iOS 17 to Support App Sideloading to Comply With European Regulations

[dk001]

Even so. Going by personal experience. Working with thousands of people for the past 23 years. Most have no idea how any of this stuff works beyond going to the AppStore to get whatever it is they need/want. Have zero care about a 3rd party store option or what Side-loading means (even on their PC's). Complete obliviousness to any of this. Most of them are on iPhones. I would say 80% of them (Would have to check our MDM portal, but easily that much). The folks that use Android like to mess with their phones, but really have no idea what they are doing. Most of them purchase it because of price though.

The few folks that actually know what they are doing, enjoy it, and would really benifit from having Apple and Google being even more open. Are the techs (Tech savvy), and like 1% of the non-tech general public. Again, from the people I've dealt with.

It is literally why I have a job. Because most people have no idea what any of this means. They don't understand what these new rules will do for them. They don't see the 30 or 15% cut that Apple gets to run the store and provide the services to developers. And if you told them, they would say well "What do real stores charge its vendors?". And then when you told them (its higher). They would say, well it seems like a good deal to me. What are they complaining about? Are those vendors going to save me 30% buying direct? Does it matter for a .99c app? Or even a $9.99 app? It doesn't matter for most apps, as they are FREE? And Data Centers are not free, even for those free apps being served up by them.

My rant.

Can’t agree.
Most Samsung users use the Galaxy Store in addition to the Play Store. I suspect the same with the OnePlus Store.
Most end there for an addition, frequently recommended by the OEM or app.

I do agree the Play Store is the first place most look.
Then again, side loading has never really been advertised from an OEM, app dev, or Google.

 

[AppliedMicro]

They don't see the 30 or 15% cut that Apple gets to run the store and provide the services to developers. And if you told them, they would say well "What do real stores charge its vendors?". And then when you told them (its higher). They would say, well it seems like a good deal to me. What are they complaining about? Are those vendors going to save me 30% buying direct? Does it matter for a .99c app? Or even a $9.99 app?

• Do real stores have market shares of 40% or more of the whole country?
• Do real stores prohibit their suppliers from direct sales?
• Do real stores force you to (and the manufacturer) buy each and every consumable or accessory through the store that you bought the base product from, charging their little tax each time?
• When you buy an oven, does that mean you have to also buy every frozen pizza or turkey from the same store?
• Furthermore, does your oven vendor pre-approve all of the food that you may cook in its ovens?

It all depends on how you spin the narrative.

I'll go on record and state that Apple has no desire to copy googles side-loading abilities. Even a little bit

They have already.
They are allowing it for enterprises.
There’s little or no functional difference to allow it for other developers too.

Or will they just demand Apple and Google block their stores from the EU altogether if alternatives don't take off?

My bet is on that one. If it proves to be little to no different than it is today. They will force Apple and Google to NOT have a store.

They won‘t. The legislation tacitly approves (by presumption) of operating system makers running their own app stores, selling their own apps - and also operating systems having pre-installed apps.

The EU won’t be happy until a phone boots with 0 apps installed and a user has to select any additional apps. All in the name of freedumb of course!

That scaremongering has no basis in reality.

 

[Ctrlos]

I'll go on record and state that Apple has no desire to copy googles side-loading abilities. Even a little bit. 100% sure you will get a firm "NO" from Tim Cook and everyone else at Apple if asked to copy this feature in any way shape or form.

It was sideloading that led to the creation of the app store to begin with, although more for profiteering and control than security. They literally just built an official version of Cydia.

You do realise that sideloading on Android is actually only permissable by the user on an app-by-app basis? If you know what you're doing (and people who sideload apk files generally do) you have a file manager app like ZArchiver with the permission on so that if your browser does inadvertantly download an apk you are aware of it cannot install itself in the background because Chrome etc don't have permission to.

Sideloading is pretty great, actually. With it I can do things like get a port of the Google camera app for my phone, install the Pixel Watch watchfaces on another wearOS device, play Fortnite or perhaps even an older game since dumped by the Play Store. Not smaller titles either, things like Jet Set Radio or Soulcalibur. You can also roll things back to older updates via legit sites like APK mirror to avoid something a dev put in you don't like.

