Apple plans to charge fees for sideloading

Jvrava9@lemmy.dbzer0.com to Technology@lemmy.world – 884 points –
iPhone app sideloading: Apple reportedly plans to charge fees and review apps downloaded outside of the App Store - 9to5Mac
9to5mac.com

Who would've thought? This isn’t going to fly with the EU.

Article 5.3 of the Digital Markets Act (DMA): "The gatekeeper shall not prevent business users from offering the same products or services to end users through third-party online intermediation services or through their own direct online sales channel at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper."

Friendly reminder that you can sideload apps without jailbreaking or paying for a dev account using TrollStore, which utilises core trust bugs to bypass/spoof some app validation keys, on a iPhone XR or newer on iOS 14.0 up to 16.6.1. (ANY version for iPhone X and older)

Install guide: Trollstore

307

Top comment by Chris (@SwiftySanders@urbanists.social) Liked by 7 people

I think all these changes that the EU is doing really only benefit large development firms like Spotify and Epic at the expense of the smaller developers. EU is adding additional regulations and requirements from Apple which smaller developers and indie developers will now have to comply with which will act as barriers to entry for some. That’s bad for competition…which I think was ultimately the goal for Epic and Spotify.

I love this braindead take regurgitated again and again and again. The DMA specifically does not apply to anyone smaller than a big monopolistic company. Apple barely made the cut themselves. The whole regulation is about forcing six companies - the Act only applies to them at all - to open up their walled gardens because they are strangling their respective markets and killing innovation, consumer choice and competition.

That is hilarious that they expect iOS users to pay a fee to sideload apps. Like comically evil.

I don't pay anything to side load apps on my phone.

Probably bc I switched to Android.:-)

And I am never ever going back!

3 more...

It's not the users they're charging, it's the developers. Instead of having to pay 30%, they're asking for 27% if they're selling their app side loaded.

Defeating the whole purpose.

Those numbers are from using outside payment methods and not side loading.

And developers move the cost to users by increasing price on ios

This was how it worked for years for developers. First step of testing your app on an iOS device you have is to pay Apple a developer fee. This has been a thing even back in iOS 3 times.

Is it just a one time fee? And what were you paying for, testing to see if it qualified for the app store?

Seems like sideloading would be a different path and goal unless Apple is trying to retain control of that too. To me a lot of the point of users sideloading is to load whatever they want, not what the corporation that made the OS will allow.

Its $100/year for sideloading an infinite amount of alls that don't disappear. If you don't pay, you can only sideload up to 3 at a time and they will disappear after a week

I don’t think that’s true at present. You can do it with the free account to sign builds for your own devices. If you need to run a build on a device that isn’t your own, you’ll need a developer account to get a certificate to sign your builds. It’s not great but you don’t have to pay to test your own app out on your own devices.

You can only test 3 apps at a time and they disappear after a week. It doesn't matter if the device is yours or not.

3 more...

The only way it could work out badly for smaller software developers is if companies like Apple decide to recover their losses by charging heavily for development tools and resources.

If they can’t have walls around app distribution they might try and put them around app development instead.

They've been doing that since the beginning. You need a "developer license" in order to publish an app. Back in the day it was like $50 a year I think, but I haven't done ios dev in about a decade so I don't know if that's changed.

App developers add value to their platform, any wall erected there would be torn down in moments. It would be biting the hand that feeds

It's North Korea in the Apple world.

You are both correct. They do stop things that would be ok, on say, a windows machine. For example, intercepting text messages at the system level. It prevents a lot of mischief but also stops legitimate software.

But we can already look at the Android market for guidance on what will happen. Few Android users venture out of the official store. It will take a large company with must-have apps to get people to go to another marketplace. Like Steam, Epic, or Facebook. Companies that either want to keep their cut or want to collect data to sell. This will likely not matter at all for small developers. They don’t have the clout.

There is this god-tier unofficial store called f-droid. Installing app from there is always a joy

There is one aspect people don't really talk about yet, because it is not just about "allowing sideloading". The law says "no self-preferencing". That means that installing an app from for example F-Droid has to take the exact same amount of taps with the exact same UX as installing something from Google Play. Same goes for the App Store. The point is not to allow sideloading, but to erase the word sideloading from the vocabulary of the platform and make it just like Windows in that regard.

This is not just bringing iOS to where Android is, Android is still not compliant yet either. Neither is Windows by the way, because of how they treat Edge.

To be exact, DMA applies to platforms with >45M users in EU

Not even just that, you have to have at least 7.5B EUR turnover or 75B EUR market cap, AND 45M end users AND 10k business users AND keep this up for 3 years.

And even then it's not automatic, you get nominated and get arguments, and only then you have to follow it.

I mentioned the six companies because they are the only ones that this currently applies to, and that will be the case for the foreseeable future as well. And even from them, it's specific products. MacOS is not in scope for example, despite iOS being scoped in.

MacOS is not in scope for example, despite iOS being scoped in.

But is MacOS as much of a walled garden than iOS? Not in the slightest, right? I'm fairly certain you can install random software on MacOS can't you?

It doesn't matter if it's a walled garden with the DMA. Yes, MacOS is not in scope, because it doesn't have enough users, but Android and Windows totally are.

I had a user on here tell me the DMA is proof that Valve can't be considered to be in a position of monopoly with Steam because they don't show up on the list of companies concerned... People don't understand what the DMA is at all.

8 more...

I fucking hate Apple with a passion.

Edit: many people seem to be a bit confused. I don't own any apple garbage, and never will. I've only had an iPhone back in 2016 for a little while then replaced that shit with a pixel 6p. I don't buy shit that makes my life difficult.

Why? Just get Android. Plenty of choices.

