Tim Cook rails against """bad privacy regulation & sideloading""" in keynote speech

[Biohazard777]

2 hours ago, RejZoR said:

So, would you now also show us GooglePlay statistics? You can't just throw one side and say "gotcha". We're talking who does better after all, not who had an incident that everyone made the most drama around.

My reply was to: "Really? It's been working pretty damn great for all these years" (you commenting iOS security).
Sorry man, but 128 million affected devices by one exploit is not doing a pretty damn great job. Especially when you keep it a secret from your users...

As to "who does better after all", I said that both Google and MS aren't doing a great job. They are also known for big fk ups like the Apple one I pointed out, and they are both known for not notifying their users when those fk ups occur.
IMO they all failed (when it comes to protecting their users). We can make poll though, which one failed the worst, if you'd like? 

Also this thread is about "Tim Cook rails against bad privacy regulation & sideloading in keynote speech",

Quote

His keynote started by calling privacy one of the most essential battles of modern times. Referring to privacy as a mirror of policies and usage, Cook believes there are two disparate realities, with one where it "unlocks humanity's full creative potential," while the other is where "technology is exploited to rob humanity of that which is foundational: our privacy itself."

You've completely skipped over the privacy part I posted, which offers a different perspective (dev) on the matter (compared to a normal users), so here is one more screenshot for you:

The devs can fill this thing in any way they want to.. and Apple:

^SS of my previous post, underlining the interesting bit.
So yeah, I'm gonna call it as it is... Tim Cook's concerns about privacy are BS. 

[erebea]

On 4/15/2022 at 2:36 AM, DANK_AS_gay said:

Because in this situation it has far more negative effects than positive.

Requiring Apple to implement actual security, instead of relying on their consumer-unfriendly approach to software mimicking security, does not outweigh conforming to the principle that anyone should be able to do anything with their device for any reason. Though of course, for Apple it sure does, because it means they lose money in many ways.

[RejZoR]

20 hours ago, Biohazard777 said:

I agree that Google and MS aren't doing a great job... but saying Apple does it "pretty damn great" is an overstatement at least 

https://arstechnica.com/gadgets/2021/05/apple-brass-discussed-disclosing-128-million-iphone-hack-then-decided-not-to/

https://en.wikipedia.org/wiki/XcodeGhost

This is one example, one that came to light thanks to 3rd party researches, not thanks to Apple.

 

Also this topic being about privacy... You do know that App store privacy section is completely self-reported by the developer?

Clicking on "See Details" shows you this:

As a dev you fill out a questionnaire in the App Store Connect, I assure you If I was to say all data is not linked to you but it actually is - Apple isn't checking that.
My company has several apps on the App store that could 100% link the data to you just by setting some flags from false to true on our servers, without an app update or privacy section update.
Also we could just not report some of the data we are collecting to Apple, as in not stating it in the privacy section. For example "Usage Data", our servers log each request and pretty much each tap, scroll, log in, etc. you make is a request... even though the App itself isn't monitoring the usage, our servers are. Yeah not disclosing that that would make us douchebags, open us up to lawsuits, etc... but the fact remains, privacy violation would occur and Apple didn't do diddly squat to prevent it, the cherry on top is that Apple wouldn't be held accountable at all. 

PS My company isn't "FreshPlanet Inc.", screenshots above are just random app I opened.

 

So, you're arguing my point by... wait for it... literally showing me what happens when something is downloaded from unverified sources... The issue here isn't the App Store, it's the fact people literally downloaded MODIFIED Xcode package from god f**king knows where (I have no f**king clue why in the first place on top of the fact that Apple itself provides officially and completely free from VERIFIED source here: https://developer.apple.com/xcode/ ) and compiled their apps with it that generate malicious apps that were further spread to users from verified accounts of devs with no prior violations of App Store TOS. Are you people for f**king real? I'm f**king done with this Apple hating clown town. Everyone's a f**king security expert now because they read something in some lawsuit somewhere. F**k me.

