Craig Federighi ; side loading is a cybercriminal’s best friend

[Arika]

20 minutes ago, saltycaramel said:

maybe my iMessages will be intercepted on the receiving end by an infected iPhone, who knows.

I'm confused. do you think the engineers at Apple are the most security minded people, or morons?

 

iOS has sandboxing, no other app can read iMessages (or any other app for that matter), incoming or outgoing, that's the point. If they can't enforce a sandbox on unverified apps, then they clearly have no idea what they are doing

 

Quote

Sandboxing

All third-party apps are “sandboxed”, so they are restricted from accessing files stored by other apps or from making changes to the device. Sandboxing is designed to prevent apps from gathering or modifying information stored by other apps. Each app has a unique home directory for its files, which is randomly assigned when the app is installed. If a third-party app needs to access information other than its own, it does so only by using services explicitly provided by iOS and iPadOS.

System files and resources are also shielded from the users’ apps. Most iOS and iPadOS system files and resources run as the non-privileged user “mobile”, as do all third-party apps. The entire operating system partition is mounted as read only. Unnecessary tools, such as remote login services, aren’t included in the system software and APIs don’t allow apps to escalate their own privileges to modify other apps or iOS and iPadOS.

https://support.apple.com/en-au/guide/security/sec15bfe098e/web

 

 

 

11 minutes ago, saltycaramel said:

 

Pretty sure Terms&Conditions you accepted read otherwise..

pretty sure you'll find that most EULAs and ToSs don't stand up in court if they are challenged, they are not the law.

Feel free to read this incredible write up from our very own @Delicieuxz

 

 

[TetraSky]

Of course an Apple engineer would say that while completely ignoring all the benefits sideloading offer.

While less true on Apple devices since they do have somewhat long support for them, on Android, you get 2 OS releases, if that. Sideloading allows a device's longevity to be extended with third party firmware.

 

Yes it could be a security "threat", but not like everyone will enable that feature in the first place and if they make it so it needs to be linked to an Apple computer to even work(meaning can't download something on the iphone and just install it like that), that would further decrease the potential risks. They could also just do what Microsoft did with Xbox and make people pay to unlock that feature, to reduce the potential number of people even doing it. This would give them a database of people who enabled the feature and they can "track" their usage.

[sir_A4D_]

6 hours ago, Chris Pratt said:

It's BS. Apple just doesn't want people to be able to bypass their store, where they make obscene revenue. Apple already "solved" this in Mac, where installs from outside the Mac App Store are blocked out of the box, but you can disable it from it settings. Noobs that don't know better will leave it alone, while power users could then sideload if they want. It's trivial, costs nothing, and there's no reason not to enable it other than pure greed.

just what I wanted to say. 
 

If “sideloading”( calling it side loading makes it seem like an illegal operation, enhancing apple’s argument,we should just call it installing third party apps or something) would make the iPhone a extensively unsecure device  , then by Apple’s  standards ,

Mac OS is an unsecure platform. 

[Bombastinator]

5 minutes ago, Sauron said:

Please explain to me how the ability to sideload is a security risk even if you don't sideload anything. I'm very interested in your perspective on how this is comparable to speeding a red light.

You can phish someone to give you anything you want, no need to sideload anything. Again, the core issue there is the internet and I don't see Apple advocating for that to be blocked for security reasons.

Explain? I can do that I think.  Running a red light isn’t always dangerous depends on the traffic in the street. Side loading is only even potentially damaging if one is side loading stuff that has malware on it.  A red light would be telling someone that they shouldn’t do that without actually preventing it from happening. It’s an imperfect analogy. Phishing isn’t the most dangerous example of what a piece of malwared software could do.  Merely an example

[Bombastinator]

2 hours ago, jagdtigger said:

Just edged it out a bit to highlight how stupid the statement is .

Edging is not totally changing.  

[Bombastinator]

8 minutes ago, sir_A4D_ said:

just what I wanted to say. 
 

If “sideloading”( calling it side loading makes it seem like an illegal operation, enhancing apple’s argument,we should just call it installing third party apps or something) would make the iPhone a extensively unsecure device  , then by Apple’s  standards ,

Mac OS is an unsecure platform. 

There is secure and insecure versus more secure and less secure. The process makes for less insecurity based on the quality of the vetting, but it’s presence alone does not make the device secure.  Lack of the process makes things potentially less secure though. One could also call it “installing apps circumventing apple’s vetting process”   The claim apple makes I think is that lack of side loading makes apple’s vetting process uncircumventable.  The process has not been perfect though.  

