Apple Senior Vice President of Software Engineering Craig Federighi took the stand on Wednesday to defend iOS App Store and its central distribution system. Since Federighi looks over iOS, iPadOS, and macOS, he used knowledge of vulnerabilities of iOS and macOS to argue that allowing third-party app stores on iPhone will put users’ privacy and security at high risk.
He acknowledged that macOS and iOS use the same kernel but “there are tremendous differences” in the systems’ security architecture because of its usage. He said, “Phones are attractive targets because they have personal info, cameras, microphones, know your location. They can unlock your office or bank account, making them very valuable to attackers.”
Macs are more prone to malware than iPhones due to differences in their security architecture – Apple
Highlighting that there are 1 billion iPhones worldwide, he emphasized the need for a secure and safe centralized apps distribution system to ensure that miscreants can’t access users’ personal and private data. And allowing third-party app stores on the devices will drastically make the smartphone ecosystem prone to malicious attacks to commit financial fraud, blackmail, kidnapping, spying, and others. Therefore, Apple’s control of the digital market is justified and imperative.
@leah_nylen reports that he said:
If anyone and everyone could distribute apps to iOS users “it would be a pretty devastating setback for iOS security. It would become commonplace for users to be directed to download software subject to malware.
Federighi is now looking at a demonstrative of different types of attacks. Scam apps: ones that don't give users what they say they will. Vandalism and sabotage: software that exists to do damage, can be pranks or take out systems.
— Leah AntiTrustButVer1fy Nylen (@leah_nylen) May 19, 2021
He explained that before an app admission on the App Store, it goes through three protective layers: malware scans, signatures/certifications, sandboxing. And since Mac attracts less attention, these layers are not implemented on macOS.
This promoted Judge Yvonne Gonzalez Rogers to ask why Apple does not allow multiple stores on iPhone as they exist on Mac. Very tactfully, Federighi said Mac is the safest PC but “today we have a level of malware we don’t find acceptable on the Mac” and “it’s an endless game of whackamole malware” on Mac because of the openness and flexibility of its operating system.
He brought up the new iOS privacy updates to express that Apple is making the iPhone platform even more secure by limiting developers access to users’ online activity via the App Tracking Transparency feature, showing approximate location instead of precise location, notifying users of unauthorized access of their smartphone’s microphone and camera and others. All of these are not available on the Mac, therefore, macOS features can not be applied to iOS.
Every report I've read shows infections of malware on Android 30x as on iOS, he says. "The results in the real world are dramatically different," Federighi says. "iOS has so far succeeded in staying ahead of the malware problem"
— Leah AntiTrustButVer1fy Nylen (@leah_nylen) May 19, 2021
In the aftermath of Federighi’s testimony, it was widely reported that Apple threw Mac under the bus. But in my opinion, he very subjectively explained why the company can’t allow alternative app stores on iPhone like Mac. Share your thoughts with us in the comments section.
Read More:
3 comments