Because if iOS didn't prohibit installation of apps from anywhere but it's app store then this would be much less problematic.
But Apple does, because it decided at the start of the platform that being able to take a 30% cut and defend it's own weak services applications from competition was worth more than the inevitable human rights problems a closed app platform presents.
Clearly the ability to take a cut of all app sales was a huge part of that decision, but was far from the only one. Security and easy of use are also very important. My grandma can install apps on her tablet no problem. But telling her to go to {domain}.com => downloads => download the 64bit windows executable and then find the file and run it, is a totally different story. Not to mention how many people will just google the name of the app, click the first link, and look for any link that says download and click next, next, next until they've succesfully added a bunch of spyware and 7 more IE tool bars.
Clearly Apple's decision is based on paternalism, which most people don't appreciate when it's combined with government power. Compare:
"Clearly the ability to eliminate opposing viewpoints was a huge part of the Chinese government's decision, but was far from the only one. Stability and economic prosperity are also very important. My grandma can obey simple laws. But telling her to go to research contradictory political perspectives and decide the correct course of action is a completely different story. Not to mention how many people will just vote for the candidate that pushes their emotional buttons, and read whatever crap on Facebook and click next, next, next until they've elected Donald Trump."
The core problem with trusted computing is that users are never allowed to install their own root certificate. My grandmother should be able to install a root that someone she trusts controls, which will include but not be limited to the OS vendor.
"Hey grandma, run this and click Ok. Nevermind, just let me see it for a minute." Don't be a ridiculous strawman, everyone has friends or family they trust that are better aligned to their cause than multinational hardware vendors.
How do you make sure that grandma only does this if you tell her but not if the app she wants to watch that movie in or that email with your brother's address in the from field tell her to?
In the world of Linux distribution, they can have multiple independent repositories. When adding another one, you usually import their PGP key to establish trust. When you install Google Chrome on Linux, you will add another repository that will be responsible for further Google Chrome updates.
In the Android world, multiple app stores exist. There are stores by Amazon, Yandex, Baidu, etc.
If Apple wanted, similar mechanism could be made for iOS too.
You say that Apple is doing this for its own financial interest yet on the other hand Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws, and are just as bad if not worse since their system of persistent user tracking is far more insidious.
Don't like Apple? Don't buy their products. Your involvement with them ends there. Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.
You must elaborate that more, because I can't see it.
> Yandex, Baidu, Google, Facebook and all the other companies also have to obey local laws,
Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.
> and are just as bad if not worse since their system of persistent user tracking is far more insidious.
Not sure about their tracking, but they do not have an equivalent of Play Services on the devices. If you want to be really sure, use F-Droid or apps stores with the principles of F-Droid.
> Don't like Google? You can't avoid them no matter what OS you are using, no matter what browser you're using etc.
That's not true. When you use Google Search, Gmail or Youtube, it's you who entered the URL into the location bar. You can stop doing that exactly the same way, like you can not purchase Apple products.
>Sure, but the option of third party app stores opens also option of sideloading. In the case of Apple, when Apple says no, you are without the app, period.
This is a non-issue that people have brought up countless times. First of all, are we in agreement that app stores and other legal entities have to obey local laws? So your point is moot. Side loading is possible on iOS. You don’t even need to own a Mac to develop for iOS. [1,2,3,4] There is also the open web to fall back on.
And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off. [5] And please educate yourself about modern ad tracking [6]
> This is a non-issue that people have brought up countless times.
Does not make their argument right or correct.
> First of all, are we in agreement that app stores and other legal entities have to obey local laws?
Proactive censorship, company policies or business interests do not align to local laws 1:1. Porn, BitTorrent, gab.ai or countless other banned applications are not illegal, yet you are not going to be able to install them on your Apple device.
> Side loading is possible on iOS.
By jailbreaking?
> You don’t even need to own a Mac to develop for iOS.
We are not talking about development, but about loading a binary on the device and running it. TWO DIFFERENT THINGS.
> And you are incorrect about user tracking. Just a day ago Google was caught tracking users even when location services are turned off.
