Apple Executive Says Users Who Want App Sideloading Already Have That Option With Other Platforms

Apple earlier today published a detailed report outlining in blatant terms the negative impact that sideloading would have on the iPhone and iPad, specifically calling out the impacts it would have on user privacy and security. Now, the company is continuing its PR push, with an executive noting in an interview that users who wish to sideload apps already have that option thanks to other platforms.

iPhone 12 v Android 2020
Speaking to Fast Company, Apple's head of user privacy, Erik Neuenschwander, said that opening the doors to sideloading apps on ‌iPhone‌ and ‌iPad‌, which would enable users to download apps from the web and other app marketplaces besides Apple's App Store, could lead users to be "tricked or duped" into "some dark alley."

The executive, who made an appearance at the company's developer conference last year, ultimately said that iOS is not the platform for users who wish to sideload apps, suggesting that those users might want to consider other platforms.

"Sideloading in this case is actually eliminating choice," he says. "Users who want that direct access to applications without any kind of review have sideloading today on other platforms. The iOS platform is the one where users understand that they can't be tricked or duped into some dark alley or side road where they're going to end up with a sideloaded app, even if they didn't intend to."

Currently, apps must go through Apple's rigorous ‌App Store‌ review process, but if sideloading was allowed, apps would be able to bypass the review process. Neuenschwander also said that sideloading apps would leave the user vulnerable to viruses, malware, and more.

"Today, we have our technical defenses, we have our policy defenses, and then we still have the user's own smarts," Neuenschwander says, referring to Apple's App Store processes. Sideloading would negate those defenses, he contends.

"Even users who intend—they've consciously thought themselves that they are only going to download apps from the App Store—well, the attackers know this, so they're going to try to convince that user that they're downloading an app from the App Store even when that's not happening," Neuenschwander says. "Really, you have to think very creatively, very expansively as an attacker would trying to go after so many users with such rich data on their device. And so users will be attacked regardless of whether or not they intend to navigate app stores other than Apple's."

Unlike the tightly controlled nature of the ‌iPhone‌ and ‌iPad‌, users are able to download and run apps from places other than the ‌App Store‌ on macOS. Neuenschwander attempted to draw a clear distinction between iOS and macOS, pointing out that the ‌iPhone‌ is a device that users have all the time, carrying personal information such as their location. He noted that the data on ‌iPhone‌ is "more enticing" to a potential attacker compared to information on the Mac.

"It's the device you carry around with you," Neuenschwander notes. "So it knows your location. And therefore somebody who could attack that would get pattern-of-life details about you. It has a microphone, and therefore that's a microphone that could be around you much more than your Mac's microphone is likely to be. So the kind of sensitive data [on the iPhone] is more enticing to an attacker."

Neuenschwander went on to explain the difference in usage between the ‌iPhone‌ and Mac. According to Neuenschwander, users on Mac tend to only download a few applications needed for their job and not explore other applications. On the contrary, ‌iPhone‌ users are downloading apps continuously, making sideloading more dangerous, according to the executive.

But that's not all. "The pattern of use of the Mac—just the style, how people use that platform—tends to be that they get a few applications that they use to do their job or their hobby, and then it kind of reaches a steady state," Neuenschwander explains. "But what we've all seen is that mobile platforms, including iPhone, are ones where users are downloading apps on a continuing basis. And that gives an attacker more opportunities to get in and get at that user. So the threat on the iOS side is much higher than the threat on the Mac side."

Craig Federighi, Apple's software chief overseeing the development of iOS and macOS, said during his testimony for the Epic Games trail that the level of malware on the Mac is at an unacceptable level, possibly warning that similar levels of malware could make its way to the ‌iPhone‌ if sideloading was enabled.

Top Rated Comments

fenderbass146 Avatar
18 weeks ago
Yup… been there done that, once I got past my customizing and stealing apps phase the appeal of Android died. I’ll stick with my stable and more secure iOS devices.
Score: 107 Votes (Like | Disagree)
aplnub Avatar
18 weeks ago
I don't want my iPhone any less secure than it already is. For the tiny sliver of the iPhone user base that feels side loading is important to them, Android is there for you to use.
Score: 67 Votes (Like | Disagree)
Your Royal Highness Avatar
18 weeks ago
Such bs macOS has been doing fine for years. This is just fear mongering to protect their billion dollar cash cow.
Score: 56 Votes (Like | Disagree)
perezr10 Avatar
18 weeks ago
I agree with him. If you’re willing to trade security for flexibility, than Android is more for you.