I've had one iPhone once and that was back in 2016.had if for a couple of months and it made me hate life and got rid of it and got me a pixel 6p. I've always been an android and Linux person. So, yeah, I hate apple with a passion

18 more...

Who would’ve thought? This isn’t going to fly with the EU.

Article 5.3 of the Digital Markets Act (DMA): “The gatekeeper shall not prevent business users from offering the same products or services to end users through third-party online intermediation services or through their own direct online sales channel at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper.”

Apple has an annual legal budget of approximately infinity dollars. I assure you they are aware of this and they believe they are in compliance, even if just barely.

If challenged, they will have no problem fighting it — they have nearly as much cash on hand as the entire EU budget.

I hope the EU challenges this, and I hope the EU wins, but Apple isn’t going to be surprised by whatever happens.

The fine would be approximately 10% of Apple's total revenue and the fine increases by 10% every violoation so I doubt that Apple can not accept the regulations.

Unfortunately, Apple has the resources, both legal and financial, to tie that up in the EU courts for decades.

What if I told you one of those two can make new laws?

In one afternoon the Commission+Parliament can change the basis of whatever case Apple wants to fight. And they are up against Vestager - she makes multinational software companies bend the knee twice before lunch.

You're underestimating what EU can get gone when they're motivated to get it done.

Apple has also been known to ignore laws and pay fines for breaking them. The store is a major revenue stream so they might just do that.

Yup. If the only penalty is a fine, and that fine doesn’t scale to the business’ profits? A profitable enough business could simply factor in the fines as a cost of doing business.

Imagine you could make $1000 and only get fined $200 after the fact. No extra penalties. Just a flat $200 fine for every time you violate it. So as long as you expect to be able to top that $200 fine, a business will elect to just pay the fine and continue doing the illegal thing.

If the only penalty is a fine

The regulator has the power to ban sales, so I don't think that particular "cost of doing business" line applies to this dispute.

There's the letter and there's the spirit of the law. Even if Apple has found a brilliant loophole the courts can just say well it's technically true but you're still breaking the law nonetheless, lawyer budget be damned.

The EU court is a Roman court, not an Anglo Saxon court. The spirit of the law is what matters, not the technicalities.

Second, the EU can change the laws that create the outcome they don’t like. By the people, for the people. Apple will play within the EU’s rules or Apple won’t play in the EU.

1 more...

I sure do love how global justice comes down to which party has more money to piss away rather than what's right or wrong.

Yup. I'm just gonna sip this coffee while it all burns down.

2 more...

I‘d be really surprised if Apple tried that.

They have to know that it violates the DMA. And the penalty for violating it can be up to 10% of their yearly worldwide revenue (not earnings!) for the first violation and up to 20% for repeated violations. I don‘t think they‘d risk that, especially as the EU really isn’t known for its leniency when someone intentionally breaks their rules.

Velociraptors testing the fence. It may be illegal but they may get away with it if they can argue "no actually'

On the positive side, those fines could fix the finances of a few smaller EU countries in a single sweep.

I'm not too sure that these actions violate the letter of the law here, even though I agree that they're 100% in violation of the spirit of the law.

It's been some years since I've put the mobile development world behind me, in no small part because of Apple's shenanigans, but the way I understand how this might work - Apple may be required to allow "iOS software" to be installed from third party stores, but software that runs on iOS must either be signed using a certificate that only allows installation in a developer or enterprise context (which require explicit and obvious user consent to that specific use case, and come with other restrictions such as the installation only lasting for a limited period of time), or through an "appstore" certificate that allows installation on any device, but the actual application package will need to go through Apple's pipeline (where I believe it gets re-signed before final distribution on the App Store). All certificates, not just the appstore ones, are centrally managed by Apple and they do have the power to revoke, or refuse to renew, any of those certificates at-will.

If my understanding is correct (I'd appreciate if any up-to-date iOS devs could fact-check me), then Apple could introduce or maintain any restrictions they please on handling this final signing step, even if at the end of the day the resulting software is being handed back to developers to self-distribute, they can just refuse to sign the package at all, preventing installation on most consumer iOS devices, and to refuse to re-issue certificates to specific Apple developer accounts they deem in violation of their expected behavior. I haven't read the implementation of the DMA in detail, nor am I a lawyer, so I'm not sure if there are provisions in place that would block either of these actions from Apple, but I do expect that there will be a long game of cat and mouse here as Apple and the EU continue to try and one-up the other's actions.

But the article of the DMA says that the gatekeeper shall not prevent the business user to serve their product using other conditions than those of the gatekeeper's platform. I think that would include Apple's publishing guidelines.

I think that's the rub, in my theoretical scenario, Apple is not blocking the distribution or sale of iOS applications through third-party means, they'd enforce their existing restrictions on and power over building iOS applications in the first place. Developers would absolutely still be able to distribute unsigned applications - end user iOS devices would just be unable to install them.

It sounds ridiculous to me, and as I wrote earlier, it would be a clear violation of the spirit of the DMA, but I don't see any reason why this scenario would not be technically possible for Apple to pull off.

Installation is part of distribution

Your description matches my understanding of the process (as someone who left iOS development a few years ago).

I don’t think that the DMA is technical enough to differentiate in this precise manner. Keep in mind that it was written by lawmakers and politicians who mostly don’t know how to even use a smartphone. They'd think that a certificate is a piece of paper with fancy signatures on it.

I could be wrong on this, and don’t know all the details in the case, but EU-law is often interpreted teleologically, meaning in a way that is the most in accordance with the objectives and goals of the legislation. So in this case, if Apple is in violation of the spirit of the law, the EU Courts would likely rule against Apple. (source: 1st year law student)

Those who buy apple products deserve each other.

Exactly my thoughts. "Let's jailbreak this, bypass that, circumvent that one thing..." Why do you subject yourself to this with a device you paid hundreds of dollars for?

