If the Mac can handle the ‘risk’ of alternative app stores, why can’t the iPhone?

Macworld

If you take Apple’s view of things, iPhone users in the EU are about to enter the wild, wild west of mobile security.

Possibly the wild, wild east of mobile security for those in Eastern Europe.

Writing for Fast Company, Michael Grothaus spoke with Apple Fellow Phil Schiller about the scaaary future that awaits!

“Exclusive: Apple’s Phil Schiller says alternative app stores expose iPhone users to major risks. He’s right”

…with alternative app stores on the iPhone, its users in the EU could now be more vulnerable to privacy and security threats than they were before, according to Apple Fellow Phil Schiller, who heads the company’s App Store.

Of course you might expect the head of Apple’s App Store to say this…

Yes. Yes, the Macalope would. At the very least because, despite the company being dragged kicking and screaming into this action, there will assuredly be people who are going to blame Apple when they download a malicious app from someone else’s store.

Because people are the worst.

Like Carl. Ugh. That guy. Who wears a Members Only jacket in 2024? And Randy? Don’t get the Macalope started on Randy.

Of course, Apple will continue to have at least some level of responsibility because it is insisting continuing to the the one to notarize apps after doing a baseline review of them, regardless of what store they end up on.

Still, this notarization should be enough to stop a malicious app that’s attempting to mimic a real app (say, from Facebook or Starbucks) from being installed on a user’s iPhone.

After a recent App Store incident, “should” is doing an Eastern European deadlifting team’s worth of heavy lifting in that sentence.

“Warning: Fraudulent App Impersonating LastPass Currently Available in Apple App Store”

Oops.

IDG

Still. People like simple solutions. The App Store is either good or it’s bad. But it’s not. There are a lot of things wrong with the App Store. Yet, even though the review process is far from perfect, it is still a significant contributor to making iOS one of the safest modern operating systems, if not the safest. And, at the same time, that still doesn’t mean other stores shouldn’t be allowed.

On the Mac you can download apps from anywhere on the internet. The Mac has its own various levels of security to prevent malicious apps from stealing your life force and/or precious bodily fluids, but it’s more vulnerable than iOS, partly because iOS is so secure thanks to both strong security implementation and the App Store. The former sometimes hampers functionality. The latter sometimes hampers developers’ sanity and customers’ choice. Even with these restrictions, it’s still not completely secure because it’s also probably the most targeted operating system in existence.

The Mac, with its more open nature, certainly has its fair share of vulnerabilities, but to date, it’s still not significantly impaired by malware. Windows fans warned for years of the coming of The Year of Mac Malware, insisting that the Mac would be inundated with malware once it reached a significant market share, just as Windows had. But it never happened, in large part because desktops took a back seat to mobile devices. When people moved most of their computing to mobile devices, attacks moved, too.

From a security perspective, Apple managed the last two decades pretty well. The relative stagnation of the desktop market meant the Mac never got popular enough to receive significant attention from malicious actors and the restrictions put on iOS made it that much harder for them.

All this comes at the cost of the company deciding what is and is not an acceptable risk and what is and is not acceptable content. After 17 years of iPhone-ing, aren’t customers ready for the company to loosen its grip a bit, despite Schiller’s protestations?

iOS