In a new document dubbed “Building a Trusted Ecosystem for Millions of Apps,” Apple says that studies show that devices that run on Android had 15 times more infections from malicious software than iPhone. Why? Android apps “can be downloaded from just about anywhere,” while everyday iPhone users can only download apps from one source: the App Store.
Apple said allowing “sideloading” of apps on the iPhone would “spur a flood of new investment into attacks” on the iOS platform. When referring to iOS apps, “sideloading” means installing an app in IPA format onto an Apple device, usually through the use of a computer program on the smartphone using a jailbreak method or using a signing service instead of the App Store
“Because of the large size of the iPhone user base and the sensitive data stored on their phones – photos, location data, health and financial information – allowing sideloading would spur a flood of new investment into attacks on the platform,” Apple says. “Malicious actors would take advantage of the opportunity by devoting more resources to develop sophisticated attacks targeting iOS users, thereby expanding the set of weaponized exploits and attacks – often referred to as a “threat model” – that all users need to be safeguarded against. This increased risk of malware attacks puts all users at greater risk, even those who only download apps from the App Store.”
The tech giant adds: “Sideloading would expose users to scammers who will exploit apps to mislead users, attack iPhone security features, and violate user privacy. It would also make it more difficult for users to rely on Ask to Buy, a parental control feature that allows parents to control their children’s app downloads and in-app purchases, and Screen Time, a feature to manage their and their children’s time with their devices. Scammers would have the opportunity to trick and mislead kids and parents by obfuscating the nature of their apps, making both features less effective.”