As much as I'd like to have an iPhone, I'd rather not.

As an aside, it's the same thing with game consoles. Is the whole "you must be connected to the internet" thing still happening? That's what has been preventing me from getting a new xbox, for example.

Steam Deck is pretty awesome in the offline gaming regard, if that's what you might be looking for.

I'd argue that there are a lot of offline mode frustrations with Steam but none of them are Steam's fault, they are all due to individual games online requirements or DRM implementations.

Uh, it's actually quite the opposite, most games you need to at least open them one time while connected to the internet for offline to work.

https://www.youtube.com/watch?v=itBscLjRCPc

But that is not the fault of Steam Deck, which was discussed.

Steam literally warns you for every game. It tells you if you need to be online once or online every time. I don't think you can blame them. If you buy games that require an online activation you can't get upset that you can't play offline.

Example games:

  • Always online
    • Singleplayer gameplay requires an active Internet connection

  • Online activation
    • This game's first-time setup requires an active Internet connection

I do wish that this wasn't hidden inside of the "Steam Deck Compatibility" section. (There is a yellow box about third-party DRM outside, but for the details you need to click the Steam Deck Compatibility box) But that is my only complaint.

Personally I just don't buy these games.

At least you can run the games in offline, even when you have to log in the first time.

I remember way back when I had my iPod Touch 4 (haven't touched Apple since then) that I (intentionally) jailbroke it simply by tapping a button on a website in Safari. It was an exploit that used a bug in iOS's PDF software, I believe.

I have a macbook and I'm quite happy, what am I doing wrong?

Honestly? Nothing. People just say this kind of thing because we like to tinker with our devices. If what you bought satisfies your needs and you don't need more, that's just ok. Android/windows/linux has a lot more conveniences for my use, so that's what I go for, but not everyone is the same

Android/windows/linux has a lot more conveniences for my use

That's kind of my point. I don't get the aggression people have for someone using different brand.

I don't get the aggression people have for someone using different brand.

People identify the business decisions that Apple makes to be anti-consumer. They then feel frustration and anger for users of Apple products as support for their products only emboldens Apple to continue making anti-consumer decisions, such as the subject of this article.

Apple is a microcosm representation of the evils of capitalism for many people and they project their feelings about it - powerlessness, disgust, anger, etc. - onto users of Apple products. People associate support for iPhones which enjoys a 61% US market share as support for the boot of capitalism on our throats regardless of whether the Apple user doesn't know, doesn't care, or doesn't agree.

Also Apple's anti-consumer decisions usually transfer to other places (such as Android) aswell, because they have a lot of influence on the rest of the market.

Pretty much this. If other brands see the vitriol, then they might think "well, guess not being that way is a way to be competitive".

If everyone sounds perfectly cool with that facet, then everyone else goes "sweet, the Apple way gives the vendor more control over the customer, and control over the customer is valued, if we think we can get away with it"

If it just remains Apple who did it i wouldn't mind but there they are a bit of a product leader.

Off forging the way ahead for under consumer BS everywhere.

Agreed. This is what I was implying by citing their OS market share in mobile devices in the US and I could have clarified better.

So kind of moral consumerism thing?

If labeling it helps you to understand it, sure.

I just wanted to clarify if I understood the point correctly, labeling just shortens the answer.

I don't know if you understand the point. I and other users have tried to help. If you have any more specific questions, just ask.

That's why I summarized and asked if that's the case. The hypothesis from the person I replied to, seemed to be that it's due to people believing there is some moral obligation in consumer choice and it extending to apple making questionable, consumer unfriednly decision, therefore they can be mad and rude towards people buying apple products. I can get it.

Tribalism.

Sure, but tribalism with a brand is just beyond my understanding (hyperbole), - it's so stupid.

Apple influence the market a lot. So paid side-loading can propagate to other companies if Apple can pull it off.

For sure! An amount of "hate" for apple, or any company for that matter, is totally ok. Sometimes they make decisions that screw consumers just for a buck more. No reason to hate on users, tho. That's the same as saying anyone who uses a gas vehicle to go from one place to another is in favor of global warming

I kinda disagree with the comparison, but I agree that it is dumb the blame the users.

However, from a certain perspective, users enable companies. So some people hate the users for that. And some other people just have a bad case of tribalism.

Sure, but why hate on apple users?

I am not personally hating on the apple users, but considering that people continue to buy Apple products even after these anti-consumer practices, then some people consider that the users enable the company.

So I can see where that is coming from. And some people are just tribal idiots.

A MacBook is the only Apple product I'm happy with cause it's actually open in terms of being able to install any app I want and modify some things like how windows are managed.

I had an iPhone, but for my use case they are just to expensive. I have a 100 euro android phone that does everything I ever need.

Come back when you have a problem with your keyboard*, or your drive, or charging issue. Repairability is downright bad now.

I like OSX well enough.* I like the form factor of the MacBooks now that they have escape keys again. It's been 9 years since they made a MacBook that was reasonably decent to work on from the inside though. Even swapping a broken screen out is* like 3 hours now.

5 more...

There are 3 kind of people when talking about Apple: 1- fanatics who support Apple, 2-fanatics who hate Apple and think you cannot like it, 3- and finally those who just look at the product without thinking about the brand but what you can do with the product (if it suits your needs or not). It seems like you are that third kind of person.

You're supporting manipulative evil business practices.

Don't get people that upset by using microsoft or google products. It something about apple that makes people quite unhinged.

Uhh no. If you think that, you're not paying attention at all. Most of the main feed of Lemmy is raging at Google right now and Microsoft is only catching a break because Bill Gates recently got together with ultra wealthy people writing a letter asking to be taxed.

Not the companies the users of their products.

