Letting iPhone users sideload iOS apps from sources other than the App Store would be a disaster for iPhone security, Apple argues in a “threat analysis” released today (Oct. 13).
“Supporting sideloading through direct downloads and third-party app stores would cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks,” says the 31-page paper, entitled “Building a Trusted Ecosystem for Millions of Apps.”
If Apple’s argument sounds familiar, that’s because back in June, Apple released a shorter paper with an identical headline. At the same time, Apple CEO Tim Cook said that sideloading would “destroy the security of the iPhone.”
Government regulators on both sides of the Atlantic are threatening to force Apple to let iPhone users sideload apps. That would put a dent in one of Apple’s chief revenue streams, as the company takes a 30% cut of most App Store sales. (Google does the same for app sales in the Play Store.)
The Android example
However, Apple is right that sideloading would probably be terrible for iOS security. Sideloading has always been permitted on Android, even though it’s discouraged by Google, and Apple’s primary argument is that Android security has suffered greatly as a result.
“Over the past four years, Android devices were found to have 15 to 47 times more malware infections than iPhone,” Apple states, citing numerous sources. “Nearly 6 million attacks per month were detected by a large security firm” — in this case, Kaspersky — “on its clients’ Android mobile devices.”
Malware does get into the official Google Play Store, which doesn’t screen apps as closely as Apple’s App Store does. But by far the biggest malware problem on Android results from users sideloading dodgy apps from direct links in phishing campaigns or from “off-road” markets not controlled by Google.
“If Apple were forced to support sideloading,” the new paper argues, “more harmful apps would reach users because it would be easier for cybercriminals to target them.”
It points out that most third-party stores would not be as well screened as the App Store, and that apps not approved by Apple would also pose privacy risks due to the likelihood of spyware.
Aiming at lawmakers and regulators
Then as now, these papers and comments are primarily aimed at European Union regulators. A proposed set of rules called the Digital Markets Act would force Apple to open up iPhones to apps from outside the App Store, but EU countries must first approve the rules.
A similar bill called the Open App Markets Act was introduced in both the U.S. House of Representatives and the U.S. Senate in August, but it does not appear to have moved forward.
Europe’s top digital regulator, Margrethe Vestager, told Reuters in July that promoting competition in app markets took priority over Apple’s security worries.
“I think privacy and security is of paramount importance to everyone,” Vestager said. “It’s not a shield against competition, because I think customers will not give up neither security nor privacy if they use another app store or if they sideload.”
Apple’s own experience with iOS malware
The paper even admits some flaws with Apple’s own iOS controls. The primary router of malware infection on iOS is through Apple’s Developer Enterprise Program, which permits companies to make and privately distribute in-house iOS apps to employees outside the App Store.
“Despite the program’s tight controls and limited scale, bad actors have found unauthorized ways of accessing it,” Apple’s paper says. “Bad actors have used illegitimately obtained enterprise certificates to distribute apps that violate App Store policies, including apps containing malware … and pirated versions of popular iOS apps.”
Apple argues that if sideloading becomes possible for all iPhone users, iPhones will become flooded with the same sort of spyware, stalkerware, Trojans and other nasties that currently are commonplace on Android phones that permit sideloading. (On Google’s version of Android, you have to change some default settings before you can sideload apps.)
“Forcing sideloading onto the iOS ecosystem would make iPhone less secure and trustworthy for users,” proclaims Apple. “IPhone users would have to constantly be on the lookout for scams, never sure whom or what to trust, and, as a result, users would download fewer apps from fewer developers.”
