prefer not to risk that.
If alternative app stores were allowed, I’d probably download a GNU iOS store. But that’s about it, and it just isn’t worth it.
Indeed. This is called "being an monopoly" and "using anti-competitive practices to control a market, in violation of anti monopoly laws".
Yes, anti competitive practices work.
Yes, being a monopoly works.
And yes, it has produced some good things like Apple's focus on privacy.
But it has also produced other very not good things, like the 30% Apple tax.
But, it is at least comforting that people are now saying the quiet part out loud, which is "yep, Apple had anti competitive market power the whole time, I just like monopolies".
It's... been the entire argument, the whole time, for the "please don't change it" side. I'm not even aware of another angle on it. It's never been "quiet".
> I just like monopolies
I like my life being better than it might otherwise be. In this case, yes, that means I'd rather this monopoly stick around at least a while longer. I'm entirely not a fan of black-and-white positions on most issues. Monopolies generally suck. In this case, however, one particular monopoly seems to be giving me significant benefits I might not otherwise have. Now, if I could trade Apple's monopoly for a harsh crackdown on monopolies across the whole economy, that'd be easily worth it—yes, please. Just to "liberate" iOS devices, though? Nah, I'd rather they leave it alone.
Well, it gets conveniently ignored anytime someone would bring up problems with said monopoly.
For example, the 30% Apple fee is a consequence of their anti-competitive market power.
And yet, if you start complaining about that, the response will be to pretend like the anti-competitive market power doesn't exist, and that you should just "go publish on a different app store" if you don't want to pay that monopolistic fee.
You can't have it both ways here. You cannot say that you like their monopoly power, and then pretend like it doesn't exist when the same exact market power allows Apple to extra 30% of the money from the app store market.
> Now, if I could trade Apple's monopoly....... Just to "liberate" iOS devices, though? Nah, I'd rather they leave it alone.
Well then you should blame Apple for the situation we are in now.
People wouldn't be forced to regulate Apple, if they hadn't been abusing their market power for a decade.
If Apple had instead chosen to lower their app store fee, to 5%, then we could have gotten the best of all worlds, which is a focus on privacy, and no monopolistic fees.
Its too late for that now. If only Apple hadn't fought these efforts so much, they could have given everyone a worthwhile compromise.
Two very bad consequences for me if sideloading were easy:
1. There would be no safe product to recommend to my aging parents who would be vulnerable to social engineering.
2. A company with a popular produce like Facebook could go outside the store, which would normalize side-loading, thus rendering argument like ‘people who want safety can stick to the store’ moot.
The arguments about not wanting to control what other people do are moot. If you want a platform with side-loading, buy android.
I haven't heart of social engineering involving https://github.com/altstoreio/AltStore but maybe you know something I don't. Either way, installing apps onto iOS devices over the network exists today.
Life is too complex and there is too much going on and too much to figure out and too many demands on my time, I just want to pick up a device, use it for what i need and then put it away. I don't want to spend hours tinkering to get every little thing the way i want it, i'm happy to outsource that to someone that knows what they are doing and in return I get a device that just works.
Now we are going to end up with a bunch of app stores, which is horrible and annoying to manage on a phone, side loading apps, apps requiring certain app stores so you have to download that app store just to get it and then apps that don't meet the standards that Apple have set.
If you don't like that, you could have bought an Android, but I was happy with it, I want my devices to get out of my way.
And then suddenly I lose all the protections afforded to me by the Apple Store, such as easy cancellations of subscriptions, easy refunds of apps that don't work, a layer of protection against malware, and so forth. It also just makes my phone that much harder to use, as finding and installing apps becomes that much harder.
If everybody gets sideloading, that absolutely will impact me directly, and negatively. Does that make sense?
Bingo. Chiefly worried about Facebook and my folks. As well as compliance deciding everyones' personal phones need antivirus spyware.
That said, I think Apple has the playbook with SIP on Macs: make it scary to disable and clearly in power user territory.
> corporate compliance
I've never enrolled any of my personal devices in any sort of corporate network, and I never will. Just say no.
If you actually try saying no, you'll find that it's actually easy.
And you become the pain-in-the-ass of every friend group and professional circle. No one likes dealing with annoying people like this.
No u.