We've been pushing people to lessen their reliance on Google for ages now. We've even been developing a replacement software store Suite called FUTO! The difference between Apple and Google though, is that Apple's users continue on despite Apple being so very obviously evil. Google is at least being a creep about it.

https://youtu.be/CjOJJc1qzdY?si=xQw-qEnQ5HxDum4d

Love that you yourself used a youtube link. I find it very interesting how judgmental people almost always put themselves outside the measures they apply to other people.

That's where I find Louis Rossmann and his audience.

You are ok with people who repair macbooks but not with people who own macbooks, the plot thickens.

Oh, you're one of those. We're done here.

Sorry to disappoint you. So you are judgmental and somehow thin skinned - best combo.

5 more...

but apple sets "standards" that other companies blindly follow. it's the reason why we have non-removable batteries, no charger inside the box, no audio jack, etc.

5 more...

IOS is the worst operating system i have ever used

Why do people buy it?

Because it's familiar, easy, pretty and does a lot of thinking for you.

Familiar only if you worked with it before.

Easy... fair enough.

Pretty... debatable.

Apple established itself as a luxury brand. So it gives customers this "prestige feeling". That's at least my take.

Yeah, I agree. I used it for 6 months for work and it's not my thing, but plenty of people seem to love it. I guess the high price is actually a feature.

Think different, but stay the same, In Apple's world, that's the game. A touch of irony, don't you think? In a sea of similar, we all sink.

I have both an iPhone and a Samsung. Both work well but I still prefer the iPhone though it’s a 6 years old one. I’m not an expert but I feel like every app use more familiar choices for design.

Because it's a brand and people are morons who need external validation. Same reason for most brands - you pay a lot more for the same thing so you can seem cool or like you have money.

Have you actually sat down and used iOS as your full time phone OS for a week? If you're used to android then yes there's quirks you have to learn. But after being a diehard android user for years I could never go back. And that's that I still use both every day since my work phone is Android and my person phone is an iPhone.

I just can't not have a back button that's always in the same place!

What button? Haven't used a button on android for years now. Except power+volume ofc

One of the 3 virtual buttons that always display (4 for me since I have the accessibility button displayed also). (Background, homepage, and back- reverse order for standard android. I have Samsung)

Why not use the standard swiping gestures, it's much more convenient and much faster.

I hate gesture controls. Even more fiddly and imprecise than fake buttons. Pinch zoom, scroll, and change page are more than enough.

How come it's more fiddly? It works soooo smooth and reliable. And that coming from a dude who can't type one error-free word on the phone.

My general problem with touchscreen controls is chance of error and lack of feedback. I want buttons. I don't want to accidentally do a thing because I idly swiped at the screen while looking away briefly.

lol the gesture controls on modern smartphones are overwhelmingly less fiddly (read: not at all) than your horrible excuses for defending an outdated piece of technology like 'buttons' when much better options exist.

lol back button - how freaking 2000s. buddy we just move our finger left on the screen and we go back. like are you a caveman? this is Android fans these days, crowing about obsolete pieces of their technology like it was good. it wasn't then it really isn't now.

Swiping from the left is almost universally a go back in ios.

With android's gestures it simulates pressing the back button which is really awful. But iOS does swipes correctly.

Hahaha iOS swipe is awful.

If you 4 finger swipe now it goes back to previous app. Do it again now it goes to the app you just left. Wait a few seconds and it's anybodies guess where it goes.

Even worse if you bring down the "notification" screen... Supposedly swiping up makes it go away, but it rarely works. Same with pulling up the app bar while in ful screen apps - that takes two swipes, and the second one has to be just so, not too fast, not too slow, and within some weird timing - try it too soon and it just doesn't respond.

Apple's swiping system is just a fucked up mess. (I use iOS all day long).

Swiping to go back to a previous app isn't the best, but Androids implementation is just as janky. Once you figure out what the delay is for the current app to be the "latest app" then it's not awful.

Maybe iPad OS is different, but I don't ever have any issues with full screen apps on regular iOS.

iOS always felt slower tbh. Like it takes an extra step or two to do similar tasks. That and I love sideloading, rooting, and putting my homescreen apps towards the bottom too much to ever fully switch over.

I chose Apple for my work phone for only one reason: battery life. It is a wildly inferior experience for anyone who wants or needs more than just a phone. The way I have to send photos and documents through other services just to get them to my computer, the utter lack of control of the phone's file system, no sideloading...

If for any reason what you need can't or won't work through the Apple ecosystem, iPhones go from feeling pretty smooth to being an obstacle, and I'm not paying $1000+ for an obstacle.

I use iOS every day.

It SUCKS.

If all you want to do are the things Apple decides you can do, and want to do things only Apple's way, it's great.

I choose Apple phones for my work phone, since it's managed by the company anyway, so even an Android would be locked down. And it's not like I would use a corp phone for the things I do with my personal phone - there's too much risk in that.

Apple won't even allow apps to sync photos automatically. I don't want to use their cloud, at all. I just want photos I take synced between my devices using a single tool. No reason for those photos to go anywhere else.

Currently I sync files, automatically, between a dozen devices. All my photos from every laptop and Android phone go to the same folder on one machine. Anything I download with any device is available, almost immediately, for all other devices.

Except for my iOS devices. They can't play in this game, even though the same apps are available on iOS.

If all you want to do are the things Apple decides you can do, and want to do things only Apple’s way, it’s great.

Which is what most people want to do, and that's why so many people love the iPhone.

Supposedly photo sync will back up all your photos to a local machine. iCloud does everything you'd want it to do minus the local server part. But once again that's not what 99% of people want to do.

lol this is such a weird blanket statement that means nothing. congratulations, you can baselessly slam something you don't like. Why are you the way you are, is the better question. iOS has clear benefits and there are a plethora of reasons of why one would choose an iPhone over the other options.

but GO OFF, random internet pleb.

