iOS 17 to Support App Sideloading to Comply With European Regulations

[dk001]

You want to turn iOS into what you think it should be. You bought an iPhone knowing what iOS is and isn’t.

Years ago, I wanted OS X to be something that it wasn’t. It wasn’t going to change so I didn’t buy another Mac. Don’t support something that doesn’t fit your needs.

Not at all.
I have found over the years that the iPhone and iPad, while great devices, lack in some areas predominately due to Apple restrictions on what is and is not allowed. I also find that Apple has inserted a number of functions I do not use and will likely never use. It has also inserted a number of functions I find useful. For my use case, I find that the sideload function would be potentially good. Like USB C and the removal of the SIM tray. Like one, dislike the other.

I use a number of devices and OSs. I am not married to a specific "family" or brand of products.

 

[dk001]

Unfortunately it will change the experience of using the phone for me as well.

As soon as it will be possible to do so, many apps will stop being distributed through the App Store to "avoid the Apple tax".

This means that to keep using all the apps and services I'm using now, I'll be forced to:

1) Side load apps from the web or (even worse) through third-party app stores.
2) Use alternative payment processing systems and give my credit card details to possibly shady intermediaries.
3) Manually keep track of active subscriptions of apps sold outside the App Store.
4) Put up with whatever shady business tactics and security risks the developers will come up with (as an example, say goodbye to the convenience and privacy of using "Sign-in with Apple" pretty much on every service that requires an e-mail address to work).

I'm giving you a bunch of real reasons why side loading is gonna make the experience of using the phone worse for everyone.

Can anybody come up with any concrete example of side loading improving the user experience??

and the "Sky is falling!'.

News at 11.

How about some facts to back up your assertions.

 

[JonathanX64]

Just buy Android and be done with the experiment.

I have an Android device and guess what — precisely because it allows for sideloading.

It's time to end this thread for good. Here's the story:

I was born in Russia and lived there until March 2022.

I support the EU and US sanctions against my country, even though they make my life harder and less convenient. If it helps us to defeat Putin, then I am okay with being 'collateral damage'.

Because of sanctions, most Russian banking apps were pulled from App Store and Google Play, and Apple Pay / Google Pay does not work in the country anymore.


So here's the situation:

• If you have an iPhone, you're screwed
• If you have an Android, you can use NFC to pay just like before (by replacing Google Pay with your favourite banking app), you can use sanctioned apps just like before (by sideloading .apk files), etc.

Or another one:

• I moved my Apple ID to Turkey in order to be able to pay for Apple Music and iCloud and to occasionally buy Mac apps.
• But some free iOS apps that I have to use in countries other than Turkey cannot be downloaded anymore.
• Theoretically, it's not Apple's fault; it's on developers who forgot to check additional boxes in App Store Connect.
• Realistically, I'd rather spend time arguing with strangers on the internet than writing «please publish your **** on App Store worldwide» letters to lazy developers in hopes that such letter won't get stuck somewhere within bureaucratic machine of that company.
• So instead, I just sideload apk of such app on my Pixel 5 and voila, it's ready to be used right away!

Or even better one!

In year 2021, before the war, there was a fun project by Navalny's team to disrupt elections (in a legit way, of course). It was called Smart Voting; basically just the list of candidates supported by Navalny (yes. just that. seriously. absolutely harmless stuff, innit?).​

But the government was soooo scared that they've literally threatened employees of Apple's office in Moscow into removing it from the App Store, and same happened with Google / Play.​

Now, just imagine if some American company were so clueless and lame that they released a mobile computing device that can only run apps from a certain allowlist... No, that sounds too ridiculous to be true. Let's disregard that thought.

The only thing that sounds more ridiculous is bunch of idiots who can't even do their job deciding what software you can and cannot run on said hypothetical mobile computing device.

For some, sideloading could help avoid paying Apple tax; for some, it may become a way to unlock more functionality like emulators and such; and for others, it's a **** necessity to keep on living.

If breaking a few eggs and crushing some garden fence is what it takes to achieve that, then so be it.