Now you don't need to do this sort of thing an iOS because its only one OEM offering hardware but sideloading would allow the use of gaming emulators, Epic to offer their titles again, an official Gamepass streaming app and for other gaming sub platforms like Netflix to offer things via their own app. You could also roll back Halide to the version you paid good money for instead of the sub-ridden mess it has become now.

Its about protecting the user from absolute corporate control by giving them choice, not opening them up to attacks. In the decade+ I've been sideloading apps on iOS and Android not once have I ever contracted any malware or security issue.

 

[enterthemerdaverse]

It was sideloading that led to the creation of the app store to begin with, although more for profiteering and control than security. They literally just built an official version of Cydia.

You do realise that sideloading on Android is actually only permissable by the user on an app-by-app basis? If you know what you're doing (and people who sideload apk files generally do) you have a file manager app like ZArchiver with the permission on so that if your browser does inadvertantly download an apk you are aware of it cannot install itself in the background because Chrome etc don't have permission to.

Sideloading is pretty great, actually. With it I can do things like get a port of the Google camera app for my phone, install the Pixel Watch watchfaces on another wearOS device, play Fortnite or perhaps even an older game since dumped by the Play Store. Not smaller titles either, things like Jet Set Radio or Soulcalibur. You can also roll things back to older updates via legit sites like APK mirror to avoid something a dev put in you don't like.

Now you don't need to do this sort of thing an iOS because its only one OEM offering hardware but sideloading would allow the use of gaming emulators, Epic to offer their titles again, an official Gamepass streaming app and for other gaming sub platforms like Netflix to offer things via their own app. You could also roll back Halide to the version you paid good money for instead of the sub-ridden mess it has become now.

Its about protecting the user from absolute corporate control by giving them choice, not opening them up to attacks. In the decade+ I've been sideloading apps on iOS and Android not once have I ever contracted any malware or security issue.

Cydia and others just ended up with lots of piracy anyway. Way back in those days a friend showed me his jail broken phone and it was full of pirated apps. How does that help developers? Even Adobe CC is being cracked, patched and riddled with malware on desktop.

 

[makitango]

It's also allowed apps that have greater access to drives, for example. Like the excellent DaisyDisk.

Very good example. There is an App Store version and a manual version, which can show you more detailed which files can hoard gigabytes of data in grey area system folders, which the App Store version can‘t. That one will just say that the system folder is x GB big but not why.

 

[makitango]

And why should you get what you want? You want government regulation to get what you want? What gives you the right to demand anything from Apple? You prefer Apple’s products but you want them on your terms, not Apple’s? How does this work in a free market economy? Have you not witnessed what happens when government manages an economy?

If your working contract says that when you make a mistake, they are allowed to cut off one of your fingers, then this is legal - just not in the country where you live.
If some people don‘t want devs or customers to reach any platform, then that is your problem. But these people have rights and Apple has to respect those, no matter if said people are end users, developers or publishers.

If you want to keep on using your training wheels for all eternity, you can continue with that. But the rest of us has the choice to stop doing that.

 

[makitango]

So today, Apple doesn't have to allow side-loading. And therefor they are no side-loaded malware for Apple to block. Once they are forced to allow side-loading. It will be Apple's fault if any side-loaded apps are actually malware, and run. Because they should have prevented it from running in the first place?

It is easier to stop malware from running on an iPhone when you're in control of what can be put on the iPhone no?

Except for Apple's iOS/iPadOS/WatchOS devices (yet). And, again. If anyone wants a device they can side load to, pick up any of those "other" devices and have at it. Why should I as a customer that has paid for many Apple devices over the years, get to lose my choice for a locked down device?

And for those that say, "Well, you don't have to side-load". Don't get it either. Since there are other ways to provide someone a way to accidentally obtain said files outside the AppStore. SMS link, Email Link/attachments, malicious website, etc. This affects everyone. And for the minority of those out there that want this ability, and even fewer minority of those that actually know what they are doing. For the VAST majority of us that simply want a device exactly the way it is. Makes no sense to me.