Privacy and security mostly I would imagine

Closed source software can't be audited, so it can't be secure. If software isn't secure, the exploits rid it of any privacy.

See: The bimonthly remote takeover bugs that keep getting found. Like this one: https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/

"Oh whoopsy doopsy, looks like your iPhone, camera, files, GPS and more were accessible to someone who sent you an iMessage.. for the third time this year"

Closed source software can't be audited, so it can't be secure

That’s the biggest load of bullshit I’ve ever heard.

Closed source software is audited all the time.

Ok let me rephrase - nobody without a conflict of interest can audit a closed source application. If Microsoft paid for an audit of Windows, that doesn't tell you anything about whether or not Windows is backdoored.

The audit is not for you. Closed source software is audited all the time, but the results of those audits are generally confidential. This is about finding security bugs, not deliberate backdoors.

The key with this is who do you trust. Sure, open source can be audited by everyone, but is it? You can’t audit all the code you use yourself, even if you have the skills, it’s simply too much. So you still need to trust another person or company, it really doesn’t change the equation that much.

In practice, most common open source software is used and contributed to by hundreds of people. So it naturally does get audited by that process. Closed source software can't be confirmed to not be malicious, so it can't be confirmed to be secure, so back to my original point, it can't be private.

I didn't go into that much detail in my original comment, but it was what I meant when I first wrote it. As far as "does everyone audit the software they use", the answer is obviously no. But, the software I use is mostly FOSS and contributed to by dozens of users, sometimes including myself. So when alarms are rung over the smallest things, you have a better idea of the attack vectors and privacy implications.

In practice, most common open source software is used and contributed to by hundreds of people. So it naturally does get audited by that process.

Just working on software is not the same as actively looking for exploits. Software security auditing requires a specialised set of skills. Open source also makes it easier for black-hat hackers to find exploits.

Hundreds of people working on something is a double-edged sword. It also makes it easy for someone to sneak in an exploit. A single-character mistake in code could cause an exploitable bug, and if you are intent on deliberately introducing such an issue it can be very hard to spot and even if caught can be explained away as an honest to god mistake.

By contrast, lots of software companies screen their employees, especially if they are working on critical code.

I don't know if you really believe what you're saying, but I'll continue answering anyways. I worked at Manulife, the largest private insurance company in Canada, and ignoring the fact our security team was mostly focused on pen testing (which as you know, in contrast to audits tells you nothing about whether a system is secure), but the audits were infrequent and limited in scope. Most corporations don't even do audits (and hire the cheapest engineers to do the job), and as a consumer, there's no way to easily tell which audits covered the security aspects you care about.

If you want to talk about the security of open source more, besides what is already mentioned above, not only are Google, Canonical and RedHat growing their open source security teams (combined employing close to 1,000 people whose job is to audit and patch popular open source apps), but also open source projects can likewise pay for audits themselves (See Mullvad or Monero as examples).

I will concede that it is possible for proprietary software to be secure. But in practice, it's simply not, and too hard to tell. It's certainly not secure when compared to similar open source offerings.

I wanted a fast laptop without a fan and with a big haptic feedback touchpad. Happy to hear about non-Apple options for this.

Think you might have confused iOS and MacOS

MacOS is even worse than iOS. Have to use it for work. And while the hardware is the best I've ever used, the software is complete garbage.

Desktop OSes today range from acceptable to abysmal.

  • I put the user-focused Linux distributions at acceptable now that Flatpack is resolving a long-lasting issue with desktop Linux.
  • The built in advertising and privacy invasion makes Windows 11 abysmal, though it seems they’ve finally found their rhythm on the UI language front
  • macOS these days is firmly in mediocre territory. Window management hasn’t kept up with developments in other platforms and the OS feels dumb now. We had a very good OS in the Snow Leopard days, but that Apple doesn’t exist anymore.

Oh yeah, I completely concur. I don't get the ux argument either, I always find it to be incredibly slow and frustrating to use whenever I have to

These are fascinating requirements. Mind explaining?

Fast, quiet, big touch pad. What'd fascinating or out of the world here? These are just kind of things most people want, not everyone wants to manually update their kernel or whatever.

I've got an Asus ZenBook (specifically this one that came out last year). It does have a fan, but it's pretty quiet. I barely notice it most of the time. It's pretty fast, too. Don't know how large of a touchpad you want, though.

Doesn't look bad, but I'm guessing it doesn't have a haptic touchpad? (Clicking is equally easy anywhere on the touchpad, because there isn't actually a click, the click is simulated by a vibrator.)

No, there's no haptic touchpad. TBH, I didn't even know that was a thing.

I think Apple trademarked having a big touchpad. And possibly also one that works.

5 more...

I can't say I am surprised. Apples view is that since they made the device and provided the software they are entitled to a cut of anything that happens on it, because that software makes use of something Apple created.

I don't agree and think it is a crazy view. But that sort of corporate mindset is one of the reasons I have never been big on Apple products.

I think it is not open source so they feel like they control everything about that. The EU seems like it disagrees with that.

Apples view

So, these companies will throw whatever shit at a wall to see what sticks.

Their "view" is constantly probing how low people's standards are so they can do the least while charging the most.

It's called "maximizing profit."

So… frontloading?

Apple is doing this thing where legislation applies to them and they just try not following it anyway. Trump is truly influential.

Yeah, I mean or you could just stop buying Apple products.

My rationale is this: apple users love spending money, so they can go ahead and spend it.

Fuck'em.

I’m an Apple laptop user with a Linux server. I love Linux and have thought about switching many times, but I don’t for the following reasons:

My Apple computers have lasted me twice as long as any other brand I’ve owned, and they don’t really die—they just get so old that I want a new one.

