Apple has turned the magic of software development from “how cool would this be?” to “how cool would Apple be with this?”
That’s an environment of software suppression instead of free innovation, and Apple has felt little pressure to change.
For anyone concerned about the security and privacy implications, don’t fall for the misconceptions perpetuated by Apple: non-App Store apps will still be sandboxed (so they can’t access other app or system data), and also scanned for malware by Apple - just like App Store apps!
I agree with your sentiment, but how would apps be scanned by Apple if you are allowed to sideload via 3rd party stores? They don't exactly scan apps downloaded from Cydia today.
Android can do automatic malware scanning of unknown APKs. When you try to install one, it checks a hash against Google's database, and if a match isn't found, you'll have the option to upload it to their servers.
If you want free innovation why not develop for PC? If Apple doesn't think free innovation is a good thing for their app store then it's Apple's loss for losing out on innovative software.
Many apps have network effects. You can put together a great messaging app but if Apple bans it or cripples it, it can't catch on.
And that's just as true while you're small. You have six friends and three of them have iPhones, you can't get them all to switch to your own app.
Meanwhile Apple's "loss" is of an app that they purposely didn't want, e.g. because it might have displaced iMessage by being a better SMS app (which they don't allow). They don't ban everything, they ban the things that are in their anti-competitive business advantage to ban.
Back in the real world Apple blocked UK governments app for letting EU citizen scan their passport and apply fir settled status, harming millions if people
Android is in fact the dominant platform by number of users, and has cool stuff like cloud gaming apps that iOS does not. There are also other aspects of the iPhone that many people prefer over Android phones, e.g. hardware features and quality.
The point about sandboxing is relevant because many people conflate sandboxing protections with the protections offered by App Review, and thus are afraid that non-App Store apps will be able to install viruses or brick their devices - which isn't the case.
Lastly, the automated malware screening that’s part of the App Review process can be offered separately, thus the risk of "catching malware” from non-App Store apps will be the same as with App Store apps.
And the hardware quality and features aren't things that android can just copy, because Apple has numerous government enforced monopolies on their technology called patents. This isn't a free market.
I have the vision of hanging at the coffee shop, jamming to headphones, pop open the iPad, open the iCloud synced IntelliJ project I was working on my MacBook Pro in the morning. To those who would say, but that's not what an iPad is for - consider this thought: The iPad is a pretty good expression device. You can draw with the pencil in Good Notes. You can paint with your fingers in Procreate. You can make music with Garage Band. With the iPad keyboard, and Obsidian.app, it's a serious writing tool. So with all of these ways to express my passion, what I'd love to do is use the iPad to express my passion to code. Using my kindergarten brain, It looks like a computer that a person could use to code.
Apple seems to be investing in iPad software development capabilities - Swift Playground app. This is exciting - perhaps it will be the "iMovie" of Xcode...
An aside:
When someone finally comes up with an eInk laptop, we developers in Austin can chill at patio bars and enjoy the sun.
I actually forgot that Xcode could install wirelessly! To me, unlocking the device and connecting it to the computer (which could be a mac mini next to my bed) is completely trivial. It really doesn't get much easier.
I operated a whole bespoke enterprise build farm for iOS that did hundreds of headless xcode builds per day, plus I wired up automated app re-signing with a signing identity repository. It's a pain because Apple isn't super helpful if you're not on the straight and narrow path, but it's not rocket surgery. Just hooking up some actions to automate a build and install when 'phone plugged in' event is detected isn't that hard.
If that can happen, then that is a security flaw of the device and should be fixed, no?
I mean, reading a text could install a virus on iPhones last year, yet I didn't see people screaming that all texts should have to go through Apple to make sure they aren't a virus.
> If that can happen, then that is a security flaw of the device and should be fixed, no?
Yes. It should be fixed.
Guess what? Nobody has ever in human history figured out how to make software that is free of security flaws. That’s why these things are only part of the solution.
> I mean, reading a text could install a virus on iPhones last year, yet I didn't see people screaming that all texts should have to go through Apple to make sure they aren't a virus
If you think application software is like a text message then you don’t know enough to comment on this issue.
> If you think application software is like a text message then you don’t know enough to comment on this issue.
If you think that was an example of what I think software is like, then you probably shouldn't comment on it either. I'm just commenting on the fact that, like you said, there's always going to be security issues and using them as the scapegoat for "why" this can't happen is a bad argument.
What's the difference between running an app ad-hoc right now (via XCode) vs allowing a user to download and install any app they want. The answer is, there isn't any except for artificial limitations put in place by apple.
Anything an app that is installed could do would be the same between the store, ad-hoc builds, or installed from a download. The security is in the platform, not the App Store. How many times have we seen something slip through Apple's review process? Fortnite got a full CC flow UI through, many apps back in the day would slip WiFi tethering into their app and get through. All it would take is a simple API call with a boolean to enable or disable the "security issue."
You could always do checks to see what API calls they are using and use that as a metric of "security" but that can also be done device-side. "Hey, this app is using a sketchy API that shouldn't be public, we're going to block it."
> like you said, there's always going to be security issues and using them as the scapegoat for "why" this can't happen is a bad argument.
No it isn’t. If you agree that there are always going to be security issues, then there is no reason why customers shouldn’t be able to choose a product where human moderation is used to mitigate them.
You haven’t made any case as to why customers should be denied this option.
>If you agree that there are always going to be security issues, then there is no reason why customers shouldn’t be able to choose a product where human moderation is used to mitigate them.
First of all, that is one of the worst arguments I've ever heard. A iMessage can install a virus, but you don't see people asking for human moderation of all of their messages on the remote chance that one message contains a virus.
I'll also just copy/paste my reply here since you decided to not reply to it.
What's the difference between running an app ad-hoc right now (via XCode) vs allowing a user to download and install any app they want. The answer is, there isn't any except for artificial limitations put in place by apple.
Anything an app that is installed could do would be the same between the store, ad-hoc builds, or installed from a download. The security is in the platform, not the App Store. How many times have we seen something slip through Apple's review process? Fortnite got a full CC flow UI through, many apps back in the day would slip WiFi tethering into their app and get through. All it would take is a simple API call with a boolean to enable or disable the "security issue."
> You haven’t made any case as to why customers should be denied this option.
Xbox Game Pass, done. Any time Apple bans someone from using a new technology, it harms the consumer and limits user choice.
> A iMessage can install a virus, but you don't see people asking for human moderation of all of their messages on the remote chance that one message contains a virus.
You keep making this silly silly argument.
A text message is not like a software application.
If you really thing the two are comparable, you honestly don’t know anything about computer technology.
You also clearly don’t understand security if you think a platform can be free of security flaws.
As for things slipping through app review. Obviously that happens. That proves that the platform isn’t secure, and that App review isn’t perfect.
If app review wasn’t there, even more things would ‘slip through’. What matters is not how many things slip through, but how many are stopped.
The platform security isn’t perfect, and nor is app review. Together they are much better than one would be alone. It isn’t hard to understand this if you want to.
> A text message is not like a software application.
> If you really thing the two are comparable, you honestly don’t know anything about computer technology.
Ya know, I'm not going to attack you like you seem so set on doing to me. But for reference, I'm a lead SWE working on mobile devices.
As for how a text is comparable. All I'm saying is you claim the platform would be vulnerable with sideload functionality, and what I'm saying is the platform is already vulnerable to the attacks you think this would open the door to. Letting users sideload apps won't make it any more or less vulnerable.
> The platform security isn’t perfect, and nor is app review. Together they are much better than one would be alone. It isn’t hard to understand this if you want to.
I'll say it again, but louder for those in the back. The security is built in to the platform, not app review. If the security was only through the appstore you would see hundreds of viruses in the store a day, controlled by a server side flag. Just like what Uber did to run code differently if the app was being used by reviewers. [1] Why do you think apps need permission to access your sensitive data? That's not the app politely asking while having the ability to get it anyway, that's the _platform_ security.
Now, mind commenting on the part you've ignored twice now? I'll quote it, verbatim, again for you.
"What's the difference between running an app ad-hoc right now (via XCode) vs allowing a user to download and install any app they want. The answer is, there isn't any, except for artificial limitations put in place by apple."
How is the platform so vulnerable and insecure currently? You claim this functionality will cause viruses and adware to run rampant, yet people can do this exact thing right now, with artificial limits (3 max, 7 days max) put in place by apple.
> Ya know, I'm not going to attack you like you seem so set on doing to me. But for reference, I'm a lead SWE working on mobile devices.
Then I assume you understand the difference between text and an executable and they they pose very different security risks.
If so, then we have to assume you are simply arguing in bad faith by pretending they are analogous.
> I'll say it again, but louder for those in the back. The security is built in to the platform, not app review.
This statement is completely false. Security is in both. You surely know that.
> If the security was only through the appstore you would see hundreds of viruses in the store a day, controlled by a server side flag.
No, because they could still be removed after detection.
In any case, this is a dishonest argument. Nobody is claiming that it’s only in the App Store. The claim is that the App Store is a way to catch issues that the platform security alone cannot.
You can already install malware to your device if you want to and sometimes even if you don't. Allowing other sources for installation is already build into phones.
The fact that one does not have to sell own kidney to own smartphone definitely helps I think. Does it somehow make non Apple smartphones less of a product?
I’m saying just the opposite. If the argument is that people prefer Android over iPhones for reasons like “openness” [sic] that’s clearly not the case. Where users can afford iPhones either because they have the income or where carriers have easy payment plans, they buy IPhones - like in the US or the more affluent even in China.
Cloud gaming exists on iOS as well. And is just as insignificant there as it is on other platforms.
And you are being disingenuous by deliberately ignoring the manual checks that Apple's review team does to prevent malicious apps from being disseminated. I work for a bank and my Mac laptop has 6 apps pre-installed designed purely to prevent malware/viruses. The same will unquestionably be needed on iOS for those using it for sensitive tasks.
Macs offer the option to run apps without any sandboxing whatsoever – meaning an app can run totally unrestricted and read, modify, or delete any file of any other app, including most system files.
We’re not asking for that on iOS.
So there’s no reason to think you’ll ever need "6 apps pre-installed designed purely to prevent malware/viruses” on your phone.
Weird move. By asking those questions of me, you have proven my point:
You have shown that you don’t know anything about how many security flaws there are or how many are protected from by App Store curation, so your claims up to this point about security have simply been dishonest.
This isn’t about agreeing to disagree. It’s that you’ve just been making up false claims this whole time.
App Store curation is beneficial, but it is not absolutely necessary, and in many ways is lacking.