Oh? So are you saying that monopoly power is a real thing, and that a company like Apple can extract a 30% monopoly fee, because of this network effect?
The problem with this argument is that Apple fans on one hand have been smugly commenting for a decade, "go but an Android" or "just don't publish on the iPhone" .
And now, they are turning around and suddenly discovering what market power is.
If Apple had merely reduced their 30% fee to 5% from the beginning, we wouldn't be in the situation.
But thems the breaks. Now every Apple fans will have to hear the same exact argument, that they used against others, for a decade, thrown back in their face.
I had problems with that only once. I guess it depends on people you are around with. But most people have different groups of friends on different apps already so it's usually no big deal.
Given that iphone owners are more wealthy I expect this to happen much more often when sideloading is allowed on iphones since there's more money to be made. It's gonna get bad imo.
Certainly, Play Store doesn't feel as restrictive as the App Store, so that's probably a factor. But I doubt popular apps will drop Apple's store, because it will significantly reduce the number of people willing and able to install their apps.
They claimed that they expected Apple's rule changes a while back to cost them $10 billion dollars in 2022 alone.
Things may work out as the have with Android sideloading, but they may not. Incentives definitely differ between the two. It's also not clear to me that if sideloading is forced via regulation, it'll look like it does on Android—both operating systems may be forced to make it easier than it currently is on Android.
And, to be honest, who is Apple to dictate what Facebook's users can and cannot pay their Facebook subscription with? If people are fine with Facebook's cyber stalking, let them install the stupid app. You can still use the web version from Safari with all of the ad blocking addons you can find. Apple isn't the government and they don't have power of attorney, so I know what basis they have to say what apps you can and cannot sideload onto your phone.
Even still, I doubt Facebook will leave the app store because of this. They may provide some kind of "Facebook Plus" that you need to sideload, but the app store has too many eyes on it because it comes preinstalled.
The nightmare scenario, for the "please don't change it" side, is that one of a handful of big players does this but also uses it to push an entire alternative store. Facebook and Epic are the most likely to try. Maybe Google, outside chance Microsoft tries. I doubt any would bother to just push sideloading an app, without using it to make a play to become the second of an app store duopoly on the platform. Basically the same strategy Steam used to gain market share—"here's our new game that everyone wants... oh, by the way, to use it you have to install our store".
I mean, Epic's been burning stacks of Benjamins for at least a couple years giving away tons of games (most of it not even cheap shovelware!) to buy marketshare for their desktop app store—it's not implausible they'd give away a lot of free games or other software to get iOS users to install their store, to make a play for the #2 (or #1!) app store position on the platform. And Facebook could probably get people to install theirs by just adding some visual bling to users' posts when they use the version from Facebook's store—might not even have to give them actual extra features to make it happen.
Maybe none of that happens, sure, but it might. If these changes brought by regulations end up making sideloading easier than it currently is on Android, on both platforms, I'd say it's a certainty that something like that'll go down, at least on iOS (more money to be made there; store's more restrictive) and maybe on Android, too.
I can see Epic starting a mobile game store. And, honestly, I don't see a problem with that. Apple is using Apple Arcade as one of their many "stay with us and you get all of this stuff" services, so why not? Perhaps Microsoft will join the fight and take Game Pass to mobile phones. May the best app store win.
Apple clearly has the upper hand no matter how this plays out. They'll actually have to compete, which means they may need to fix the review situation and loosen some of their policies to allow for things users want rather than make their users comply with what they want. They can stick to their "no video game streaming, no emulators, no links to your website" policy if they want to, but that'll only work as long as their users agree with them.
This point keeps being made in these threads on here, and the response I’ve seen made, which I agree with, is that this clearly isn’t the case when you look at Android. Sideloading already exists and it is far from a common way to distribute applications.
From a business perspective, it really doesn’t make sense to force users to pull from outside the App Store, because you’re basically going to destroy your business. Most users are not all that technical and the moment you require them to fool around with apks or whatever other format, you’re going to lose a huge percentage of them.
The problem with using Android as a counterexample is that Apple iOS is more restrictive (e.g. privacy settings) than Android.
E.g. Facebook admitted they lost billions in revenue because of the Apple iOS ad tracking permissions change. That might be an example of Facebook forcing users to "sideload" Facebook+Whatsapp+Instagram to get around the privacy restrictions. In contrast, the Android platform didn't financially hurt them like that so there's less incentive to ask Android users to sideload Facebook apps.