[darknessblade]

1 minute ago, RejZoR said:

So, you're arguing my point by... wait for it... literally showing me what happens when something is downloaded from unverified sources... The issue here isn't the App Store, it's the fact people literally downloaded MODIFIED Xcode package from god f**king knows where (I have no f**king clue why in the first place on top of the fact that Apple itself provides officially and completely free from VERIFIED source here: https://developer.apple.com/xcode/ ) and compiled their apps with it that generate malicious apps that were further spread to users from verified accounts of devs with no prior violations of App Store TOS. Are you people for f**king real? I'm f**king done with this Apple hating clown town. Everyone's a f**king security expert now because they read something in some lawsuit somewhere. F**k me.

Please read the following comment. Apple their own appstore is not as safe as you think

 

 

[leadeater]

7 hours ago, RejZoR said:

So, would you now also show us GooglePlay statistics? You can't just throw one side and say "gotcha". We're talking who does better after all, not who had an incident that everyone made the most drama around.

I've already posted the largest academic study of the Play Store, it's also very recent. It has a nicely detailed breakdown table in that post or you can go read the more detailed linked article. Long and short of it, 0.6% of Apps on the Play Store are malicious, the issue is 0.6% of a really huge number of Apps is well a lot of malicious Apps. Apple has the same issue, however there isn't an equivalent study so we don't know if it's 0.1% or 1% or 10%. But it is likely, in my opinion, lower than 0.6% but it's also not 0% considering how many of the top 1000 App Store Apps are malicious. Zero out of 1000 of the top 1000 Apps on the App Store should be malicious if anyone wants to argue Apple's model is actually offering security, having 1 is an outright failure in terms of that narrative.

 

3 hours ago, RejZoR said:

Everyone's a f**king security expert now because they read something in some lawsuit somewhere

See the problem is there are facts and evidence that go counter to your opinion. Now let me ask you, what has more weight? Facts and evidence? Or Opinions?

 

P.S. Since security falls under my job role then yea maybe I actually am... Are you a paid professional with system security under their portfolio of responsibility? Does this actually matter in an internet forum discussion, where we're supposed to be have an equal, respectful, with effort of understanding conversation? I'd say no it does not. 

[leadeater]

7 hours ago, RejZoR said:

Who the F addresses scope of distribution or scale of distribution (or even spread rate if we're talking malware in disguise) with "it would exceed distribution limits" and then bark at me for misunderstanding your nonsense? Give me a break dude.

If you had read the post you'd know why, soo how about do that?.... Just saying, might help explain why...

 

I'll give you a break when you either go away or do as required and stop acting foolish with nothing of substance to say.

 

You're arguing against sideloading and calling it a security risk, in a way that implies it materially matters, when evidence and data shows that it is statically irrelevant in terms of device infections.

 

Even when you have something close to an actual reasoned objection you won't even read or consider a solution for an implementation approach that addresses that concern, because you won't even read the damn post and text to even know what was proposed.

 

You call it nonsense yet you HAVE NOT READ IT. Yea good one. Please, if you going to try in insult me you're going to have to do it in substantive way otherwise it's literally meaningless.

[Brooksie359]

47 minutes ago, leadeater said:

I've already posted the largest academic study of the Play Store, it's also very recent. It has a nicely detailed breakdown table in that post or you can go read the more detailed linked article. Long and short of it, 0.6% of Apps on the Play Store are malicious, the issue is 0.6% of a really huge number of Apps is well a lot of malicious Apps. Apple has the same issue, however there isn't an equivalent study so we don't know if it's 0.1% or 1% or 10%. But it is likely, in my opinion, lower than 0.6% but it's also not 0% considering how many of the top 1000 App Store Apps are malicious. Zero out of 1000 of the top 1000 Apps on the App Store should be malicious if anyone wants to argue Apple's model is actually offering security, having 1 is an outright failure in terms of that narrative.

 

See the problem is there are facts and evidence that go counter to your opinion. Now let me ask you, what has more weight? Facts and evidence? Or Opinions?

 

P.S. Since security falls under my job role then yea maybe I actually am... Are you a paid professional with system security under their portfolio of responsibility? Does this actually matter in an internet forum discussion, where we're supposed to be have an equal, respectful, with effort of understanding conversation? I'd say no it does not. 

