For many (most?) users, Apple's restrictions, especially sideloading, protect users from bad actor app owners (looking at you, Facebook). To me, allowing sideloading is like allowing chemical weapons to be used in war. Yes, it's a new tool and capability at your disposal, but it's also available to every powerful and unscrupulous participant.
Millions of people downloading .exe files everywhere are why we have an infosec industry. I trust indie developers on the App Store because of the restrictions and the review process. I’ll never side load a small developer’s app. And I worry that major players (I.e. Facebook) will require side loading so they can be free of the App Store rules about privacy.
If you got a job at Best Buy's Geek Squad for a week, you'd quickly realize just how irresponsible most people are with what they install on their devices.
So people with Android where sideloading has been a normal thing for many years have been dangerous? Could they harm other people by creating their own app and installing it on their Android without paying anyone a yearly subscription?
It used to be normal in the past that people would OWN a computer and they would run ANY software on it. Why should we allow a greedy company like Apple to change that? Both android and ios implement sandboxes and apps can't gain complete access over the device in most cases so I don't see any security benefit.
More like a chemistry lab to everyone. Most won't even touch the thing because it requires too much knowledge and is intimidating. Some will doubtlessly use it to "make meth" and get burnt or blown up. But some will also use it to produce better understanding or accomplish a task on their own using their own expertise.
As soon as side loading or their own app stores are allowed, all sorts of companies may require that. Maybe most big companies will stick with Apple's.
As an iOS developer, hardening the 10k-ish apis that exist in iOS will be mostly impossible to do in a short term given the attack vectors would now be outside of Apple's control, probably resulting in incompatibilities and bugs. Android is a horrible platform already given the myriad of different OS versions that exist (and often are not updated by the users) that you have to support.
I also wonder what the law requires as to switchover to the new rules, new OS releases or going back X versions or something? Is there are time frame?
Imagine also being an app developer and having to build/test releases for multiple app stores that include different payment gateways. Without a solid and secure API environment in the OS, how do you manage that with screwing up? iOS has always been easy to do since you only have to support one major OS back. A couple jobs (like 7 years) back our Android app was a nightmare to manage, as we had multiple OS release/phone suppliers that rarely got bug fixes in at all and never at the same time, making fixing/testing some things a nightmare. Might be better today, but I remember how much of a pain it was.