On Android devices with Play Store (aka Google proprietary app) installed. And they apologized for that, and are removing it.
> And please educate yourself about modern ad tracking
If you are concerned about ad tracking and you don't use any adblocker, at least educate yourself about capabilities of the current browsers[1].
>Proactive censorship, company policies or business interests do not align to local laws 1:1. Porn, BitTorrent, gab.ai or countless other banned applications are not illegal, yet you are not going to be able to install them on your Apple device.<
"Banned applications are not illegal"; that's an oxymoron.
Side loading has been done on iOS. Refer to Apple Developer Enterprise Program. [1] Cardiogram has also successfully side-loaded apps on iOS. [2] But it seems I won't be able to convince you since you cannot agree that a curated marketplace has value and that people desire this.
>We are not talking about development, but about loading a binary on the device and running it. TWO DIFFERENT THINGS.<
Refer to the two links cited below.
>On Android devices with Play Store (aka Google proprietary app) installed. And they apologized for that, and are removing it.<
That's a SEPARATE Google tracking issue (hur hur) in April 2017. Did you even read the link I posted? It was discovered 2 days ago now.
Ultimately, Apple has to obey the law in China. The "wisdom" of allowing side-loading to sidestep public policy issues exposes a wide target that is prone to abuse and leads to bad outcomes.
> "Banned applications are not illegal"; that's an oxymoron.
I don't follow your logic there, care to elaborate? Banning is done by Apple; legality is determined by courts, based on laws. Has any of these apps ruled illegal by court? Of course not. As I already wrote, company policies are not 1:1 map to laws, there's much more that goes into them, especially things like business interests and partnerships, but also things like ideology or subjective moral judgement.
> Refer to Apple Developer Enterprise Program. [1]
You can't be serious. So your grandmother is going to found a company, then get a DUNS number, so she can sideload an app?
The second link says exactly nothing about sideloading. On contrary, it has big Apple Store button.
> But it seems I won't be able to convince you since you cannot agree that a curated marketplace has value and that people desire this.
For convincing, it helps to have valid, logical arguments.
You don't seem to understand, that curated marketplace and sideloading are not mutually exclusive. Those, who want that marketplace, can choose from curated selection. Those, who want to sideload, can. In your model, where the curation is enforced on everyone, it is being turned into control for what's allowed and what is not.
> Ultimately, Apple has to obey the law in China. The "wisdom" of allowing side-loading to sidestep public policy issues exposes a wide target that is prone to abuse and leads to bad outcomes.
Ultimately, by allowing side-loading they are not responsible for whatever the user side loads at all, because they do not control this distribution channel. Just like Microsoft is not responsible for whatever you run on your Windows machine and Linus Torvalds is not responsible for whatever you run on your Linux machine.
>I don't follow your logic there, care to elaborate? Banning is done by Apple; legality is determined by courts, based on laws. Has any of these apps ruled illegal by court? Of course not. As I already wrote, company policies are not 1:1 map to laws, there's much more that goes into them, especially things like business interests and partnerships, but also things like ideology or subjective moral judgement.<
This is literally the third line of the article: "We have been notified by the Ministry of Public Security that a number of voice over internet protocol apps do not comply with local law. Therefore these apps have been removed from the app store in China."
>You can't be serious. So your grandmother is going to found a company, then get a DUNS number, so she can sideload an app?<
You said you can't side-load apps and that's the proof that you can. This is how companies deploy apps that are not on the App Store. And this has nothing to do with grandparents, it's two separate things. I remain unconvinced that it's easier to sideload an app from dubious sources than downloading from a sanctioned App Store.
>The second link says exactly nothing about sideloading. On contrary, it has big Apple Store button.<
The App Store is the official way to get into the Cardiaogram program. You can join the mRhythm study which is not offered on the App Store. They send you an email link and you tap on the link. Then you download the profile and the app. And that's how you sideload apps.
So I've provided 2 real-life examples of how side-loading is done on iOS.