I mean I would have to disagree. Saying having one is too much to justify a measure to decrease security risks isn't really fair. I mean do you get rid of a fence simply because it doesn't keep everything out all the time? I would say you would have to have some data to show that sideloading has a malicious app rate the same or lower than the apple store before you could really say that it doesn't pose a security risk. Also the most confusing part of this for me is that people seem to talk about how they want to do whatever they want with their device and that is why it should be allowed when I am fairly certain that has little to do with why apple is being forced to do this. 

[leadeater]

4 hours ago, Brooksie359 said:

Saying having one is too much to justify a measure to decrease security risks isn't really fair.

Is it fair to object against something, regardless of implementation approach if the thing you are arguing against and the example you are using to try and justify it is not statically relevant to the cause of infections, which is the justification used to object to it?

 

I can only be as fair as the objections and counter points raised. And remember I'm only pointing to the top 1000 Apps on the App Store, not the entire thing. Zero is not too much to ask given how extolled the App Store's security is supposedly to be. Apple for how big a company they are, how much they promote privacy and security, how much some of their users praise them for these aspects, cannot do something like keep a mere 1000 most popular Apps on their "high security, high privacy" App Store from being malicious is not good, at all. If you cannot achieve the most popular 1000 then you cannot do so for the hundreds of thousands behind those.

 

If you are going to argue that sideloading isn't prefect and a security risk then it must pose a higher risk than the thing you are claiming to be better. Since the App Store will continue to be a higher security risk than sideloading, as is the case on Android, then this is not a very fair comparison nor fair objection.

 

4 hours ago, Brooksie359 said:

I would say you would have to have some data to show that sideloading has a malicious app rate the same or lower than the apple store before you could really say that it doesn't pose a security risk

I have posted that data already, however pure percentage rate of non-malicious to malicious is not an adequate assessment because it doesn't factor in scale or likelihood of encountering said risk.

 

4 hours ago, Brooksie359 said:

Also the most confusing part of this for me is that people seem to talk about how they want to do whatever they want with their device and that is why it should be allowed when I am fairly certain that has little to do with why apple is being forced to do this. 

Sure that probably is the case, in fact it is my opinion that iOS and the App Store, and everything like it, are now being seen as a market. Now that they are starting to be classified as markets, ones of great size, regulators now deem them as necessary to regulate to ensure they are fair markets to compete in and fair and safe for consumers/users.

 

EU I think cares little about anyone's freedom over what they can do with their device they purchases because far as I've seen I have heard no such arguments and justifications from them about that sort of thing. Like I mean it's called "Digital Markets Act", so it's kind of right there in the name.

 

Quote

Digital services have brought important innovative benefits for users and contributed to the internal market by opening new business opportunities and facilitating cross-border trading. Today, these digital services cover a wide range of daily activities including online intermediation services, such as online marketplaces, online social networking services, online search engines, operating systems or software application stores. They increase consumer choice, improve efficiency and competitiveness of industry and can enhance civil participation in society. However, whereas over 10 000 online platforms operate in Europe’s digital economy, most of which are SMEs, a small number of large online platforms capture the biggest share of the overall value generated.

 

Large platforms have emerged benefitting from characteristics of the sector such as strong network effects, often embedded in their own platform ecosystems, and these platforms represent key structuring elements of today’s digital economy, intermediating the majority of transactions between end users and business users. Many of these undertakings are also comprehensively tracking and profiling end users. 1 A few large platforms increasingly act as gateways or gatekeepers between business users and end users and enjoy an entrenched and durable position, often as a result of the creation of conglomerate ecosystems around their core platform services, which reinforces existing entry barriers.
 

As such, these gatekeepers have a major impact on, have substantial control over the access to, and are entrenched in digital markets, leading to significant dependencies of many business users on these gatekeepers, which leads, in certain cases, to unfair behaviour vis-à-vis these business users. It also leads to negative effects on the contestability of the core platform services concerned. Regulatory initiatives by Member States cannot fully address these effects; without action at EU level, they could lead to a fragmentation of the Internal Market.

