Just as it’s not possible to provide “Lawful Access to Encryption” (master keys) without weakening crypto, it’s not possible to “quickly and easily add your own custom programs without asking permission” that _also_ provides the safety so your mom or grandfather don’t install something that allows crooks to drain their bank accounts.
General purpose computers are great for people who know what they’re doing (although there are some _really_ good phishing scams out there that can even fool trained people), but they’re an absolute disaster for the vast majority of people who _don’t_ become specialists in computer security.
I _just_ had a support ticket opened by someone who goes between different stores for a client…and this man sent his password in the clear in the support ticket. This man isn’t an idiot, it’s literally _not_ in his job description to be a computer security expert (his job has to do with hardware sales or lumber or something like that).
This man would be better served with two things we’re building later this year (AD integration and an Android version of the employee app), because then he can just log in with the same (probably simple and insecure) password that he uses for his Windows log-in at work. He is the type of person that, when told to do something, would simply install program X because someone told him to do so (never mind that program X is actually malware).
So no, while I think that Apple’s signing restrictions are a little on the draconian side, I don’t think that that Windows 95-like “permissions” are what most people want or need.
So, you're saying that there is absolutely now way, no how that we can put up a fence to keep people with low understanding of tech from compiling and installing some random app?
I don't buy it.
> I don’t think that that Windows 95-like “permissions” are what most people want or need.
That's an extremely bad faith take on my argument because there's a very wide spectrum of possibilities between the Windows 95 free-for-all and what we have with iOS. You're presenting a false dichotomy.
For one thing, iOS could easily put up tons of scary warnings before letting you sideload things. That would be enough to dissuade most people from doing it. However, I'd be willing to go to extremes to get control over the devices which I supposedly own. Make me come into the Apple store and sign away any rights to a warranty from Apple. Make me pay extra. Whatever you want - just don't put every single user in prison because a likely majority of people can't handle making good decisions on what software to install.
The idea that we must remove any and all control from users to protect the innocent is just as bad as the idea to have a War on Drugs - and I highly suspect that these preventions are actually in place for the same reason: to actually control people and rake in profits, not to protect them.
Google puts up tons of scary warnings for sideloading…and IIRC, that’s part of Epic’s case against Google (the warnings discourage people from installing alternative stores or from alternative means), in addition to Google’s position on Play. (I do not believe that Epic has a meaningful case on any front, but that’s ultimately for the courts to decide. The courts often decide wrongly, as was recently done for Oracle v Google re: the copyright of status of APIs.)
You say that Apple can make you pay extra. OK. Here’s a $99/year developer contract with which you can develop and install software that you want as you want (I believe that these builds are good for ~90 days, so you recompile/reinstall every 90 days; unlike the 7 previously mentioned). But people don’t _like_ that and have said that’s unfair.
I am completely saying that there’s no _meaningful_ way we can put up a fence to keep people who _shouldn’t_ be running random apps from doing so. We can’t keep users from clicking on _links_ that they shouldn’t be clicking on. Just this morning, I had a neighbour ask me about one of those full-screen “WARNING FROM MICROSOFT YOUR COMPUTER IS INFECTED” pop-ups; even though she was smart enough not to click on anything, she _still_ copied down the phone number to maybe call the scammer. My father, a couple of weeks ago, didn’t know about Ctrl-W / Command-W on a similar full-screen hijack that had affected both his Chromebook (locked down) and my mom’s MacBook (mostly not locked down).
I remember a few years ago there were a number of minor malware issues that were caused by people following instructions randomly on the internet to open the javascript console and “paste this in to see something neat”. So no, I don’t believe we can put a fence that protects the ignorant / unready / unwise but enables the people who think that they know better (and actually sometimes might).
If you can crack that, then there’s going to be a lot of people who will be at your door to reward you…and then many more looking for the backdoors you left so that they can continue to infiltrate systems for their own rewards (whether state actors or criminal actors).
You mention that the JavaScript console has been used maliciously – doesn’t its continued existence show that we can put up a fence that’s good enough? Even the most locked down corporate PCs still provide access to the console. I’ve also never heard of anyone being tricked into rooting an Android device or enabling USB debugging.
It shows just the opposite. These instructions were being provided to people who should never be opening the JavaScript console because they couldn’t understand what they were pasting into said console. And for some browsers, that means potentially opening up things like USB because of inane standards like WebUSB.
General purpose computers are great for people who know what they’re doing (although there are some _really_ good phishing scams out there that can even fool trained people), but they’re an absolute disaster for the vast majority of people who _don’t_ become specialists in computer security.
I _just_ had a support ticket opened by someone who goes between different stores for a client…and this man sent his password in the clear in the support ticket. This man isn’t an idiot, it’s literally _not_ in his job description to be a computer security expert (his job has to do with hardware sales or lumber or something like that).
This man would be better served with two things we’re building later this year (AD integration and an Android version of the employee app), because then he can just log in with the same (probably simple and insecure) password that he uses for his Windows log-in at work. He is the type of person that, when told to do something, would simply install program X because someone told him to do so (never mind that program X is actually malware).
So no, while I think that Apple’s signing restrictions are a little on the draconian side, I don’t think that that Windows 95-like “permissions” are what most people want or need.