The fact that you cannot begin to imagine a world where Apple's engineering capabilities exists beyond the App Store, nor are aware of the many, many security features they have enabled on both iOS and MacOS [0], speaks of your own skepticism towards Apple's ability to get the job done beyond the App Store. I suggest you read up on Apple's work into system security [1] and elsewhere. It's quite fascinating!
You still haven’t addressed the fact that you are lying about apple’s security.
You don’t know how many flaws there are, how long before they are fixed, or how many are protected against by the App Store.
You have no facts and yet you continue to make a claim you know you can’t support. Indeed you have presented links that show for certain that Apple’s security is not perfect.
It seems like your ideas about the perfection of Apple’s security exist only in your imagination.
> You don’t know how many flaws there are, how long before they are fixed, or how many are protected against by the App Store.
Do you know? I've provided many links about Apple's security, while you have only offered your own opinions. If you have any helpful information, it would definitely be appreciated.
Android is the dominant platform, and there is a lot of cool software missing. E.g. Any app that takes donations to charity or payments outside apple.
Maybe not cool to you because you don't notice the cut apple takes.
Apple users don't even realise there is competition in the keyboard market.
Of the many cool apps missing are the ones that require root. Neither platform provide that so loads of apps are impossible.
Android is the only platform if you want control of your own mobile device.
Apple give two hoots about that because they have no competition in consumer markets.
Lots of people have old iPhones they could be using for a load of funky projects or just plain simple software projects but apple don't let them.
Some useful iPhone apps that don't exist.
Mobile web server.
Pos device
WiFi bridge.
Portable software demo device.
Non itunes music player.
Non apple payment device.
...
An iPhone is just a computer that Apple tell you what you can do with.
a) Nothing is stopping you from charging people from outside the app e.g. your own web site. It's how Netflix works.
b) Multiple keyboards have existed on iOS for years.
c) Spotify and Tidal are examples of non iTunes music players.
d) Nothing is stopping you from running a web server, creating funky projects etc. You are just not allowed to disseminate to others through the App Store.
> a) Nothing is stopping you from charging people from outside the app e.g. your own web site. It's how Netflix works.
Most here are already familiar with Apple's 15-30% fee (requiring developers to raise prices by 17.6-42.9% to break even) for most app categories, which siphons money from developers who are smaller than Apple to entrench Apple's duopoly position.
Furthermore, even for free apps, Apple requires developers to pay the $99/year fee just to keep apps in the App Store. Without paying, the apps are removed. This already has a negative impact on the availability of free and open source apps on iOS, with an outsized effect on FOSS developers in areas with lower cost of living. For example, compare the huge selection of apps for Nextcloud features available to Android users via F-Droid (https://search.f-droid.org/?q=Nextcloud) to just Nextcloud (basic storage functions) and Nextcloud Talk on iOS.
> d) Nothing is stopping you from running a web server, creating funky projects etc. You are just not allowed to disseminate to others through the App Store.
That's a point in favor of the bill. Apple preventing entire categories of useful apps from entering iOS via the only accessible installation method for most users of average tech proficiency is evidence of consumer harm.
Nobody is making you install or purchase anything from outside the App Store if you don't want to, even after sideloading becomes an option in iOS. Sideloading is allowed in Android, and most users still install and purchase apps from the Play Store in regions where the Play Store is pre-installed.
a) iOS customers pay extra for the service protections of easy subscription management and keeping payment information out of shoddy payment platforms. Registered charities can accept Apple Pay to avoid the cut.
b) The Keyboard API is designed to be tiny and blocks broadcasting keystrokes. It is like it was not designed to be a general computing device.
c) Again not intended as a general purpose device. I recall early on they added hardware to the camera to prevent it from detecting out of sight spectrum to prevent it from being used to find heat leaks and the like.
d) Android is the only platform where other people can secretly control your device.
e) Apple gives lots of hoots. They are clearly trying to craft a specific experience.
f) True of most anything with a chip. Cars, game machines, smart TVs all have anti-tampering tech even without your banking data on them.
g) Web servers are often compromised so bad for security. Computers never made good WiFi bridges. Plenty of music apps. I see point of sale iPads all over the place.
h) yes. The idea of billions of devices out there with constantly running background Location/Bluetooth sniffers reporting to ad-tech is horrifying to me. It would make the AirTags stalking seem like a joke if every phone secretly tracked every Bluetooth.
> If there was a load of cool software that Apple was preventing from coming into existence, Android would be the dominant platform by now, because it would have all the cool stuff.
A mobile application that can't be shipped on iOS has a much lower total addressable market, which potentially makes it so that it isn't a commercially-viable undertaking for the developer. When I was working in the mobile space, I saw more than one great idea that never advanced to a product because of this factor.
There are also a lot of cases where a cross-platform mobile developer will kill an otherwise promising feature because they can't ship it on iOS and don't want to fragment their product by having different feature sets on each platform.
Why should others go out of their way to satisfy your preferences before accomplishing what they want? If you want to get apps exclusively from the App Store, just do so. Apple will certainly keep that option available and easy to choose for you.
We all seem to forget that we as people have a choice. Either we go where other people go, or we chose to go somewhere else.
It is not a precondition to have success in society to use an Apple device, so why does it matter that they chose to operate the way they do?
A developer might want to target Apple specifically because AppStore provides a potentially high consumer lifetime value client for your offering; but guess what, if you were as valuable to your customer as Netflix, you could abide by Apple's rules completely and still be a successful company. The AppStore in app purchase doesn't matter -- Netflix iOS just says, 'good luck! figure out how to sign in!'
Which gets to the other part of this, side loading != pay through AppStore. The 30% rake is the wind for this bill's sail, and it's not right. Just mandate alternate payment links like EU / whoever.
Side loading will lead to more 0 clicks and NSO breakthroughs. The surface of attack is increasing.
I find the FUD against third party app stores on iOS to be simultaneously crediting Apple with providing immense amounts of security in its App Store, and believing that it would be incredibly helpless without sole control through its App Store. That's very contradictory, both in ignoring the many, many vulnerabilities and scams that have proliferated on the App Store through the years (not to mention other negative user experience), but also ignoring the great pains that Apple has in ensuring security through layers and mechanisms beyond the App Store.
iOS is more secure than Android not simply because the App Store is better curated than the Play Store, but protections built in its very own operating system model. There are permissions restrictions that Apple has guarded carefully and not subject to removal through the permitting of third party app stores.
Furthermore, because Apple still has ultimate control of its operating system, it can design a careful flow to enable the use of third party app stores and side loading. It can hide it deep in Settings behind multitudes of "are you sure?" windows and security checks. It can coax users not to relinquish protections.
Hell, if Apple embraced the whole decentralized app store idea, it can provide an AppStoreKit SDK and sets of standards for third party app stores to adopt, a sort of security certification system that they can choose to conform to and be recognized for meeting Apple standards, similar to Apple's verified third-party repair stores.
The idea that allowing third party app stores will doom iOS is an anti-Apple critique in disguise, because it claims that Apple is helpless outside of its App Store. There is a lot more Apple can do.
> Apple still has ultimate control of its operating system
This is by far the most under-appreciated point in all the dialog around third-party app stores (and intentionally downplayed by Apple itself). Apple doesn't have to control the store to control the platform. The degree to which independently-distributed binaries can still be locked down remains entirely within Apple's control, and if they really do somehow fail to stop this legislation (realistically, I see both Apple and Google tying it up in the courts for years) expect a new level of hardening in iOS and Android from top to bottom.
Ironically, this will probably be better for security in the long run.
I don't think I've ever seen the tech press warn users that they need to be wary of installing apps from inside Apple's App Store the way they have with Google's Play Store.
>With malicious apps infiltrating Play on a regular, often weekly, basis, there’s currently little indication the malicious Android app scourge will be abated. That means it’s up to individual end users to steer clear of apps like Joker. The best advice is to be extremely conservative in the apps that get installed in the first place.
A good guiding principle is to choose apps that serve a true purpose and, when possible, choose developers who are known entities. Installed apps that haven’t been used in the past month should be removed unless there’s a good reason to keep them around.
> Furthermore, because Apple still has ultimate control of its operating system, it can design a careful flow to enable the use of third party app stores and side loading. It can hide it deep in Settings behind multitudes of "are you sure?" windows and security checks. It can coax users not to relinquish protections.
If they make the flow add package signers (or maybe a packagename,signer tuple), that would both be more friction than a on/off checkbox and possibly a better way to do it for users. I may want apps X from Y, but I don't want it if it's signed by someone else and I may not want other apps, etc.
Exactly. There's a lot of potential UX flows available that could protect user security even when it comes to third party stores, and the law does not restrict Apple's ability to impose such safety restrictions.
Sudden outbreak of common sense. I hope this passes and forces Google/Apple to justify the value that their app stores provide, for the amount that they take from developers.
No, the value the store provides is the SDK. Just as Unity requires you to license IP, I haven't seen any evidence to suggest that the is going away, only now developers get to bypass sandbox restrictions and access user data.
From the users point of view side loading allows only a reduction in security. All those tracking restrictions? App Store submission policy. All those raw data access protections? App Store rejecting sandbox features that are unsafe.
There is a reason malware is a huge problem on android but not on iOS.
> No, the value the store provides is the SDK. Just as Unity requires you to license IP
Except Unity doesn't make the only device that Unity games can run on.
Apple should be making their money from the phones, not seeing the phones as a utility to get even more licensing fees ($99/yr, 30% cut of all payments) from developers.
But also doesn't the $99/yr charged to put apps on the store count as a license, making your Unity example sound even more monopolistic for Apple.
Apple makes some on the sale of hardware, but does not charge end users for software updates after then. Unlike google it actually supports that hardware. The support costs money.
You're right that unity wasn't a great example though. A better example would be the xbox, playstation, switch, etc.
The alternative model is you sell out your users, like google does.
> You're right that unity wasn't a great example though. A better example would be the xbox, playstation, switch, etc.
Not really. Gaming consoles are usually sold at loss.
"The reason game consoles end up being profitable is through a combination of software, service, and accessory sales, but it's still surprising to find Microsoft has never achieved hardware profitability"
The average cost of manufacture is a PS5 is $450, the cheap version of a PS5 is $399, so a $60 loss. The platform takes a 30% commission on games the are priced >=$69.99, so at three games per machine they're making a profit.
The average cost of a game on iOS is 48c. Apple takes 14.4c, all that money then does things like supporting devices long after they were sold. Unlike google apple doesn't monetize its users: google continues to make money after devices are sold because the platform itself exists to help their ad business, that means android would still make money for google if they didn't even have their own store.