 

Unfair practices and lack of contestability lead to inefficient outcomes in the digital sector in terms of higher prices, lower quality, as well as less choice and innovation to the detriment of European consumers. Addressing these problems is of utmost importance in view of the size of the digital economy (estimated at between 4.5% to 15.5% of global GDP in 2019 with a growing trend) and the important role of online platforms in digital markets with its societal and economic implications. 2

https://eur-lex.europa.eu/legal-content/en/TXT/?qid=1608116887159&uri=COM%3A2020%3A842%3AFIN

[mr moose]

On 4/15/2022 at 9:40 PM, HRD said:

Apple gets to set what it wants to sell and what business model it wants. And we as users can vote with our money and decide whether or not we support it. 

Facebook can either not offer apps to us or follow the privacy rules and every rule of the store to join. 

 

More than a billion users are supporting apple’s model and they are giving apple the power to enforce the AppStore.

Banks and insurance companies have a billion users too, are we to argue that they are fair and reasonable with their products and services?

[Brooksie359]

2 hours ago, mr moose said:

Banks and insurance companies have a billion users too, are we to argue that they are fair and reasonable with their products and services?

I mean tbf you are kinda stuck with banks and insurance companies as there is little way around using them. Apple you can avoid them easily of you want. Tbh most of the time I hear people use Apple products because they genuinely like them. Compare that to for banking system which you are basically forced into using as its a necessity same with insurance. That being said yeah high user numbers doesn't mean much if you have a legit monopoly. 

[Kisai]

2 hours ago, mr moose said:

Banks and insurance companies have a billion users too, are we to argue that they are fair and reasonable with their products and services?

Oh hell no. The average person doesn't even know the kind of censorship is imposed on businesses that deal with banks and insurance companies.

 

[leadeater]

15 minutes ago, Brooksie359 said:

I mean tbf you are kinda stuck with banks and insurance companies as there is little way around using them

You're kinda stuck using App Store if you want to or need to use iOS. Just use Android isn't a suitable answer.

 

17 minutes ago, Brooksie359 said:

Tbh most of the time I hear people use Apple products because they genuinely like them.

That is because, at least in my opinion, iOS is a better and higher quality OS and product than Android is. That doesn't mean there should be zero alternative ways to use and install Apps, that aren't unreasonable. This is why regulators have to step in, when things become unreasonable or becomes such a large platform of commerce and trade letting them have unilateral control over that shouldn't' be allowed, just like it isn't basically anywhere else in other forms of commerce and trade.

[RejZoR]

8 hours ago, leadeater said:

If you had read the post you'd know why, soo how about do that?.... Just saying, might help explain why...

 

I'll give you a break when you either go away or do as required and stop acting foolish with nothing of substance to say.

 

You're arguing against sideloading and calling it a security risk, in a way that implies it materially matters, when evidence and data shows that it is statically irrelevant in terms of device infections.

 

Even when you have something close to an actual reasoned objection you won't even read or consider a solution for an implementation approach that addresses that concern, because you won't even read the damn post and text to even know what was proposed.

 

You call it nonsense yet you HAVE NOT READ IT. Yea good one. Please, if you going to try in insult me you're going to have to do it in substantive way otherwise it's literally meaningless.

I've read it. Several times. It still makes zero f**king sense as this line you made in that exact post (a literal letter by letter quote):

"Or better yet something like Fortnite wouldn't even be eligible for sideloading as it would exceed distribution limits.. "

 