So even a mega giant like Facebook has to follow Apple's rules because there is no sideloading to bypass them. A somewhat analogous situation in 2019 happened when Facebook violated Apple's app store policy and spied on teenagers by abusing their Apple developer account: https://www.google.com/search?q=apple+revokes+facebook+certi...
>Most users are not all that technical and the moment you require them to fool around with apks
I think some conversations about "sideloading" are muddy because casual conversation around it mentally includes alternative app stores rather than end users literally downloading raw ".app" bundle files
Apple can clearly make the OS secure/privacy friendly if they want to. The only layer of security that you may lose is the dubious “review” process, which clearly doesn’t do anything considering the amount of scam apps on the store.
Your sentences above are a prime example of a technology mindset being so familiar with the underlying technology that it actually handicaps the analysis of how people might use the tech in ways you don't expect.
The way the sideloaded app gets around the os-level restriction is that they would force users to give permission to the ad-tracking. Otherwise, the sideloaded app has crippled functionality.
That scenario can't happen on Apple's offical App Store because their policies don't allow apps to have crippled functionality when users opt-out of ad tracking.
The theme is that the side-loaded apps can exercise way more freedom with clever psychological dark patterns that bypasses os-level settings.
E.g. see related example from Twitter: https://www.techgoing.com/twitter-ads-may-track-users-in-vio...
There is a simple solution for Apple: disable ad tracking on iOS. The DMA doesn't require gatekeepers permit ad tracking. It only requires gatekeepers provide the same functionality they provide themselves. Apple is still perfectly able to provide a safe and secure OS under the legislation.
But it's also been apparent that relying on code auditing wasn't going to be sustainable long term. The real answer is for Apple to beef up their sandboxing to prevent things like cross app tracking, coercing permissions from users, etc - independent of the app store review process or policies.
This is what the Libre Android distributions (eg GrapheneOS, CalyxOS) have been (slowly) converging on.
Why not? It seemed to be going fine. As the number of apps increases, so does get money the App Store receives. I don't see anything inherently unsustainable in it at all.
https://www.nytimes.com/2023/02/11/technology/bad-digital-ad...
Obviously, things like phone book access can be solved for sideloaded apps just as well as for App Store ones – just like Android has been doing for many years.
No, at most you'll pay more for the same app your coworker sideloaded. The price for apple protection, +30% on everything.
Most people didn't extract pictures from their phone before apple cloud (or w/e their service is called) appeared. I know because i was the tech support for my family for those 5 years. How would they sideload?
I originally thought I would never load a different App Store but now I might. If an App Store came out that was highly curated (ie no casino games, no subscription scams, no advertising against competitors), that listed exactly what the in-app purchases are before buying, and removed developers who get a lot of complaints in the store, I would be interested. Apple hasn’t been a good steward of the App Store.
I'm fine with it. Apple has been intentionally hindering WebKit development for years to hobble web apps and maintain their App Store dominance. They'll finally be forced to compete again.
Couldn't have said it better. The only things I could see myself sideloading are indeed the Kindle app (I like being able to single-click buy books without having to switch to Safari), a full browser, and possibly some retro computer, calculator, and console emulators.
All of these are (or at least have been, before I switched) been possible on Android via official apps from the Play Store.
Android has always supported sideloading, yet in almost 10 years of using Android, I've never had to sideload any commercial app.
Anecdotally, Amazon has tried to push their app store for a while by incentivizing installs with free games and the like, but none of these weren't also available on the official Play Store. Nowadays, it's all free-to-play anyway, but that's a different topic.
But they want their Facebook. Or SnapChat, or Insta, or TikTok, or whatever.
Once other app stores are allowed, there's nothing stopping Meta (for example) from revoking their existing apps, and requiring the use of the Facebook App Installer for access to Facebook. They've paid people in the past to use their Onavo VPN app to bypass Apple's privacy controls, so this would be unsurprising.
Of course, that's just an example; replace with the next SnapChat, TikTok, whatever. If that's the thing that teens want, and the way to get it is to click a bunch of "Yes I agree" dialogs, they'll happily do it. And now suddenly some developer has access to all your family financials through your teen.