[Bombastinator]

36 minutes ago, TetraSky said:

Of course an Apple engineer would say that while completely ignoring all the benefits sideloading offer.

While less true on Apple devices since they do have somewhat long support for them, on Android, you get 2 OS releases, if that. Sideloading allows a device's longevity to be extended with third party firmware.

 

Yes it could be a security "threat", but not like everyone will enable that feature in the first place and if they make it so it needs to be linked to an Apple computer to even work(meaning can't download something on the iphone and just install it like that), that would further decrease the potential risks. They could also just do what Microsoft did with Xbox and make people pay to unlock that feature, to reduce the potential number of people even doing it. This would give them a database of people who enabled the feature and they can "track" their usage.

Ok. So let’s add some conservative theoretical numbers:

say 1% of owners side load anything, and 1% of those that do load something with malware on it, and 1% of those people that sideload something with malware on it sideload some malware sideload something with viral properties that doesn’t affect the victim so much as affects anyone he comes in wifi range of. That’s One in a million. How many people bought iPhones in a given city? Given Nation? Even numbers like that make a potential problem.  Malware with viral capacity has already caused at least one international incident.  Between the US and Russia involving the US power grid.

[Sauron]

30 minutes ago, Bombastinator said:

Explain? I can do that I think.  Running a red light isn’t always dangerous depends on the traffic in the street. Side loading is only even potentially damaging if one is side loading stuff that has malware on it.  A red light would be telling someone that they shouldn’t do that without actually preventing it from happening. It’s an imperfect analogy. Phishing isn’t the most dangerous example of what a piece of malwared software could do.  Merely an example

You still haven't explained what the risk here is for people who don't want to sideload. If you don't sideload anything then you have no problem.

[saltycaramel]

36 minutes ago, Sauron said:

Please explain to me how the ability to sideload is a security risk even if you don't sideload anything. I'm very interested in your perspective on how this is comparable to speeding a red light.

 

The example was not apples to apples but just an example of something that is self-evident. The last 2 years some people have been asking proof that using face masks and keeping people distanced or at home slows down the transmission of an airborne virus (like this was the first airborne virus we’ve ever encountered), I could have gone for those examples too. 

 

There’s not much to prove about the fact that the very existence of the option to sideload unvetted code is a security risk. Or, to the very least, a security downgrade. We can debate if it’s worth it or not. 

 

 

[Bombastinator]

11 minutes ago, Sauron said:

You still haven't explained what the risk here is for people who don't want to sideload. If you don't sideload anything then you have no problem.

I thought that was clear.  Zero.  Unless that person is affected by the behavior of someone who did. See the reply above to @TetraSky for a description of the potential problem.  It’s not that different from the COVID issue. Chances of infection are not that high, and chances of death from infection if one is infected depending on age are not that high.  There are a lot of people though.  As a result there were still a lot of deaths.  How big each number is radically changes the danger levels and how big each number is is not known.  R is still probably less than 1, but unlike COVID the original malware source constantly drops more malware. 

Edited November 4, 2021 by Bombastinator

[saltycaramel]

1 minute ago, Sauron said:

You still haven't explained what the risk here is for people who don't want to sideload. If you don't sideload anything then you have no problem.

I care about the issue of security as a whole, as a society. 

Security is as weak as the weakest link. 

The option to open a passenger window on a plane isn’t exactly reassuring even if “if you don’t open it, nothing bad will happen”.

[Arika]

2 minutes ago, Bombastinator said:

say 1% of owners side load anything, and 1% of those that do load something with malware on it, and 1% of those people that sideload something with malware on it sideload some malware sideload something with viral properties that doesn’t affect the victim so much as affects anyone he comes in wifi range of. That’s One in a million. How many people bought iPhones in a given city? Given Nation? Even numbers like that make a potential problem. 

ah yes, because that has happened with Android..an OS with a much larger market share:

 

 

 

[WolframaticAlpha]

Tell that it is a risk to sideload apps, but allow them.

 

Also, nice to know what apple thinks of all FOSS Dev's, who release their apps on fdroid/s

 

[sir_A4D_]

16 minutes ago, Bombastinator said:

30 minutes ago, sir_A4D_ said:

 

There is secure and insecure versus more secure and less secure. The process makes for less insecurity based on the quality of the vetting, but it’s presence alone does not make the device secure.  Lack of the process makes things potentially less secure though. One could also call it “installing apps circumventing apple’s vetting process”   The claim apple makes I think is that lack of side loading makes apple’s vetting process uncircumventable.  The process has not been perfect though.  