Additionally, I don't think anyone really wants some kind of AV software running in the background forever on their mobile device.

That scanner is already running. The process name is simply not Anti Virus Scanner.exe.

Also, sideloading is already allowed, using a developer certificate. There is also TestFlight.

Also, if someone sends you an .ipa, you a) have to have sideloading enabled (since Apple has an economical interest that you don‘t, they are making damn sure they tried everything to convince you against enabling it) and b) you have to go through OS-level prompts to install it. Nothing like that will be accidentally happening and you can far easier be scammed with SMS or email instructions to do funny stuff.

 

[makitango]

As I read through this thread, and many others on the same or corresponding topics, I keep seeing some form of this statement: So you want to change the way my phone works just so you can get something you want? or You want to turn iOS into Android!

iOS and iPadOS have so many features and settings that we elect to turn ON, turn OFF, or just leave the default setting alone. Many we never look at or use. This would be just another one of many many such settings.

If you are concerned over this function, leave is OFF. I would expect Apple to have controls in place that if it is OFF, you as a user are not impacted.

Kind of also implies turning macOS into Android by allowing sideloading. Way to reduce something to just what annoys them.

 

[dk001]

Are we turning macOS into Android by allowing sideloading? Way to reduce something to just what annoys you. Hope you don‘t do that with people, too.

Not understanding fully your post.

 

[djphat2000]

It was sideloading that led to the creation of the app store to begin with, although more for profiteering and control than security. They literally just built an official version of Cydia.

I would argue that isn't the way Apple sees it. They would see it as someone else tried (successfully) to circumvent their devices/software controls to allow you to install software they did not authorize or originally intended to be on the device. They would view it as a security concern (not just about making profit off you). That if Cydia can work around the protections on the device. That means "others" way more motivated and even better funded can do worse.
They didn't build the device for Cydia to do with as they please. They built the device they wanted to build and sell to people. Future versions of which don't have to be so easily hacked around.

You do realise that sideloading on Android is actually only permissable by the user on an app-by-app basis? If you know what you're doing (and people who sideload apk files generally do) you have a file manager app like ZArchiver with the permission on so that if your browser does inadvertantly download an apk you are aware of it cannot install itself in the background because Chrome etc don't have permission to.

It will not be for long. New rules will require them to make this easier.
I'm not bashing the ability to do any side-loading on Android. I'm fine if you're fine with it on that platform. But the rules will make it WAY easier to perform these functions. Because the current restrictions can be interpreted as preventing the ability to install. In plan language the EU wants it to be as easy as it is on a PC/Mac to install software. Sure you may have a warning or two. But, you're not going to have to go to settings and allow this or that. It could be viewed as too much of a burden. And when many simply don't use this feature (as is currently the case). They will just tell Apple and Google to remove their respective stores from their devices. And your only want to get stuff is 3rd party (as it is on PC/Mac).

Sideloading is pretty great, actually. With it I can do things like get a port of the Google camera app for my phone, install the Pixel Watch watchfaces on another wearOS device, play Fortnite or perhaps even an older game since dumped by the Play Store. Not smaller titles either, things like Jet Set Radio or Soulcalibur. You can also roll things back to older updates via legit sites like APK mirror to avoid something a dev put in you don't like.

This is fine. Hence why I insist on repeating, just get an Android device. Do whatever you want there. And if the demand is so great for such a thing. Android will rule the world on the mobile space. Apple will eventually fail because not many people would purchase it, since it lacks this key feature.

Now you don't need to do this sort of thing an iOS because its only one OEM offering hardware but sideloading would allow the use of gaming emulators, Epic to offer their titles again, an official Gamepass streaming app and for other gaming sub platforms like Netflix to offer things via their own app. You could also roll back Halide to the version you paid good money for instead of the sub-ridden mess it has become now.

Emulators are not exactly legal space here. I'm sure Nintendo, Sega, Sony, Microsoft, etc. Would all prefer you not do this. It is their copyright/trademark/patents/etc. they would be protecting.

