This is Apple with its silly policies preventing competition again. I have no idea how a lawsuit against these practices has not happened. In the meanwhile you can vote with your wallet and use some other operating system and/or donate to efforts that fight against such practices such as EFF, Mozilla and others.
We can have a better mobile internet than what Apple offers...
you both have good points, but I disagree with the tone of yours.
Apple has a policy that prevents things 'becoming' malware later in life.
There is a fairly rigorous review board (at least for initial application submissions) which check the quality of code but also it's intent. It would undermine that whole process if Apple just allowed you to alter the function of an application after it had been installed by the end user.
Personally, I have used iOS and Android, and I find the play store to be riddled with the CNET/Softpedia style applications that look dubious even if they're not. And as much as I hate online ads I'm definitely not willing to allow laxer rules on my phone than it currently has.
I'm not saying that android can't be secure, I'm just pointing out that because "Android does it" in regards to security, is not a valid reason to go ahead.
My phone runs my life, I don't care if it's a walled garden, just that it's a secure walled garden.
While the OP's tone may have been a bit brash, it is true that this policy smacks of anti-competitive practice. Recall the (often quoted) Ma Bell rhetoric: "You may have any color you like... as long as it's black". The same applies to browsers on iOS: "You may use any browser you want... as long as it's WebkitWebView". When Microsoft did this same exact thing; building IE into the OS, people freaked! And I believe they used the same "It's to protect you" line. You may not care, but that doesn't mean they couldn't have a "run untrusted browser" option.
People freaked at Microsoft because at the time they were essentially a monopoly. Apple has nothing like a monopoly. Do we need to go through this every time someone tries to make this broken comparison?
Supposing this line of reasoning is valid, why don't we have Apple decide what we can and can't do with our laptops as well? If you'd make a distinction, why?
1) Apple is actually doing things that limit what you can do on your laptop. There's issues where you have to disable security policies to install OpenVpn or HomeBrew on El Capitan.
2) Apple sees laptops and iOS devices as serving different purposes. It's no secret that there are things you can't do on iOS. While Apple is trying to make iOS more capable in some ways, in other cases, their view is "go buy a laptop or desktop if you can't do what you need on iOS". It's not a crazy view. I'm giving the new restrictions in Mac OS X a serious side-eye--to the extent that I'm halfway considering going back to Linux on the desktop, even though I dislike Linux desktops. However, I find the restrictions on my iPhone painless. I'll just never even consider making an iPad my primary machine.
I'm not sure about OpenVPN, but the only time you'd need to disable rootless for Homebrew is to create /usr/local if it doesn't exist.
/usr is write-protected, /usr/local isn't. But if /usr/local doesn't exist you can't create it. This only affects upgrades to 10.11 where /usr/local didn't exist, if it's a clean install Apple creates the directory.
That's besides the point. Apple is still restricting what you do on your laptop by having the underlying system preventing you from creating that yourself. The homebrew issue is just a symptom of the restriction.
To be fair, there is a reasonably transparent way to get around it. It's less convenient than typing "sudo" before a command, but it's not the same as having to bypass DRM or some other scheme that's truly designed to prevent you (the person) having access.
What I worry about is my ability to keep up with the details of what I can do when and whether this is a trend that will get worse.
I don't understand the concept of the "buy that other device if your current device doesn't do the thing you want it to do even though it is perfectly capable of doing it but doesn't because we don't allow it" mindset. Especially since Apple is now telling us we should stop considering buying those other devices.
Everything that a device does involves tradeoffs. There are many ways that iPads are simpler and just better than Macs in the areas that they excel. Adding features to the iPad without making it too complicated is hard.
You should buy a Mac if you need what a Mac gives you (or if you just want a better keyboard...). You should buy an iPad if you don't. That's Apple's story. The line of who buys what is a little fuzzy sometimes, but it's a pretty simple story.
