In response to the European Commission's proposed Digital Markets Act, which could force sideloading of apps on the iPhone in Europe, Apple has shared an in-depth document highlighting the security and privacy risks of sideloading. Sideloading refers to installing apps outside of the App Store, such as from a website or a third-party app store.
Apple's document, titled Building a Trusted Ecosystem for Millions of Apps, states that "mobile malware and the resulting security and privacy threats are increasingly common and predominantly present on platforms that allow sideloading." For example, Apple cited Nokia's 2019 and 2020 Threat Intelligence Reports that found Android devices to have an "estimated 15 to 47 times more infections from malicious software" than iPhones.
Android smartphones are the most common mobile malware targets and have recently had between 15 and 47 times more infections from malicious software than iPhone. A study found that 98 percent of mobile malware targets Android devices. This is closely linked to sideloading: In 2018, for example, Android devices that installed apps outside Google Play, the official Android app store, were eight times more likely to be affected by potentially harmful applications than those that did not.
On the other hand, Apple claimed that malware on iOS is rare and said that many of the attacks on the platform are "narrowly targeted attacks, often carried out by nation-states." Apple added that "experts generally agree that iOS is safer compared to Android, in part because Apple does not support sideloading."
Apple said if it were forced to allow sideloading, users would be subjected to more malicious apps and have less control over apps after they download them onto their devices. Apple added that some proposed sideloading legislation would also mandate removing protections against third-party access to proprietary hardware elements and non-public operating system functions, resulting in security and privacy risks for users.
Apple added that even users who don't wish to sideload and prefer to download apps only from the App Store would be harmed if sideloading were required, as some users may have no choice other than sideloading an app they need for work, school, or other essential reasons. In addition, Apple said criminals may trick users into sideloading apps by mimicking the appearance of the App Store or by advertising free or exclusive features.
Apple touched on many of these arguments in a similar document shared back in June. Apple CEO Tim Cook previously claimed that sideloading apps "would destroy the security of the iPhone" and "a lot of the privacy initiatives that we've built into the App Store."
Apple's document goes on to provide examples of common malware affecting mobile platforms like Android and makes more arguments against sideloading.
Apple has faced increasing scrutiny over its App Store, which remains the only place to install apps on the iPhone and iPad, excluding devices that have been jailbroken. Fortnite creator Epic Games sued Apple last year for anticompetitive conduct, but it was unsuccessful in getting the court to force Apple to allow third-party app stores on iOS.
Top Rated Comments
Does having the ability to install _any_ app from _any_ unchecked source reduce security?
In what parallel universe is the answer "no"?