>You don't seem to understand, that curated marketplace and sideloading are not mutually exclusive. Those, who want that marketplace, can choose from curated selection. Those, who want to sideload, can. In your model, where the curation is enforced on everyone, it is being turned into control for what's allowed and what is not.<
I agree that in an ideal world, having both a curated marketplace/walled garden and the option to sideload would be good. In practice, the closest to this idealized model is actually iOS and not Android, because Android even in its most "official" form is sponsored by a company whose business is to spy on its users (refer to earlier citation about being busted by Quartz). We can keep arguing in circles about "open source" and "code audits" but Ken Thompson pretty much shut that down with his Turing award lecture. [1] As of a few days ago, Google has consistently been shown to be untrustworthy.
> This is literally the third line of the article: "We have been notified by the Ministry of Public Security that a number of voice over internet protocol apps do not comply with local law. Therefore these apps have been removed from the app store in China."
Meanwhile, we moved the discussion from a narrower issue of the article to a wider issue of sideloading in general.
> You said you can't side-load apps and that's the proof that you can. This is how companies deploy apps that are not on the App Store. And this has nothing to do with grandparents, it's two separate things. I remain unconvinced that it's easier to sideload an app from dubious sources than downloading from a sanctioned App Store.
You still can't in general. Only in very specific, narrow situations, blessed by Apple. Your feelings about ease of side loading vs. app store are irrelevant, as we are talking about running software that Apple for various reasons might not approve of.
> In practice, the closest to this idealized model is actually iOS
In practice, you can run only things that Apple approves. Not good enough.
>Meanwhile, we moved the discussion from a narrower issue of the article to a wider issue of sideloading in general.<
Refer to earlier explanation of tiresome.
>You still can't in general. Only in very specific, narrow situations, blessed by Apple. Your feelings about ease of side loading vs. app store are irrelevant, as we are talking about running software that Apple for various reasons might not approve of.<
What are these "narrow" and "specific" situations you speak of? If you wish to distribute apps in jurisdictions where they are banned, I don't see why Apple is obliged to help you break the law. As for the side-loading capability, I have yet to encounter anyone who has had problems with Apple restricting their ability to side-load while enrolled under their enterprise program. Hell you can even use TestFlight to push your "beta" apps to "beta-testers" in perpetuity.
>In practice, you can run only things that Apple approves. Not good enough.<
Besides the links provided earlier, you can also have your own runtimes on iOS. e.g. Filemaker, Wolfram are doing this. [1] Python has been on iOS for at least 5 years. [2]
In all seriousness, this was an unintentionally hilarious comment. You can be against walled gardens, but one of best arguments for their existence is because grandmas in general can't be trusted to install root certs.
Google pretty much solved this issue with sideloaded apps.
Nobody is stopping you from downloading only from the store. But if you want, you can also download from outside of the store. As a bonus, Google even checks those apps for malware (but like any antivirus, it's mostly based on signatures + some relatively weak machine learning that won't stop original new malware until it gets reported by someone).
The Play Store may also be slightly less secure than the App Store, but that's mainly a factor of Google not doing any manual reviews. But this is a different issue. My point is that there's no reason why Apple couldn't allow sideloading, too.
Trading some freedom (to run whatever code/apps. you want) for the security afforded by a centrally run repository is definitely a reasonable one to make, but the same mechanisms can be co-opted and used in ways that aren't in the users' interests.
It's a difficult line to draw IMO - providing _any_ way to bypass it opens the non-technical user up to malicious software (to varying degrees), but if all platforms (or even just all the major ones) become so locked down, IMO that's a big loss in itself.
That's because Windows does not have any sandboxing, although that seems to be changing with Windows 10 version 1709.
iOS apps are still sandboxed just like apps from the App Store when you sideload them using Xcode. That's all you would need to install Skype, and sandboxing is what keeps iOS secure, not the App Store. The App Store review is mostly about weeding out obvious junk and enforcing Apple's business model.
> Because if iOS didn't prohibit installation of apps from anywhere but it's app store then this would be much less problematic.
I love Android and I love the fact that I can sideload apps from f-droid or elsewhere. But I've seen firsthand that (by children, e.g.) sideloading apps can result in a cascade of horrible device security problems.
