[acdha]

> This seems that Apple went to way too much thought to avoid a simple solution: Just let users sideload apps and put up a few warning messages like Android. Must have had a bunch of high-priced lawyers think this up.

You know how every few weeks there’s an article about something dodgy in an alternate Android store which the scammer never even bothered to submit on iOS? There’s a real problem here and these seem generally like solid technical moves but paired with heavy handed language which reminds me of the way so many websites put up those “look at all the cookies the mean old EU is making us tell you about!” warnings. Notarization in particular seems like a good move for avoiding the common problems around impersonation or silent alteration of binaries, and I think the browser engine requirements are justifiable solely by looking at how many popular Electron apps take months to patch critical vulnerabilities.

[sensanaty]

Could you link to like, a single one? Cause I can't say I've ever seen a single one in recent memory.

[twodayslate]

Here is an article from 3 weeks ago: https://www.tomsguide.com/news/this-android-malware-installs...

> Xamalicious is a new Android backdoor that was found to be hiding in 14 malicious apps on the Google Play Store by the cybersecurity firm McAfee.

[Vinnl]

The Play Store is not an alternate Android app store though.

[kmlx]

you just need to read the article:

> The good news is that the bad apps in question have since been removed from Google’s official Android app store. However, the cybercriminals behind this campaign are also using a separate set of 12 malicious apps on unofficial third-party app stores to spread the Xamalicious malware. These apps need to be sideloaded onto your smartphone though as they are installed via an APK file.

i mean, this isn't really news, is it?

[Vinnl]

Ah, I stand corrected - I assumed that the quote would be the relevant bit of the article, and didn't click through.

[timeon]

> reminds me of the way so many websites put up those “look at all the cookies the mean old EU is making us tell you about!” warnings.

"so many" shady websites

[cubefox]

> You know how every few weeks there’s an article about something dodgy in an alternate Android store which the scammer never even bothered to submit on iOS?

Every few weeks there is an article about that!? That doesn't happen. It's a non-issue. Likewise on MacOS or Windows. I suspect these scenarios in the comments here are just made up by Apple fans to create FUD.

[acdha]

This is a pretty simple concept: the easier it is to run code on a device, the more options attackers have to trick users into installing it. Whether or not you follow the field, we have at this point 4+ decades of experience with people getting compromised because they installed something they thought was safe, and over that time we have seen attacks get more sophisticated as operating systems added safeguards. We’ve also seen the rise of entire businesses built on software which does things users wouldn’t have agreed to had they been fully informed. There’s a spectrum from classic malware to the quasi-legal stuff: spyware for governments or businesses who don’t trust their users, abusive spouses, or parents with control issues; and companies like Facebook who provide legitimate apps but also deeply detest transparency about the data they collect or how they use it. All of those represent enough money that they can provide polished apps, install instructions, customer service, etc. and many of them try to conceal their activities enough that all of the major operating systems have added limits to what applications or even administrators can access or run in the background, mandatory notifications when something sensitive like using your camera or microphone is requested, etc.

Apple’s answer to this was the App Store’s strict limits which has been effective (a lot of stalkerware has detailed instructions for sideloading in on an Android phone but either doesn’t support or has far less functionality on iOS) but that’s not the same as saying that’s the optimal balance for users. The EU is also interesting because they have strong privacy laws, so it might be the case that it’s not so bad there but would be a disaster in the U.S. without such restrictions making it riskier to hide intrusive activity. I would like to try other models but I also think that the more successful ones will look like what Apple announced where the model isn’t just “game over, buy a new phone” if someone ever makes a mistake about who they trust.

[cubefox]

If it would be a disaster on iOS, it is already a disaster on Windows. It is not a disaster on Windows. Therefore it wouldn't be a disaster on iOS. (Modus tollens)

[acdha]

Have you ever done any Windows support? I have, and there are very, very few people you can trust not to install dodgy software if they have the ability to do so. No matter what level of warning dialog you put up, there’s some guy at a call center in India making good money walking your grandfather through the process of installing their root kit so he can help them fix their online banking.

Again, I’m not saying this isn’t a trade off with real consequences but if you want to contribute to the conversation, at least acknowledge the millions of people who’ve suffered severe embarrassment, lost money or even their lives because they trusted the wrong person’s software. This is bigger than your emotional relationship with Apple.

[cubefox]

As far as I know those Indian call centers usually use software like AnyDesk. This is not malware. In fact, it is already available in the App Store:

https://apps.apple.com/us/app/anydesk-remote-desktop/id11761...

So I don't see how this could be a big problem.

[acdha]

That’s the viewer, and it has limits on what they can do and how they can describe it to users. On the desktop side, we have a long history of things surreptitiously installing other things or misrepresenting the source or capabilities of the software.

Here’s an old example: one of the researchers in the lab I worked at mentioned that his laptop was acting odd. A quick check revealed, yeap, loaded with malware including a browser extension injecting ads into every page. He mentioned that he’d been cruising video sites the other night and had installed the free viewer plugin on one of them…

Again, I don’t think that the situation is perfect or that the trade off shouldn’t be consciously reconsidered but there is a context of millions of people doing things like that. People making mistakes is a daily occurrence and even relatively savvy users can be socially engineered.

[mynameisvlad]

To be fair, that is their viewer application. Not an actual screen sharing server. It would be very difficult for a scammer to do anything to your device or account using the app in the App Store as is.

[lwkl]

Have you forgotten all the extortion that happens because of all the encrypted files? Just because people kept opening bill.pdf.exe.

A lot of companies don‘t allow their users to download any files from cloud services an quarantine and manually review e-mails with attachments and download links. A lot of companies running Windows are also starting to use AppLocker which is a way to only allow whitelisted executables to run. So yes this is a huge problem and billions of dollars are spent on it (be it losses through attacks or money spent on countermeasures).

[albert180]

It's so pathetic right? Please, please Apple, charge me for everything through the nose. I'm not worthy of deciding for myself and using my own brain.

I also don't know anyone outside my Techbubble who has sideloaded Apps, neither someone who has gotten a virus so far. Also the Bullshit about 5 different App Stores has never materialized.