Add to that apple providing actual major software updates for devices more than 5 years after they were sold - not just security fixes - and I would argue that apple has a greater justification for their commission than Sony or MS do.
The business model shouldn’t decide what’s legal. If it’s legal for Sony, it should be legal for Apple.
Or if you disagree, fine. What’s the threshold? How does the Government acquire the information to determine if enforcement is necessary? What happens if the PS5 console, later in its life, is ever sold for a profit?
I think the argument being made is that hardware companies should be required to sell hardware at break even and provide free services and software to developers.
> There is a reason malware is a huge problem on android but not on iOS.
So it is said, but is this actually true? Anecdotally, my non-technical parents have been android users for 10 years and malware is a non-issue. I'd be interested in data that could demonstrate otherwise.
I tend to side with the tech companies (Apple in particular) due to the security issues and review process. It's not perfect and the cut seems excessive IMO, but there is value there that can't be dismissed outright. It'll be interesting to see how Apple and Google handle this. Maybe they'll allow side-loading with big, scary language? Or perhaps a cheaper or even free tier for developers to allow apps on their respective App stores?
Thanks for that link to Schneier's letter! He breaks down the bills and provides relevant and cogent arguments to both Apple and Google's positions which I hadn't considered.
What's being removed from you again? Don't sideload apps if you don't like sideloading. Keep using Apple's app store if you like it, or maybe in the future, you will find you like an app store better than Apple's. We will never find out if someone does it better than Apple, if nobody can even try.
> What's being removed from you again? Don't sideload apps if you don't like sideloading. Keep using Apple's app store if you like it, or maybe in the future, you will find you like an app store better than Apple's. We will never find out if someone does it better than Apple, if nobody can even try.
Um, the fact I've told any semi-non-competent person to buy iPhone because it very specifically won't screw up like the popup ridden land of Android.
> Um, the fact I've told any semi-non-competent person to buy iPhone because it very specifically won't screw up like the popup ridden land of Android.
How does this relate to your original comment claiming you're losing something you paid for?
And if Apple can't keep the quality of their software from falling to that level, just because of being slightly more open, then that is their failure.
> You know that developers will end up using alternate App Stores
This keeps being stated as though it’s a foregone conclusion. All evidence points to the contrary. Look at Google Play. Android has allowed third-party stores since inception and yet the only stores that see any notable use are the ones that ship on devices, i.e. Google Play and to a much smaller extent OEM stores (at least in the English market).
So no, it is not likely that you will have to install another store. Just like most Android users only ever touch the Play Store most iOS users will only ever touch the App Store.
The only notable stores I expect to see from this are an Epic Games store that basically just has Fortnite on it, and some community-driven F-Droid-like.
What developers will do that? Android has alternate stores, and there isn't any vendor lock-in. The Amazon and Samsung Android alternatives to the Play Store aren't huge competitors. Epic hasn't tried to build their alternative Android app store yet with Fortnite as an exclusive. This is all scare-mongering about what could happen but probably won't happen. Name a single major Android app that's located on an alternative app store.
Apple's centralization is not forcefully removed, you can choose to keep using only Apple approved software from Apple store and you will not see any difference.
This change would just allows you to install software from another source if you wish.
If Apple implements the change similar to how Android works, you will have to allow installation from non-Apple store sources, you can do it per app, you can do it once and then disable it, you can allow main app store to scan all your apps for security.
If you are arguing that some people will be tricked into installing malware from other sources then you are right that this change would allow that but it will still require user to go through few steps which should raise red flags for them. Some people just can't resist pushing that button without thinking and regardless of the consequences and in that case app store safety net is just temporary anyway, they are still exposed to the real world where that will harm them in a more serious way.
> If you are arguing that some people will be tricked into installing malware from other sources then you are right that this change would allow that but it will still require user to go through few steps which should raise red flags for them. Some people just can't resist pushing that button without thinking and regardless of the consequences and in that case app store safety net is just temporary anyway, they are still exposed to the real world where that will harm them in a more serious way.
I seriously could care less what we as HN want out of a phone in a way. We are head strong enough to do something different for ourselves -- literally look at PinePhone, etc.
What I'm concerned about is the trickery that is sinister beyond belief, getting access that they never earned and do not deserve.
we already know it causes malware. Android has demonstrated this very clearly.
You also can't retroactively undo a security hole: once you've installed malicious software the other software on the system by definition can't be trusted.
Android has demonstrated that you can have multiple app stores and that majority of users will happily use the default app store which for vast majority of Android phones is Google Play store.
Allowing app side-loading or different app store is not a security hole.
Using non-approved apps or non-trusted app stores might allow for existing security hole to be exploited more easily but it might also allow for better protection against such security hole by providing better curated app stores for less tech-savvy users.
I purchased my goods with the express contract that the AppStore will be the only way a developer gets access to Apple's APIs, Libraries, and instruction sets for iPhone.
That's the thesis for a treatise I could write. This breaks the contract I had with them upon purchase.
> I purchased my goods with the express contract that the AppStore will be the only way a developer gets access to Apple's APIs, Libraries, and instruction sets for iPhone.
Any software license you may have purchased is a non-exclusive one. Apple can re-license their own software however they wish.
That’s not true though. Users can already sign and sideload apps from a Mac. It’s just that doing so imposes annoyances (have to manually update apps, and resign every week). Allowing proper sideloading would only eliminate annoyances associated with current capabilities.
Don't kid yourself. Definitely not value for money. They're checking that nobody is getting around their pay-to-play walled garden. Any security checking is probably automated and incidental.
Genuine question, do you think that comes free? It costs money to develop these things and having control over the app store allows them to recoup that. I see no problem except maybe it's too expensive for developers. A more reasonable cut should be offered IMO.
Hell, you own the phone, the contract with the carrier, the storage. Apple is like a thug on the street charging a cover charge to go in the club, and they don't own the club or work for them. They just demand money because they're bigger than you.
Android already has side loading, and Epic tried and failed to get a third party store going. I highly doubt this bill will do anything unless it mandates that Google can't mandate Google Play Store as a condition of receiving development support.
F-Droid is great for hackers- a niche subset. Chinese app stores are a special case because of legal and political separation. How successful are Amazon or Samsung's app stores, and do they actually host any popular apps that users can't get on the Play Store?
As long as this does not cause an exodus from the App Store and I am forced to start paying for apps directly, I am fine with this.
But a strong benefit to the App Store for me is being able to manage and cancel my subscriptions from a central place. No going through 5 screens, no being forced to call, no any of that crap.
I can already see apps refusing to carry through the App Store so they can control more, and I am not looking forward to that.
Pretty much all Apple has to do to keep apps in App Store in the face of competition is drop their fees to less than 10% for all apps and drop bullshit like "you can't even link to your website if it lets users pay from there", and almost everyone except the most brazen will stay on App Store.
We'll see what actually happens but I personally I doubt that Apple values user experience more than it values gouging developers for profit. The Apple that would, is long gone.
>Pretty much all Apple has to do to keep apps in App Store in the face of competition is drop their fees to less than 10% for all apps and drop bullshit like "you can't even link to your website if it lets users pay from there", and almost everyone except the most brazen will stay on App Store.
Exactly. Apple would have to actually... compete. I suppose I can understand why this fills them with dread, but they have a clear path to retaining developers: compete!
If Apple could do that they wouldn't need to control the signing process. They do because most of what you're discussing as "intellectual property" isn't protected from independent implementations.
If being forced to compete fairly requires them to drop their prices by 60%, I think that’s a pretty good argument that they’re not competing fairly at the moment.
When you are competing against stores that require you to use their ad-tech framework to make up the difference it is a different equation.
The idea of billions of devices out there with constantly running background ad-tech frameworks horrifying to me. It would make the AirTags stalking seem like a joke if every phone secretly tracked every Bluetooth. Right now Apple is in the stream to say no to that.
The argument seems to be Apple should just lock down things even further to prevent it from happening…
Bunch of FUD. OS features and permissions aren't going anywhere. Even if coercing users into providing permissions became a real problem, Apple could have the OS provide fake data to apps not whitelisted by the user.
If you don't want to be tracked, don't use Google, Facebook, and other ad techs. Doesn't matter whether you installed their apps or not. Even today Apple can't meaningfully shield you from their tracking if you choose to use their free ad-supported services. (And if you don't, there's not much value in tracking you since they can't sell your attention to the highest bidder)
I'm not defending ad tech, but it will take complex legislation to reign it in. You can't just hide from it in Apple's walled garden, it does not work.
That complex legislation is not going to happen because ad-tech has the money to stop it.
Facebook is right now taking a huge loss due to the fact the walled garden is working.
People compromise their privacy because they didn’t have a choice. Apple is providing that choice until you let Chrome only be installed from the Google store and web sites suddenly say “best with chrome”.
> Facebook is right now taking a huge loss due to the fact the walled garden is working.
Facebook is hitting a huge loss right now because they saturated the world, ran out of markets to expand to. Not because of Apple's minor restrictions on cross-app tracking, jeez. Their growth in US stalled long ago.
> That complex legislation is not going to happen because ad-tech has the money to stop it.
And tobacco companies had the money to prevent anti-smoking regulations, and the oil industry had the money to deny climate change, and big tech had the money to keep their app store monopolies. Well some of those are WIP but it's clear that things do improve despite the money, albeit slowly.
> People compromise their privacy because they didn’t have a choice.
Nobody's stopping you from using DuckDuckGo and Mobile Safari, not today, not if this legislation goes through. Nothing that Apple does will change that, and nobody will code websites for mobile without supporting the default browser on their target platform, unless that browser is IE-level terrible, which Mobile Safari is not, despite its many deliberate shortcomings.
If you're all about choice you should stop telling other people that they should pay for services with money rather than with ad impressions, and that they should pay Apple's 30% tax for your privilege to see one monopolist shove it to another in a superficial way.
And if you think "don't use Apple" is valid advice for these people, then it's also valid advice for you for when this legislation passes, if you really can't live on a platform that isn't completely locked down.
Android offers sideloading and third-party app stores (with minor limitations), yet the vast majority of users do not sideload Android apps. I remember reading it's about 1 in 200 who does, which I found surprisingly small. Commercial apps that aren't in Google's store usually want to do something against Google's rules - sometimes for good reasons, sometimes not.
I don't think you'll find many apps jumping ship entirely. They might offer lower prices elsewhere.
