"Sideloading destroys security and puts the user at risk": Federighi dispatches himself at ease at the Web Summit 2021

Security and privacy TODAY WE TALK ABOUT

Subscribe to Applesphere

Receive an email a day with our articles:

During this week the Web Summit 2021 is being held in Lisbon, Portugal. Apple's senior vice president of software, Craig Federighi, has come to give a conference on iOS security. And it has been dispatched at ease against sideloading, the possibility of decentralizing the distribution of apps on the iPhone.

Side loading as the culprit of malware on other platforms

In less than 15 minutes, Craig Federighi has exposed Apple's reasons against sideloading. It's a similar argument to what we saw last month in Apple's attack on the risks of sideloading, which was quite forceful. The reason for this conference is the Digital Markets Act, the legislation presented in the European Union in December 2020.

In one of its sections, the European Union wants to force manufacturers to allow the download and installation of apps from sources other than the one designated by the owner of the platform. While Android already allows it (generating considerable risks according to Federighi), iOS remains centralized in the App Store. Apple wants this to remain the case for security reasons.

We have a brand new course up on our website and we are so excited about it. Healthy Vegetarian Indian Cooking. You… https://t.co/ZMS1FT1IUg

— Cirencester College Adult and Community Learning Wed Feb 19 15:55:06 +0000 2020

And for this, he once again disclosed various data and arguments from third parties related to this app distribution practice. Among them:

Federighi praises the objective of the DMA, which seeks to promote competition and give users more options. But he criticizes that in the name of "giving the user more choice, this provision would take away the choice of a more secure and private device." In other words, this is legislation that would cause precisely the dangers it claims to protect citizens from.

It does not matter that you are not going to use sideloading

Apple's senior vice president of software continues to criticize these measures with examples of what could happen. Among them is the argument that we should "let people choose sideloading or not, let them judge the risks and decide for themselves." Thus, he shows an apparently official app that allows tracking the evolution of COVID.

In reality, this Android app did not help people concerned about their health. Rather, it was "a vehicle for malware." Not a good experience for someone looking to protect himself and his family.

On another occasion he mentions how security experts have detected up to 27 malware apps that imitated the official Android Google Play Store. Instead, they opened the door to waves of adware. Federighi continues talking about the rest of the measures that protect our privacy, measures that arise as a result of the evaluation of each app and that would be absent in sideloading apps.

In short, even if a user is smart enough to spot all fraud, that doesn't mean their children, partner, parents, or grandparents are too. Allowing sideloading would lead to enormous insecurity in this type of user, forever breaking trust in a secure and private distribution of apps. The next time they go to download an app, they would ask themselves: "Is it a real app or are they going to steal my data?"

You can see Federighi's conference at the following link, starting at 7 hours 31 minutes.

Share "Sideloading destroys security and puts the user at risk": Federighi is dispatched at ease at the Web Summit 2021