I never have to worry about incompatible hardware at any time, nor do I have to check for compatibility before upgrading my OS.

They never charge for a new OS, all of their basic software is free, and in some cases better than Microsoft Office.

Whatever product I use from them, it is definitely going to feel high quality.

The screens are always really nice, and everything is guaranteed to look crisp and clear.

They cost more money, but it isn’t like they give you nothing for it. If Linux isn’t a great option for some reason, an Apple device is going to be much less exploitative with advertising and spyware than Windows is.

I understand where the hate comes from, but I wish some Apple haters would back up for a minute and realize that there are power users who have perfectly good reasons to like that hardware.

Apple MacBooks and iMacs don't have this side-loading issue like their mobile devices do. You can install anything you want to as long as it's supported on a Mac, and from anywhere you want. So they are more or less a more premium Linux variant. I'm not sure why you came in here thinking this discussion applied to non mobile devices.

The base of this chain I’m replying to says “Apple products”. The comment that I am directly responding to is calling out all Apple users. More broadly the thread is about phones, but this particular side stream was about Apple in general, and I was providing my two cents.

3 more...

People like being fucked

True that. If people actually cared we would see better things in the world for example - Firefox dominating the market. Now I don't care if people use Brave/Samsung/Chrome/Vivaldi/Edge but the fact that they may all lead to Google dictating the Open Web sucks.

I love that you bring up web browsers as an example while saying that Apple users don’t care enough about the technological landscape. Safari is the leading competitor to chrome! Without those Apple users sticking to the browser they know on the system you ridicule, the problem you’ve identified would be worse.

3 more...

As counter point, this law also prevents Google and Microsoft from going this route.

So as a non apple user, this helps us in the long run.

3 more...

Classic Apple.

Remember their slogan from back then? "does more, costs less!"

Classic.

Just like when google silently removed their slogan "don't be evil".

Just like when google silently removed their slogan “don’t be evil”.

They didn't just remove it, they changed it to "do good". I'm not sure what that means to Google but it sort of looks like "implement the neoliberal cyberpunk hellscape no one asked for"

of course Apple plans to charge fees for sideloading, a bunch of scumbags, but fear not, Apple fan boys cult members will regurgitate Apple's propaganda as gospel

Already happening, just look at some comments

The fanboys make me angrier than Apple. It’s so frustrating to discuss something with someone who is so brainwashed.

think about this: to me, all you really toxic people (including the OP, for shame) against Apple are the ones looking quite brainwashed, culty, back-bitey and very small minded. probably because you are. think about that for a second before you snap reply - there ARE more than just your side to this buddy.

What is your side to this? Can you explain it to me?

A lot of the comments I’ve read who are on apples side, make claims that are not realistic or don’t give any reasons at all for being on apples side.

Friendly reminder that you can sideload apps without jailbreaking or paying for a dev account using TrollStore, which utilises core trust bugs to bypass/spoof some app validation keys, on a iPhone XR or newer on iOS 14.0 up to 16.6.1. (ANY version for iPhone X and older)

Install guide: Trollstore

Another alternative is SideStore which allows to refresh apps from your phone without a computer. Just a WiFi connection. It has the benefit of working with any ios versions including the latest ones that TrollStore doesn’t support.

Yep, its a better AltStore so only 3 apps unless you are vunerable to MDC. For those without a pc, paying for a signing service like maplesign is an option too.

As someone who uses both Android and iOS, I appreciate my Pixel 8 Pro running GrapheneOS (a custom version of Android) more and more.

This is a rather specific question, but can you cast audio from arbitrary apps to WiFi speakers from your Pixel? Similar to airplay on iOS (if that's what it is called)?

Do you face recognition or use a password? I can't get passed pixel 3 for fingerprinting and even that cuz I can manually lock off the truely unstrustable method fingerprinting. That but not well enough. I honestly despise the gorramn pixel and can't wait til my Librem gets useable.

I use the fingerprint sensor. Don't get a Librem, it's a scam and security on it is a disaster. Stick with GrapheneOS. Heck, stock is more secure than the Librem, believe it or not. I wouldn't touch that thing with a 10ft pole.

I got it already and I have zero doubt in it. Your accusation will not cut me any doubt. I've heard that bit extensively and I have an entirely different awareness of it.

Also got Librem 13. Dunno what actually broke on it but I swapped the NVMe on it and sent back within the 3y warranty I bought on it and they sent me it again but it didn't work and sent it back and they sent me a brand new one. That was after two years and the replacement lasted another two years. Dunno what's really wrong with it and haven't messed with trying to fix it myself out of the warranty now yet

I tried for the months to get GrapheneOS to work and made zero success with installing it. Tried CalyxOS after all that and got it done twice with success one one day on each two Pixel 3 and Pixel 4 (XL's on both, total two days).

How do you get Pixel 8 work with the fingerprint? My 4 stuck me with the gorramn password. Which, in all fairness was the best thing ever because that is thus far the most secure device I've set up. Nothing but the password is truely to ONLY secure device arrangeable.

Having different functions available for different passwords at varying levels of accessfor shorter security is the best option that does NOT exist. Even the Librem doesn't get that higher level of tiered access setup...*sigh...yet.

I won't stop you from using the Librem but at the end of the day a false sense of security is more damaging than anything else. I can with 100% certainty assure you that even your average Samsung phone has better security than the Librem. A phone with absolute abbysmal and ancient hardware that Purism sells for 10-20 times the cost of an equivalently powerful Android phone from AliExpress. Heck, even the PinePhone (which also runs Linux) sells for like $200 and has better hardware. Purism is a scam company. I know you don't want to hear this but it's the truth.

