Apple considers sideloading “cybercriminals’ best friend”


Apple continues its crusade against sideloading and it’s Craig Federighi’s turn to step up. Guest of the Web Summit 2021, the vice-president of software engineering of Cupertino defended the closed garden of iOS, today threatened by the European Commission.

What if the App Store was soon no longer the only way to get apps on iPhone or iPad? The idea makes cringe on the side of the Cupertino company which has always praised – and protected – the closed model of its operating system. However, this threat exists through the European Digital Markets Act (DMA) which could force Apple to change its rules. Proposed in December 2020, the digital market legislation wants to fight against the abuses of the digital giants (GAFAM) by imposing new obligations on them.

The bill deals in particular with the issue of competition. It predicts that giants like Apple and Google will no longer be able to prevent the uninstallation of applications or integrated services by default. He also wants to give more space to alternative players, an ambition that worries Tim Cook and his teams. Indeed, the DMA would force the Apple brand to allow sideloading on the iPhone and the iPad, that is to say the possibility of recovering applications from a store other than the App Store. Guest of the Web Summit 2021, Craig Federighi strongly criticized this practice which threatens the closed garden of the App Store. While Cupertino’s vice president of software engineering recognizes that“No system is perfect”, he claims that the sideloading “Is cybercriminals’ best friend”, reports The Verge.

“The floodgates would be open for malware”

During his speech, he multiplied the arguments to defend Apple’s model and warn of the risks of sideloading. Craig Federighi says requiring sideloading “On the iPhone would be a gold rush for the malware industry”. The one who oversees the iOS and macOS software divisions took the opportunity to point out that his company’s operating system is much less prone to malware than Android. Its competitor, which allows sideloading, would be the target of “5 million attacks […] per month “ according to a study unveiled by the leader. This is not the first time that the Cupertino group has compared itself to its rival without really criticizing Google’s method, moreover, but rather to warn of the risks that an open application universe can present.

This subject has worried Apple for many months and these remarks echo those made by Tim Cook during the VivaTech show. According to the CEO of the Californian firm, the European Union could “Destroy iPhone security” with the Digital Markets Act. Strong words from the American leader who highlighted Apple’s initiatives to strengthen the security and protection of the privacy of its users. Craig Federighi advances the same arguments and assures: “The fact that anyone can be a victim of malware is not something we should put up with”.

“Sideloading compromises security and puts people’s data at risk”

He adds that “Some social networking applications will probably try to avoid the privacy protections of the App Store” and that they will only be available outside the official store. An element that comes as a study reveals that Apple has lost nearly $ 10 billion to social networks with its new privacy policy. This situation would force users to choose between “To lose contact with [leurs] friends online, or take the risk of sideloading ”, says Craig Federighi.

Apple’s vice president of software engineering, Craig Federighi was invited to the 2021 Web Summit. © Screenshot / Web Summit 2021

Particularly worried at the idea of ​​seeing this practice appear on iOS, the software boss at Apple however forgets to explain that the company has been able to put in place protective measures on macOS like Gatekeeper. From the operating system of Macs, it is indeed possible to freely install applications that have not come from the App Store for many years. However, it will be recalled that Craig Federighi admitted having “A much bigger malware problem on the Mac” during the trial with Epic Games.

Words and two reports to defend the App Store model

Apple is not content with just a statement on this subject and has published two reports. The first, released in June and intended for the general public, is available in French (PDF) under the name “Create a reliable ecosystem for millions of apps”. The second was released in October (PDF) and is titled “Building a Trusted Ecosystem for Millions of Apps, A threat analysis of sideloading”, that is “Building a Trusted Ecosystem for Millions of Applications – A Sideloading Threat Analysis”. These documents present Apple’s position with a first part that looks at “Importance” protection mechanisms provided by the App Store. The second warns above all against the risks associated with the practice of sideloading.

Leave A Reply

Your email address will not be published.