Yahoo News Apple's Federighi rails against app sideloading in single-note keynote
Apple's head of software engineering Craig Federighi took his time onstage at the Web Summit 2021 conference to air a laundry list of grievances against proposed requirements for sideloading apps onto iPhones, describing the practice as "gold rush for the malware industry."
It's a matter for discussion not simply because there is lively debate on the topic (though there is), but because the EU's Digital Markets Act, if implemented as currently laid out, could mandate a method of putting apps on iPhones that circumvents Apple's longstanding App Store and review process.
CEO Tim Cook already made the company's position (hard against this, obviously) known in June, when he said the rule could "destroy the security of the iPhone." So it's not a big surprise that Federighi would back up the boss, but dedicating pretty much a full onstage speech to a series of arguably misleading and totally unchallenged assertions offers the viewer light notes of desperation.
Apple's approach of manually reviewing each app and update has its own problems, but for the purposes of preventing malware it's a pretty good solution — that much is fair to say. But it's one thing to say your method is better, another entirely to say that other methods should never, ever be allowed.
"There's a clear consensus here, and it's that sideloading undermines security and puts people's data at risk," he said. That may very well be true, but it's not the only consensus. There's also something of a consensus among developers and users — to say nothing of antitrust authorities — that Apple has exerted a stranglehold on the iOS app market that long ago became more of a hindrance than an asset to the global market.
"Our mission is to provide people with a choice of what we view as the best," Federighi said, shortly before embarking on a tirade against certain choices. In his view, offering users the choice to sideload apps "would take away consumers' choice of a more secure platform."
More choice is less choice, got it! He then hurried on to a rather labored metaphor he hoped would resonate with the homeowners in the crowd. Let's just quote the whole thing here:
You made a choice. You wanted to protect your family so you bought a really safe home with a really great security system. And you're really glad you did. Because since you first moved in the burglars have never been more creative or more plentiful. And in the real world of cybersecurity, this couldn't be more true. Attackers are virtually dressing up as mailmen building tunnels underground and trying to scale your backyard walls with grappling hooks. In this world, some of your neighbors are suffering repeated break ins, but the home you have has kept you safe.
But then, that new law gets passed. And in the noble pursuit of a more optimized package delivery, your town requires everyone to build an always-unlocked side door on the ground floor of their homes. Now some of your neighbors, they love this idea. But you're not so sure, because you know that once a side door is built, anyone can walk through it. The safe house that you chose now has a fatal flaw in its security system, and burglars are really good at exploiting it. In a nutshell, sideloading is that unlocked side door and requiring it on iPhone would give cybercriminals an easy point of entry into your device. Now, we don't think anyone wants that, least of all the policy makers intending to give users more choice and more protections.
Instead of creating choice it would open up a Pandora's box of unreviewed, malware-ridden software and deny everyone the option of iPhone's secure approach.
This imagery, however vivid, falls somewhat short of the reality. The choice to have and use that door will very much be up to the users, and Apple has a responsibility and opportunity to explain the risks of that choice very clearly. Google hasn't succeeded in some ways there, Federighi pointed out, but that sounds like something Apple could just improve on. Most users will have no need or desire to sideload apps, and even if they do, the idea is not to create a wild west — which, by the way, most computers have been for a long time — but to create space in the market for competition.
If we go back to our "favorite house" as he called it, it's worth noting that Federighi failed to mention that that big secure front door has a special apple-shaped hole through which only Apple-branded packages can be delivered. This isn't about just putting another hole in the house, it's about having literally any alternative to a system — an effective system, but a relic from another age — that has been the only option for a decade and made the already rich company running it one of the richest in history.
There was quite a bit of fearmongering and FUD to go along with the half-truths Federighi was peddling onstage. Perhaps not the inspiring speech the audience was expecting from someone so influential in tech.
They may only be delaying the inevitable, but clearly Apple will fight tooth and nail for the consumer's right to choose what Apple has already chosen for them.