If your solution is "well, people shouldn't do that then", you might not understand teens. (Or grandparents. Or regular people.)
Well, there is maybe one thing. That is their projection of reduced installs. It's not just an issue of clicking "Yes". It's probably also an issue of knowing how to do it in the first place. The first party app store will always be easier.
By strong arming carriers Apple took this revenue to themselves which had the paradoxical effect of opening things up from where they were before. Without this, there’s no doubt you’d be using a Verizon App Store and I’d have AT&T and governments would see no need to take action because there was carrier competition.
Is being able to install whatever you want on your phone, a good thing? Undoubtedly, but we wouldn’t have tasted this opportunity without Apple’s move to take App Sales in house. We also have to be mindful of the devil we don’t know. if you’re OSS you see sideloading as blissfully unchaining your device, but if you’re an Apple competitor you see it as a chance to do everything you were forbidden to.
Certainly, the carriers had stores, but it's not like they had software I wanted to run.
Smart tech users do lose out in the trade off, but it is a trade off.
Times have changed though, Willy Wonka is gone now, phones are nearly identical in specs across the board, and there aren't that many more marvels to distract with.
Apple is still going to have the best integrations for their own App Store and even if eg Epic manage to get close (I kind of doubt it even if it's technically possible) all it will do is force Apple to actually compete on eg take % and developer experience. Versus right now they can tell you to go pound sand for no reason when you're releasing a 1-line bug fix revision for your 10 year old app.
Those who did sideload were forced to do so by the extraordinarily popular app they wanted to run not being on the Google Play Store at all. Yeah, I'm talking about Fortnite.
Sure there are techies like us who will sideload apps to skip YouTube ads or covertly save Snapchat nudes or sniff wifi packets or whatever, but we're a vanishingly small minority. Most android users didn't even know sideloading was an option and wouldn't care if they did.
It's not zero risk, no arguing that. It's just pretty small, and (IMO) not worth the loss in user choice.
It should be noted TrollStore does also enable this in certain versions of iOS, and jailbreaking enables this in older and newer, up to 15.x on arm64e devices (iPhone 11 and up), and up to 16.4.1, the latest version, on older arm64 devices.
For the majority of my family the App Store provides a huge amount of safety, as no cost. They have no concept of the protections it provides, but equally will just blindly follow instructions online as well.
My mother was convinced for years her iMac and MacBook were from Microsoft because every doc she opened said "Microsoft Windows" and she knows Microsoft.
Weren't Facebook caught teaching people to use TestFlight to install VPNs to circumvent rules before? This feels like it'll play out similarly to Binance teaching users to install VPNs to circumvent trading controls, for the big official apps, and simultaneously open the floodgates to a ton of spam/phishing/fake apps.
Facebook/TikTok/etc just have to say something like "Here's our fancy new version and feature X is only available when you follow these new install instructions" and it'll happen.
Then it'll normalize it, which is the worst outcome.
"Think of my elderly mother!" is the apple fanboy's version of "think of the children!" No. Get over it. Talk with your mother and explain your concerns. Do you have power of attorney over your mother? If you think she's too mentally feeble to be responsible for herself, then maybe you should think about that instead of advocating for the imposition of these rules on everybody else.
Edit for response:
phone8675309: If scammers can talk your mother into sideloading an application, then they can also talk her into emptying her bank account. Get power of attorney over her, if you care.
And Apple will probably get pretty far with that. People trust Apple a lot more than they trust Facebook.
Once, when you enable the keyboard. And it seems like an entirely sensible warning. It’s a keyboard, by definition it has to have the ability to react to your key presses. Explicitly letting the user know of this risk seems like a good thing.
Perhaps, but if it is like Android, users will get plenty of warning when they try to turn on side loading, and every time they get a chance to sideload.
> Facebook/TikTok/etc just have to say something like "Here's our fancy new version and feature X is only available when you follow these new install instructions" and it'll happen.
10+ years of Android sideloading and this has not happened.
This was done using Facebook's enterprise developer certificate, which allows them to sign apps for internal use - Apple revoked the certificate as it was a violation of ToS to use it externally as they were.
https://techcrunch.com/2019/01/30/apple-bans-facebook-vpn/
And yes, they already tried it it as a way around controls.