 

[jonblatho]

I know it's not usually the case for apps that launch automatically when you log in, but it was the case for Spotify.

Unfortunately I cannot prove it to you because it looks like the current installer doesn't do that anymore.

The web is full of people complaining about this issue though:
https://discussions.apple.com/thread/253860620

It is not required to "edit system files" to add a login item in macOS.

 

[jonblatho]

When vulnerabilities show up in app review, they can immediately learn about it and plug it. When a vulnerability shows up in the wild not through the app store it can take months before they even realize it.

No. As far as we know, Apple has never found and likely never will find a vulnerability through app review.

Apple does not at any point receive apps’ source code as part of the app review process. Even if somehow they were to discover an app surreptitiously doing something it’s not supposed to — again, unlikely with how precious little human review is part of the process at this point — they would have little if any idea how it’s actually being done, which of course makes patching it pretty difficult.

 

[Shirasaki]

A Third Party App Store IN AND OF ITSELF is a backdoor to encrypting the OS because iOS was NOT designed for a THIRD PARTY APP STORE.

So, ALL OF THE PROTECTIONS on iOS are designed around the paradigm that Apple has ONE App Store OWNED by them, where ALL APPS are APPROVED by them, and then they allow customers to download those apps to the device.

A Third Party App Store is an END RUN around the App Store as the gatekeeper of all security, like a fence around a house.

Wow… third party store automatically becomes a backdoor. Somehow apple App Store is clean and holy, flawless, absolute and just. This is some egregious stuff to praise this so-called App Store that I bet some would chill.

Ever heard of Change? Nothing lasts forever. Time has changed, so should App Store. Sadly, I don’t see any sign of you having a shred Of understanding of why Apple has to keep App Store tightly shut as-is today. Everything you say in that extract are from Apple.

They don't target devices? So why do we have AV software for our laptops and desktops?
Not sure what you mean by revoke?
30% is/was the commission.
Fortnite broke the rules, and those rules have consequences if they are broken.

Read again. I say “don’t target device as much as targeting humans”, meaning infecting device is not as high of a priority as it was before. Why? All humans are compromised by design.

You mentioned revoke in your post, dude?

I don’t care how Apple calls it. They effectively take away 30% of developers revenue. Plain and simple.

Fortnite break the rules that Apple being the sole dictator drafts? Sure yes, but then what? Contracts are being broken all the time. Are you suggesting Apple’s terms and conditions is above the law? Or Apple somehow has special authority on dictating how developer should live their life? By intentionally breaking the contract, Epic sheds a bit of light on how Apple treats their developers. Yes, Apple has punished them, but then what?

So, we just let that out there on the masses till it finds those "right" people with decent money to go after?
Glad I'm not one of those people!

What on earth are you talking about? iOS code may be tighter than Android in terms of the base system, but that doesn’t matter if malware targets third party apps BEFORE sideloading and take advantage of humans. If you are not aware, talented hackers will not just try to waste their time targeting iOS unless a profit can be made out of it. But that doesn’t mean iOS is more secure because of that. Heck, we general public don’t even have any idea how many flaws FBI/CIA have access to or can obtain access from certain companies. All without the need to sideload.

Yes, you can diligently refuse to sideload and convince people near you to not sideload, but that’s about it, and your iOS device is just as vulnerable with or without sideloading. The whole point is, iOS is already bad in so many ways as-is and folks have been venting their frustration about why Apple intentionally keep certain features off their device for bizarre reasons (T9 dialling, worse volume limiter feature for example). If you are happy for iOS today, might as well cherish it while it lasts anyway.

Again, many have stated that not a whole lot of people on Android side-load. Which brings up the next question of "why are we doing this then, if it's not even close to a majority of people that will ever use it?" Especially on the most popular OS platform. The solution we have is simple and the most effective at preventing the bad stuff from getting onto your device. Simple gateway (1 store). That's it. Everything else via a web browser (that itself is limited as best it can be, but they want Chrome, Edge, Firefox on it too!). Prevent as much as possible, any access to the kernel or drivers, hardware, etc.
They will want hardware access as well (USB/Thunderbolt/NFC/Bluetooth/Wi-Fi/Camera/SEP). So they can be on a level playing field with Apple and the access it has.

