I agree that individuals should control their own devices.
I also agree with Apple's implicit claim that if iOS users could sideload apps, millions of idiot iOS users would get their devices owned after they followed some "follow these seven steps to get free $POPULAR_MOBILE_GAME tokens!" guide they found on the web, making the platform less trustworthy overall.
Apple makes a good argument that buying an iPhone is also buying, in a sense, a remote managed security service for the device at the same time. The net effect of this is that millions of people now have devices mostly free of the most egregious malware (and it's limited to just spyware, delivered via the App Store). For most users, this is a better state of affairs (at least in peacetime, or outside of China/Vietnam/Russia/etc).
and yet, despite occasional problems, the same hasn't happened in the Android sphere with sideloading. Problems? Sure... but not "ZOMG MILLIONS!"
"Apple makes a good argument" Their argument doesn't give near enough excuses for their mafia level racket to shake down businesses of protection money. "Pay us or Joey will break your kneecaps. Its for your own protection."
> and yet, despite occasional problems, the same hasn't happened in the Android sphere with sideloading. Problems? Sure... but not "ZOMG MILLIONS!"
Millions of Android devices have malware problems, yes. I might even agree with a claim that it is ZOMG millions.
Estimates claim that as far back as 2016, a million new Android devices were being infected with malware per month. The current figures are estimated by AV vendors at 4-7 million infections per month.
It's only a good argument if you assume that Apple is fundamentally interested in consumer security. It isn't. Apple is fundamentally interested in control. Security, however Apple defines it, is a chosen means to the extent that is fulfills the company's primary goal.
That's not to say that Apple should behave like a charitable force. A company's goals and decisions are its own prerogative. But as we've seen with the revelations of the Epic trial, the Darth Vader-style rule changes, updates that interfere with the basic operation of the device, etc., you're not just buying into a remotely managed system like a remote desktop at a colocation center. You're buying into the blackbox of Apple's present and future business decisions whether that suits your needs or not.
Should security no longer justify the cost to Apple, they'll contort the meaning of the word to suit their ends just like Tim Cook has done to the word "equal" during his congressional hearing.
You can't downgrade/upgrade the OS to a specific version of an update after a fortnight or thereabouts. That's an artificial constraint applied by Apple. It's not even possible to do so offline with iTunes even if one has the IPSWs. If you check the /r/jailbreak subreddit, talented coders have to hack the SEP and build complicated, low-level-interacting software like futurestore in order to perform a semi-successful downgrade/upgrade.
However, if you install an update to try it out, or because you didn't realize that it would e.g. break 32bit support, you can never downgrade again (unless you happen to be within a two-week-ish period.)
Your first paragraph contradicts the second and third paragraphs! If you believe that individuals should control their own devices, why are you in favor of Apple retaining control of every iPhone it sells? Pick one!
I didn't claim to be in favor of Apple retaining control of every iPhone they sell. Please re-read my comment.
My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
In fact, Apple delegates control of an iPhone's userspace execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device (no developer subscription necessary). This is how AltStore works, and allows AltStore users to run emulator apps on the iPhones they own.
> My claim is that for most users of iPhones, the situation of Apple being in control of their device, rather than themselves, results in a better outcome for that user (and is oftentimes explicitly preferred by that user as a result, and is reflected in their purchase of an iPhone).
Okay, but that comes out to the same thing, since I can't buy an iPhone which isn't Apple managed. If Apple offered a choice, that would be one thing—but they don't.
> In fact, Apple delegates control of an iPhone's execution environment to any iPhone owner who wants it: they will give you a signing cert for use in xcode to run any app you want on your own device.
What they give you is the ability to sign up to three apps at a time, all of which expire after seven days. It's not useful for anything but testing.
Plus, you're stuck in the App Store sandbox. You can't downgrade to an earlier operating system, you can't inspect the HTTPS traffic being sent out of your phone, and you can't even run anything that uses a JIT.
> What they give you is the ability to sign up to three apps at a time, all of which expire after seven days. It's not useful for anything but testing.
And if they decide to they can flip a switch on their server to disable your account and stop “your” apps from launching.
> Okay, but that comes out to the same thing, since I can't buy an iPhone which isn't Apple managed. If Apple offered a choice, that would be one thing—but they don't.
Well, you know this state of affairs well now, so when you buy an iPhone you willingly opt in to these remote management restrictions. There are lots of smartphones you can buy without such cryptographic boot restrictions.
Many people willingly choose iPhones (even given these constraints), and would prefer a remote party manage their device's security.
Apple's argument is a legitimate one, and you should be able to operate in the market in this fashion. Nobody's forced to buy an iPhone if they don't like how the bootloader is configured or the App Store is run.
> Many people willingly choose iPhones (even given these constraints), and would prefer a remote party manage their device's security.
I mean, but you're making a big assumption there! I buy iPhones in spite of those restrictions, because the only other options have worse processors and cameras, and because most of the people I know use iMessage.
I'd pay double the cost of a normal iPhone for a Security Research Device, if they were available to the general public.
I also agree with Apple's implicit claim that if iOS users could sideload apps, millions of idiot iOS users would get their devices owned after they followed some "follow these seven steps to get free $POPULAR_MOBILE_GAME tokens!" guide they found on the web, making the platform less trustworthy overall.
Apple makes a good argument that buying an iPhone is also buying, in a sense, a remote managed security service for the device at the same time. The net effect of this is that millions of people now have devices mostly free of the most egregious malware (and it's limited to just spyware, delivered via the App Store). For most users, this is a better state of affairs (at least in peacetime, or outside of China/Vietnam/Russia/etc).