The important thing is that mere existence of the option - and the possibility that if you tighten the screws too much, it can go from 1-in-200 to 1-in-20 overnight - keeps the policies and pricing of the "primary" store in check. Competition is useful for consumers even if they don't switch to a competitor, because their current vendor expects that they could, and can't freely do monopolistic exploitation.
I bet part of the reason for that is because of how it's presented. Google puts up several warnings that you have to click through and they're all along the lines of "this will ruin you phone!" IMO having sideloading isn't anything more than a well thought out, long term plan to deflect accusations of anti-competitive behavior. In reality they do everything they can to discourage users from sideloading.
The biggest issue for me personally is that it's not clear how, or if, sideloaded apps are sandboxed and how they're granted permissions. The warnings seem intentionally designed to play on those fears. If they're sandboxed the same as other apps and have fine grained permission controls I'd do a lot more sideloading.
> The biggest issue for me personally is that it's not clear how, or if, sideloaded apps are sandboxed and how they're granted permissions. The warnings seem intentionally designed to play on those fears. If they're sandboxed the same as other apps and have fine grained permission controls I'd do a lot more sideloading.
As someone who recently started dabbling in Android app development, I'm side loading my own app all day long. My app, whether side loaded or downloaded from the Google Play store, makes permission requests and the user must approve every one of them.
> If they're sandboxed the same as other apps and have fine grained permission controls I'd do a lot more sideloading.
They are subject to the same permission request/granting system as apps installed through a store. That system is OS-level and applies to all non-system apps.
The issue is that once you grant access to terminal.... anything you run in it has access. So it's not very useful since almost everyone will have granted that access within a few minutes of being in the terminal.
You are in luck! Another way to manage subscriptions client side is to use PayPal. In the same way you have control over all your subscriptions in one place, and can cancel without the interference of the counterparty - a great benefit indeed. And paypal can work with anything, any entity that has a PayPal account. PP is, of course, not without its own horror stories, however a lot of that is around p2p selling-gone-wrong. I have not experienced or even heard of problems around subscriptions, so I think this is a sweet spot.
This doesn’t actually help, because ending payment for a subscription doesn’t absolve you of legal responsibility, and you might at some point end up getting sent to collections over something stupid. Importantly, Apple can force companies as part of their terms of service to recognize an App Store subscription cancellation as an actual cancellation of obligation to pay.
I suppose that's possible, but it would at least put the onus on them to begin legal proceedings. I would also argue that they'd be putting their PP relationship at risk by taking such an anti-consumer attitude. Certainly this is something I want to look out for, but so far (knock on wood) it hasn't bitten me.
Paypay is great when everything has gone right but everything about their support and dispute resolution system is shockingly incompetent. Going from everything going well to something has gone wrong is like driving through Mayberry and crossing a bridge to find yourself in Kafkaesque post apocalyptic landscape devoid of sanity and reason.
You'd be smarter to trust your money to drug dealers or your put it in a sack and have your 5 year old cousin watch it real close.
Your assuming everyone will use PayPal for subscriptions.
When with this there are no rules forcing them to do anything since they can just ship outside the store.
This doesn't address my issue (also I don't want another one I want to keep everything in a single place in settings on my phone). Considering I have never used PayPal for any of my subscriptions on the web I don't see this catching on for mobile either.
If a company wants to put me through hoops to make unsubscribing hard, there is zero chance they will opt to use something that makes it easy if they have the choice.
I'm letting you know of an alternative that has worked well for me. If you want to respond to that assistance with silly assertions and general whingeing, well, that's your choice. But you are not coming off as very...impressive, shall I say.
When the alternative is a game of “find the cancel link”, slog of retention attempts, or gauntlet of phone bots it starts to become tempting.
If services universally had an obvious cancel button that did exactly what it says it does without a runaround, then yeah the premium makes zero sense.
There's the other alternative which is similar to this App Store Bill: get the government involved. In California if you signed up with a button, you've got to be able to cancel with a button too. I like that way more than paying 20% to Apple just because they offer the same thing.
As it stands all of the apps I have subscribed too are only available to subscribe too this way.
So I assume given the price that the extra 30 (or 15) is calculated into the price.
So my answer would be yes, if they said I could lower it by going through their website I would continue to do it through the app. If they removed the option completely I would stop using it and find an alternative.
I will not support shady business practices and hurdles to unsubscribe is one of the worst in my opinion.
I just decided to do some quick number crunching to see how much this actually would impact me.
Not including Apple One, I spend $432 a year on subscriptions on the App Store. All of those are not available via any other means. So if I saved 30% I would be paying $302 a year... Yeah I would happily continue paying $432 to be able to easily drop something if they start a behavior I don't like and feel like I am in control of my own money.
Thanks for your answer. I agree making it difficult to unsubscribe is bad, but I honestly cannot imagine myself paying extra recurringly for saving myself 10 minutes once at the end. So it's interesting to see people making different trade-offs.
TBH for me it is the principle than the time savings.
If I have to call and cancel, that is basically a guarantee I will never use you again and will warn everyone to not use you.
If I have to jump through a bunch of screens, I will be mildly upset but will probably forget about it.
I just don't want to support that behavior, so these companies basically being forced to do so on "my" (really apple's but I am making a choice to use them) terms is worth some financial cost to me.
If I had thousands of subscriptions, maybe I would be saying something different. But the yearly additional cost in this theoretical situation is minimal and to me it sends a signal. If I actually was given that choice then the company can see those metrics and hopefully see why.
Of course not, I also wouldn't pay 20-40% more for free two day shipping or 30% more for free food delivery over $12, but nonetheless Amazon and DoorDash are able to take that much of a cut from sellers and restaurants.
You miss the fundamental thing which is that the charge is specifically for publishers for a reason. It's because it absolutely is worth 30% to every business who wants to reach a lucrative market.
> DoorDash are able to take that much of a cut from sellers and restaurants
You are building a perfect argument against Apple here. As DoorDash rates grew I stopped using them less and less and started driving to the restaurants myself. And DoorDash rates are still far cry from 30%.
Reminder of the risks of generalizing from one's personal experience, quite especially if one has an HN account. DoorDash revenues & delivery volume show that more people are placing orders, and for more money.
And this is for basic delivery, where many buyers will be a short drive away and could in theory have placed a 1985-style pickup order. There's no captive element like an App Store.
You have it wrong. In addition to the fees DoorDash charges you they also charge the restaurant ~20% revenue behind the scenes. Amazon charges ~8-45% (depends on the product) behind the scenes to the seller in addition to your prime membership.
The argument “would you pay some percent more” is somewhat meaningless because if Apple thought you would pay 40% more they would already be charging that and charging the publisher 30%. Two sided markets mannnn.
> In addition to the fees DoorDash charges you they also charge the restaurant ~20% revenue behind the scenes.
I don't think the point is wrong though. You can bypass DoorDash both as a customer (using other service or going personally) and the restaurant (by having online ordering on another platform).
The Windows store charges 15%/30%, Xbox in-game purchases are a 30% cut for digital games. PlayStation in-game purchases are a 30% cut for digital games. Google Play IAP is a 30% cut. Same with Nintendo digital games. Same with Steam.
Surely they all can’t have monopoly power? Is 15% of revenue suddenly not monopoly power? Would you still feel forced to pay it if it was 50% or 75% or would you just leave iOS?
There is no difference between the customer paying extra and the seller paying extra. There is an amount the customer pays and an amount the seller receives, and the difference is what is paid extra.
Having worked on an app that took payments (although I only ever personally did work adjacent to the payments), customers from the Apple App Store seemed to be more likely to have the ability to make payments; they were likely to have a working payment method on file with Apple. We were a low priced subscription though, 30% seems like a lot, but straight credit card, card not present processing isn't much better when you add the fixed fee to the discount rate. It's better if you can get a micropayments rate, but we couldn't. Lower friction often means more payments, so we would certainly not leave platform app stores to get more control of payment (although, the direct downloaded apps might include more payment methods)
> But a strong benefit to the App Store for me is being able to manage and cancel my subscriptions from a central place. No going through 5 screens, no being forced to call, no any of that crap.
If it's as strong a benefit as you believe then developers will keep offering it.
its a strong benefit for the end user. There is prior to this little to no incentive for companies to do this, and arguably most don't want friction-less cancellation, or they would have built it from day one in the first place.
I don't bet on this sticking around if it can at all be broken.
> There is prior to this little to no incentive for companies to do this
There are huge incentives to do this in California and EU. They have the legislation that says that if one can subscribe to a service with one click of a button then one must be able to unsubscribe with one click of a button.
While it doesn't offer easy cancellation, Truebill is really nice for keeping track of subscriptions. That's always been the hardest part for me as someone with ADHD who has multiple bank accounts. The only account it doesn't work with is my Apple Card because it is still in the stone age of connectivity.
I mean I would argue that the very reason I have subscribed to several of the apps I have is because I was able to do it through the App Store and I knew I could easily cancel.
Had that not been the case I would have never subscribed which gives the developers and apple that money.
Basically apple is getting more money from me because I took more of a risk on something.
One downside (as a consumer) of this bill is that it requires app store owners to allow spamming users
"A Covered Company shall not impose restrictions on communications of developers with the users of the App through an App or direct outreach to a user concerning legitimate business offers, such as pricing terms and product or service offerings."
Yay, more spam (probably all starting with "Dear user, we have a legitimate business offer for you!")
I cannot login to three of my bank accounts (even on the web), authenticate with several services used in my job, or approve some card payments without installed apps on my phone.
It is assumed you have a device. Not installing isn't a reasonable option. You may think "just choose different banks, jobs and cards" but suitable alternatives were not available.
Having a second device would be ok, but very inconvenient and a little expensive due to needing multiple mobile contracts.
If those apps start to include more user hostile features such as spam and data collection, if there are no suitable alternatives we will live with those features. To some extent I am already seeing spam in bank apps, in the form of interstitials advertising shady third party services.
At the moment the app store policies and human review offer some buffer against those features being pervasively standard for such apps, but it's not hard to imagine a dystopian future where all e.g. BankId apps that are required to make payments for food everywhere all seem to have built-in spamvertising and tracking functions that no technical measures like sandboxing can prevent.
This is actually an argument for allowing multiple stores, because I already receive spam (just today as a matter of fact!). So this might be an incentive for Apple to actually enforce their guidelines to keep users on their store.
Desktop has much better tooling than it used to, including code signing, built-in browser scam website filtering, and automatic malware removal tools distributed by OS vendors. The late 90's was full of "take over your computer, time to wipe your hard drive" level viruses and malware (and I downloaded many of them!)