This is the most nonsensical claim I've ever read. What the f**k it even means? Don't tell me coz I don't want to hear your dumb explanation of it because that's all you've been serving me so far. All I read were some hypothetical measures that would have to be employed to mitigate sideloading attack vector, not what's actually in any OS. Also you're babbling about "mega super duper sandboxing" like it's a solution to everything. Sandboxing works when it's an unattended attack, not when fake app is pretending to be a legit one and user willfully grants the access rights to the fake app. I'm pretty sure if you grant photos access to an app it has full access to them. When you grant the app access to your contacts, it gets them all. Because legit apps require same thing to do legit operations with said user content and guess what, they gain full access to them. Because that's the point. If it was still magically firewalled/sandboxed from the app it wouldn't be able to do anything. Spare me the bullshit dude, it's like you've never even used Android in your entire life (or you have and you have no clue how it works in hands of normies and you can only see it from your expert/advance user perspective). But you're portraying Android like it's this impenetrable fortress when the entire time in this dumbest 10 page thread ever I'm constantly stating the user is the weakest link and no matter how secure you make the OS, users will do stupid things with it. If they can't at all, you cut down attack vector by MEGA HUGE amount. Throwing the Xcode incident as some sort of gotcha, that was a rather elaborate attack if you ask me that involved multiple parties failing starting with developers themselves and something you don't see every day, hell you probably won't see it for years again. You're so disconnected from reality it's not even funny at this point, mostly because you seem to have ZERO clue how normal users use their devices and how easily they are manipulated into giving apps whatever access just for OS to shut up with its popups. Most users literally have no clue what the popups even say or mean, they just want to do whatever with their phone. Now I'm really done. Unless you'll serve me another dumb reason to reply...

[Blademaster91]

On 4/16/2022 at 3:16 AM, RejZoR said:

The issue is, they know NOTHING about sideloading, but they learn enough about it via search that it enables them to install an app that can't be found on curated and somewhat verified official markets all while not knowing about any dangers of it, they just want that Forknife because it was kicked out of GooglePlay/App Store for violating their TOS.

So if someone doesn't know what sideloding is, it doesn't affect them, for people that aren't interested in sideloading simply won't do it. Sideloading is an option on most Android phones and most people don't use it because they have no interest or don't know the option is there.

I don't like Fortnite, but I think people should be able to install what they like, and have the option to download other storefronts.

On 4/16/2022 at 3:16 AM, RejZoR said:

And people often say "yeah, but this doesn't affect me". really? Botnets don't just run on their own. They are a collective of victim devices that can also affect others eventually. Or when someone has data harvesting malware installed and it hoards your phone number along with god knows what else because some clueless person with your data in their phone got it all snagged. It's never just the victim of the phone. It essentially means it affects EVERYONE that the victim is in contact with and this extra info is often used to craft particularly trustworthy sounding bot requests asking people in victim's name to send them money or passwords and whatnot.

How does allowing sideloading cause a device to be vulnerable to a botnet? It was already explained in this thread there could be secure methods of sideloading, and even make it extra annoying to sideload by asking a user to sign in twice then asking the user if they're sure after signing in.

And if the security of an OS relies that much on completely locking down the app platform then the OS isn't very secure at all.

On 4/16/2022 at 3:16 AM, RejZoR said:

So, it would be cool if people stop glorifying sideloading without having a single f**king clue about anything.

And it would be cool if people would stop making sideloading sound scary as if hax0rs will instantly steal your phone number the moment you sideload an app.

[RejZoR]

1 minute ago, Blademaster91 said:

So if someone doesn't know what sideloding is, it doesn't affect them, for people that aren't interested in sideloading simply won't do it. Sideloading is an option on most Android phones and most people don't use it because they have no interest or don't know the option is there.

I don't like Fortnite, but I think people should be able to install what they like, and have the option to download other storefronts,

How does allowing sideloading cause a device to be vulnerable to a botnet? It was already explained in this thread there could be secure methods of sideloading, and even make it extra annoying to sideload by asking a user to sign in twice then asking the user if they're sure after signing in.

And if the security of an OS relies that much on completely locking down the app platform then the OS isn't very secure at all.

And it would be cool if people would stop making sideloading sound scary as if hax0rs will instantly steal your phone number the moment you sideload an app.

Am I speaking in dog barks or something? I literally explained it all. Normies know just enough things to f**k shit up. They don't know enough what you need to know afterwards. Scams often start on Youtube with nice tutorial how to enable and use sideloading with link to a malicious content. Awesome Dislike ratio being removed super helps that on top of everything. How about if you all educate a bit how things are actually happening in the real world and then come whining back? Just a thought.