You set up the fingerprint sensor on the Pixel 8 like any other Android phone. Either during first setup or by going into your security settings.

I know better than to ever give Samsung any money let alone any respect or delusion of security.

At the end of the day you are trusting someone you don't know with all sense of identity, privacy, and knowledge of yourself: location, history, and money.

Fuck that. I'll take FOSS.

As to fingerprint. How so? There's no longer a fingerprint reader.

The fact is there's no privacy without security and the Librem doesn't have the latter.

The sensor is built into the display.

You trust Samsung. I'll take you word with a grain of salt.

As to pixel. Ty. I'll have to look into that.

Ask the GrapheneOS Discord/Matrix. They’ll tell you the exact same thing.

Exactly the same here P8P gOS and using an iPhone as a testing device (Jailbreaking etc)

I’m not sure how this would work in practice. Developers distributing apps independently to be sideloaded wouldn’t be submitting them to Apple to review, and sideloaded code may not even have an identifiable developer to charge.

I suppose Apple could implement some sort of rigid signing system, but I think the EU would see that as just another abuse of power.

As far as I know iPhones have never allowed unsigned code to run.

Yeah, the first operation of every jailbreak was to disable this protection.

Well they would have to allow unsigned code to run under the DMA, wouldn't they?

I don't know the details of the DMA, it's definitely possible to provide code-signing to developers that does not go through the app store.

An example of this in practice is Firefox addons. You need to get your extension signed for people to install it, but you can distribute it however. Mozilla of course doesn't charge for signing though. It's just to give them the ability to ban an extension found to be malicious.

No, macOS allows sideloading apps that are still signed by Apple.

You can run unsigned code on macOS. Apple makes it seem scary and dangerous, but it is possible.

Yes, but that's separate from what I'm talking about.

This is most likely how they’re planning on allowing it. Gatekeeper is the macOS tech they use to keep unsigned code from running yet can be from anywhere on the web.

Because of course they are! There goes my plan to try an iPhone when side loading becomes available.

It’ll only be available in the EU.

Why do you want an iPhone?

I know Apple hate party in here but as a person with a bunch of self built PCs couple Linux boxes…

iPhones are great. No messing around, way more private than stock Google, and they work for… well, I’m on five years with mine. Still gets updates too!

If you have the money for an iPhone and consider privacy as important, why not go with a Pixel/GrapheneOS or another phone with Lineage/Divest?

Someone downvoted you INSTANTLY, that’s fucked up.

I choose iOS because it requires zero messing about. I use like no apps on my phone and want it to just be fast forever with no work. I don’t want to have to think about it at all.

Apple fanboys coming in :) I get your point, iOS is still easier to set up than stock android due to all of the restrictions that it has (I'm a Android main with an iPhone for testing). I am the opposite, I like tweaking everything that I can and can not, main reason why I jailbroke my iPhone, but I do have time to do that while some just want a working system out of the box.

I am the opposite. I want a phone that’s locked down and super secure and requires no fiddling.

Computer? I want to make it mine.

1 more...
1 more...

Here is my problem with a nonstandard operating system on a phone.

A rely on it to run my very small business. I don’t want to get blocked by an app I rely on or suddenly have it stop working due to running an unofficial operating system.

So it’s either stock Android or stock iOS. iOS I’d say is more private than Android, so I stick with them.

I don't see how google would block something unless you are rooted. Custom os'es pass all the security checks besides the os integrity one that doesn't affect your daily use.

No they don't, at least not necessarily. I had the xiaomi.eu ROM on my old phone and it broke SafetyN*t checks, and as a consequence at the very least one of my banking apps refused to work (this one I actually need to verify credit card charges in some cases, it's not just a nice to have unfortunately).

I probably would have been better off rooting it since then you can bypass it I think, but I didn't want to have to reapply root after every update.

I’m not worried about Google blocking it but rather the app I use to say, “hey something weird is going on with this phone better block/ban that account.

I know the risk is minimal, but it’s not could be a huge disruption to my income, so it’s just not worth it.

1 more...

Yeah I used to be in the same boat but then apple kept being apple. I’ll get a pixel + lineage after my phone breaks.

I’ll.. iPhone. I plug into my PCs, incremental image backup. I phone break? New phone is now old phone. I lose phone? Still same phone, but new device.

Unga bunga. Ez phone no think. Don’t care. Phone do bad? Same phone but new. No fuckin.

Google phones have much better customizability and as result have better privacy than glass paperweight you mentioned.

I’m on five years with mine. Still gets updates too!

Nexus 6 still gets updates 10 years later.

Still they are not as good as Linux-first phones like PPP.

You need to be running a custom rom to get better privacy than iOS. Stock android is full of Google spyware.

Yeah okay. Still don’t wanna deal with that shit.

Quick edit: does that phone perform like my iPhone?

no

1 more...

They have great build quality and software, it's a shame Apple has some terrible policies about their ecosystem and repairabilty of their devices, wasting the hard work of so many if their brilliant engineers by being greedy.

1 more...
1 more...

Sorry, can't be bothered with whatever issue this is.

I'm busy shopping for a North Face tent so I'll have it to camp in the next time a new ear pod case gets released.

It's hard to imagine people who buy iPhones care about sideloading. Their priority is the convenience of iMessage and the Apple ecosystem.

I care about sideloading and imessage. If imessage was available on android, I would be using a pixel at the moment. It's just that I am from the US but don't live their. So imessage is the easiest way for me to be in touch with 99% of the people I know.

The convenience of... texting?

Lol. Sometimes I feel you ppl just regurgitate what you've seen before without realizing it.

For the hate-cult members circle-jerking over imaginary arguments with “fan boys” here. Actual Apple users either completely agree with the criticism, or simply don’t even care.

Feel free to hate on Apple the company, but stop trying so hard to make this place a home for baseless toxicity.