I don’t want Apple to make The iPhone worse to please a noisy minority. And especially not to get the CEO Of Epic another Lamborghini.
Score: 47 Votes (Like | Disagree)
cmcbhi Avatar
18 weeks ago
But, I agree.
If you want to side load, Android is there for you.
Don't let the door hit you.........well, you know.
Score: 35 Votes (Like | Disagree)
xflashx Avatar
18 weeks ago
I honestly don’t understand the problem. Why not simply allow sideloading apps if enabled in System settings buried under several popups and warnings about possible consequences when enabling that option? Most people would probably leave the sideloading option disabled and the other ones probably know what they are doing and accept possible consequences or privacy violations.
Score: 35 Votes (Like | Disagree)

Related Stories

app store blue banner

Apple Says iOS is Safer Than Android Because Sideloading Apps Isn't Allowed

Wednesday October 13, 2021 5:00 am PDT by
In response to the European Commission's proposed Digital Markets Act, which could force sideloading of apps on the iPhone in Europe, Apple has shared an in-depth document highlighting the security and privacy risks of sideloading. Sideloading refers to installing apps outside of the App Store, such as from a website or a third-party app store. Apple's document, titled Building a Trusted...
XcodeGhost Featured1

'XcodeGhost' Malware Attack in 2015 Impacted 128 Million iOS Users, According to Trial Documents

Friday May 7, 2021 12:55 pm PDT by
Back in 2015, a malware-infected version of Xcode began circulating in China, and malware-ridden "XcodeGhost" apps made their way into Apple's App Store and past the App Store review team. There were more than 50 known infected iOS apps at the time, including major apps like WeChat, NetEase, and Didi Taxi, with up to 500 million iOS users potentially impacted. It's been a long time since the ...
app store blue banner

Apple Updates App Store Guidelines as Part of Agreement With U.S. Developers

Friday October 22, 2021 1:00 pm PDT by
Apple today announced it has updated its App Store Review Guidelines with three key changes related to outside-of-app communications, collecting contact information within an app, and in-app events featured in the App Store. In late August, Apple announced it had reached a $100 million settlement that, pending court approval, would resolve a class action lawsuit from U.S. developers who...
app store blue banner

'Report a Problem' App Store Option Returns to Combat Scams

Monday October 4, 2021 5:04 am PDT by
After being removed several years ago, Apple has restored the "Report a Problem" option on the App Store in an effort to flag issues and combat scams. Spotted by Richard Mazkewich and Kosta Eleftheriou and highlighted by The Verge, the option allows users to report individual App Store listings in iOS 15. When selected, the option directs users to a website with a drop-down menu to report...
apple podcasts rating

Apple Now Lets Customers Rate and Review Pre-Installed Apps on the App Store

Thursday September 30, 2021 1:50 am PDT by
Apple now lets users rate and review pre-installed iPhone apps on the App Store, such as Maps, Podcasts, Mail, and others, bringing the company's apps to parity with how users criticize and/or laud third-party apps on the platform. Spotted first by 9to5Mac, Apple now lets users leave a zero to five-star rating for a number of its pre-installed apps, further enabling users to write their...
app store blue banner

Apple Says Apps Supporting Account Creation Must Offer Account Deletion Starting Early Next Year

Wednesday October 6, 2021 8:15 am PDT by
Apple today reminded developers that App Store apps that allow for account creation must also allow users to initiate deletion of their account from within the app starting early next year. The requirement applies to all app submissions starting January 31, 2022. The requirement follows updates to the App Store Review Guidelines in June. Apple encouraged developers to review any laws that...
apple pay express transit london

Security Experts Warn of Apple Pay Express Transit Hack That Enables Large Unauthorized Visa Payments From Locked iPhones

Thursday September 30, 2021 12:14 am PDT by
Researchers in the U.K. have demonstrated how large unauthorized contactless payments can be made on locked iPhones by exploiting Apple Pay's Express Transit feature when set up with Visa. Express Transit is an Apple Pay feature that allows for tap-and-go payment at ticket barriers, eliminating the need to authenticate with Face ID, Touch ID, or a passcode. The device does not need to be...
aapl logo banner

Apple's Past Sideloading Plans, Ecosystem Lock-in Strategy, and More Revealed in Internal Documents

Friday August 20, 2021 7:35 am PDT by
Documents highlighted by The Verge and disclosed as part of the Apple vs. Epic Games trial have revealed that Apple discussed plans for sideloading apps, sought to lock users into its ecosystem using gift cards, attempted to tackle chaos in the App Store review process, and more. Several of the internal documents related to internal discussions around the possibility of sideloading iPhone...
app store blue banner

Apple Letting 'Reader' Apps Offer Links for Account Sign Ups Outside of the App Store to Close Japan Investigation

Wednesday September 1, 2021 5:09 pm PDT by
Apple today announced that the Japan Fair Trade Commission (JFTC) has agreed to close its App Store investigation in exchange for changes to how "reader" apps like Netflix operate. Reader apps allow users to browse previously purchased content or content subscriptions for digital magazines, newspapers, books, audio, music, and video. Going forward, developers that create "reader" apps will...
app store vs developers

Apple's Planned App Store Changes Will Barely Affect the Company's Bottom Line, Says Analyst

Wednesday September 8, 2021 8:00 am PDT by
As a result of legal and regulatory pressures, Apple recently announced some upcoming changes to its App Store policies, such as letting developers email customers about payment options available outside of their iOS app and allowing "reader" apps like Spotify and Netflix to include an in-app link to their website for account signup. Apple said the changes "will help make the App Store an...