Macs even have recently added sandboxing for manually installed apps similar to the ones seen on App Store apps, such as OS prompts asked to allow access to personal folders, camera, desktop sharing, and other sensitive areas. Even a manually installed app is less likely to access private things because of this addition.
If AltAdBrowser (which, I assume is spyware/adware) is our level of harmful software we're talking about, it should be noted that app stores allow this type of data collection with user consent. Just check out the privacy tab in Apple's App Store for Facebook or TikTok.
Just like on a PC, all it takes is one uninformed download button press to install spyware/adware on your iPhone.
Your relative could also just only click download buttons within the app store on their desktop. That would be a very easy piece of advice.
To those who say that if I don't sideload then this change won't affect me, I don't think this is true. Just because there aren't many alternative app stores on Android doesn't mean it won't happen on iOS. Developers will do this if there is a financial incentive. This is a forced fragmentation of the App store and will do absolutely nothing to improve the experience of a normal, non-HN-reading end user. This will in fact weaken the security for a normal user because they now can be tricked into installing malware without jailbreaking their phones.
Apple disrupted the whole game and put carriers on the defensive. It is highly unlikely that the carriers could try to create their own app stores to funnel iOS users towards them. Unlike with Android, neither they nor the OEMs have the ability to customize the operating system. Nor would users care to install a bunch of bloatware apps on some shoddy telecom's third party app store.
The same carriers that hijack DNS, to show you adds when you make a typo on a URL? Or the same carriers that managed to show you an add when you're on WiFi that you pay for, on your own computer?
It takes a lot less effort to do both of those things, than it is to build a third-party app store and to entice users to join. They may attempt to, but it would be difficult. It’s a lot easier to show ads than it is to get users to use those crappy carrier or OEM bundled bloatware apps. Even Apple has had to allow app hiding or deletion of its first party apps in recent updates, because a lot of users don’t use a lot of them and find them to be clutter.
No idea if it will happen but I'd love a Steam App store on iOS. If I buy an game that runs on Mac/PC/Android/iOS I'd love to be able to buy it once and play it everywhere. I can do that Mac/PC/Linux at the moment, would be nice to add iOS and Android as well. And, even if they aren't the same game it would nice if buying a game on steam unlocked some companion app on my phone via a Steam iOS/Android store.
If anyone actually thinks we’re going to be in an objectively better spot in 2 years because of this bill, I encourage you to take a real good look around at the actual world we actually live in.
Things I guarantee you will see because of this:
1. You will have six different app stores on your phone. The Apple one, the Facebook one, the Google one, the Epic one, and at least two more, probably one from Disney and one from Spotify.
2. Those apps will absolutely not follow anything even close to App Store guidelines, and will wholesale be grabbing everything they can and exploiting every available opportunity to at best take your data and at worst add any kind of adware, malware, or anything else they can.
3. You thought payment dark patterns were bad Now?
4. Every goddamn app you want from every goddamn anything will be side-loaded. Some of these will be legit versions of the app you wanted.
You live in a world in which large predators want to devour you and small predators want to gnaw on you. You live in a world in which goddamn websites are running crypto-miners in your browser. You live in a world in which every company out there is aggressively hacking your dopamine circuits to try to get you to use their app more, and every company out there is grabbing every bit of data they can on you so they can sell it to whatever shady asshole’s willing to give them money for it. You live in a world where nation states are actively targeting you and everyone else around you from across the goddamn world. For fuck sake, you live in a world in which every entertainment studio out there is yanking their content from every other channel and demanding a subscription for them alone.
The App Store is an extractive tax on developers. It restricts user freedom. These things are true. But the goddamn naivety it takes to seriously think that the ability to side-load is going to make our actual lived day-to-day lives better instead of just hypercharging this dark forest hellscape we’ve invented for ourselves takes my breath away. Where the Hell have you people been Living for the last decade?
Where are the 6 app store apps for android. Where are the app stores for Mac and PC? I can buy games for my PC from Steam, direct, green man gaming, etc etc. I can install apps that do things Apple thinks I shouldn't. The idea that having a choice of where I buy an app is a bad thing boggles my mind just because one goes in my pocket and the other sits on a desk. This fear mongering has to stop.
Don't want to sideload? Then don't. Only buy apps from the app store on mac and pc and android and iPhone. And don't hit me with "But what if XYZ takes their app out of the app store and goes sideloading only?!" Well then don't install their app, it's that simple. If the logic is if you want to sideload get an android phone, then the same should be applied to sideloading in general. Don't want to sideload? Then don't.
Amazon has an android app store, there's the f-droid one, all the companies selling android phones in china have their own, I think. Samsung has/had something, IIRC (maybe that was just for Gear VR though). Not a huge reason to have 6 on one phone though.
On PC, there's Microsoft's store. Amazon sells software downloads online, and I don't think they're the only ones. Lots of game stores of course. You can also buy software in actual stores, although that's less common, and sometimes it's just a big box with a download code.
But yeah, your take on sideloading seems reasonable. You don't need to do it. I ran a windows phone for years, it's fine to not have apps (and it's less fine to not have a good browser, but if Safari lingers enough, it'd be nice if you could sideload something else)
On my PC I have a Windows Store, a Steam Store, an EA Origin store and an Epic Games store. There are problems with Windows, particularly because it is like a 25 year old OS. But I don't think the problems are due to those store.
I like being able to buy things on the Windows Store and on Origin and Steam. If you are right and this makes things worse don't you think people will just stick with the Apple store?
> If you are right and this makes things worse don't you think people will just stick with the Apple store?
No, they won’t. At a bare minimum, they’ll have the Google store and the Facebook store, and they’ll probably have a dozen others, because most people don’t actually care enough to make a principled stand on these kinds of things, but their lives will be shittier because of this, in the same way that we all have LinkedIn accounts even though LinkedIn is dogshit because we all need jobs and none of us care that much, but our lives are shittier because of LinkedIn and they’ll be shittier because of this.
> a bare minimum, they’ll have the Google store and the Facebook store
Why Google and FB in particular? Because of the ad tracking thing? Note that if Apple allows sideloading, then rather than installing G/FB’s official apps you’d be able to install 3rd-party clients to their services that mitigate tracking/block ads. Currently you can’t easily do this because of App Store policy disallowing apps that violate the ToS of services that they access.
Because Facebook and Google have the size, market power, and incentive to do it. They’re both mad at Apple over Apple’s privacy moves, they’ve got the engineering talent and scale to make it viable, and there’s not an apple device out there without at least one of Facebook, WhatsApp, and Instagram or Gmail, YouTube, and Google Maps. Hell, I’m as ornery as they come over this crap, but even I won’t use Apple Maps.
And, what’s to keep 3rd party clients from working? The same thing that currently does: Google and Facebook control their APIs. This isn’t the era of the open internet, and that doesn’t change with an open App Store either.
> This isn’t the era of the open internet, and that doesn’t change with an open App Store either
I wasn’t throwing out a hypothetical when offering 3rd party clients as a solution to installing Google or FB’s stores. This is already what’s happened on Android. Rather than download official apps from Google Play one can install a community app store (F-Droid) and grab enhanced 3rd party clients there.
API control is rarely an issue aside from the fact that these unofficial clients tend to use said APIs in ways that violate the provider’s terms of service. As such the client apps violate the Google Play Store’s rules and must be sideloaded. This rule is also why 3rd party clients must be sideloaded on iOS.
I'd rather developers have flexibility and for aggregators to have competition. Yes it is inconvenient having the EA games app, Steam, and the battle.net launcher (all of which I have installed), but people have choices. And despite what fear mongerers would have you believe, there is a lot of pressure on devs to make their games available on common stores like Steam due to convenience.
Right now we just have contractual monopolies with no other options.
I don't see 6 different competing stores on Android. As platform holders, Apple and Google will keep massive competitive advantages against other stores and I'm 100% sure that >95% of users outside of China will only use either App Store/Play Store.
At least in this hypothetical, that’s at least partly because Google owns the primary store on Android. It’s easy to envision them making Google Play for iOS and moving all of their apps exclusively into that and generating quite the beachhead while enabling them to increase their tracking capabilities and gathering more data. Especially if they exclusively release a true build of Chrome (everyone’s favorite monoculture) half of HN will immediately download the store so they can help give Google complete control over the internet.
What benefit would Google Play on iOS provide for the user?
My theory is that for the major non-gaming companies- Google, Meta, and Amazon- building their own third party app store on iOS is not in their interest. They would essentially be carving out a ghetto for their own apps. Even if the law mandated Apple accept third party apps, Apple can still control that experience. And that experience will inherently involve friction. There will be friction to enable third party app stores. There will be friction to sign up for said stores, add payment information, and deal with yet another membership. Users would rather use mobile web sites before they have to jump through hurdles to install an app from a third party app store. There will be a public backlash against these companies for hoarding their apps in third party stores.
I think if they do introduce third party app stores, they won't take crucial apps- Google Maps, Facebook, Instagram, etc.- off of the Apple App Store. They stand to lose out too much by risking being dependent on their own new, untested third party app stores. And they would suffer a lot of heat from angry users for forcing them to sign up for and then manage yet another account.
Besides, these companies' apps aren't exactly the new hotness that inspire organic migration, unlike say TikTok. Imagine: users muddling through the Google Play Store for iOS® to get their Chrome, Google Maps, YouTube, and Gmail/G-Suite apps, and what else? The Google search app? The umpteenth Google instant messenger app? What would Amazon stand to benefit by duplicating their Kindle-oriented third party Android app store on iOS? Offer their Kindle reading app, the Amazon storefront app, and Audible? Does Zuckerberg really want to reenact the Facebook Home fiasco? Most of the time when these giants try to play in the others' home court, they tend to stumble pretty badly.
Gaming companies such as Epic, Valve, EA, UbiSoft, and now Microsoft-Acclaim-Blizzard might have a great chance at fostering third party app stores, given their unique content and gamers being accustomed to having to deal with multiple platforms with exclusive content. And er, a greater willingness to ignore user outcry over closed platform shenanigans.
That's one possibility but Google and Apple effectively made a peace treaty to maintain their duopoly status. I would expect them to keep the status against other uprising competitors rather than breaching each other's territory.
> You will have six different app stores on your phone. The Apple one, the Facebook one, the Google one, the Epic one, [...]
Let me turn this on its head. If you don't want Facebook, you're free not to download it.
