Apple has just engineered the worst possible situation for themselves by being the only way to get apps on the store and by simultaneously incessantly marketing the store as "Safe and Secure". The former encourages them to maximize the number of apps on the store, while the latter encourages them to shoot first and ask questions later.
If side-loading or alternative ways of getting apps onto the iPhone existed, then they could implement far stricter controls knowing that, worst case scenario, you can still get an app onto the iPhone. This is how it works on the Mac. Tor isn't on the Mac App Store, but that of course doesn't mean Tor can't be used on the Mac.
This is one of the tricky parts about AppStore discussions, it's not about being for or against the AppStore. In fact, I wish the AppStore was MUCH pickier about the apps it let in, and I also wish there was an alternative to the AppStore to catch cases that didn't meet that strict bar. Then the AppStore could actually be about curation as opposed to fear-induced isolationism. Then Apple wouldn't have to inadvertently have political side-effects when it disallowed apps like HKMap.live.
Being on the AppStore could still be advantageous beyond just "either that or you don't get to be on the iPhone at all.” Apple payment processing, iCloud integrations, Family-sharing, etc. could all be tied to being ON the AppStore, so there'd still be a huge incentive to try to ship that way. And side-loading doesn't have to be easy or even on by default.
>If side-loading or alternative ways of getting apps onto the iPhone existed, then they could implement far stricter controls knowing that, worst case scenario, you can still get an app onto the iPhone. This is how it works on the Mac. Tor isn't on the Mac App Store, but that of course doesn't mean Tor can't be used on the Mac.
And if side-loading was alowed then every big player whose app users "have to have", e.g. Google, Facebook, Abobe, Zoom, Epic, would start their own independent app store (or distribution just for their apps).
Users would have no recourse than to install the app for there (or do without Facebook or Zoom etc).
Then every scammer and scamster does the same for their apps, and lures enough people to get them, and depending on what's allowed, you also get pirated app "stores". In the end the result is not so great for the devs complaining either...
Now instead of 1 method of payment, 1 way to enforce subscriptions/cancellations and other rules, one checkpoint, you have 2 or 5 or 10.
>And if side-loading was alowed then every big player whose app users "have to have", e.g. Google, Facebook, Abobe, Zoom, Epic, would start their own independent app store (or distribution just for their apps).
>Users would have no recourse than to install the app for there (or do without Facebook or Zoom etc).
We are already aware of a platform that allows easy sideloading - Android. And most apps on Android are distribured through the Play Store. All "big" players still go through the Play Store.
When there is no such thing as the examples you described going on in Android, why do you expect iOS to be different?
>When there is no such thing as the examples you described going on in Android, why do you expect iOS to be different?
Several reasons why this hasn't happened on Android. Let's see a few examples:
(1) iOS doesn't let other players have their own broswer engines. Google is one of those other players, and if the iOS App Store wasn't the only game in town, they'd have an alternative pronto. Android is theirs, so they don't need to do that.
(2) iOS has strict privacy/ad rules (getting stricter too). Facebook doesn't like them. Android let's them have it - so no need to make a move there.
(3) iOS also has the share cut that Epic doesn't like regarding the in-store subscriptions thing. In Android, where this is also an issue, Epic already has users sideload Forthnite from their own store.
(4) Serious Adobe apps are not available for Android (just Photoshop Express/Mix and such lite versions for consumers), but are for iOS. So not exactly the same incentive for Above to make a move there. But if it was an option to have their own store on iOS, given their pro app subscription program, I think they'd take it pronto.
1) One wonders if it would be possible for Apple to disable certain types of apps regardless of how they're obtained, including alternative browser engines. I think already the OS can prevent apps from overstepping its permissions system already? Though jailbreaking can still override that.
2) That would explain greater developer demand for a third party store on iOS, but not why users would seek out these more ad-intensive app stores.
3) Yeah, this would be a pretty major reason to drive third party app stores on iOS, though it's not as if there's a ton of sideloading on Android to get around the Play Store's own 30% cut, besides the high-profile Fortnite example.
4) Yes, and it would be annoying fragmentation if other major developers/publishers did the same on iOS, requiring the installation of a ton of third party app store apps and keeping track of different app store accounts.
But how many would really go through the hassle of building their own app store just to sell their products? (Maybe it'd be easier to find a way to sell and distribute their apps through their mobile browser sites.) One would suspect the number of alternate app stores to stabilize over time.
I don't think you're giving enough weight to the network effect. People don't want to switch from what they already use.
Worst case scenario, some managers decide to include an app store inside their app, they ignore the reality of the chance of success and put a whole bunch of marketing in it to their higher ups. Then they get promoted or switch jobs then blame whoever gets stuck with it 3-6 months later when it fails.