Its about protecting the user from absolute corporate control by giving them choice, not opening them up to attacks.

They are not trying to open them up to attacks. That isn't the intent. It is just an unintended consequence of their laws. And you're not giving me a choice. You're removing the choice I had to pick Apple over Android. I want a locked down gatekeeper device. I don' have that choice anymore with the way these laws are written. I'm willingly paying MORE for it. Let me! Sure, I can ignore the need to install anything from anywhere else other than Apple. However, 1 that may not last as the apps may not be available on the store post this law. 2, the ability to install without my consent just went up 100%. Since the feature is now universal on devices (at least in the EU for now, but later everywhere else). I now have to be way more mindful of what is happening on my device. And while I certainly can be that mindful. Others, not so much.

In the decade+ I've been sideloading apps on iOS and Android not once have I ever contracted any malware or security issue.

And I have never encountered any of it either, without ever side-loading.
I'm happy you know what you doing with your device and haven't had any issues doing whatever you wish with them.

Just don't take my right to pick what I want away.

 

[makitango]

Please sideload my AI app.

It transforms your photos into He-man so you can impress ladies on Tender Buns (the other app I want you to sideload).

I won’t tell you that it was banned from the App Store for stealing all your children’s data and selling it on the dark web.

Just trust me it is totally safe and we spend ad dollars on Reddit to make fools download it.

Good luck getting back your developer account then, and reaching out to me, and instructing me to turn on sideloading and then accept all the OS level prompts to allow this app access to whatever it wants access to.

You are asking for sunscreen six feet under.

 

[makitango]

Not understanding fully your post.

Shame on me, I only saw the paragraph that was intended as a quote, which was not by you. Reading this thread on my phone while in a car (not driving, lol).

In this case I was arguing against the logic that you were already arguing against.
Sorry.

 

[SactoGuy18]

I still say the best solution is to allow multiple app stores in the App Store app, all operating under the same security criteria. That way, you avoid the potential mess of sideloading.

 

[djphat2000]

• Do real stores have market shares of 40% or more of the whole country?
• Do real stores prohibit their suppliers from direct sales?
• Do real stores force you to (and the manufacturer) buy each and every consumable or accessory through the store that you bought the base product from, charging their little tax each time?
• When you buy an oven, does that mean you have to also buy every frozen pizza or turkey from the same store?
• Furthermore, does your oven vendor pre-approve all of the food that you may cook in its ovens?

It all depends on how you spin the narrative.

I would argue Microsoft and Sony have more than that marketshare. Sure, you could go to the store and pickup a physical disk (for now). But that mark up is even higher (on the store, it may not translate to the consumer). And games purchased via direct download are not always cheaper that physical media. Microsoft and Sony both also have exclusive titles you can only get from them, and are not cross platform.

No one is forcing you to do anything (purchase wise). You can choose to not purchase an Apple product or deal with it at all. And you can purchase an Android product and do everything you wish with it. It also has the lion share of the market outside of the US.

Ovens are different from Phones.

Open and close systems have existed for ever. I have chosen to pick the closed one. Why is that of any issue to anyone else? When you have an open option to pick from?

They have already.
They are allowing it for enterprises.
There’s little or no functional difference to allow it for other developers too.

Enterprises provide the apps and the expertise to deploy and maintain it for their company. They maybe people by law (in the US) but not in function outside of the enterprise. I could deploy at my enterprise, software that functions just like malware. Should I be able to do that outside to anyone else's device? Plus, from my understanding of this new law. It would include access to all functions of the device. Not just allowing an app to work. But, having access to all of the device same as Apple. This is just the kind of thing I want Facebook to have access to.

They won‘t. The legislation tacitly approves (by presumption) of operating system makers running their own app stores, selling their own apps - and also operating systems having pre-installed apps.

For now.

That scaremongering has no basis in reality.

I'm not scared. I'm upset. My choice is being taken away from me.

 

[jlc1978]

Decent article but a few years out of date. This was before the changes at both Apple and Google.