Edit: And just to drive home how pathetic this is, here’s a link to an article posted elsewhere in the fediverse about Google being shady af. Go look through those comments for a single soul saying anything about “Google/Android fanboys”.

What is this gaslighting you're trying to pull here? You're really going to pretend that Apple fanboys don't exist and instead start criticising some sort of perceived toxicity from a "hate cult" against Apple? That's before you get into some bizarre Google strawman. The reality is that these Apple fanboys with values antithetical to software freedom exist, and want walled gardens everywhere.

What purpose would there be in gaslighting something like this out of nowhere? Genuine question.
If you want to see examples of baseless vitriol directed at apple users, just keep reading the rest of the replies to OP's post.

The reality is that these Apple fanboys with values antithetical to software freedom exist,

Sure, just like anywhere else. You can't point your finger exclusively at the apple camp for that.

and want walled gardens everywhere.

Speaking of staw men...
Some apple users prefer apple's walled garden, sure, but they're not going around saying Google, Windows or Linux must be walled as well.

What purpose would there be in gaslighting something like this out of nowhere? Genuine question.

Most people, including myself, prefer their own version of reality. You are promoting a version of reality that I do not find tasteful at all. With conflicting realities, meaningful disagreement is impossible and the only thing I can do is question the narratives that oppose my own.

More generally, ego also plays a huge part in why people do this. Apple has a significant following that will defend its every decision. It's brand has become personal identity for a lot of people. To the extent where I've been seeing news articles over the past two years about teenagers being bullied for using Android. This also happens to be the reason why people point their finger at Apple; because Apple users are the main group with such a distinct identity.

If they actually hated it, I doubt they'd be on a platform that restricted side loading in the first place. This feels strongly of "no true scotsman" fallacy.

2 more...

Go look through those comments for a single soul saying anything about “Google fanboys”.

I mean, I agree with your sentiment, but I don't think there have been actual "Google Fanboys" in like 10 years or so, whereas there are some real fans of Apple products and often they have good reasons to be a fan.

Apple has some shitty business practices sure, but they also produce the last consumer-level Certified UNIX machines you can easily get.

So I guess my point is Apple "fanboys" still exist because there's some valid things to be fans for in regards to Apple. (Their new in-house CPUs aren't too shabby either)

I can't think of a single thing that Google has done in ten years that has generated tech community enthusiasm or was interesting enough for anyone to fanboy over. No, they've mostly just killed all the products people liked during that time.

I mean fuck Google+ came out in 2011 and that was the beginning of the end of people giving a shit about Google.

So while I get what you're saying, I think the reality is that Google Fanboys simply stopped existing and Apple "fanboys" are probably less absurd than people make them out to be. The only Apple "fanboy" I know is a Linux Guru who uses Apple products to record music.

The point I’m going for is that I never see such levels of spite and toxicity directed at users of other platforms, be it Android, windows, Linux or whatever.

(Which is good, because that would be just as absurd as it is when directed at Apple users.)

Yeah, I'm not really sure where that vitriol comes from. I think it might be leftover nerd elitism from a time when Apple products were mostly used for art and media production (we used them heavily for Final Cut Pro and Photoshop when I worked in local television), and so a lot of tech nerds got their panties in a twist because art nerds were invading their space, but that's just a guess.

And also, that was like fifteen years ago? Let it go, if that's the reason.

2 more...

Did Tim Cook have a bad trip or something? Apple normally isn’t this blatantly shitty.

Apple normally isn’t this blatantly shitty.

(¬_¬ ) Dude, you been living under a rock?

They're always this shitty, the difference is that usually they can just throw enough money at politicians to get their way at the government level so their shit just stinks behind closed doors. But for one shining moment a government that matters actually told them "no" so they have no choice but to be shitty in public instead. Well, I mean they could choose to not be anti-consumer and forgo some of the obscene profits they extract from their users but then they wouldn't be Apple.

I suppose they can charge to use their own side-loading software, or their alternative app store, but I'm not sure what happens if a third party offers a side-loading platform that doesn't pay Apple.

I suppose they can just refuse to allow such platforms to exist, but the EU may not feels that satisfies their grievances. Eventually they're going to have to require side-loading.

And Apples file system sucks

Its restricted af, some people in my class don't even know what a folder is because of their iPhones (gen z for context)

The file system has nothing to do with folders not being as accessible in the UI as in the past.

What if they use tag based file system?

I'd love to see an apple cuck try and explain this

Apple is protecting the end user. Through charging a fee apple ensures the end user is really sure they want to sideload the app. This both creates more free storage space and helps the user sideload only the best applications... I'm still working on my corporate speech but that's what I'd imagine them saying

Yes, well, the whole point is that them following the law means that their assistance warranting fees (like running a store) isn't required. So I hope they get nailed.

No fan of apple. Don't own a single product.

But my guess they are planning to argue thay this part of the rule.

"at prices or conditions that are different from those offered through the online intermediation services of the gatekeeper."

Mean they cannot allow free side loading when many apps on their store have to pay to be available. Also as they have rules limiting the apps allowed via their store front. Allowing free side loading without checking the activities of the app. Would also be allowing conditions different from their store.

My guess is they want to argue that the law is badly formed and cannot be followed while providing a safe enviroment within your own services.

This isn’t going to fly with the EU.

If the EU didn't want to allow this then they should have written the law differently, but poorly-written regulations are their specialty. Apple's plan complies with the letter of the law. Developers are free to use a direct sales channel and can offer any price they want, along with various conditions that aren't an option in the App Store. They just have to pay a commission for access to the lucrative market Apple built. The specific percentage of the commission is such that it's not actually a desirable option for developers, but the law didn't say that Apple had to make it desirable to avoid the App Store's existing sales system.