After that we'll probably end up seeing real use cases side loaded app stores (like hobby game development, or open source tools that don't want to or can't pay the Apple tax).
It is pretty crazy that simple providing an install link means, as you're the top choice in a duopoly, that you demand 30% of gross. Surely the costs to Apple is <<1% ?
> All "big" players still go through the Play Store.
There are many big players that don't go through the Play Store, and for a variety of reasons. Fortnite and ISP-promoted apps and device-manucacturer apps (for business and leverage reasons), DMM (because a primary line of their business is in adult content), and basically everything in mainland China (because Google doesn't operate there).
But ISPs still deliver apps through their app stores, and whole segments of big players also successfully distribute outside of it, out of necessity: adult content and the Chinese ecosystem. Note that the DMM example I cited is unheard of outside of Japan, but very well-known in Japan itself.
What or how are adult sites distributing successfully? I think the biggest paid sites have apps. But I’ve never personally heard of any one using any porn tube site app or anything. Browsers are used.
In Japan, DMM is a very diversified company (it runs a very well known hackerspace, for example), and a very profitable business comes from mobile-oriented games. Many of the erotic mobile-oriented games have a web browser version or PC version, and the more recent ones have native apps as well. In addition some have a censored version as well sharing the same account.
The app store is just called DMM Games store [0], since it distributes both its age-unrestricted games as well as games under its adult imprint (Fanza) via it.
With videos, since stores of videos are allowed on the play store, you instead have the situation that the DMM videos app is available on Android and iPhone, and the Fanza imprint is separately downloadable on Android [1, nsfw, needs vpn]
I'm quite confused that this comment of mine is presently sitting at -1 score at the time of writing. I think I provided good evidence that a fundamental assumption of parent comment was incorrect.
> And if side-loading was alowed then every big player whose app users "have to have", e.g. Google, Facebook, Abobe, Zoom, Epic, would start their own independent app store (or distribution just for their apps).
That didn't happen on Android. But at least on android you can download the apk from github, or use f-droid
Android allows side loading and none of that stuff is an issue on Android. It exists, but it's not an issue. You can easily stay in the Play store, but if you choose not to... caveat emptor.
With my current android phone, I have deliberately limited what I put on it. I got so sick of update churn.
Together with app owners selling out to malware types, and I see a lack of updates as a blessing.
I want to buy an app version and use that app version until I decide otherwise.
Ideally, when I run an app, inform me there is an update, let me know the benefits, and let me decide if I want to install or not, before or after using the app on this occasion.
1. It is highly dependent on the mechanics of how Apple implements side-loading (again, if it has a scary warning or requires you to turn something on deep in Settings, it's unclear if this would actually be the case). Especially considering that for many apps Apple now has their own versions, so it might not be a great idea for Google to put more hoops to jump through to get to Maps when Apple ships a (now) fairly competent Maps app built in.
2. It also disregards the other benefits the AppStore could provide aside from being the only game in town, as it does now. Again, there are many features that make a lot of sense to be tied to AppStore accounts, the most obvious of which is anything having to do with ease of payments. You might be leaving a lot of money on the table by completely abandoning the "one tap" payments that AppStore payments gets you (especially with in-app purchases, etc.). Separately, users will expect Family Sharing to "just work", etc. Again -- this aligns incentives really well on both sides: a lot of these features are implemented fairly poorly today by Apple because there's no rush, its not like there's another option. With a good incentive to make Family Sharing shine with respect to the competition, it could start being far less confusing and be far more flexible too. It might not take 5 year stretches to get bottom-of-the-barrel basic features like paid app updates or app trials, etc.
3. This actually flips a lot of current economics of the app store on its head: it is an open secret that Apple grants sweetheart deals to big companies on the AppStore who don't pay 30%. This is the worst of both worlds: the big players are given an unfair advantage on the AppStore. However, if they were attracted by their greed to try to "do it on their own" outside the AppStore, then small startups have a real shot at going head to head by being the "AppStore-compliant" version of the app, since 30% is an easier pill to swallow when its not billions of dollars in revenue.
4. The idea that because one or two apps convince users to side-load means that it would open the flood gates to every single scam app doing it is a fairly BIG slippery slope to... slide down? Again, if the process is fairly onerous for each side-load, then you might find that ONLY big names can actually convince people to do it, or important apps like HKMap.live or other apps that nations try to use the bottleneck of the AppStore to prevent. As mentioned elsewhere in these comments -- side-loading wouldn't necessarily mean you don't have to jump through some other Apple hoops.
