Apple warns rogue apps will open up customers to ransomware

Apple argued this week allowing iPhone users to install software from outside its App Store, known as sideloading, would open up its customers to ransomware, pirated software and apps that steal user data.

The warning comes at the same time that lawmakers in the US are set to debate a series of antitrust bills aiming to limit Big Tech. Two of them are particularly meant to prevent platform owners from favouring their own services and could be interpreted to force Apple to allow sideloading. It says sideloading would encourage hackers to target iPhone users by helping enticing victims to download apps from outside its store, possibly for school or work. This, it adds, could put children at risk by disregarding parental controls, or by collecting sensitive user data, owing to the large size of its user base and collection of photos, location data, health and financial information.

Security versus control

The company also pointed to apps on Android, loosely overseen by Google and which allows companies more freedom. Android users can download software from a wide variety of sources, not just Google Play. It gave an example of a sideloaded Android app that posed as an official Covid-19 app from Health Canada but which encrypted the user’s data and forced them to email the attacker to unscramble it.

Whereas Apple’s Mac laptops and desktops allow sideloading, Apple argues the large number of iPhones makes securing the iOS App store more important and justifies the control.

What do the bills say?

The bills’ policies are targeted not only at Apple, but Amazon, Facebook and Google as well. However, Apple faces different antitrust challenges then the other three because Apple tends to make only small acquisitions, whereas its rivals face questioning over large mergers, data privacy and whether they should be broken up into smaller companies. Legislators are mostly focused on its App Store rules. Two of the bills, the Ending Platform Monopolies Act and the American Choice and Innovation Online Act could force the company to change its current practice.

Apple’s story has also drawn regulatory attention in Europe, with its CEO Tim Cook criticising sideloading in the context of proposed European law called DMA last week.

Apple CEO Tim Cook criticized sideloading in the context of a proposed European law called the Digital Markets Act last week.