> You live in a world in which large predators want to devour you and small predators want to gnaw on you
Right now Apple is that large predator. They take 30% (wtf!), have to examine all deploys (nevermind your emergency), have arbitrary rules, force unwanted and unfair Apple platform integration, separate you from your customers, etc.
Eventually the web will become the app store and software distribution without shackles will be new again.
Apple's false uni-channel model has been a disease on our industry for far too long. Bits are free to send, download, and run.
I agree with a lot of this, but some of the boogey men in the these arguments when stated simply over inflate themselves.
…They take 30% (wtf!)…
On 93% of the applications, Apple takes 0%. They vet your app for the users and handle distribution for $0.
They provide the development environment for free (Your developer identity costs you $100/year and is required to release software in the store, but the tools are free and you don't need an identity to use them for yourself.)
Of the remaining 7% of the applications, until you are pulling in $1,000,000/year from the Apple App Store the Apple takes 15% and pays the credit card processing costs out of that. (At the worst end for you, if you sell a $0.99 app or in-app-purchase, your credit card company is going to charge you maybe 12.4%, so you are right back in the same territory. My local deli won't even take a card for less than a $5 purchase.)
Now we come to the whales. Statistically about 0% of the apps, but they bring in the money. These guys are paying 30% and that is some serious coin. They are absolutely subsidizing the development tools and store mechanics. It must gaul them that they are the huge customer and are getting a negative discount.
I wonder how big a whale you have to be to go to a different store and take >70% of your users with you?
…have to examine all deploys (nevermind your emergency)…
People's milage varies here, and no one writes a blog post describing things working normally, but the store review process is so fast these days that I push my release candidate up, refill my "tea", ask the cat how her day is going, and TestFlight download my approved app to one of my untethered test devices to test. It's that fast. In the bad old days that process could have taken days for me, but now it's smooth. I've been releasing this app since there was an App Store and I've never had a release rejected, so maybe I get special treatment. And to be balanced, I know people in industries which have to educate the reviewer on the legality and compliance of their app on every release, so that part of the review process still could use some help. That isn't doing Apple or the app developer any good.
But… even though I agree with many of your points, I want all my apps to come through Apple, and I don't want to have to provide friends-and-family tech support to all my knuckleheads who will cargo cult install some unmonitored store and end up on the bad end of a bad person's scam.
> They vet your app for the users and handle distribution for $0.
... (but not "...")
>They provide the development environment for free (Your developer identity costs you $100/year and is required to release software in the store, but the tools are free and you don't need an identity to use them for yourself.)
So it's not free at all. It's $100/year. I know--I've tried to do it. frankly, it's in insult that I not only get to develop a free app, I get to pay for it, too!
The main question is: What about push notifications? WHAT ABOUT PUSH NOTIFICATIONS?!!
Even if we sideload an app, with modern mobile OS architecture many classes of apps will be almost useless if sideloaded apps will not be able to use push notifications provided by an operating system.
well what about them? an oversaturated channel that inevitably will become useless. Maybe users should be trained to seek the information they want instead of a device telling them what to think. It's heathier.
Ever heard of messaging apps? The kind you want to beep when somebody sends you a message?
Currently you have 2 ways of providing this to your users: run the app in the background, maintaining a persistent connection to the server, or via push notifications, where an app is woken from disabled state and displays a message. And background processes are killed off on iOS in less than 15 seconds (the documentation states 30 seconds, but we've never seen it in practice). That leaves push notifications the only choice.
Messaging apps are a good example of when not to do notifications. Why should my day be interrupted because some random contact sends me some information? I don’t have email set to interrupt me, why should chat?
Push notifications don't mean only user visible notifications (or certainly don't mean a sound or haptic notification is required). It's nice for the app to get notified so it can download the message, so it's ready when you next want to look at messages.
Of course, worst of both is interruption notifications where you see part of the message, tap to read the whole thing and then get to wait for the thing to load.
Do you want WhatsApp to deliver a message to you from your mom or special one that they urgently need help? Or should they wait till you will want to check the app?
You may disallow app access to notifications if you want to check it only on your schedule. But not having access to notifications hinderes main function of messaging apps - delivering messages to you.
It is frankly shocking to me how many people fail to understand that.
"I don't like push notifications, it means nobody needs them"
For this, there is a system-wide 'do not disturb' mode.
It is actually shocking to me that some people have this extremely narrow view of this problem. There are huge classes of applications that absolutely require immediate notification of the user, but here people just handwaive this as a non-issue because "I don't like to be disturbed".
How about a doctor called for an operation? Your car being robbed? Incoming bank payment? New ride request for a taxi driver? Disaster notification? VoIP call? A soccer game beginning? Billions of uses you just discard because you don't want it. Gross.
A voip call should be done normally, which means that unless you are one of my starred contacts I don't get a notification in DND mode. I have starred maybe 5.
You can make up all sorts of notifications for emergencies but I could counter with what happens if I am in the shower when I get the notification? I don't want a tornado warning the last possible second, I want to know it ahead of time so that I can get to a safe place. If my car is broken into there is nothing I can do, if my grandmother has a fall it is at least 30 minutes before I can get to her, I don't need notifications for bank payments (it gets added to a list that I renew when necessary).
I wouldn't want a notification for an active shooter at all -- if I was hiding from the shooter, it could give my location away.
Android has had alternate app stores for years. I don't recall any of them being a panacea for poor struggling devs held captive by Google Play. I stopped offering my apps on any of them as it was never worth the bother.
What problem is this trying to solve for who exactly? I don't see any way this ends up as a win for small devs.
Thought experiment: I have 7 subscriptions. 4 of those are through the App Store. My credit card expires or get lost. What are the chances I enter new credit card information on your site as opposed to App Store?
And let’s not pretend that Apple is making a lot of money off of Indy developers. Most of the App Store revenue is coming from pay to win games and loot boxes.
Oh goody. I get to manage my own payment system. And have to worry about being tax compliant in every country and state. And deal with logins, and refunds and fraud and uptime and customer support.
Or just integrate other third party payment systems like Stripe, Square or PayPal. I'm pretty sure that they will almost immediately make their systems available on both Android and iOS when the bill passes.
Because a market is suddenly opened for business, alternative payment processors can now start offering systems that take care of this, and with different terms from Apple's. You wouldn't have to handle all of it yourself, you could simply sign on with one that provides you with service you like.
This is the free market competition that tech is supposedly in favor of.
The 15% pay cut is an industry convention, but is that actually justified by any financial reasoning? With actual competition in this space, business models can be discovered that could potentially lower costs. Not to mention, given the VC effect, there will likely be newcomers that try to undercut Apple/Google and each other with lower prices by burning investor capital, for a time.
People are already upset that their digital purchases are controlled by Apple. Wait until the startup that they bought stacks of software from goes bust and all of their app purchases are gone.
This current situation already exists with the App Store. There are apps that have been removed from the store that are simply gone forever, such as Flappy Bird, which was at least free. So how does this change anything? Just because Apple will outlive third party stores doesn't mean the situation you're describing doesn't already happen.
Maybe there will end up being a single app store for both Android and Apple? As a small dev, you'd only have to deal with 1 upload, a single review process, one set of user reviews, etc.
The legislation would require Google/Apple to "step aside" and allow side-loading/alternative app stores, so yes?
Google and Apple would still be welcome to operate their own stores. A 3rd-party cross-platform store would compete with them, hence no monopoly.
Edit: I guess you read my comment to mean "Apple's app store would come to Android" or vice versa? That's a possibility. I'd prefer that to the current state of affairs where no direct competition is possible
I still end up with one more app store to deal with. Unless this 3rd party becomes a de-facto monopoly, there's no way you could afford to leave money on the table by not also dealing with Apple and Google.
It doesn't at all. You can continue to just publish your apps to the App Store and the Play Store, much as the vast majority of users will continue using those.
And if the US government banned all mobile manufacturers other than Apple, the Apple fans would say you can always go live in a different country. (If all countries banned non-Apple phones, then presumably the advice would be to start a new country, on a new planet if necessary).
Firefox battery on macos is also bad, so same argument. Their market share on android vs chrome isn’t worth mentioning, so I don’t even know that it’s a better choice.
There is no way this will get much floor time on the Senate.
The only real path forward is that a stripped-down version of it is added to some sort of big spending bill, similar to what they did with the tobacco minimum age[1].
If they sold an iPad that was only made for playing games and that was sold at a large loss, it would be a different conversation, even though I think that consoles should be opened up.
I think this argument is less relevant today. Back in the early days of game consoles where they were very obviously designed for one thing only (ex: GBC, NES, etc), then sure.
But consoles today are only limited to gaming and entertainment because the manufacturer artificially limits which software can run on it (and who can develop for it).
I don’t know if they should be opened up like the iPhone (which 1000% should), but it wouldn’t be the end of the world if they were. Some business models would have to be changed, but that happens all the time. Consumers will certainly benefit from more choices.
At the very least, even if they aren’t treated the same as phones/tablets, I think the ridiculous DMCA restriction about jailbreaking consoles needs to die. Jailbreaking a phone/tablet is legal, but doing it for a game console is illegal because it could maybe lead to piracy.
That’s obviously dumb (because jailbreaking a phone could also lead to piracy), but it also acts as a convenient legal barrier that protects console manufacturers from competition. In the early days of home consoles, some publishers would jailbreak consoles to be able to sell games without going through the manufacturer. EA did this as part of a strategy to negotiate more favorable terms with Sega, for example. The threat of competition forced Sega to the bargaining table, and in the end consumers benefited from the games EA was able to publish.
courts don't really care about technicalities like that. No one is filing their taxes or sending out work emails on their Xbox so its not the same even if someone hypothetically could.
Most modern consoles include a web browser. How many people do use it for real? How many people use consoles for anything that isn't gaming or media playback? For all intents and purposes, most people do consider them appliances.
People seem mostly mad about the IAP thing, so I don't understand why everyone keeps lumping third-party payments and third-party app stores together. They're completely orthogonal.
They are not orthogonal. Allowing third-party stores/sideloading implies allowing third-party payments, at least for apps distributed outside the App Store. Forcing the Apple to allow apps that use third-party payments on the App Store and forcing Apple to allow sideloading are orthogonal though.
> New rules could require them both to allow app side-loading — installing apps from non-sanctioned marketplaces — and alternative payment processing systems. Apple and Google have argued vehemently against the bill.
Doesn't Google already allow side loading or is that no longer so?
Yes, they're still allowing side-loading. Though it recently tried to monetize Play Store by enforcing its own payment processing system for most apps.