And most importantly, I would argue that the current situation is worse. Apple tells everyone the AppStore is safe, and thus every app that appears on the AppStore is "Apple approved" (LITERALLY!). This precisely lulls people into installing scammy apps. Apple can't pop up a disclaimer every time you download something from the AppStore saying "HEY NOW CAREFUL, THIS APP MAY BE A SCAM," because it would go against the entire marketing of the AppStore. But they CAN put such a disclaimer in front of every side-load, because they owe those apps nothing and it hurts Apple's reputation none at all in that case.
If they allowed side-loading, they might not capture 30% of revenue from apps sold through the app store. If they disallowed scams, they might not capture 30% of the scammers' revenue.
I actually believe that if they allowed side-loading it would be one of the best ways to guarantee that they continue capturing 30% of revenue in perpetuity. This is because they could actually for the first time make developers feel like they're getting something for that 30%, as opposed to it being an "existence tax". Apple could actually with a straight face say "hey, you don't HAVE to be on the store, try doing it on your own". This is much different than the current Hobson's Choice of "you don't have to be on the store, you could just not have an app" which feels increasingly shallow in a duopoly, which gets to another important point: they'd actually have a fantastic argument for regulators: competitors really do have choices other than Apple! It would be very hard to argue that Apple should cater to your app that they don't like when there is another way to deliver that app to all the same customers (that doesn't involve first convincing them to switch platforms).
I honestly believe that some sort of side-loading option would be best for any cynical Apple interests long-term and for developers and for users.
The current course of action just leads to developer frustration (which is fine until a disruptive player enters the market), a super shitty store that leaves customers pissed (with scams, etc.), constant churn in rules to try to appease everyone and kick the can another 2 years (like the 15% reduction), and worst of all, unwanted attention from regulators that could have chaotic effects.
Truth be told, Apple could own side-loading on its own terms. They can present their own APIs that provide some freedom outside of the App Store, without ceding all of their control. Wrap it up in copious disclaimers and language informing the end-user that Apple is not responsible for what happens with these "advanced settings." Bake security checks into this process. Make side-loading into a walled garden unto itself.
This would also disincentivize jailbreakers, as fewer power users would be interested in pursuing the 100% amount of freedom that jailbreaking allows.
You could even go all of the way and have Apple adopt a "can't beat us? Join us" mentality towards independent app repositories outside of App Store by providing their own APIs and SDKs to run your own third-party app store. Again, architect it to automatically include security checks. Tie in subtle ways for Apple still to get a cut and a measure of their control.
This is far from a concrete description of what "third party stores brought to you by Apple" would look like, but if there's any company that could square the circle and make it a reality, it'd be Apple.
>They can present their own APIs that provide some freedom outside of the App Store, without ceding all of their control.
That is what I have been saying for quite some time. If Apple separate their Game Store and held some of those API, they have effectively kept 80% of their App Store revenue intact even if they allowed side loading.
Then at the expense of 20% of their App Store revenue, they can think what is the best possible balance to the problem here.
I think it's apple playing chicken with regulators. Surely they also see this problem as inevitably coming to a head, but if they can flirt with the line, they can make bank until they're forced to move on it. They probably have responses to potential issues and a transition already planned out; they are simply milking the current situation for all its worth.
I should clarify the above means that given the (lack of) quality of the Play Store, I don't see Google hosting iOS apps would get much traction and receive many adopters.
There's no reason to think that the cut would be any less than 30% even if they allowed side-loading. People just assume it would be like the Mac, but Apple isn't required to license its technology to anyone for free.
>Apple has just engineered the worst possible situation for themselves
Until you realize they don't actually care about it being "safe and secure" beyond a certain point.
They care they apps wont leech your payment details, they care they apps can't step outside the guidelines, they care that technology and connectivity is locked within the app store and not the browser but as long as an app plays within the rules they don't care if an app tricks your 5 year old into a 400$ a week subscription, as long as your 5 year old is doing it safely.
Yeah: and for anyone who doesn't immediately see how this is possible, a curator merely needs to have an allow/deny list of apps--possibly specific reviewed binaries--not actually host them or be the bottleneck for obtaining them: you just want the (hopefully federated) store app(s) to be able to refer to the (hopefully federated) curator(s) to limit the display and prevent installs.
Also, from my other comment, Apple could let us sideload notarized apps. This means:
- Automated scan for malware
- Remote kill switch, just in case
They already do this for macOS [1]:
> “Notarization is not App Review. The Apple notary service is an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly.”
They could give users a choice, much like they're doing with the new App Tracking Transparency prompt. But when pressed on why Apple should have control, Cook said "Somebody has to."
