Crabby Apple Defends iOS Sideloading Block, Claiming Android Has 47X More Malware
Hey, guess what? Apple has finally decided to allow sideloading on iOS
devices! Just kidding—anyone fooled has not been paying attention to the almighty institution that is Apple, the guardian of consumers and overseer of mobile security. Or something like that. It is, however, being pressured to follow in Google's footsteps and allow sideloading, which prompted the company to issue a report on the many reasons why it feels that is a recipe for disaster.
The biggest one? Citing a pair of Nokia threat intelligence reports from 2020 and 2019, Apple says Android devices over the past four years fell prey to 15-47 times more malware than iPhone handsets. The insinuation is that following in the footsteps of Android, which allows sideloading apps, would make iPhone users far more susceptible to mobile malware. As in, up to 47 times more susceptible.
"Supporting sideloading through direct downloads and third-party app stores
would cripple the privacy and security protections that have made iPhone so
secure, and expose users to serious security risks," Apple states.
Unlike Apple, Google allows sideloading on its Android platform, if users agree to accept the risks
For anyone unfamiliar, sideloading refers to installing software outside of officially sanctioned and approved app stores. For iPhone users, Apple's own App Store is the only approved source. Sideloading from third-party marketplaces is technically possible, though only on jailbroken iPhone
devices, those which have been unofficially altered to bypass Apple's restrictions.
Apple hangs its security hat on its own curation and safeguards, and essentially says outside sources are not up to the task of keeping iPhone users safe.
"The large amount of malware and resulting
security and privacy threats on third-party app stores shows that they do
not have sufficient vetting procedures to check for apps containing known
malware, apps violating user privacy, copycat apps, apps with illegal or
objectionable content, and unsafe apps targeted at children," Apple states in its 28-page threat analysis report (PDF)
Apple's report appears to be in response to a combination of a proposed bipartisan Open App Markets Act, which among other things would force Apple to allow app sideloading, and the ongoing brouhaha with Epic Games
over in-app payments and Apple's royalty rate.
Is iOS Really Less Safer From Malware Than Android?
To be fair, Apple is not completely off its rocker in claiming there is more malware on Android than iOS. Looking past the cherry-picked reports it's citing from, there is data to be found from other sources that back it up, though perhaps not necessarily to the extent Apple highlights.
Security outfit Sophos, for example, says Android is the bigger target
compared to iOS, "both in terms of numbers of users and Android's more open and adaptable platform," which it says "make it more vulnerable to cyberattacks."
"Apple’s walled garden App Store—where applications are fully vetted before being made available to customers—has prevented widespread malware infection of iOS users...Evidence of malicious malware showing up in the App Store is anecdotal at best, as Apple does not typically volunteer such information. However, it’s safe to assume that since Apple does not make APIs available to developers, the iOS operating system has fewer vulnerabilities," Sophos says.
The security outfit also notes that iOS is not 100 percent invulnerable, and that it has "long expected Apple's iOS [platform] to become a bigger target for hackers."
Even that qualifier, however, plays into Apple's staunch resistance to sideloading. If security firms are seeing more malware on Android and believe that iOS is going to become a bigger target going forward, it's all the more reason not to allow sideloading (from Apple's vantage point, not ours).
Apple's report feels more like a PR stunt of sorts, in how it's compiled, versus something like a technical paper. We certainly appreciate the plain language, even if it is likely there to curry favor among the general populace. That said, it's not going to sway critics of Apple, and/or opponents to its stance against sideloading.
For those who want sideloading support on iOS, it is about choice and the freedom to use premium-priced iPhone devices however they see fit, not scare tactics or a father/mother-knows-best mantra. And unfortunately for anyone who falls into that camp, this also amounts to Apple digging its heels deeper into the ground.
What are your thoughts on Apple's refusal to allow sideloading? Sound off in the comments section.