The iPhone was not meant to be a general purpose computer. Like macOS (Laptop/Desktop). It runs with much less power, and is always on a network connection (Cell or Wi-Fi).
If you want macOS on a mobile device, buy a MacBook air.

I won’t repeat again but want to point out two things:
1. iPhone HAS become a de-facto general purpose computer for many folks, regardless of its original design intention. They don’t care how you think iPhone should be. So do I.
2. Walled garden must be destroyed to truly force Apple to compete with other service providers on their platform, which isn’t 100% theirs anyway since I bet they are using tons of open source projects code, many of which are licensed differently than Apple‘s own proprietary code.

 

[makitango]

You're obviously not able to see the connection.

A Third Party App Store IN AND OF ITSELF is a backdoor to encrypting the OS because iOS was NOT designed for a THIRD PARTY APP STORE.

So, ALL OF THE PROTECTIONS on iOS are designed around the paradigm that Apple has ONE App Store OWNED by them, where ALL APPS are APPROVED by them, and then they allow customers to download those apps to the device.

A Third Party App Store is an END RUN around the App Store as the gatekeeper of all security, like a fence around a house.

Now, Apple has to put fences up INSIDE the house (iOS) to deal with apps they may not have approved of: porn (with possibly no protection for minors), garbage trash not good enough for the App Store, amateur apps made with poor skill that cause iOS kernel panics (SIGKILL/SIGABRT), money grubbers, making an app that is merely just encasing a browser pointed at your website instead of actually putting thought and skill into it, and leeches who want to access your customer base FOR FREE with no payment for the cost of acquiring said customers.

All of these plague the Android ecosystem still, with people merely making an "app" where it's just a web browser pointed straight at a site, and then charging money for that.

Such a wall of nonsense. If a badly coded app generates a kernel panic, then you‘re dealing with a grandpa OS which had a two-digit number of heart attacks. In other words, that OS would be a joke and unfit for daily use. Thankfully you‘re wrong.

The sideloading works flawlessly both on macOS and on Android, and on iOS you wonMt even be able to install unsigned software, so bad players won‘t even be able to cater to you.

The only difference this brings is that not only employees can sideload apps from their employer, but also customers can download apps from trusted developers.

 

[makitango]

The beauty is that Apple doesn't have do software support for devices that sideload. You sideload bad software that steals info from you, you have only you to blame. Yes, the people that want to take the risk can. Might actually be a win for Apple.

And, yes, Android allowed this for a long time. But, that is why Android is hardly supported. For example, can't really go into a Samsung store and get help. Pretty much toast when it comes to support. I feel like I'm constantly helping my friends/family that took the Andriod route.

I have both Android and iOS devices for work. Should be fine.

Nonsense. If you install MS Office on the Mac, do you lose software support there also?

Apple doesn‘t even offer software support for third party apps on the App Store, and also doesn‘t have to. It has, however, to offer support for the OS.

 

[makitango]

Unfortunately it will change the experience of using the phone for me as well.

As soon as it will be possible to do so, many apps will stop being distributed through the App Store to "avoid the Apple tax".

This means that to keep using all the apps and services I'm using now, I'll be forced to:

1) Side load apps from the web or (even worse) through third-party app stores.
2) Use alternative payment processing systems and give my credit card details to possibly shady intermediaries.
3) Manually keep track of active subscriptions of apps sold outside the App Store.
4) Put up with whatever shady business tactics and security risks the developers will come up with (as an example, say goodbye to the convenience and privacy of using "Sign-in with Apple" pretty much on every service that requires an e-mail address to work).

I'm giving you a bunch of real reasons why side loading is gonna make the experience of using the phone worse for everyone.

Can anybody come up with any concrete example of side loading improving the user experience??

