EPaper

The flaw in Apple’s resistance to opening up its App Store

• It cites security risks if antitrust laws are passed, but there are already exceptions for legislators and some firms

Leah Nylen

Apple says an antitrust bill aimed at cracking open the market for apps will make iPhones less secure — even though Congress and some large firms already have Appleapproved tools that let them bypass the App Store.

Although Apple says it’s the only company that can offer a secure App Store, the iPhone maker has long allowed members of Congress and large firms to bypass its strict controls and use alternatives to install thirdparty apps. The practice isn’t widely known and is at odds with Apple’s opposition to the bill, which is designed to break its mobile app-store duopoly with Alphabet’s Google.

Apple’s acceptance of some instances of side loading looms large as Congress nears a July vote on the antitrust measures. While Apple maintains that outside apps would leave iPhone users vulnerable to malware and scams, antitrust advocates and cybersecurity specialists say the company’s protests appear to be more about defending its business model.

“Security is a giant red herring,” said Bruce Schneier, a fellow at the Berkman Klein Center for Internet & Society at Harvard University. “It will scare a lot of people. The goal is to protect the monopoly.”

Apple tightly controls the iPhone, requiring that all mobile app downloads take place within review its App by Store, Apples ’where team, it which takes up to a 30% cut on digital sales. To get into the App Store, developers must submit apps for scrutinises them to ensure compliance with its rules on privacy and security. Apple forbids developers from offering certain things such as sexually explicit content and crypto mining.

A 2020 House of Representatives investigation found that Apple has “monopoly power over software distribution on iOS devices”, allowing it “supranormal profits”.

“Developers have no other option than to play by Apple’s rules to reach customers who own iOS devices,” the report found, just as iPhone owners “have no alternative means to install apps on their phones”.

In the wake of the House investigation, a bipartisan group of legislators introduced the Open App Markets Act, which would require Apple and Google — whose Google Play is the most popular app store on Android mobile phones — to make it easier for users to download other app stores and switch the apps set as the defaults on phones.

“We remain concerned that this legislation threatens to break this model and undermine the privacy and security protections our users depend on,” said Fred Sainz, an Apple spokesperson. “The legislation, as originally drafted, created unintended privacy and security vulnerabilities for users. We believe the proposed remedies fall far short of the protections consumers need.”

Computers, including Apple’s Mac, have always allowed direct downloads of software. Google’s Android also lets users install apps without going through its built-in app store.

Only Apple requires iPhone users to use its App Store for all mobile app downloads, said John Bergmayer, legal director for advocacy non-profit group Public Knowledge.

“Proponents of these regulations argue that no harm would be done by simply giving people a choice,” Apple’s CEO Tim Cook said at a privacy conference in April. “But taking away a more secure option will leave users with less choice, not more.”

But Apple sometimes makes exceptions to allow side-loading and apps that haven’t gone through its review process.

Legislators and staff go to a special, secured online portal to install apps, said Dan Weiser, who works for the House’s chief administrative officer. That secured portal helps ensure members use licensed apps and

THE COMPANY’S PROTESTS APPEAR TO BE MORE ABOUT DEFENDING ITS BUSINESS MODEL

have the most up-to-date versions, he said.

The House and Senate app catalogues, created using VMWare’s cloud-based software, include popular apps like Webex and Zoom customised so members can securely participate remotely in hearings.

EXCEPTIONS

The catalogue also contains custom apps designed for members of Congress, said Weiser. Those include apps to access the secured internal network for the House or Senate, email, live floor updates and calendars. The app catalogues were created as part of an effort to modernise the technology Congress uses, centralise its purchasing and ensure it’s secure from potential cyberattacks.

Apple acknowledged during a federal antitrust trial last year that it has long allowed some companies to bypass the App Store. Craig Federighi, a top Apple executive and engineer, testified that large organisations can get permission to distribute apps directly to their employees in lieu of going through Apple’s App Store and review process. This allows them to create apps specific to the company, he said, citing a 3D-modeling app that animation studio Pixar created for its designers as an example.

The arrangement, called the Apple Enterprise Program, has been around since 2008.

“These aren’t apps they want to sell to the general public,” Federighi said.

“They want to provide it just to their employees. The Enterprise program is meant to give them the ability to do that.”

Those custom apps aren’t reviewed by Apple, he said.

The onus is on the company to make sure the apps are safe and secure enough to be downloaded and used by employees, he said. Apple trusts companies wouldn’t want to harm their own employees by installing malware or other malicious apps onto corporate-owned devices, Federighi said.

Apple declined to respond to questions about how many companies in the US use the program today, but said that “most” corporate clients now use Apple Business Manager —a more tightly controlled program introduced in 2019. It allows custom apps go through a limited review by Apple.

INTERNATIONAL BUSINESS

en-za

2022-06-24T07:00:00.0000000Z

2022-06-24T07:00:00.0000000Z

https://bdmobileapp.pressreader.com/article/281887301986720

Arena Holdings PTY