I personally can’t wait for students to be forced to install apps from third party stores that collect all their information because their schools have a contract with the developers and have made it mandatory.
Same will be true of employees and their employers.
Students are already made to use iPads or Chromebooks with apps installed using the Apple Enterprise tools that don't have to pass the validation process and can collect all of their information.
Same is true of employers and their employees.
So what you are talking about is in fact already there, and Apple is fine with it and facilitates it.
App permissions are viewable in Settings- these are enforced at an OS level distinct from App Stores. Or are you suggesting that illicit apps are somehow able to break those restrictions and leak permissions? And bypass the permissions checks built into the platform itself?
> can’t wait for students to be forced to install apps from third party stores that collect all their information
I'm similarly wary. But Apple and Google have been bad stewards of their market power. If the only thing protecting our rights is Cupertino's goodwill, perhaps that's an orthogonal issue for lawmakers to take up (and citizens to lobby for).
> But Apple and Google have been bad stewards of their market power.
Can you explain how? Because I don’t think they have at all. App developers are not their customers, they are business partners, and prioritizing customers over business partners is laudable.
Can you explain how this is materially different from the apps corporate security already makes you install on devices to allow them to track and wipe the device? How it is materially different from what goes on my laptop?
That's already the case with the appstore. If you value privacy, don't install apps, use their website instead (ironically a free and open platform as well, there are lessons to be learned here)
No it's not, phones have unique identifiers, easier hardware access, poor cross-apps sandboxing capabilities, they also have no private mode, don't support adblocking & tracking blocking...
There's a reason everybody nags you to install their apps on every website.
> - ad blocking doesn’t work well or at all for first party ads like FB, Reddit and Twitter use.
For now, only Facebook is resisting on it's own website with some obfuscation but I have no doubt that new browser apis will close that gap. For Facebook tracking on external websites it does work though, something I can't say exists at the moment in the mobile world.
I'm not saying Apple does not take any steps towards fighting this, I'm just saying they are currently very far to the level of privacy of a browser.
> It’s not about obstructing, a “native ad” looks just like any other post and is integrated into the feed.
They have to disclose sponsor posts by law (at least in the EU). Right now they are using tricks of random divs to hide that to adblockers. When the browsers will add a contains-visible-text:() selector (or similar name), it will be game over.
You just described MDM. It has been supported by iOS for a long time, allowed to do exactly what you describe, and this bill won't change that aspect of it.
The permanent solution to this are federal data privacy and ownership laws.
Does this bill meaningfully impact Android users in anyway. Alternative app stores, alternative payments, side loading have all existed for years. The article claims Apple and Google are both opposed to the bill but doesn't really say why.
I can only think of a couple.
Potentially opening up of services like notifications so that apps that don't have play services can get notifications without destroying the users battery.
Disabling or neutering of the awful SDK banking apps and games use to detect root and not run.
They're small but annoying things but hopefully are outcomes from this bill.
> New rules could require them both to allow app side-loading — installing apps from non-sanctioned marketplaces — and alternative payment processing systems. Apple and Google have argued vehemently against the bill.
Imagine if Google were forced to allow sideloading on Android. then other companies (like Amazon) could offer their own App Stores; Google Play's profits would tank, and they'd no longer be able to charge 30% platform fees. Right? ;-)
Looking forward to porn apps and or app stores on iOS. Seriously. There's several Android only sex apps (sideloaded), and lots of PC only sex apps, that could be on iOS if there was a way to load them. Many are made in Unity so it could be as simple as just re-exporting, but until now there was no way to ship them for iOS.
I can already see makers of mainstream apps in China (e.g., WeChat, TikTok, Alibaba, etc) building more feature-rich versions of their apps outside AppStore and unnecessarily mandating contacts and location permissions, while putting a zombie version on AppStore. (This is already the case for Android/Google Play)
The Chinese tech giants probably have the most motivation and capability to develop their own independent third party app stores, moreso than Facebook or Amazon imo. That said, I'm not sure if WeChat or Alibaba would be as interested as one would think- they've invested years and years of work into mini programs or lite app within their own apps themselves, building app stores would be undoing a lot of that work at worst, making it redundant as best.
> New rules could require them both to allow app side-loading — installing apps from non-sanctioned marketplaces — and alternative payment processing systems. Apple and Google have argued vehemently against the bill.
Why is Google against side-loading? It is already possible to side-load on Android devices, what is their argument?
If it is explicitly allowed, it will open the door for some extremely high quality, curated stores that can break google's iron grip on revenue, advertising, privacy, etc...
> It is already possible to side-load on Android devices, what is their argument?
Have you tried side loading something on Android lately? As an HM user you could probably fogure it out, but imagine trying to create a competitor to Google Play. How the hell would you onboard new customers? How do you teach a grandmother how to dig through their phone’s settings app and convince her to ignore all of the scary warnings that Google throws in her face?
Google doesn’t want side loading just as much as Apple.
But, isn't this trying to close the barn doors after the horses are already out? Side loading is already here and there are already multiple app stores:
The only ones barely relevant are the preloaded OEM stores, like Samsung’s and Amazon’s, but even those pale in comparison to Google Play.
And it’s not because Google Play is better than the competition. It’s because Google has barriers in place to stop any would be competitors. Look at the epic game store for a high profile example of that.
I don't think Google is against sideloading since Android supports it by default.
I think Google is against being required to allow third-party app stores to have feature parity with its own, and against being required to allow third-party payments in apps purchased from the Play store. Those things would reduce Google's revenue.
I would be more interested in having this for car entertainment systems, smart televisions, and like TBH. For my iPhone this probably causes me to install less apps and avoid subscriptions as I’m not interested in the ”install this crap so you can install that crap” pattern. If this is route, force Epic and digital platforms to open up their market places as well and let me design my own loot boxes to side-sell to let them taste the medicine of user choice and convenience of supporting alternative platform actors as well. I’m really not interested in giving more foothold for adtech and micropayment nickle-and-dimers on my most personal computing device. It’s enough I need to put up with Apple’s bright ideas of implanting my device with ”this scans everything on your phone” brainfarts, I definitely don’t need a zuccstore on my phone implanting every internal API for ”DRM purposes and best experience” as a ransom for the privilege of using WhatsApp so I can get more targeted ads for gimp suits and toilet brushes.
I blame consumers for the duopoly we have. I get that practically, it's a farce to call this choice we have real and significant but these marketplaces exist because of the demand. Making this duopoly more convenient for app-makers only kicks the can and further re-enforces the duopoly. In an ideal world, people would fund projects like the PinePhone or PostMarketOS, but our "solution" to the walled-garden is apparently to make it less painful but just as preeminent. Consumers should be smarter.
There are a lot of passionate people trying to make these alternative hardware and software marketplaces work, but passion is no replacement for genuine demand so supply is scant. Given the unfortunate historical trajectory, quality will always be wanting. So, I guess I'm against a practical solution that entrenches the status quo when there's an ideological solution that would make these poor options obsolete. I'm probably just holding my breath though.
People who want to make that thing would like a job making it.
But it’s backwards, you can’t say that people “should” be a certain way you have to look at how they actually are.
Being passionate about building something does not convey a right to a job doing that. It makes for a fine hobby - but outside of that build something people want.
I never said people have a right to make a living off of their passions. People don't. Passionate people are not divorced from the market but active participants in it.
I, however, would like to pay people to make this thing that may just happen to have a passionate origin. I also think many people want some polished version of this thing to exist, despite not wanting to fund its manufacture and maintenance. I think the inconvenience to the user in the interim is worth it, but many/most don't agree with me and that is one reason it doesn't exist.
Making legislation to force third-party marketplaces to exist on a "platform" is more in line with your concern, to be honest. It's forcing an entity to do something it doesn't want to do. If consumers cared about this, they would move to a different platform or gasp create a competitor that does what they want. I already know of some people that have moved from Apple to Android simply because side-loading is possible.
Also, I take issue with the notion that in order for something to exist today, it has to have "broad mainstream appeal". A marketplace by its very nature benefits from diversity of marketed goods, but just like any other product, it shouldn't need to completely displace market leaders to exist. The rise of megalythic companies, VC being promised eventual Google-scale growth of their bets and people's general squeamishness at using anything at all unpolished or inconvenient has created this world where everything needs to be huge in order to be considered successful in any meaningful way.
F-droid is a thing and I don't think anyone would argue it
A. Doesn't exist.
B. Is a real competitor to the Google Play Store.
C. Doesn't invovle people in the market, both developers and users, who are happy that it exists and wish to further it's growth.
I can say, I think a lot of the problems we currently have and ones we are trying to spotfix with legislation could be better solved via a more conscious consumption. "Should" is a subjective term based on a cost/benefit analysis and while I think people should act differently, I don't think they should be barred from acting as they have today nor are they morally corrupt for doing so.
Everyone buckets and weights the pros and cons of everything differently.
You're bringing up non-profit projects as proof that consumers aren't doing the right thing.
But, don't forget, there used to be a highly competitive commercial smartphone market until the competition was whittled down through acquisitions and exits.
Microsoft, Blackberry, Palm, Apple, Nokia, and Android all had their own smartphone OS simultaneously for a brief moment in time.
Consumers can't be blamed for market consolidation. If that's the case might as well blame them for T-Mobile buying Sprint or for the AT&T or Microsoft monopolies.
I don't know if this bill is the right bill but anti-trust is an issue of growing importance. You buy an expensive durable good and it shouldn't be left to the manufacturer to decide whether it wants to screw you over or not (and this same concept applies to things like cars, washing machines, etc).
I think you're moving goal posts. Not all problems with our market are the result of simple consolidation of market leaders.
Put simply, don't buy products that lock you in if you don't want products to lock you in. It seems like consumers are capable of making decisions based on price, durability, features, color etc. why is any other variable sacred?
The answer is consumers don't care about these issues enough to pay for them. Would we have this right-to-repair argument if consumers went out of their way to buy repairable devices? Lenovo, Apple, Google, et. al. have been moving to solder more and more components to the board and glue everything together and consumers haven't punished these producers with their wallets yet. If you want a repairable device, buy one -- this isn't a consolidation problem. If you want a phone that you can run a different OS on, buy one. If you want a red toothbrush, don't buy a blue one and complain (or make a law) that it should be red.
Pine64 is a for-profit entity. If you want a repairable phone that you can side-load anything on, maybe give your money to them instead of Google-Apple. Likewise, if you want a repairable laptop maybe buy a Librem 14 instead of an MacBook. Maybe if you want an open hardware ePub reader buy an InkPlate instead of a Kindle. These things exist and more would exist -- with more polish -- if people voted with their wallets. These are real companies trying to make real money with real products for real people.