Android's permission and anti-tracking measures have generally been more lenient. I'm sure if sideloading was permitted when the anti tracking measures rolled out on iOS Facebook would have jumped to side loading ASAP.
Sideloaded Facebook can't access your location or camera if you don't tell iOS to give them access (iOS restrictions). On the other hand, there's nothing stopping sideloaded Facebook from refusing to work if you don't let them access those things (no App Store rules).
Something else to consider is the fact that the average user only installs apps from the default store. If Facebook wants installs, that's where they have to be. Also, we don't know many "scary screens" Apple will display when trying to sideload something.
People click through pop-ups without reading them all the time.
Could pop-up a "click OK to send your money to us" button and people would click OK and I'd get calls from family asking where their money went.
Some Android skins show you a big red warning, disable the "install" button for a few seconds, and the cancel button is the one with the bright colour. This, plus not allowing sideloading by default, seems to work well. A simple popup probably wouldn't be as effective.
I foresee that Meta will make a dedicated landing page with a side-load download + easy steps and it will get adopted by a size-able chunk of people (like you say). Once that side-loaded app is on the device, they will have auto-update features built-in and you'll likely never need to manually install it ever again. They'll essentially have complete rooted control over your device and use it to steal any and all information possible.
This is a very real reality and I don't think folks care enough. I'm not even against opening up the app store(s), I just wish we had regulated social media's permissions to our private life more before we opened the flood gates to the garbage they will now attempt to dump onto our devices.
I highly doubt that sideloaded apps would somehow be granted root by default
Android has sideloading since forever, and this doesn't happen there. The number of users you get by the convenience of being in the main app store for the system is way bigger then from any feature you can do if you are not.
But the biggest question that always gets me is why anyone who considers the Android way fine would want to change Apple? Simply stay with Android and let others be. Changing Apple makes it just another Android-- you can't have your cake and eat it too.
This is also why Google is under pressure as well. This isn't just a "go to Android" situation, this is a "the entire mobile market is entirely anti-competitive due to Apple and Google being in bed with each other" one.
Odd that I don't remember anyone calling Nokia anti-competitive when their platform had the market sewn up and Apple and Google had 0%.
Scammers can already trick your mother into installing their apps. https://altstore.io/ exists and is widely used to install an emulator and some other apps Apple has deemed unworthy of their users' attention. The source is here: https://github.com/altstoreio/AltStore
Can you back that up with data? My family’s phones are full of apps.
The highly tech literate are more picky and have fewer more specific apps.
Backed-up with zero data, based on anecdata from friends.
I can only agree with this conclusion. And I'm still somewhat surprised Apple would so intransigently do something that makes them look so utterly stupid and bad.
It's almost like a talking point that relates this policy to the bad name of Facebook was seen as being effective
Other developers have complained about the fees, the arbitrary rejections and not being able to mention web signup
HOWEVER. This would have been a lot easier if Apple and Google simply reformed their commission models. A take rate of 10% instead of 30% would have prevented this.
It’s a very personal decision, but I like iPhone/iOS because it feels like a device, not like a computer. Android still geeked computer-y the last time I tried it a few years ago. Different strokes.
I like the level of review that apps get and the data shows a much lower prevalence of malware in the iOS ecosystem vs the Android ecosystem. I also like the integration and convenience. I’m mostly happy in my walled garden.
What I don’t like is the political speech suppression. I was appalled when AWS, Google and Apple all canceled Parler. I was not a user of Parler but the arbitrary censorship was shocking.
I am ok with protecting me from malware, but not happy with arbitrary editorial decisions about what speech I can see/participate in.
I agree. It was all the scarier because of how obviously coordinated the attack. It makes me wonder what else they are coordinating. Any move to wrest power from their hands and put it back in the hands of ordinary citizens is a very good move from a moral, legal, economic, and democratic perspective.
Will 3rd party stores prevent crappy apps from being published?
One reason I never bought an Android is because the Play store is rife with junk, spyware, and malware.
Why I can't install Steam on my Xbox or PS5? Since we are here talking about open market, we should not target one company but make it all open.
I think allowing third party browser engines actually has much broader, significant implications here; Apple is already making aggressive investments into Safari in order to keep its edge against Chromium based browsers. Hopefully, PWA will finally become a viable development platform, which may weaken this "app store" economy in a long run.