For the cost impact, do you have anything that backs this up? Only things I found on this are a bit old.

Yea, I was looking for some links awhile ago that compared teh 2 systems, but couldn't find a lot of recent ones that went beyond teh surface. I've read some in the past, and the biggest takeaway was piracy in Android was one driver of the free, but with subscription to get features, model was one way to make money.

 

[jlc1978]

yes, the 14 is different by having no sim slot, but thats so apple can suck even more money out of the u.s by pairing up with version and at&t so they can charge you 500 dollars per month for Esim that you'll never get off your phone
and no duh they have different frequencies

Many carriers support eSIM, and tehy can be removed. In the US, almost all carriers support eSIM, and unlike a physical sim someone can't steal it and put it in another phone.

Yeah, we have enough of those in the App Store. Play Store too.
Now an actual pirated version of ... Acrobat Pro is something else. not seeing that being driver for side loading.

In teh heyday of jailbreaking pirated apps were widely available. One map maker used some tools to discover a significant percentage of people using their software had pirated it.

Cydia and others just ended up with lots of piracy anyway. Way back in those days a friend showed me his jail broken phone and it was full of pirated apps. How does that help developers? Even Adobe CC is being cracked, patched and riddled with malware on desktop.

Which is why I think sideloading ultimately will hurt developers trying to sell software outright and drive more to subscription models.

Because the current restrictions can be interpreted as preventing the ability to install. In plan language the EU wants it to be as easy as it is on a PC/Mac to install software. Sure you may have a warning or two. But, you're not going to have to go to settings and allow this or that. It could be viewed as too much of a burden

On the Mac you have to go to settings for unknown developers or change you preference in settings. I suspect iOS will have a similar setting.

 

[AppliedMicro]

Sure, I can ignore the need to install anything from anywhere else other than Apple. However, 1 that may not last as the apps may not be available on the store post this law

Well, you want the apps anyway, don‘t you?
So you trust them and their developers anyway, don‘t you?

The possibility to install third-party apps doesn’t mean that you have to install third-party apps from other vendors or sources. You will have a choice.

2, the ability to install without my consent just went up 100%

Apple can take reasonable measures to prevent you from installing from unwanted sources. And they will. In fact, they are already doing it today, by prompting you whether to trust an app developer when sideloading.

Ovens are different from Phones.

How so?

Surely ovens can be very dangerous to your children and your health, if you put the wrong things into them. Let alone the health risks from unhealthy foods you may cook in them.

I could deploy at my enterprise, software that functions just like malware. Should I be able to do that outside to anyone else's device?

You are able to do so today: to deploy outside your enterprise. And shady alternative app stores are doing it with developer certificates. It‘s only Apple contractually prohibiting honest developers from doing so.

They‘re offering it to enterprises cause it makes them (Apple) money
They‘re withholding it from consumer-oriented developers and apps cause it makes them (Apple) money.

Apple deliberately chose to make a trade-off and weaken security in their iOS ecosystem by dishing out these enterprise certificates.
Well, so did the European Union - they tipping the balance in favour of consumers and third-party developers that cater to them.

For now.

There’s no grounds or indication to assume that will change.
They didn’t prohibit Microsoft from bundling Internet Explorer with Windows either.

 

[makitango]

I'm not scared. I'm upset. My choice is being taken away from me.

Upset about getting a choice of where to downlod apps? About getting a choise as to whether Apple likes the dev or not affects your ability to download an app?

Let‘s abolish democracy as well because some parties have toxic attitudes. Or good ones. Maybe one person should get to decide what is good for the people, as in the interest of the realm.

 

[LeahJoFoxtrot]

Who do you talk to when a sideloaded app busts CarPlay?

They don't "completely un-bug" the software in the App Store. All software has bugs in it, its impossible to eliminate them all. I'm sure there have been CarPlay supported apps that have "busted CarPlay" just like there are buggy apps in iOS in general. Their app screening process generally is to make sure the app doesn't do anything illegal, against their policy, or accesses any API or part of the operating system that they do not allow.