Indeed the process isn’t perfect , which means at any given time , the platform is “potentially ” less secure anyway. 
does “side loading ” make iOS “potentially “less secure ? yep .

does “ sideloading “ make macOS “potentially” less secure? yep . 

Does this potential outweigh the benefits of the ability  to install third party apps from outside the AppStore? No , and that’s why apple has allowed the feature on macOS,  and they certainly don’t want to allow it on iOS just coz they stand to lose lots of revenue if that happens.  That simple . 
 

[Sauron]

15 minutes ago, saltycaramel said:

The example was not apples to apples but just an example of something that is self-evident. The last 2 years some people have been asking proof that using face masks and keeping people distanced or at home slows down the transmission of an airborne virus (like this was the first airborne virus we’ve ever encountered), I could have gone for those examples too. 

 

There’s not much to prove about the fact that the very existence of the option to sideload unvetted code is a security risk. Or, to the very least, a security downgrade. We can debate if it’s worth it or not. 

4 minutes ago, sir_A4D_ said:

Indeed the process isn’t perfect , which means at any given time , the platform is “potentially ” less secure anyway. 
does “side loading ” make iOS “potentially “less secure ? yep .

does “ sideloading “ make macOS “potentially” less secure? yep . 

Does this potential outweigh the benefits of the ability  to install third party apps from outside the AppStore? No , and that’s why apple has allowed the feature on macOS,  and they certainly don’t want to allow it on iOS just coz they stand to lose lots of revenue if that happens.  That simple . 

This has absolutely nothing to do, nor is it comparable, with the health risks posed by the covid pandemic. And hey, just so you know, we DO have extensive proof of the benefits masks can provide. On the other hand you haven't shown a single data point backing your opinion. Every argument you're making here applies 100 times more to just accessing the internet.

[Bombastinator]

9 minutes ago, Arika S said:

ah yes, because that has happened with Android..an OS with a much larger market share:

 

 

 

I said “potential”.  The numbers are by definition wrong.  The problem with the world statistic is they vary a lot by country.  There are several countries where the installed base is well under 1%, which makes the installed base in other countries much higher.  India would be in much less danger from an iPhone side-loading thing than the United States for example. Also the issue is not apples to apples.   I don’t know if iPhones are more or less likely to  have issues from such things.  Mostly it just says that more data is likely needed.

[Bombastinator]

4 minutes ago, Sauron said:

This has absolutely nothing to do, nor is it comparable, with the health risks posed by the covid pandemic. And hey, just so you know, we DO have extensive proof of the benefits masks can provide. On the other hand you haven't shown a single data point backing your opinion. Every argument you're making here applies 100 times more to just accessing the internet.

More of a disclaimer than a negation.  A computer virus is not an organic virus. “Health” is the keyword there. Only spreading behavior might have any similarity. 

[Sauron]

9 minutes ago, Bombastinator said:

More of a disclaimer than a negation.  A computer virus is not an organic virus. “Health” is the keyword there. Only spreading behavior might have any similarity. 

"Might" is not the same as "does", plus you still haven't described how exactly having this optional feature that requires physical access to a device increases the spread of any computer virus.

[sir_A4D_]

15 minutes ago, Sauron said:

This has absolutely nothing to do, nor is it comparable, with the health risks posed by the covid pandemic. And hey, just so you know, we DO have extensive proof of the benefits masks can provide. On the other hand you haven't shown a single data point backing your opinion. Every argument you're making here applies 100 times more to just accessing the internet.

U sure u quoted the right person pal ? . Anyways comparing side loading and wearing a mask is surely not a fitting comparison considering that there’s a variety of platforms like android and apples own macOS that have the sideloading feature to choose from .  

[saltycaramel]

16 minutes ago, Sauron said:

And hey, just so you know, we DO have extensive proof of the benefits masks can provide.

We didn’t at the very beginning. Yet it was sensible to assume it. 
 

Plus, not sure why people keep taking my examples at face value after I explained they’re not apples to apples but just a way to say that sometimes a risk is self-evident, you don’t need to “let’s wait and see what happens”. 

 

There are decades of history of computers that make that assumption sensible…luckily when personal computers moved to the “next chapter” (smartphones, the first and only PC of many earthlings) in the 00s, they were locked down and dumbed down enough to be safer..now people expect me to forget what happens when users can install arbitrary code…with the added risk factor that nowadays users are a lot more diverse and with different levels of tech savyness..