1) You are forced to choose between the App Store and manual version of Slack? Forced to download a AAA title from Steam?
2) Using PayPal is such a pain and they will load your unblockable credit card info onto the darkweb - riiight. To be frank: If you still use a credit card where any data except your name is printed on it for everyone to read, and the security code is static and also readable on it, and you share it with someone you don't know, then we have to leave you behind.
3) Ever heard of online banking? Doesn't get more centralized than that.
4) Good luck being a shady developer while maintaining a valid developer certificate for more than a few days to spread your malware which won't work on iOS while having zero exposure on any website that generates traffic for your oh-so-dangerous app.

As for additional concrete buildings:
1) Content freedom (Bitcoin, torrenting, adult content, politically sensitive stuff, etc.)
2) Give the money to the ones who gave you the app
3) reducing e-waste (you can do more on one device vs having to use as many devices as possible)
4) eventually expanded to global scale, and might thus allow political dissidents to escape dictatorships and flee to safe countries; also helping organize peaceful protests -> people who are not as rich as Tim Cook could feel just as safe in China and Russia as him.

 

[EddyGraphic]

Unfortunately it will change the experience of using the phone for me as well.

As soon as it will be possible to do so, many apps will stop being distributed through the App Store to "avoid the Apple tax".

This means that to keep using all the apps and services I'm using now, I'll be forced to:

1) Side load apps from the web or (even worse) through third-party app stores.
2) Use alternative payment processing systems and give my credit card details to possibly shady intermediaries.
3) Manually keep track of active subscriptions of apps sold outside the App Store.
4) Put up with whatever shady business tactics and security risks the developers will come up with (as an example, say goodbye to the convenience and privacy of using "Sign-in with Apple" pretty much on every service that requires an e-mail address to work).

I'm giving you a bunch of real reasons why side loading is gonna make the experience of using the phone worse for everyone.

Can anybody come up with any concrete example of side loading improving the user experience??

Popular apps will not abandon the App Store and this has been proven by Android, the Play Store is still the place to go to download apps on Android even though it has supported sideloading since its introduction, the average user has no idea how to sideload an app, and I’m pretty sure Apple will make it a pain in the a$$ to enable, so if an App leaves the App Store they will miss out on a lot of users, sideloading is a feature exclusively for advanced users.

 

[2016]

"provided how sandboxed ios is and the lack of exploits" with the current App Store.

…that doesn’t answer my question

 

[AppliedMicro]

A Third Party App Store IN AND OF ITSELF is a backdoor to encrypting the OS because iOS was NOT designed for a THIRD PARTY APP STORE.

That sentence doesn’t make sense.
An App Store application doesn’t encrypt the OS more than what it already is.

So, ALL OF THE PROTECTIONS on iOS are designed around the paradigm that Apple has ONE App Store OWNED by them, where ALL APPS are APPROVED by them, and then they allow customers to download those apps to the device.

If that were true, it would be a highly dangerous security paradigm. Government can’t step in soon enough with laws forcing them to change it and harden security. And cease to purchase any devices, too.

But the statement is wrong. Sideloading of unapproved apps exists today (by way of enterprise certificates). And yet, sideloaded apps have restricted access capabilities. The system still protects me from, say, the employer that made install them on my BYOD device, sniffing around.

 

[AppliedMicro]

As soon as it will be possible to do so, many apps will stop being distributed through the App Store to "avoid the Apple tax".

Apple is free to price their services competitively.

They’re also free to get rid of a number of their consumer-hostile and anticompetitive policies. Such as requiring approval and in-app purchase for content in game-streaming apps.

If they did, there’s little incentive to abandon the App Store.

Can anybody come up with any concrete example of side loading improving the user experience??

Sure. Apps may allow functionality that Apple (effectively) prohibits.
Such as the aforementioned game streaming apps.

Also, I can dispute payments to developers directly through my credit card, without having to fear losing access to all of my other purchases as collateral damage.

As far as we know, Apple has never found and likely never will find a vulnerability through app review.

I wouldn’t say that.