 

[Shirasaki]

Upset about getting a choice of where to downlod apps? About getting a choise as to whether Apple likes the dev or not affects your ability to download an app?

Let‘s abolish democracy as well because some parties have toxic attitudes. Or good ones. Maybe one person should get to decide what is good for the people, as in the interest of the realm.

Yeah, just like certain countries. I’m sure those folks will enjoy living there.

 

[jlc1978]

I'm sure there have been CarPlay supported apps that have "busted CarPlay" just like there are buggy apps in iOS in general.

No doubt but that was not my point. Depending on how side loading is implemented developers could use undocumented APIs and other ways to make apps work with CarPlay that potentially break the system. Apple will probably get the bulk of tech support calls and have to say “Delete the app” upsetting users. Given CarPlay’s increasing efforts at integration with core automotive processes this could become a safety issue.

 

[dk001]

It amazes my how we do not know what Apple’s solution will be and so many are going the “Doom & Gloom” route.
It amazes me that pretty much all other OS’s “side load” and don’t have OS, user, or device ending issues.

It’s a great idea to call out possible issues and possible benefits. 👍
It shows a lack of thought to immediately dive into the worst cases as if they are fact. 🤔

Update: spelling

 

[djphat2000]

Upset about getting a choice of where to downlod apps? About getting a choise as to whether Apple likes the dev or not affects your ability to download an app?

Your version of getting a choice is more inline with what exists with Android already. My "choice" in this matter is that I can no longer choose to NOT pick Android. I want (and choose) what Apple already has. 1 store, one way in, and all the apps I need right where I need it. I don't want side-loading on my device. I don't need it, not asking for it. Not looking for it. Nada. If I wanted any of that. I can choose Android. It's right there. Like an ice cream store there are many flavors to pick from.

Let‘s abolish democracy as well because some parties have toxic attitudes. Or good ones. Maybe one person should get to decide what is good for the people, as in the interest of the realm.

Lets not. And if we can agree to not abolish democracy. We can then agree to have 2 (at least) completely different options. Option one, a closed device with limited means to install applications. 1 gatekeeper store, no real means of side loading (not supported or encouraged). Option two, an open device with many means to install applications. 1 gatekeeper store but the ability to add 3rd party stores if you wish.

You get to decide which you want. You can even pick neither. Or both.

 

[dk001]

Your version of getting a choice is more inline with what exists with Android already. My "choice" in this matter is that I can no longer choose to NOT pick Android. I want (and choose) what Apple already has. 1 store, one way in, and all the apps I need right where I need it. I don't want side-loading on my device. I don't need it, not asking for it. Not looking for it. Nada. If I wanted any of that. I can choose Android. It's right there. Like an ice cream store there are many flavors to pick from.

Lets not. And if we can agree to not abolish democracy. We can then agree to have 2 (at least) completely different options. Option one, a closed device with limited means to install applications. 1 gatekeeper store, no real means of side loading (not supported or encouraged). Option two, an open device with many means to install applications. 1 gatekeeper store but the ability to add 3rd party stores if you wish.

You get to decide which you want. You can even pick neither. Or both.

This isn’t about you, me, @strongy, @iOS Geek, @makitango, or anybody else or what we want.
This is about what the Governments want and how Apple delivers.

Like it or not, your only choice it to accept, use or not, or buy something else.
It’s being dictated to use as a solution.

 

[deevey]

Pirating? Maybe back in the early days. I really don't see that being much of an issue. Unless you have something show different? I see more ripoff, aka "pirating" in the App Store than I find in Android sideloading unless I specifically look for it. Wouldn't trust either.

Like you I am "IT" for a few and also part of my day job - more in testing and bug fixing than users. unless Apple comes up with something totally different, I don't see their end product, after growing pains, being any different than Android.

Maybe you haven't been to the other side of the world where I can pay a guy around $5 to install hundreds of paid Android apps on a device (and have my photos and data stolen while he's at it).

Right now, iDevices have been pretty much immune to piracy. Hopefully they'll figure out a way of locking out unauthorized/cracked/pirated software.