Apple is continuing its campaign to explain why porting on Apple devices is a bad idea.
Apple Vice President of Software Craig Federighi appeared at Web Summit 2021 enthusiastically defends its company’s approach to iPhone platform security. He is speaking against a provision in European Union Digital Markets Act that would force the company to support app transfer on the iPhone.
There are four main reasons people want Apple to do this:
- Because the commercial reasons, such as selling products created using Apple’s APIs to people on Apple’s platform without paying for the opportunity to do so.
- Because the consumer choice, so you can install and use apps that aren’t available on the App Store.
- Because the crooked reason, such as avoiding the App Store app review process to continue tracking users without consent or other forms of monitoring.
- Because the criminal purpose, such as creating fake app stores to spread malware, ransomware, etc.
It’s perfectly acceptable to try to find a trade advantage, and we’ve seen how the “open the door” mantra is often used to undermine people’s interest. consumption. Google used it against Apple with Android, although years later, Android has become much more self-contained.
Show your face
However, I think much of the energy behind the current campaign comes from a closely-knit group of interests aiming to undermine Apple’s privacy and security for their own benefit. The group also has allies, equally committed to forging their fortunes in the so-called “metaverse”, which many see as a virtual world that we can still enjoy once climate change arrives. making the real world too toxic.
As I see it, when a company that can afford to hire a former UK deputy prime minister is rejected by voters as the lobbyist complains about something, it probably reflects the self-interest of the public. self. In this case, they want to undermine Apple’s privacy protections to protect its business and want to create a bulwark against the coming augmented and virtual reality wars.
Defending Meta’s business model is at the root of the company’s motivation. That’s why it accuses Apple of the same thing. And a recent move to create its own internal marketplace, contrary to Apple’s own App Store guidelines, shows how far it will go.
An even bigger business model
But there are others with a commercial interest in undermining the security of Apple’s platform: criminals who want to infiltrate your digital life.
The point is they’re good at what they do. They are very intelligent, sophisticated and have the ability to manipulate circumstances to cause innocent users to make mistakes. Who hasn’t clicked a bad link in an email at least once?
They also do not work individually. Online crime is a well-funded industry, it’s not just weirdos in basements. It’s the computer banks in the seemingly legit office space run by state-sponsored and non-state-sponsored groups. Cybercriminals are expected to cost the world 10.5 trillion dollars per year by 2025, according to Cybersecurity Ventures. A successful ransomware attack costs an estimated $9 million to a US company if it succeeds, according to IBM.
With money at stake like that, it’s all too trivial for criminals to create bogus apps and app stores to try to inject malware into devices. A little bit of social engineering and some targeted scams and they can create outlets targeting locations, individuals, businesses or government agencies.
“Even if you don’t intend to circumvent the law, people are often coerced or tricked into doing so,” Federighi points out. The impact of such attacks is huge in terms of revenue, business continuity, and reputation.
Humans are vulnerable
In all of these cases, the challenge is human vulnerability. During my years of writing security advice to users, I ran into this. Many people assume that they don’t need to worry about security when using a Mac (they do); others will make a case that they can download what they like and no one else will be affected. That’s not true either – you can be used as a conduit to infect others.
Think of the nasty messages we all get from friends in the event their online address book gets hacked. I think we’ve all seen a few. Or consider those huge troves of data that are regularly stolen from companies, including Shock data leak involving half a million people in the UK this week.
All that information can be weaponized.
Now imagine if that weapon relied on mining these data statistics to detect specific groups of people and then create compelling sounding software products that could be distributed to those people through your own malware-infected app store.
One person downloading malware can end up leaking all the information they hold about you. At the corporate level, this is much worse. As one attack on target shows that a vulnerability in a relatively low-level system can be used as a conduit into your enterprise technology master.
Federighi puts it this way: “The reality is that one compromised device, including a mobile phone, can pose a threat to the entire network. Malware from transmission applications can endanger government systems, infect corporate networks, public utilities, and more. ”
But what about…?
There are two arguments frequently made to weaken Apple’s position: That fewer people download Android, which allows it. And that Mac do allows users to install applications from other sources.
I have not found proof of the first claim. I have found several reports indicating that application transmission is more common in the APAC region than in the United States. I’ve also seen a report (from Google) showing that carrier apps do pose a risk. But I found no evidence that few people download on Android. So it’s probably not appropriate to argue that this is the case.
And when it comes to the latter statement, even Apple admits the Mac’s security isn’t as solid as it should be, even though it’s the most secure PC platform.
Ultimately, a move to force the switch to Apple devices won’t provide any significant benefits for most users, but could have costs and consequences for most businesses and individuals. far from dubious benefits.
Consumers already have a choice they can make if navigation is important to them. Arguing that this is about choice, ironically denies choice by eliminating the option of a security system.
Follow me on Twitter, or join me in AppleHolic’s Bar & Grill and Discuss Apple group on MeWe.
Copyright © 2021 IDG Communications, Inc.