But there’s little evidence that they do - while there’s plenty of malicious or scam/copycat apps passing review.

 

[jonblatho]

I wouldn’t say that.

But there’s little evidence that they do - while there’s plenty of malicious or scam/copycat apps passing review.

I’m pretty comfortable with that statement. I’ve had an app update approved after less than 10 minutes in review. I didn’t run the kind of tracking needed to see whether the new release had even been opened by the reviewer, but I’m curious to this day. (It was years ago, and both the logs I did keep and the app itself are long gone.)

App review at this point exists almost solely to prohibit content deemed objectionable by Apple and any obvious bugs or exceedingly garbage/nonsense apps, as well as to protect Apple’s bottom line. They’re not actively looking for proper security vulnerabilities, and their process isn’t designed to catch them because that’s simply not app review’s purpose. At best they might catch an app surreptitiously misusing permissions granted by the user, but even that is likely much more involved than app review gets at this point.

Example case of what I mean by surreptitious misuse of permissions: a user grants an app access to all photos and selects a few for upload, but the app also starts quietly backing up their entire camera roll without explicit consent. Since the user provided the app with access to all photos, the system itself is still working as intended, so I struggle to consider that a vulnerability so much as a generic privacy violation. App review might manage to catch something like that, but I’m pretty skeptical that they actually would.

 

[macf4n]

Seems a little dramatic considering that sideloading has existed on Android since day 1 and yet, somehow, most people with Android phones aren't complaining about suffering from endless malware. 😅

Because they’re not complaining doesn’t mean it isn’t happening.

Android is plagued with malware, spyware & huge security challenges - created by device manufacturers & carriers who are only interested in initial device sales, app created by questionable developers, & a completely fragmented approach to anything resembling a secure ecosystem.

You cannot have it both ways - Apple has had to make choices to ensure its platforms are secure, & by definition that imposed restrictions.

I do not want app vendors forcing me to use their individual App Store for their apps either & the increased risk of data harvesting, invasive ad frameworks & identity theft..

 

[makitango]

Because they’re not complaining doesn’t mean it isn’t happening.

Android is plagued with malware, spyware & huge security challenges - created by device manufacturers & carriers who are only interested in initial device sales, app created by questionable developers, & a completely fragmented approach to anything resembling a secure ecosystem.

You cannot have it both ways - Apple has had to make choices to ensure its platforms are secure, & by definition that imposed restrictions.

I do not want app vendors forcing me to use their individual App Store for their apps either & the increased risk of data harvesting, invasive ad frameworks & identity theft..

Ever read "security fixes and performance improvements" in apps' update notes on the App Store? That is all you need to know how capitalized security is on your beloved App Store review process. It does not exist.

You can only enforce it at the OS level.

There is no security gained by forbidding users to install torrenting software, Bitcoin apps or tools to avoid violent police patrols during your peaceful demonstrations in Hong Kong.

 

[jlc1978]

Can anybody come up with any concrete example of side loading improving the user experience??

It will make it easier to pirate apps. No need to pay greedy developers for their time and effort.

I don’t care how Apple calls it. They effectively take away 30% of developers revenue. Plain and simple.

So a store should not be able to make a profit on what it sells, and cover its cost to stay in business.

Do you think 3rd party app stores will not charge a fee to host an app?

Developers will lower prices like they did(n't) when Apple lowered the cut to 15% for small developers?

The only developers who will be winners are those like EPIC and Spotify who can afford to run their own store as a sideline.

I suspect most developers will stick to the App Store simply because it offers access to a huge customer base for a low fee; Apple's 30% cut (15% for small developers) is far less than the 70% or more under older models, and developers save on all the upfront costs of packaging, distribution, etc. as well as time spent making tax filings, dealing with payment processing, etc.

Apple could very well add new fees for access to mobile devices by developers to make up for the revenue, hurting smaller ones in the process; or simply change the App Stores TOS to reject those on third party stores.

I do not want app vendors forcing me to use their individual App Store for their apps either & the increased risk of data harvesting, invasive ad frameworks & identity theft..