[Blademaster91]

On 4/16/2022 at 5:47 AM, Brooksie359 said:

Ok if most people don't know what it even is then why add it? I mean let's be honest can other app stores compete with the native apple apps store when sideloading becomes an option? I am of the opinion that no it won't. Also epic just wanted to violate apples tos and pay a cut to apple and this whole its about fair competition is bs imo. Do you know what is fair competition? It's when companies can make different products for different target audiences without being forced to change that. 

That is like saying most people don't know of any Android phone brand besides Samsung, so why even have other choices? I think having more competition and other stores is a good thing, if someone wants to develop an app but can't pay the $100 developer fee they can't publish the app on iOS, so they lose out on about about half the market by only having the app on the Google play store.

And Apple is only against sideloading and third party stores because it is against their interest of charging everyone a 30% store fee, they're in it for the money as much as Epic Games is.

On 4/16/2022 at 8:16 PM, Brooksie359 said:

Have you been listening to the arguments made at all? Allowing sideloading breaks the walled garden that Apple is know for and make it much more like android. I am also curious as to if you are an iPhone user anyways and if iPhones allowed sodeloading would you switch if you already aren't? Because it seems to me that alot of people wanting sideloading added so badly aren't even Apple customers in the first place and are completely ignoring why apple users like ios in the first place. 

The argument for sideloading is because there are people that see a phone as more than a basic appliance, phones have become powerful enough to replace a computer for a lot of people. And even if iphones could sideload apps I wouldn't want an iphone anyway, I have other reasons for not wanting to buy anything from Apple.

[Blademaster91]

2 hours ago, RejZoR said:

Am I speaking in dog barks or something? I literally explained it all. Normies know just enough things to f**k shit up. They don't know enough what you need to know afterwards. Scams often start on Youtube with nice tutorial how to enable and use sideloading with link to a malicious content. Awesome Dislike ratio being removed super helps that on top of everything. How about if you all educate a bit how things are actually happening in the real world and then come whining back? Just a thought.

I've read through this whole thread and I still don't understand what you're saying when you say allowing sideloading means you're going to get hacked, even though others have given very good explanations on how sideloading could be a well secured procress.

As for youtube tutorials, someone can find a tutorial for Windows or Mac and mess up their system, so why should other OS platforms be open to run unsigned applications and allow user changes? And that is sort of an offtopic issue with youtube, they allow plenty of clickbait scams yet they'll ban people for even discussing torrenting software.

[leadeater]

4 hours ago, RejZoR said:

This is the most nonsensical claim I've ever read. What the f**k it even means? Don't tell me coz I don't want to hear your dumb explanation of it because that's all you've been serving me so far.

It literately means and addresses your concern that companies like Epic or Facebook could force users down sideloading and thus make it both more widely exposed to users who as you put it are "dumb and just click yes" as well as more willing to try other sideloaded Apps which may or may not be malicious.

 

I didn't realizing quoting a concern you yourself raised and offering a proposed solution to that was so incompressible and confusing, however it seems it is/was an issue isolated to yourself.

 

Your complaint: "X huge company will force people to sideload their App"

Proposed Solution: "Do not allow huge companies to have their Apps sideloaded"

You: "I'm confused, this is nonsense and incomprehensible"

 

Somehow I think you are the problem, not what I wrote, not my suggestion and not my effort that I'm actually willing to put in to read and respond to opinions and statements actually made.

 

4 hours ago, RejZoR said:

not what's actually in any OS.

Actually what I proposed is sitting in iOS right now so that really goes to show how much you actually know about iOS doesn't it.

 

4 hours ago, RejZoR said:

Sandboxing works when it's an unattended attack, not when fake app is pretending to be a legit one and user willfully grants the access rights to the fake app.

It does work because a sandboxed application can have no access to anything, do you know what sandboxing is and it's purpose?

 

Quote

In computer security, a sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures and/or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.[1] A sandbox typically provides a tightly controlled set of resources for guest programs to run in, such as storage and memory scratch space. Network access, the ability to inspect the host system, or read from input devices are usually disallowed or heavily restricted.