I think it would still poison the “Apple experience” to have many AppStores all competing with their own closed ecosystems. The Apple Experience of not being able to install some apps sucks, but its always been easy for me to help someone with an iOS device. That’s not true with Android or Windows. A walled garden ecosystem isn’t for everyone, but it does have value.
Instead, I’d like to see Apple be forced to provide bootloader unlocks and some basic drivers for alternative operating systems. We own the hardware, after all. Then they could have their walled garden and people who wanted more could run something else.
It’s also a simpler and more generalizable goal, in my opinion. If you own it, you should have low level access. That sounds more reasonable than forcing a corporation to add open App Store access, maintain it, and deal with whatever market effects precipitate.
> I think it would still poison the “Apple experience” to have many AppStores all competing with their own closed ecosystems.
I actually think Apple could find a way to navigate it. They already allow one prominent alternative choice on iOS: non-iMessage SMS. If Apple allowed third-party stores, I could see them using their product, UX, and branding mastery to create the equivalent of the blue-bubble and green-bubble dichotomy for App Store vs. 3rd party downloaded apps. Creating a social stigma without technical restrictions, so to speak. So allowing an alternative while at the same time encouraging users not to partake in it.
I don't understand how a social stigma would work for sideloading apps. It works for iMessage because it's a social product. But how would anyone else even know if the apps on your phone were sideloaded or not?
Apple could easily put in UX to identify the apps as not from the App Store, similar to how green text bubbles signify non-iMessage messages. The very fact that the color differentiation exists has led to a bifurcation in texting, which has been discussed elsewhere, as in here:
Apple is good at social psychology through product design, and it's not hard to imagine them employing similar methods to single out non-App Store apps on the phone to make them seem suspect for being less official. Less technically-savvy users will shy away from third party apps and sideloading if Apple's UI makes those apps seem scary. Thus, this can be a means for Apple to allow additional freedom while deterring most users from pursuing it, minimizing their potential exposure to third party insecurity.
The bifurcation isn’t caused by the colour of the bubbles. The colour doesn’t cause the stigma. The colours are simply used as a simple headline to represent all the differences and improvements that iMessage brings compared to traditional SMS/MMS.
The costs of someone not participating in the “blue bubble ecosystem” are borne by all of the people trying to participate in the conversation. Unless the cost of my friend side loading an app is felt by me, the same stigma approach is unlikely to occur.
Ironically, Game Center could have been that exact thing for gaming on iOS, if only they hadn’t mostly killed it off already.
The colors are an important signifier of the second-class status of non-iMessage texts, though. So if there were similar UX around non-sideloaded apps, whether differently-formatted text or warning labels, they could also shape user attitudes towards those apps.
To some extent you can already see this on desktop, when MacOS warns you about programs from unidentified developers and so forth.
That’s a good point, I could see it happening, even if it wasn’t social - merely an association with “green” apps being more buggy and annoying to use.
I don’t care for iMessage particularly but I do know when it’s blue bubbles I have a lot more capabilities.
How does it matter which policy the app store have in ease of providing support? Providing support in Windows (can't talk for Android) isn't hard at all.
Apps in the Apple App Store must meet usability and standardization guidelines, and are deeply integrated into the OS. As a simple example that came up recently, all the payments on the phone go through Apple, so the payment process is the same cross ecosystem. While that is a point of discussion in the monopoly debate, it’s undeniably a simpler experience on the user side - and that translates to easy support. I don’t have to consider it it’s stripe or PayPal or freedompay or anything else when mom calls and wants help buying premium, payments just work.
With an open app ecosystem all guarantees of standardization or not using private APIs or (ideally) the app has been somewhat vetted are out the window.
How you obtain, install, update and manage apps is one of the key elements of a smartphone. If people are so against the fundamental way of how Apple does its smartphone then why are these people buying an iPhone if it makes them so unhappy? I honestly don’t get it. If you dislike the AppStore so much and oppose how Apple runs its products then don’t buy it. If enough people feel that way then it will incentivise Apple to change course. Currently it feels that the vast majority have no issue whatsoever and it’s only a small vocal minority (probably some dodgy App developers) who complain for their own benefit. Just get an Android and only develop for Android. Nobody was born as an App developer. You chose yourself to develop apps. If AppStores are so hostile and the current model s financially unattractive then why did you decide to become an App developer?
How would the security model work with side loaded apps. How would they get access to OS resources, services and share data with other apps, e.g through the clipboard? Who would verify them against malware, or ensure they didn’t violate security constraints? It’s not like Apple could disavow all responsibility for any data leaked from the system, a lot of users simply wouldn’t see it that way.
There’s a lot wrong with the current state of apps in the App Store, but right now at least I know who’s job it is to get it fixed.