The smart phone operating systems you listed would have flourished if more people purchased their respective devices. You can't install Sony's OS on an XBOX and while I don't purchase consoles and think buying a single-purpose gimped device is almost always a bad idea, if people want to buy what XBOX is selling, so be it. Apple consumers are not left in the dark about their ability to use an alternative app store and while I think it's a horribly limiting experience, Apple consumers keep throwing money at the company.
I'm not just blaming the consumer. I'm also stating that the consumer is a vital part of the market and their action or inaction results in a market more aligned with those decisions.
It's still blame for being non-technical. People rightfully don't really know how a lot of these highly complex products work.
They just want to (e.g.) make sure their photos of their kids won't get deleted.
The whole purpose of regulations is to protect the consumer against predatory companies.
Companies are showing up armed with a massive information asymmetry. They’re paying thousands of data scientists and marketers to learn everything about you and how to manipulate you into buying.
The customer is the prey, not the predator, and blaming them is blaming the victim.
Many consumers are aware their information is being scooped up and sold to the highest bidder on Facebook and Google. If they are not, I support more thorough and approachable information disclosure mandates. Most consumers don't care or at least the benefits of Facebook outweigh the cost as far as they see it. That's a calculated market decision.
I, myself do not have a Facebook, Instagram, WhatsApp, WhateverZuckBuysNext account because Facebook is a bad company and I don't wish to give it a dollar. When WhatsApp decided to merge Facebook and WhatsApp user data, consumers reacted by switching to Signal, a more equitable competitor. Facebook then had to placate them, at least temporarily. This is how conscious consumption works and in a capitalist economy transactions and boycotts are one of the purist ways to show your approval or disapproval of a company's products, services and behavior. It punishes bad actors in their wallets and rewards good ones in theirs instead.
I am 100% in favor of mandated information disclosure laws. I think consumers cannot make a voluntary and informed market decision if they don't have adequate information. Things like nutritional values, ingredients lists, explicitly enumerated contracts, hazards, precautions, demarcated place of product origin, assembly and material origin etc. etc. These are the tools with which consumers can make market decisions.
We live in a society where this information disclosure is obviously inadequate but consumers are also part of the equation and should be more vigilant and aware of their part in this dance.
I don't think the only two options are between a heavily regulated corporate hegemony (with consumer safeguards) and pro-corporate monopolist authoritarianism. We can do better but people need to do better too.
Surprised it took this long. If they would have taken a more reasonable 5-10% of developer earnings they’d still collect billions upon billions in rent while not angering millions of developers and lawmakers writing this legislation. Or at least charge a tiered annual publication fee plus payment processing fees. But greed got the best of them. Their fees are akin to a shopping mall owner taking 30% of store revenues off the top, plus the usual monthly rent. Oh and by the way, there’s no other malls in town to move your business to.
>Oh and by the way, there’s no other malls in town to move your business to.
I mean, given that this bill is targeting two companies, I'm not sure your analogy holds. There clearly is another mall you could move to. You just wouldn't get the patrons at the other mall. And they charge the same and always have. And, your business doesn't even have to be located in the mall if you think the fees are unreasonable. You just don't get the benefit of all the people already shopping at the mall. I also generally want to have my cake and eat it, too, though.
The analogy is saying there are malls in two different towns- there's only one mall in Androidville, and if I want to go to the one in Appletown I have to sell my house and all the stuff I bought at the Androidville mall and move there. Trying to argue its not a monopoly is engaging in the worst type of pointless semantic argument.
>Trying to argue its not a monopoly is engaging in the worst type of pointless semantic argument.
So, you think this bill is a waste of time, then?
If Apple has a monopoly, no legislation is needed as we already have laws to address it. Epic's lawsuit failed specifically because they couldn't prove Apple was a monopoly. This legislation's existence is specifically predicated on that there could be issues that might be worth addressing outside of monopolies.
No, I support the bill. I guess I should have typed 'monopoly that is not already covered adequately by current anti-trust regulation', but at some point you have to stop.
Ok here is another analogy. Imagine Microsoft not only bundling internet explorer with windows in the early 2000s, they made it not physically possible to even install a different web browser on the computer. On top of that, Microsoft demands complete control over what’s on your website (in its website review policy), and takes 30% of all your revenue otherwise Microsoft customers are no longer able to visit your website. And sure you can buy a Macintosh instead, but they’re doing the exact same thing except with Safari. The current situation is not any different. People seem to be tricked into going along with this because “security.” Legislators would have had a field day with that.
We’ll, that’s where market forces push back on you. If you abuse your position then people (developers willing to work on your platform) walk. There’s a threshold, and I don’t know what it is, but Apples platform and it’s customers are currently worth the 15/30%.
I suspect that the number of developers at 80% would fall off a cliff. But that would be Apples decision to make. They set it at 30% and there are apparently plenty of developers who are willing to pay that rather than not develop for the platform.
If this comes into effect will we see a plethora of appstores on each devices? Every app worth its salt will want to create their own bundle or App Store and hope to control their own end to end experience. I cannot imagine how terrible that experience is going to be.
It becomes everyones user experience when every big company only offers their software on their own app store so they don't have to pay anyone else a cut.
Yes, but is that inevitable? Facebook tried to take advantage of Android's open nature in the past and failed outright, and that wasn't even an app store but an app launcher (Facebook Home). The Amazon Appstore is mostly used for their Fire Tablets anyway. Ditto Samsung Galaxy Store is specifically for their own devices. Epic's attempts at building their own mobile app store hasn't gotten anywhere. So what other phantom third party app store are we so afraid of? Steam?
Here's a small but more poignant reason: F-Droid exists on Android, not as a huge app store, but a nice FOSS-only community with its own standards of app quality and screening for malware. Surely as hackers we can at least appreciate an analogous community being made feasible on iOS, and not in a slightly more shady unofficial capacity like the jailbroken-only Cydia.
And surely, as hackers, we can appreciate having the freedom to not be unilaterally subject to the whims of a single corporation's dictates.
That distinction is way outdated because a developer is not inherently more savvy than an end user. You could have a web developer who has no idea about how a smartphone works internally.
Yes it would. "Access to operating system interfaces, development information, and hardware and software features shall be provided to developers on a timely basis and on terms that are equivalent or functionally-equivalent to the terms for access by similar Apps or functions provided by the Covered Company or to its business partners."[0] means that anything a native app can do should be possible to do from a third party app.
Presumably "similar Apps or functions" would mean that third-party Apps could once again[0] deactivate the cellular radio, to prevent tracking by the mobile network at certain times (or locations/speeds).
Not so. Those functions are OS-exclusive. It's doubtful that legislators intend the Settings app to be one of those similar apps that third parties can duplicate, and Apple would easily win any case that argued otherwise.
Perhaps I overstepped my IANAL boundaries there. But I think it shouldn’t be too difficult for Apple’s lawyers to argue that functionality built into the OS to protect location data or control the cellular radio are distinct from say, Apple’s first party Podcasts or Music apps.
A judge should be unimpressed if Apple simultaneously argued that they need to protect users from apps which track your location data, and that they need to deny those users the ability to install apps which stop mobile networks from tracking your every move.
If Apple started arguing that the OS settings page is not a "function[] provided by the Covered Company" because "location data" is a special kind of thing that means the law shouldn't apply to that page, then the specialness of that thing would suddenly become a component of the lawsuit, yes.
Not directly, since it doesn't require a more permissive sandbox.
You could side-load a completely bespoke browser engine, but within the current sandbox restrictions it would be significantly worse than the Safari-based one. Apple would have to both allow side-loading AND weaken the OS's sandboxing restrictions to get a e.g. Chromium based browser engine running natively.
I'd bet $20 that Google (and probably Amazon) has started or will start working on an App Store for iOS. If either of them use their dark patterns to get people to install their app stores then this could be a different situation than what's happening on Android, where very few users actually side load apps. With the weight of one of these giants they could really get massive adoption on iOS in an alternative store.
Facebook is probably planning on doing this too, and they will probably use much more lax privacy standards along with other things to bait developers over.
They have enough of their own powerhouse apps to make their store happen too, which is scary. All they have to do is say that the only way to get Facebook Messenger and WhatsApp is through the Meta Store and they have a huge audience overnight.
Damn. They are totally going to do this, just to avoid the app store review process.
Funny how apple made the process so difficult and because of that, when they lose their monopoly, Google and others will be there waiting to implement the parent comment's plan.
I mean it's not super exciting as a user that apps are gonna wholesale migrate away to the whatever store has the fewest rules and lowest cost to publishers. I see the value-add from the publisher side -- yay we can spam, charge for notifications and dark mode, and freely track users!
I mean it's absolutely nuts that the web is basically unusable without an aggressive content filter but obviously native apps are gonna be angels.
As an Apple user, I kind of view the App Store as a kind of collective bargaining with app developers. If you want to have access to Apple Users you need to adhere to certain standards.
The plaintiffs in the lawsuit against Apple are some of the scummiest companies and their software is full of dark patterns.
Apple’s App Store does a lot to protect me.
I guess I view this bill much as a union member might view a “Right to work bill”. Theoretically it is increasing user choice, but in practice it will just allow a race to the bottom in terms of privacy and dark patterns.
Everyone would be glad if Apple and Google would drastically drop their cut to 5%-7%. They basically take a risk free 15-30% stake in revenues (!) of many companies that serve users on mobile devices.
"Apple’s App Store does a lot to protect me." You can still have that by only installing apps from the App store, no? While I can sideload app from any website I trust. And someone else can install a whole different store they trust. I don't see how it affects your protection in any way.
> I don't see how it affects your protection in any way.
The way it affects me is that now, developers are faced with the choice - adhere to Apple’s privacy standards or lose out on the lucrative iOS market. With side loading, they will have the further option of just telling people to side load their apps and not put them on the App Store.
This if I desire that the popular apps I use respect my privacy and avoid dark patterns (like making it impossible to cancel subscriptions), then them having an option to avoid Apple’s oversight makes it less likely that they will adhere to these standards.
Apple has turned the magic of software development from “how cool would this be?” to “how cool would Apple be with this?”
That’s an environment of software suppression instead of free innovation, and Apple has felt little pressure to change.
For anyone concerned about the security and privacy implications, don’t fall for the misconceptions perpetuated by Apple: non-App Store apps will still be sandboxed (so they can’t access other app or system data), and also scanned for malware by Apple - just like App Store apps!