 

In the sense of providing a highly controlled environment, sandboxes may be seen as a specific example of virtualization. Sandboxing is frequently used to test unverified programs that may contain a virus or other malicious code without allowing the software to harm the host device.[2]

Since you need some assistance in understanding what Sandboxing is.

 

4 hours ago, RejZoR said:

I'm pretty sure if you grant photos access to an app it has full access to them. When you grant the app access to your contacts, it gets them all.

Again had you actually read what I wrote then you'd know I suggested not allowing such permissions to be granted to sideloaded applications at all so this would be impossible. Something that is possible to do right now with iOS.

 

4 hours ago, RejZoR said:

But you're portraying Android like it's this impenetrable fortress

Ok point to where I have? Bet it's impossible lol

 

4 hours ago, RejZoR said:

Throwing the Xcode incident as some sort of gotcha

Well considering that wasn't me then this doesn't portray you in a very good light does it? You really should take heed of what your actions do to your credibility.

 

Conclusion, despite your claims evidence shows no you have not bothered to read what I wrote, you stopped at some point while reading it because your mind is closed, you've already concluded what I've said even though it isn't and are arguing with your own made up points. I don't know why you are so willing to argue with yourself.

 

Finally if you are going to say you're done then I would suggest you follow through, this isn't going all that well for you so take my advice and your own words to heart, step away.

[Avocado Diaboli]

4 hours ago, RejZoR said:

I'm constantly stating the user is the weakest link and no matter how secure you make the OS, users will do stupid things with it.

So has everybody else. You are not being revelatory here, literally everybody here knows and agrees that the user is always the determining factor in how secure a system is. You treat this like you're graciously proclaiming to us from on high some kind of deep truth that we've just overlooked. We didn't. 

 

However, if that's such a big deal to you and others, why aren't you and those same others pushing for macOS, Windows, Android, any Linux distro, heck literally every single other OS out there to implement exactly the same approach iOS uses? Why do you reserve the right to write unsigned code that others get to run on their computers? Why should I trust you and your apps? If you and all the others here so staunchly opposing side-loading on iOS were actually consistent, you would agree that every platform should be handled this way. Windows users, Linux users and especially Android users are certainly all dumb/uninformed enough to do potentially stupid things that open up their machines for malicious code to enter. I'm very much including myself in that subset. And you. You are also too dumb to be trusted to always do exactly the right thing to never fall victim to any of this. As is literally everybody on this forum, regardless of their expertise or experience level. We are all the weak link in any system we use. So why aren't you pushing for more control and security in those areas from every OS manufacturer? Literally nobody has given me an even remotely logical answer to this question and everybody arguing against side-loading is just content on being a hypocrite about this.

[mr moose]

6 hours ago, Brooksie359 said:

I mean tbf you are kinda stuck with banks and insurance companies as there is little way around using them. Apple you can avoid them easily of you want. Tbh most of the time I hear people use Apple products because they genuinely like them. Compare that to for banking system which you are basically forced into using as its a necessity same with insurance. That being said yeah high user numbers doesn't mean much if you have a legit monopoly. 

Nope, unlike there being multitudes of banks and insurance companies we really only have two options for a smart phone,  android or apple.  Both have major issues that are simply not acceptable.  The concept that any of these issues are O.K because the other company is (in personal opinion) worse is simply a failure of critical thinking.  

 

 

[hishnash]

1 hour ago, leadeater said:

Again had you actually read what I wrote then you'd know I suggested not allowing such permissions to be granted to sideloaded applications at all so this would be impossible. Something that is possible to do right now with iOS.

 

If you think of a side loaded app as an app that cant accesses any system apis then you might as well use a PWA, this at least has access to the system apis exposed to the web browser.

People who ask for side loaded apps what these apps to have more api access than the regular App Store apps. They would like side-loaded apps to be the same as apps loaded by a developer/user who self signes (as you can today) in this situation you can use a load more apis include apis that no AppStore app can use such as JIT execution!   They see side-loading as a way to run things that cant even be shipped on the App Store not as a way to run things that would be better suited as a PWA. 