> How would they get access to OS resources, services and share data with other apps, e.g through the clipboard?
Through the same system APIs that exist right now. Why would that change?
> Who would verify them against malware
The distributor of the app, most likely. If you downloaded a game though Steam for iOS or whatever, and it had malware, that's Valve's fault.
If you went to virus.com and downloaded a virus, that's your problem.
> or ensure they didn’t violate security constraints?
You mean ensure they don't violate one of the operating system's security protections? That's called finding an exploit, and it's the developer of the operating system's responsibility. Exploits for iOS exist today, and they'll continue to exist in the future.
> It’s not like Apple could disavow all responsibility for any data leaked from the system, a lot of users simply wouldn’t see it that way
Of course not. A "leak" due to an exploit/vulnerability in iOS that Apple failed to patch would be their fault.
A third party app leaking personal info online would be the third party developer's fault. People didn't get pissed at Apple when Facebook leaked all that data a ~week ago.
> There’s a lot wrong with the current state of apps in the App Store, but right now at least I know who’s job it is to get it fixed.
It's their job to get it fixed. It's been their job for over 13 years, and they've failed at it again and again. It's about time they're fired.
“Sideloading Apps Would ‘Break’ the Security and Privacy of iPhone”, said Tim Cook.
But instead of gaslighting us, Apple could let us sideload notarized apps. This means:
- Automated scan for malware
- Remote kill switch, just in case
They already do this for macOS [1]:
> “Notarization is not App Review. The Apple notary service is an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly.”
They could give users a choice, much like they're doing with the new App Tracking Transparency prompt. But when pressed on why Apple should have control, Cook said "Somebody has to."
Yeah, the whole "there is no alternative to the App Store" argument completely falls apart in the face of the existence of the Mac, and how the Mac isn't constrained by the Mac App Store.
Your Apple bashing is really quite tiresome. Macs are serious machines and have grown in leaps and bounds over the past two decades. Are you seriously saying the de facto development platform for Silicon Valley startups, as well as the home for Apple Silicon, is no longer a “serious target”? No need to shill for Windows here.
Truth be told, I find nothing wrong with the central App Store security model, merely that the status quo is insufficient. They should either ramp up enforcement on the store drastically, and/or open up the platform to third party stores, and thus competition, for other stores to attempt better ways at enforcing security and user privacy.
I do not view opening up the platform to third party stores or sideloading to be an excessive security risk, because having studied iOS's security model, it seems to be reasonably hardened (at least compared to Android) and I believe that Apple can manage the existence of other app sources well enough to prevent them from becoming significant malware vectors. The fact that those malware links are neither ransomware nor botnets proves how inherently secure iOS is, and thus protections are built into the operating system level, thus making the existence of third party stores irrelevant to its security.
> They should either ramp up enforcement on the store drastically,
This, I agree with.
> and/or open up the platform to third party stores, and thus competition
This I disagree with. As stated elsewhere, I simply don’t think security will be the basis for such competition because it relies on end users to be able to make that a priority over just running the apps they want.
I think if Apple is unable to maintain the security of the platform, competition is the answer, but in the form of other platforms, not Apple being forced to allow alternative stores.
Especially considering the value of the userbase and the fact theres millions of PC's propping up 'marketshare' that aren't even being used as personal computing devices (retail displays/signage, corporate/government pc's)
Would this be significantly different than desktop apps? It seems like we have decades of experience solving (and failing) to solve this in the desktop world.
For a counterexample, Wireguard is on the Mac App Store (MAS) and can't be downloaded directly from their site because you can't install NetworkExtension VPN apps on a mac outside of the MAS.
If side-loading or alternative ways of getting apps onto the iPhone existed, then they could implement far stricter controls knowing that, worst case scenario, you can still get an app onto the iPhone. This is how it works on the Mac. Tor isn't on the Mac App Store, but that of course doesn't mean Tor can't be used on the Mac.
This is one of the tricky parts about AppStore discussions, it's not about being for or against the AppStore. In fact, I wish the AppStore was MUCH pickier about the apps it let in, and I also wish there was an alternative to the AppStore to catch cases that didn't meet that strict bar. Then the AppStore could actually be about curation as opposed to fear-induced isolationism. Then Apple wouldn't have to inadvertently have political side-effects when it disallowed apps like HKMap.live.
Being on the AppStore could still be advantageous beyond just "either that or you don't get to be on the iPhone at all.” Apple payment processing, iCloud integrations, Family-sharing, etc. could all be tied to being ON the AppStore, so there'd still be a huge incentive to try to ship that way. And side-loading doesn't have to be easy or even on by default.