But what about the part that Cook, from Apple, doesn't understand why someone would buy something other than a tablet these days. What if those Macs go away? What then? Can our iPads and iPhones be allowed to do things they are perfectly capable of doing but Apple doesn't allow it? If so, why not now?
The assumption that Macs go away is the assumption that people stop needing to do the things you can currently only do on a Mac. So I don't think your hypothetical is possible. Either iOS gets more capable, or Macs don't go away.
Hell, Apple offered an update to the Mac Pro recently, and we know that doesn't sell as many units as the iPad.
they kinda do already, and so does microsoft (application signing?), you can just opt out of it, and that's the key exception.
also, a general purpose computer is exceedingly different from a cell phone and they have notoriously bad security models.
Like I said, my phone runs my life, I don't have a reasonable means to keep it secure (not even on android), a PC, I can attach debuggers to processes and I can lock down my firewall, or I can sniff my network. - I can do none of this on a phone platform reasonably well (AF+ firewall on android requires jailbreak and breaks applications). and I shouldn't have to..
to put it bluntly; I can be responsible for my laptop, I can't be responsible for my phone.
The review board process there is not to the satisfaction of some people. For example, if you create an application and another people want your application but the review board for any reason (real or not) doesn't like it, then you can't distribute it. For example, for some time Apple disallowed applications that duplicated functionality from core apps. So you could not ship a new mail client or a new music player. Yes, those restrictions are gone but for a while they were real. For some months they also restricted the app store for applications developed with their own SDK, if the app was not Obj-C/Cocoa then it could not be accepted. This is also gone but for at least three or four months lots of developers were stranded.
Why am I telling you that? Because this is just to prove that sometimes Apple makes mistakes. Sometimes, their rules are not in the interest of the user. Sometimes, they backpedal and make it right, sometimes they don't. Since you don't have a way to distribute content outside their walled store, you're left without any recourse. The phone is not yours, its theirs.
Now, back to the topic. Browser add-ons also pass through a rigorous review process. Currently, Firefox extensions need to be reviewed and signed before they can be installed on Firefox Stable.
Apple could allow new rendering engines and new javascript engines. Microsoft was sued for similar reasons. Some people are so displeased with Apple WebKit that they are claiming it to be the new IE as can be seen in http://arstechnica.com/information-technology/2015/06/op-ed-...
Having more rendering engines and JS engines would not make iOS less secure. Having add-ons in Browsers would not make iOS less secure since all iOS apps run sandboxed anyway. Also both Chrome and Mozilla have add-on review processess. At Mozilla any open web app or add-on that touches sensitive APIs is reviewed very rigorously. This would not lead to a less secure system but it would probably lead towards more usage of mobile web instead of apps and this goes against Apple strategy and shareholder interest.
The fact they do not allow competition is not good. You should be able to choose what you want to install and from whom.
You are still missing some of the finer points of the controversy.
The JS issue is more complicated than "just let $browser engine in". One complicating factor is JIT Javascript compilation. My understanding is that Apple applies DEP to unblessed applications on iOS, which precludes apps not so blessed from employing JIT compilation/optimization. And, predictably, only Apple apps are blessed.
So, yes, sometimes things Apple does, it does to suppress competition. Some things it does, it does for security. (There are many other reasons for what it does.)
I know this isn't going to change any minds. But claiming Apple is pulling a Microsoft with Safari for competitive reasons, I believe, is rather missing the point. I mean, I suppose you could say Apple wanted a reason to keep other engines off iOS and so came up with DEP as an excuse, but imputing motives that way isn't a terribly great way to go through life.
And… if you don't like the walled garden, just jailbreak your phone. It isn't that hard. Of course, then you're on your own, but that's what you say to want.
But that's true even on the desktop if we talk about browsers, and yet we do use extensions, ironically to augment the browser's security too.
While I do understand your point about rigorous review for a mobile app, I think that browsers should get special treatment in this regard and allow extensions.
For some reason, this surprises me. I have seen countless calls for Apple to be more open in general (do not want), but your suggestion would only open it up to other browsers. I'm intrigued and torn: I feel like Mozilla might have something to contribute there, but I feel like Chrome would follow on by wanting their own App Store.