[Sauron]

23 minutes ago, sir_A4D_ said:

U sure u quoted the right person pal ?

sorry, must have misclicked

19 minutes ago, saltycaramel said:

Plus, not sure why people keep taking my examples at face value after I explained they’re not apples to apples but just a way to say that sometimes a risk is self-evident, you don’t need to “let’s wait and see what happens”. 

I don't care about "sometimes", I asked you a question about this specific case and you've thus far been unable to answer.

21 minutes ago, saltycaramel said:

There are decades of history of computers that make that assumption sensible…luckily when personal computers moved to the “next chapter” (smartphones, the first and only PC of many earthlings) in the 00s, they were locked down and dumbed down enough to be safer..now people expect me to forget what happens when users can install arbitrary code…with the added risk factor that nowadays users are a lot more diverse and with different levels of tech savyness..

Why do you keep glossing over the fact that the competing platform allows this and always has?

 

Not to mention that it has been conclusively shown that only installing apps from the App Store does not protect you from malicious apps anyway...

[sir_A4D_]

9 minutes ago, saltycaramel said:

 

There are decades of history of computers that make that assumption sensible…luckily when personal computers moved to the “next chapter” (smartphones, the first and only PC of many earthlings) in the 00s, they were locked down and dumbed down enough to be safer..now people expect me to forget what happens when users can install arbitrary code…with the added risk factor that nowadays users are a lot more diverse and with different levels of tech savyness..

Dumping doesn’t  always benefit the end user and in many cases works against them .  A good example would be the inability to to play fortnite on iOS right now simply because these of the spat between apple and epic , the end user simply had no role in the spat and yet is now affect by it because of the walled garden. 

And yet kicking out fortnite out of the AppStore had nothing to do with the end user’s security.  

the end user is now forced to access the app from a different non apple device.
And if ur iPhone is the only device u own  then U are pretty much screwed. 
 

again we shouldn’t overlook the fact that apple is ALREADY implementing side loading on macOS so there’s nothing alarming about it . macOS devices sufficient serve both the average and power user who can choose whether to side load an app or install it from the AppStore . 

[saltycaramel]

On 11/4/2021 at 3:54 PM, Sauron said:

Why do you keep glossing over the fact that the competing platform allows this and always has?

 

Not to mention that it has been conclusively shown that only installing apps from the App Store does not protect you from malicious apps anyway...

 

1) what’s the malware situation of that other platform compared to iOS? have we got any data about it to compare the 2? I’m not up to date so I won’t jump to conclusions, but..

 

2) Not the “sometimes vaccines don’t work”

argument please..

 

On 11/4/2021 at 3:58 PM, sir_A4D_ said:

again we shouldn’t overlook the fact that apple is ALREADY implementing side loading on macOS so there’s nothing alarming about it . macOS devices sufficient serve both the average and power user who can choose whether to side load an app or install it from the AppStore . 

I see Macs/Linux/Windows PCs being much more flexible tools as exactly what allows smartphones/wearables to be a safer and more on-rail experience you can give to your grandma or kids safely.

 

Kinda like offroad trucks exist so you don’t need to make EVERY vehicle offroad-capable. 

 

Plus funnily enough Apple admitted in court that Macs are less safe than iOS devices, and while that was a self-serving statement in that trial (Epic v Apple) I wouldn’t be surprised if there’s data backing that up.

 

Mac users: roughly 100M

iOS users: roughly 1B

 

It’s scary to think about how diverse and from all paths of life the iOS user base is. What applies to the Mac platform doesn’t necessarily work for iOS. 

[saltycaramel]

Google: you still owe us an 11% cut even when using an external payment system in South Korea

 

https://9to5google.com/2021/11/04/google-play-store-korea/

 

Expecting Apple to do something similar to comply with South Korean law.

[Sauron]

1 hour ago, saltycaramel said:

1) what’s the malware situation of that other platform compared to iOS?

You tell me, you're the one making statements without backing them up. More importantly, if you want to blame sideloading you'll have to provide some data showing it's a vector for a significant amount of malware that affect people who did not willingly sideload anything.

1 hour ago, saltycaramel said:

I’m not up to date so I won’t jump to conclusions, but..

Then don't make claims you can't back up. It's that simple.

1 hour ago, saltycaramel said:

2) Not the “sometimes vaccines don’t work”

argument please..

Oh my God, stop comparing wildly different things when you clearly understand neither. There is absolutely no parallel here. Adding the possibility of sideloading does not force anyone to use it, nor does it increase any type of risk for people who don't use it.