• 1 Post
  • 28 Comments
Joined 1 year ago
cake
Cake day: August 14th, 2023

help-circle

  • Sure, I get that. The issue is that as soon as you introduce the ability to install apps from outside the App Store, it becomes possible to trick unsuspecting users into clicking buttons they don’t understand. By designing a web page to look like an actual Apple page, a malicious party could convince users to “opt in” to outside sources, in a similar way in which phishing websites harvest users’ online banking credentials. Currently, this kind of attack is entirely impossible on iPhone.



  • I think that’s exactly the problem. The real user benefit will be very small, but in order to enable those changes, functionality will be implemented on everyone’s phones to support sideloading. In my eyes, this increseas the attack surface against iPhones. Time and time again alt stores have been used to distribute fake apps and malware on Android, and the victims are often those users who haven’t asked for sideloading and are unlikely to use it intentionally.

    Yes, maybe this will enable an F-droid equivalent on iPhone and it will be great to have direct access to open-source apps. But is this niche addition worth potentially reducing the security of all iPhones? I’m not convinced.