I think I agree that Mozilla Firefox using its own engine and extensions would be a valuable app. I'm not convinced I would want to let anybody else in.
So, why doesn't everybody get to decide for themselves? It's pretty obvious that opinions differ, so people should be able to modify some simple setting on where their preferences lie in this respect. "locked down", "open for selected classes of apps", "open" or something like that.
For me, "locked down" is a choice I make when I buy an iOS device. It's not something I look for in servers or desktops, but in tablets and phones it is very much something I appreciate. Many people have other philosophies from mine: fortunately, so do many other computer vendors.
Apple doesn't blindly extend trust to app vendors - neither do I, particularly. Apple doesn't trust most folks to decide whether to trust an app vendor - neither do I, particularly.
That's only because you personally don't download it. I can't tell you how many times my uncle has installed a new "search toolbar" for Firefox that I've then had to disable. Luckily, disabling an extension is trivial. For the non-savvy user, though, it's still an issue.
Unless you change a single setting that allows you to do so. Guess how many of those malware toolbars pop-up a message that says "Click here and select this option to allow us to fix the issues with your system"?
I've definitely seen copies of desktop Firefox running malicious extensions. Mozilla somewhat discourages installing extensions that aren't on the official add-ons website (and thus haven't gone through an App-Store-like review process), but people do it anyway.
The actual license agreement (§3.3.2) provides an exception for scripts executed by JavascriptCore or WebKit. (The summary document that was quoted above doesn't appear to mention that exception.)
That said, it can be really fuzzy where the line is between code and data (e.g. spreadsheet formulas).
As far as mobile web browsers go, they're required to use WebKit, so they'd get a pass. (E.g., Chrome uses UIWebKit, but has its own network layer, which made it immune to a bug in iOS's networking layer that cached POST requests.)
“According to Apple, formulas in Numbers and functions in PCalc are OK. So is JavaScript, as many apps embed a Web view or communicate with a server component via JSON. But reading XML files and executing Python code are not OK. Landon Fuller points out the absurdity and wonders about executing Python via JavaScriptCore.”
But after reading chkuendig’s comment (which makes sense), I’m wondering if the above interpretation is completely accurate.
That isn't the case. There are a whole host of tools, like Reactive Native and Appcelerator Titanium that interpret and execute JS on the device outside of UIWebView.
but they are not downloading the JS from the net right? You can interpret python, JS, whatever as long as all the source for these scripts is present in the bundle at build time...
That will probably get removed soon. I believe Apple already made him get rid of a similar feature in an update for Pythonista (I could be remembering wrong though… maybe they made him remove something else?).
“So what was the problem Apple had with the previous version? Turns out, they didn’t like the Open in… menu integration I had added in 1.4 because that would allow you to import executable code from external sources. My theory is that this policy is in place to prevent apps that circumvent the App Store, e.g. by offering downloadable games that don’t go through Apple’s review (and revenue chain via in-app purchases).
[…]
I’m sad to see this feature go. It wasn’t just a convenient way to import scripts, it also enabled some pretty interesting automation workflows that could process the contents of pretty much any kind of file you could access on your iOS device.”
This is why I use iCab on iOS¹. It already has pretty much all the extensions I’d ever need already included (ad blocking, readability, etc.).
(Note: That screenshot on the homepage isn’t really what it looks like on newer versions of iOS. It’s still under very active development; see here². …He should really update the screenshot on the main page though).
This can be seen on the following shot: http://i.imgur.com/faxbdBK.png from the iOS Review Guidelines located at: https://developer.apple.com/app-store/review/guidelines/
This is Apple with its silly policies preventing competition again. I have no idea how a lawsuit against these practices has not happened. In the meanwhile you can vote with your wallet and use some other operating system and/or donate to efforts that fight against such practices such as EFF, Mozilla and others.
We can have a better mobile internet than what Apple offers...