[Brooksie359]

2 hours ago, Blademaster91 said:

That is like saying most people don't know of any Android phone brand besides Samsung, so why even have other choices? I think having more competition and other stores is a good thing, if someone wants to develop an app but can't pay the $100 developer fee they can't publish the app on iOS, so they lose out on about about half the market by only having the app on the Google play store.

And Apple is only against sideloading and third party stores because it is against their interest of charging everyone a 30% store fee, they're in it for the money as much as Epic Games is.

The argument for sideloading is because there are people that see a phone as more than a basic appliance, phones have become powerful enough to replace a computer for a lot of people. And even if iphones could sideload apps I wouldn't want an iphone anyway, I have other reasons for not wanting to buy anything from Apple.

So let me get this straight. You think that sideloading is actually going to make competition when 99% of people have no idea what it is and won't bother with it. I'm sorry but that small developer isn't getting access to the vast majority of Apple users as I doubt they will sideload. The reason why this whole thing came about is competition and what I am merely pointing out is that this clearly won't accomplish that. Sure you might have your more tech savvy users sideload but that will likely few and far between. 

[Brooksie359]

51 minutes ago, mr moose said:

Nope, unlike there being multitudes of banks and insurance companies we really only have two options for a smart phone,  android or apple.  Both have major issues that are simply not acceptable.  The concept that any of these issues are O.K because the other company is (in personal opinion) worse is simply a failure of critical thinking.  

 

 

The banks are technically separate but at the same time not really. At least in the US they aren't. Also you have alot of choices for insurance companies but they are all awful with how much they know about you and how they use so much personal data to determine rates. And again I have heard way more people say they use Apple or Samsung because they really like the phones they make. I can't say the last time I heard someone say they loved their insurance company or bank as they do a really good job. Also didn't a Chinese phone maker create its own os? Also I think for the most part what keeps Apple and Samsung honest is the other phone makers. 

[darknessblade]

32 minutes ago, Brooksie359 said:

The banks are technically separate but at the same time not really. At least in the US they aren't. Also you have alot of choices for insurance companies but they are all awful with how much they know about you and how they use so much personal data to determine rates. And again I have heard way more people say they use Apple or Samsung because they really like the phones they make. I can't say the last time I heard someone say they loved their insurance company or bank as they do a really good job. Also didn't a Chinese phone maker create its own os? Also I think for the most part what keeps Apple and Samsung honest is the other phone makers. 

In Europe Things Like banks and Insurance companies are HEAVILY regulated, Like banks are not allowed to charge "usurious interest" on a loan, 

 

And if it is found they did such a act, the bank has to pay it back to the customer, as banks have to repay too high interest, with interest on the lost amount that customers paid to much due the Illegal interest rate

[leadeater]

52 minutes ago, Brooksie359 said:

Also you have alot of choices for insurance companies but they are all awful with how much they know about you and how they use so much personal data to determine rates.

Not really. When I got my life insurance, due to personal matters, my application went to the very highest levels of review and the short version is there are only 3 reinsurers in the world so no matter what insurance company you are dealing with behind them is 1 of only 3 and they get ultimate say. 2 out of the 3 refused to give me life insurance. So even with a myriad of insurance company options in reality there are only 3 (for life insurance).

 

I'm actually quite proud of the fact that my application went to the very top medical board review and required 4 different medical representatives and legal representation just to assess my application. I also delight in the fact they completely wasted their time because medically there was nothing wrong with me, nor has there ever been. One tiny aspect matched some superfluous medical case study that meant I might have some risk factors, boy insurance companies like to find literally any reason at all lol. 

 

Sadly the one that did accept tacked on a 50% loading which is more than a obese chain smoker.

 

Similar situations exist for other types of insurance policies, just stickers on stickers of the actual companies involved. But like computer power supplies, you probably have a FSP and not a "EVGA".

 

52 minutes ago, Brooksie359 said:

I can't say the last time I heard someone say they loved their insurance company or bank as they do a really good job.

Well I can be an exception then because the two banks I've been with, and are still with both, I like and they both do an excellent job. Did I go to school with the branch manager of one of them? Yea maybe, but that's only recent that they became the branch manager, but that does have it's benefits