No doubt some will try to do that, I hope Apple makes it so that we can still prevent tracking, etc, even with side loaded apps.

I'd love to be able to side load Parallels for iPadOS and run windows on my M2 iPad Pro. At any rate, it will be interesting to see how this plays out. Apple has had plenty of time to figure out how to comply in ways that benefit them.

 

[jlc1978]

There is no security gained by forbidding users to install torrenting software, Bitcoin apps or tools to avoid violent police patrols during your peaceful demonstrations in Hong Kong.

I suspect iOS will not support sideloading in certain countries.

 

[bobthebuilderissus]

OR, just by the MacBook air?

ah yes, buy a 1,500 dollar laptop, becuase everyone has that kind of money 🙄

 

[makitango]

I suspect iOS will not support sideloading in certain countries.

No you're right, it won't. And it is sad for those demographics whose literal lives depend on it.

 

[makitango]

ah yes, buy a 1,500 dollar laptop, becuase everyone has that kind of money 🙄

I also can't believe such a point. Praising the company who claims to respect the planet and its finite resources.

 

[makitango]

It will make it easier to pirate apps. No need to pay greedy developers for their time and effort.



So a store should not be able to make a profit on what it sells, and cover its cost to stay in business.

Do you think 3rd party app stores will not charge a fee to host an app?

Developers will lower prices like they did(n't) when Apple lowered the cut to 15% for small developers?

The only developers who will be winners are those like EPIC and Spotify who can afford to run their own store as a sideline.

I suspect most developers will stick to the App Store simply because it offers access to a huge customer base for a low fee; Apple's 30% cut (15% for small developers) is far less than the 70% or more under older models, and developers save on all the upfront costs of packaging, distribution, etc. as well as time spent making tax filings, dealing with payment processing, etc.

Apple could very well add new fees for access to mobile devices by developers to make up for the revenue, hurting smaller ones in the process; or simply change the App Stores TOS to reject those on third party stores.



No doubt some will try to do that, I hope Apple makes it so that we can still prevent tracking, etc, even with side loaded apps.

I'd love to be able to side load Parallels for iPadOS and run windows on my M2 iPad Pro. At any rate, it will be interesting to see how this plays out. Apple has had plenty of time to figure out how to comply in ways that benefit them.

Of course Apple has a right to it. Just not outside of their App Store.

 

[bluespark]

I hope this doesn't make iOS far less secure. Even if one chooses not to sideload, perhaps there could be malicious ways to sideload remotely/discretely. I'd love to see some sort off toggle that requires password like FindMy to lock/prevent sideloading. The harder they make sideloading, the better in my opinion.

There are ways to get malicious software on anything, with or without sideloading. However, nothing stops Apple from creating a switch in Settings that will allow it to be turned completely off, so that the protections in place are exactly what they are now. And Apple is extremely good at creating security protections when people do choose to sideload -- the Mac is a great example. They've just never had to do that before on iOS because there were no options for developers who didn't want to participate in the App Store.

In the end, if you choose not to sideload -- as most people probably will -- the experience should be every bit as good as it is now. If you choose to sideload, you will increase your risk somewhat, but about like what is already the case on the Mac.

 

[bluespark]

Fantastic news, so if Apple want to be dicks by blocking apps I can now sideload them bypassing Apple's ridiculous walled garden.

Yes. And if a developer doesn't want to pay 30% to Apple, it isn't necessary shut out entirely. The app just has to be good enough that people will venture outside the App Store to get it.

 

[bobthebuilderissus]

Can anybody come up with any concrete example of side loading improving the user experience??

uh
people who use chromebooks and iphones together (EwW yOU Don'T UsE a MaCbOok EwWw) will benefit from play store being able to be sideloaded, meaning we will finally be able to download software onto our computers
people who like to play vintage games without having to have a vintage console
people who want to run another OS in a virtual box
idos might be able to come back from the dead ♥
people who use drawing software (such as ibis paint) that isn't supported by apple app store
people who want to switch from andriod to iphone and vice versa