We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
In any case, I don't think Apple's decision is strictly motivated by "being able to take a 30% cut". Apple has shown a commitment to security in their public statements and their devices' design. However, I'll grant that profit was certainly part of the motivation.
> We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
Or we could just take the time tested solution from the desktop world and you could give your kids non-admin accounts that doesn't let them install random stuff. The android security model is nothing but security theater in practice.
> We can blame the user or we can save them from themselves. shrug this seems like a genuinely hard problem and I wish there was an android-but-requires-several-command-line-adb-steps-to-permit-sideloading.
I don't. It should be available to non-technical users. It needs to be available to non-technical users. If anything, Android is too complex already.
>I don't. It should be available to non-technical users. It needs to be available to non-technical users.
Why should it be available to non-technical users? What will they possibly gain from being able to be tricked into installing a keylogger on their phone?
I don't think it's a given that full permissions on a device imply that a user will be able to run their device the way they want to. Permissions are necessary but insufficient. The other part is knowledge and ability. With permission but not knowledge, the user experience gets worse not better.
No, but the user will be able to run their device in the way that they want to. I'm not supporting no protections, but you should always let the user override those protections at the end of the day if they so choose.
How do you convince yourself that one of the(if not the) biggest government in the world forces a company's hand by force is not to blame, but the company who is the victim of such force is actually at fault.
Super Mario Run is a 220mb app, and it was downloaded 40 million times in 4 days. That's 8.8 petabytes of data transferred, for one app in 4 days.
A lot of apps don't go the in-app-purchase route, they rely on advertising, and if using e.g. Google's ad network, Apple gets just the $99/year to host who knows how many millions of downloads of the app.
No one claimed Apple doesn't make money on the App Store, but to claim that it's some massive profit machine for Apple is ignoring the reality of what it costs to host all the apps Apple makes just $99/year from.
Nintendo don't pay 8 billion dollars for Apple to hose Super Mario Run.
They paid $99 a year, or maybe $299 a year if they have an enterprise account.
Sure, Apple doubtless made a lot of money from people buying IAP for that game, but as I said, a lot of games and even utility apps don't monetise via IAP or selling the app itself - they rely on advertising, which Apple likely gets $0 from.
But hey, way to completely twist what I said to make a stupid fucking joke.
But democracy isn't the only alternative, or the best one.
What we are really discussing is totalitarian regimes. One is Apple, a top down secretive corporation with policies, dictating what will happen. The other is China, which like many Communist countries uses the "will of the people" as a surrogate for its own desires.
Representative democracy can have same issues. Take for example Prohibition, or the current war on drugs. And many other things.
I think that when it comes to PLATFORMS, there should be no barrier to entry. I would go further and say that I want there to be CENTRALIZED COLLABORATION on a platform, and not competition (eg of browser makers). But the platform must implement every extension that becomes popular enough. In other words when an app or extension becomes popular enough, it should be incorporated into the platform as one standard.
Think of how much headache would be solved and how much more could have been done if there were no browser quirks, and only one major browser.
The difference is that ANYONE should be able to build their own browser extension or website. ANYONE should be able to host it on the internet accessible to all. And if it gets popular enough it gets added to the feature list for EVERYONE.
However, this is a different form of governance - nothing is RESTRICTED from people and they are free to try new things.
>I want there to be CENTRALIZED COLLABORATION on a platform, and not competition (eg of browser makers)
>only one major browser
>nothing is RESTRICTED from people and they are free to try new things
What happens when one does a new attempt at a browser, that cannot be merged into the original major browser when it gets big enough?
For a simple example, suppose Google Chrome was the only major browser in such a model. One day, someone decides that C++ is too prone to vulnerabilities, and creates a new browser, called Firefox, based on Rust (on an entirely new codebase). What will happen when Firefox becomes sufficiently large to be considered major?
If it can't get merged due to something fundamental, then it can be a competitor. But that's a very rare case. The vasy majority of extensions are eminently able to be incorporated into the core.
But Apple does, because it decided at the start of the platform that being able to take a 30% cut and defend it's own weak services applications from competition was worth more than the inevitable human rights problems a closed app platform presents.