Apple: Sideloading on iOS would open the malware floodgates

Consumers lose protection with sideloading, warns Apple's software chief.
Written by Liam Tung, Contributing Writer

Apple software head Craig Federighi, unsurprisingly, has come out against Europe's proposal to tear down Apple's iOS walled garden and allow sideloading of apps, which is possible on Android but discouraged by Google. 

Why? Malware, according to Federighi, who used his speech at the Web Summit conference in Lisbon, Portugal, about online privacy to contrast Android's malware problem with that of Apple's iOS. 

He highlighted that third-party data on malware attacks on different platforms including iOS, Android and Windows showed that attacks on iOS "barely registered". 

SEE: Apple finally admits it made a mistake and backtracks on three foolish MacBook Pro design decisions

By contrast, there were five million attacks on Android per month. "But there's never been this widespread consumer malware attack on iOS. Never," the Apple exec said. 

"Why is this? The single biggest difference is that other platforms allow sideloading. Sideloading would mean downloading software directly from the open internet or from third-party stores, bypassing the protections from the App Store.

"With sideloading those extra protections are undone. There's no human app review and no single point of distribution for sideloaded apps. The floodgates are open for malware."

Apple is facing a mounting challenge in Europe, the US, Asia and Australia over its control over app distribution – it is, by design, a gatekeeper in terms of the apps installed on iPhone, iPad and Apple Watch. 

Federighi's claims aren't a new angle from Apple; last month it published a paper arguing that if Europe forced Apple to allow sideloading it would turn iPhones "into 'pocket PCs,' returning to the days of virus-riddled PCs."

Apple was railing against Europe's proposed Digital Services Act (DSA) and the Digital Markets Act (DMA), which would mandate tighter controls on online content and impose new rules for "gatekeepers" – like Apple, Google and Amazon – to help foster competition and improve interoperability between mobile platforms. 

Apple claimed that even if the EU's proposal was limited to allowing apps to be installed from third-party app stores, as Android allows but Google actively discourages, this would increase malware due to insufficient reviews. 

SEE: MacBook Pro launch: Things you may have missed

To make his point, Federighi quoted from Europol's advice to "only install apps from official app stores". 

"Companies should only permit the install of apps from official sources on those mobile devices that connect to the enterprise network."

But Apple's paper and Federighi's comments come after the European Commission (EC) in April informed Apple of its preliminary view that Apple had distorted competition in the music streaming market as it abused its dominant position for the distribution of music-streaming apps through its app store.

"The investigations concern, in particular, the mandatory use of Apple's own proprietary in-app purchase system and restrictions on the ability of developers to inform iPhone and iPad users of alternative cheaper purchasing possibilities outside of apps," the EC said.   

Editorial standards