It was only a few weeks ago that Apple published a paper highlighting the threats of sideloading apps on iPhone. Apple compared the iPhone to Android, where sideloading is possible, and explained that sideloading increases the risk of downloading malware significantly. Apple’s paper is part of a more significant push from Apple to demonstrate to regulators looking at the App Store walled garden that iPhone sideloading should never happen.
Apple senior vice president Craig Federighi appeared at Web Summit 2021 in Portugal on Thursday, where he addressed the matter. He advocated in favor of the iPhone’s robust security and privacy. “Sideloading is a cybercriminal’s best friend,” the exec said, in response to proposed European regulation that would force companies to allow sideloading on their devices. Requiring it on iPhone would be a “gold rush for the malware industry,” the exec said.
The new EU regulations
The EU has proposed new legislation under the Digital Markets Act (DMA) that would force device makers to allow sideloading on iPhones. The App Store already faces plenty of scrutiny from regulators. It’s not just sideloading or the support of third-party app stores that some developers ask for. Apple’s App Store fees are often part of the same conversation.
Apple’s software guru only addressed the sideloading matter at the Web Summit event this week. And Federighi’s passionate defense of the iPhone’s security and privacy isn’t surprising.
Apple’s firm App Store management helped the company develop strong safety standards for the iPhone. That doesn’t include just protection against malware but also new privacy standards that developers have to respect. Sideloading would hinder Apple’s efforts.
How iPhone sideloading hurts consumers
Federighi quoted security studies and claims from security experts during his presentation. Unsurprisingly, Android came up. The exec said that Android faces five million attacks per month, according to one study. Sideloading plays a role in that, as Android supports the installation of apps that come from other sources than the Play Store. Apple, meanwhile, employs human review when it comes to allowing apps into the App Store.
Also, Federighi likened the iPhone to a house with strong security. He explained that if regulations weaken that security, attackers could exploit it and get into your home. The exec added the DMA legislation comes in at a time when there have “never been more cybercriminals” around determined to hack customers.
The exec also noted that even tech-savvy iPhone users could be harmed by sideloading. Or that their immediate family members who aren’t as used to detecting threats online could download malware from untrusted sources.
A different benefit of preventing sideloading apps concerns privacy. Federighi gave an example that would fit Facebook best. He didn’t name the social network but said that sideloading would allow a company to release their apps outside of the App Store to skirt the privacy rules Apple implemented. And Facebook has been the most vocal critic of Apple’s strong iPhone privacy protections.
Federighi’s full presentation on iPhone sideloading is available below.